How to use

getGrants

method

in

org.jclouds.s3.domain.AccessControlList

/**
* @return an unmodifiable set of grantees who have been assigned permissions in this ACL.
*/
public Set<Grantee> getGrantees() {
 Set<Grantee> grantees = Sets.newTreeSet();
 for (Grant grant : getGrants()) {
   grantees.add(grant.getGrantee());
 }
 return Collections.unmodifiableSet(grantees);
}

/**
* @return an unmodifiable set of grantees who have been assigned permissions in this ACL.
*/
public Set<Grantee> getGrantees() {
 Set<Grantee> grantees = Sets.newTreeSet();
 for (Grant grant : getGrants()) {
   grantees.add(grant.getGrantee());
 }
 return Collections.unmodifiableSet(grantees);
}

/**
* @return an unmodifiable set of grantees who have been assigned permissions in this ACL.
*/
public Set<Grantee> getGrantees() {
 Set<Grantee> grantees = Sets.newTreeSet();
 for (Grant grant : getGrants()) {
   grantees.add(grant.getGrantee());
 }
 return Collections.unmodifiableSet(grantees);
}

/**
* @return an unmodifiable set of grantees who have been assigned permissions in this ACL.
*/
public Set<Grantee> getGrantees() {
 Set<Grantee> grantees = Sets.newTreeSet();
 for (Grant grant : getGrants()) {
   grantees.add(grant.getGrantee());
 }
 return Collections.unmodifiableSet(grantees);
}

/**
* @return an unmodifiable set of grantees who have been assigned permissions in this ACL.
*/
public Set<Grantee> getGrantees() {
 Set<Grantee> grantees = Sets.newTreeSet();
 for (Grant grant : getGrants()) {
   grantees.add(grant.getGrantee());
 }
 return Collections.unmodifiableSet(grantees);
}

@Test
public void testAccessControlListOwnerOnly() throws HttpException {
 String ownerId = "1a405254c932b52e5b5caaa88186bc431a1bacb9ece631f835daddaf0c47677c";
 AccessControlList acl = createParser().parse(Strings2.toInputStream(aclOwnerOnly));
 assertEquals(acl.getOwner().getId(), ownerId);
 assertEquals(acl.getOwner().getDisplayName(), "jamesmurty");
 assertEquals(acl.getPermissions(ownerId).size(), 1);
 assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
 assertEquals(acl.getGrants().size(), 1);
 assertEquals(acl.getPermissions(GroupGranteeURI.ALL_USERS).size(), 0);
 assertEquals(acl.getPermissions(GroupGranteeURI.AUTHENTICATED_USERS).size(), 0);
 assertEquals(acl.getPermissions(GroupGranteeURI.LOG_DELIVERY).size(), 0);
}

 public void run() {
   try {
    AccessControlList acl = getApi().getObjectACL(containerName, publicReadObjectKey);
    assertEquals(acl.getGrants().size(), 2);
    assertEquals(acl.getPermissions(GroupGranteeURI.ALL_USERS).size(), 1);
    assertNotNull(acl.getOwner());
    String ownerId = acl.getOwner().getId();
    assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
    assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ));
   } catch (Exception e) {
    Throwables.propagateIfPossible(e);
   }
 }
});

@Test
public void testAccessControlListOwnerOnly() throws HttpException {
 String ownerId = "1a405254c932b52e5b5caaa88186bc431a1bacb9ece631f835daddaf0c47677c";
 AccessControlList acl = createParser().parse(Strings2.toInputStream(aclOwnerOnly));
 assertEquals(acl.getOwner().getId(), ownerId);
 assertEquals(acl.getOwner().getDisplayName(), "jamesmurty");
 assertEquals(acl.getPermissions(ownerId).size(), 1);
 assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
 assertEquals(acl.getGrants().size(), 1);
 assertEquals(acl.getPermissions(GroupGranteeURI.ALL_USERS).size(), 0);
 assertEquals(acl.getPermissions(GroupGranteeURI.AUTHENTICATED_USERS).size(), 0);
 assertEquals(acl.getPermissions(GroupGranteeURI.LOG_DELIVERY).size(), 0);
}

 public void run() {
   try {
    AccessControlList acl = getApi().getObjectACL(containerName, publicReadObjectKey);
    assertEquals(acl.getGrants().size(), 2);
    assertEquals(acl.getPermissions(GroupGranteeURI.ALL_USERS).size(), 1);
    assertNotNull(acl.getOwner());
    String ownerId = acl.getOwner().getId();
    assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
    assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ));
   } catch (Exception e) {
    Throwables.propagateIfPossible(e);
   }
 }
});

 public void run() {
   try {
    AccessControlList acl = getApi().getObjectACL(containerName, publicReadWriteObjectKey);
    assertEquals(acl.getGrants().size(), 3);
    assertEquals(acl.getPermissions(GroupGranteeURI.ALL_USERS).size(), 2);
    assertNotNull(acl.getOwner());
    String ownerId = acl.getOwner().getId();
    assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
    assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ));
    assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.WRITE));
    assertFalse(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ_ACP));
    assertFalse(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.WRITE_ACP));
    assertFalse(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.FULL_CONTROL));
   } catch (Exception e) {
    Throwables.propagateIfPossible(e);
   }
 }
});

private void checkGrants(AccessControlList acl) {
 String ownerId = acl.getOwner().getId();
 assertEquals(acl.getGrants().size(), 4, acl.toString());
 assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL), acl.toString());
 assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString());
 assertTrue(acl.hasPermission(ownerId, Permission.WRITE_ACP), acl.toString());
 // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by email addr
 assertTrue(acl.hasPermission(TEST_ACL_ID, Permission.READ_ACP), acl.toString());
}

public void testPrivateAclIsDefaultForBucket() throws InterruptedException, ExecutionException, TimeoutException,
   IOException {
 String bucketName = getContainerName();
 try {
   AccessControlList acl = getApi().getBucketACL(bucketName);
   assertEquals(acl.getGrants().size(), 1);
   assertNotNull(acl.getOwner());
   String ownerId = acl.getOwner().getId();
   assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
 } finally {
   returnContainer(bucketName);
 }
}

private void checkGrants(AccessControlList acl) {
 String ownerId = acl.getOwner().getId();
 assertEquals(acl.getGrants().size(), 4, acl.toString());
 assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL), acl.toString());
 assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString());
 assertTrue(acl.hasPermission(ownerId, Permission.WRITE_ACP), acl.toