/** * Adds a set of grantee/permission pairs to the access control list (ACL), where each item in the * set is a {@link Grant} object. * * @param grantsVarArg * A collection of {@link Grant} objects */ public void grantAllPermissions(Grant... grantsVarArg) { for (Grant gap : grantsVarArg) { grantPermission(gap.getGrantee(), gap.getPermission()); } }
/** * Sets the access control headers for the request given. */ private static void addAclHeaders(Request<? extends AmazonWebServiceRequest> request, AccessControlList acl) { List<Grant> grants = acl.getGrantsAsList(); Map<Permission, Collection<Grantee>> grantsByPermission = new HashMap<Permission, Collection<Grantee>>(); for ( Grant grant : grants ) { if ( !grantsByPermission.containsKey(grant.getPermission()) ) { grantsByPermission.put(grant.getPermission(), new LinkedList<Grantee>()); } grantsByPermission.get(grant.getPermission()).add(grant.getGrantee()); } for ( Permission permission : Permission.values() ) { if ( grantsByPermission.containsKey(permission) ) { Collection<Grantee> grantees = grantsByPermission.get(permission); boolean seenOne = false; StringBuilder granteeString = new StringBuilder(); for ( Grantee grantee : grantees ) { if ( !seenOne ) seenOne = true; else granteeString.append(", "); granteeString.append(grantee.getTypeIdentifier()).append("=").append("\"") .append(grantee.getIdentifier()).append("\""); } request.addHeader(permission.getHeaderName(), granteeString.toString()); } } }
public static void getObjectAcl(String bucket_name, String object_key) { System.out.println("Retrieving ACL for object: " + object_key); System.out.println(" in bucket: " + bucket_name); final AmazonS3 s3 = AmazonS3ClientBuilder.defaultClient(); try { AccessControlList acl = s3.getObjectAcl(bucket_name, object_key); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { System.out.format(" %s: %s\n", grant.getGrantee().getIdentifier(), grant.getPermission().toString()); } } catch (AmazonServiceException e) { System.err.println(e.getErrorMessage()); System.exit(1); } }
public static void getBucketAcl(String bucket_name) { System.out.println("Retrieving ACL for bucket: " + bucket_name); final AmazonS3 s3 = AmazonS3ClientBuilder.defaultClient(); try { AccessControlList acl = s3.getBucketAcl(bucket_name); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { System.out.format(" %s: %s\n", grant.getGrantee().getIdentifier(), grant.getPermission().toString()); } } catch (AmazonServiceException e) { System.err.println(e.getErrorMessage()); System.exit(1); } }
private static void addGrantsIfNotNull(XmlWriter xml, AccessControlList accessControlList) { if (accessControlList == null) { return; } AclXmlFactory aclXmlFactory = new AclXmlFactory(); xml.start("AccessControlList"); for(Grant grant: accessControlList.getGrantsAsList()) { xml.start("Grant"); if (grant.getGrantee() != null) { aclXmlFactory.convertToXml(grant.getGrantee(), xml); } addIfNotNull(xml, "Permission", grant.getPermission()); xml.end(); } xml.end(); }
short mode = (short) 0; for (Grant grant : acl.getGrantsAsList()) { Permission perm = grant.getPermission(); Grantee grantee = grant.getGrantee(); if (perm.equals(Permission.Read)) {
xml.start("Grant"); convertToXml(grant.getGrantee(), xml); xml.start("Permission").value(grant.getPermission().toString()).end(); xml.end();
/** * Adds a set of grantee/permission pairs to the access control list (ACL), * where each item in the set is a {@link Grant} object. * * @param grants A collection of {@link Grant} objects */ public void grantAllPermissions(Grant... grantsVarArg) { for (final Grant gap : grantsVarArg) { grantPermission(gap.getGrantee(), gap.getPermission()); } }
final Map<Permission, Collection<Grantee>> grantsByPermission = new HashMap<Permission, Collection<Grantee>>(); for (final Grant grant : grants) { if (!grantsByPermission.containsKey(grant.getPermission())) { grantsByPermission.put(grant.getPermission(), new LinkedList<Grantee>()); grantsByPermission.get(grant.getPermission()).add(grant.getGrantee());
/** * transform com.amazonaws.services.s3.model.Grant to java.nio.file.attribute.PosixFilePermission * @see #toPosixFilePermission(Permission) * @param grants Set grants mandatory, must be not null * @return Set PosixFilePermission never null */ public Set<PosixFilePermission> toPosixFilePermissions(List<Grant> grants) { Set<PosixFilePermission> filePermissions = new HashSet<>(); for (Grant grant : grants) { filePermissions.addAll(toPosixFilePermission(grant.getPermission())); } return filePermissions; }
/** * Adds a set of grantee/permission pairs to the access control list (ACL), * where each item in the set is a {@link Grant} object. * * @param grants A collection of {@link Grant} objects */ public void grantAllPermissions(Grant... grantsVarArg) { for (final Grant gap : grantsVarArg) { grantPermission(gap.getGrantee(), gap.getPermission()); } }
/** * This method is to check whether s3 bucket has read/write/full control * * @param grants * @param accessTypeToCheck * @return List<Permission>, if permissions found else empty */ private static List<Permission> checkAnyGrantHasOpenToReadOrWriteAccess(List<Grant> grants, String accessTypeToCheck) { List<Permission> permissions = new ArrayList<>(); for (Grant grant : grants) { if ((PacmanRuleConstants.ANY_S3_AUTHENTICATED_USER_URI.equalsIgnoreCase(grant.getGrantee().getIdentifier()) || PacmanRuleConstants.ALL_S3_USER_URI .equalsIgnoreCase(grant.getGrantee().getIdentifier())) && (grant.getPermission().toString().contains(accessTypeToCheck) || grant.getPermission().toString() .equalsIgnoreCase(PacmanRuleConstants.FULL_CONTROL))) { permissions.add(grant.getPermission()); } } return permissions; }
/** * Adds a set of grantee/permission pairs to the access control list (ACL), where each item in the * set is a {@link Grant} object. * * @param grantsVarArg * A collection of {@link Grant} objects */ public void grantAllPermissions(Grant... grantsVarArg) { for (Grant gap : grantsVarArg) { grantPermission(gap.getGrantee(), gap.getPermission()); } }
/** * Sets the access control headers for the request given. */ private static void addAclHeaders(Request<? extends AmazonWebServiceRequest> request, AccessControlList acl) { List<Grant> grants = acl.getGrantsAsList(); Map<Permission, Collection<Grantee>> grantsByPermission = new HashMap<Permission, Collection<Grantee>>(); for ( Grant grant : grants ) { if ( !grantsByPermission.containsKey(grant.getPermission()) ) { grantsByPermission.put(grant.getPermission(), new LinkedList<Grantee>()); } grantsByPermission.get(grant.getPermission()).add(grant.getGrantee()); } for ( Permission permission : Permission.values() ) { if ( grantsByPermission.containsKey(permission) ) { Collection<Grantee> grantees = grantsByPermission.get(permission); boolean seenOne = false; StringBuilder granteeString = new StringBuilder(); for ( Grantee grantee : grantees ) { if ( !seenOne ) seenOne = true; else granteeString.append(", "); granteeString.append(grantee.getTypeIdentifier()).append("=").append("\"") .append(grantee.getIdentifier()).append("\""); } request.addHeader(permission.getHeaderName(), granteeString.toString()); } } }
final Map<Permission, Collection<Grantee>> grantsByPermission = new HashMap<Permission, Collection<Grantee>>(); for (final Grant grant : grants) { if (!grantsByPermission.containsKey(grant.getPermission())) { grantsByPermission.put(grant.getPermission(), new LinkedList<Grantee>()); grantsByPermission.get(grant.getPermission()).add(grant.getGrantee());
/** * have almost one of the permission set in the parameter permissions * * @param permissions almost one * @return */ private boolean hasPermission(EnumSet<Permission> permissions) { for (Grant grant : acl.getGrantsAsList()) if (grant.getGrantee().getIdentifier().equals(owner.getId()) && permissions.contains(grant.getPermission())) return true; return false; }
xml.start("Grant"); convertToXml(grant.getGrantee(), xml); xml.start("Permission").value(grant.getPermission().toString()).end(); xml.end();
(grant.getPermission().toString().equalsIgnoreCase(PacmanSdkConstants.READ_ACCESS) || (grant .getPermission().toString().equalsIgnoreCase(PacmanSdkConstants.WRITE_ACCESS) || (grant.getPermission().toString() .equalsIgnoreCase(PacmanSdkConstants.READ_ACP_ACCESS) || (grant.getPermission().toString() .equalsIgnoreCase(PacmanSdkConstants.WRITE_ACP_ACCESS) || grant.getPermission().toString() .equalsIgnoreCase(PacmanSdkConstants.FULL_CONTROL)))))) { bucketAcl.revokeAllPermissions(grant.getGrantee());
private ObjectAcl syncAclFromS3Acl(AccessControlList s3Acl) { ObjectAcl syncAcl = new ObjectAcl(); syncAcl.setOwner(s3Acl.getOwner().getId()); for (Grant grant : s3Acl.getGrantsAsList()) { Grantee grantee = grant.getGrantee(); if (grantee instanceof GroupGrantee || grantee.getTypeIdentifier().equals(ACL_GROUP_TYPE)) syncAcl.addGroupGrant(grantee.getIdentifier(), grant.getPermission().toString()); else if (grantee instanceof CanonicalGrantee || grantee.getTypeIdentifier().equals(ACL_CANONICAL_USER_TYPE)) syncAcl.addUserGrant(grantee.getIdentifier(), grant.getPermission().toString()); } return syncAcl; }
if (ownerId.equals(grant.getGrantee().getIdentifier())) { checked = true; switch (grant.getPermission()) { case FullControl: case Write: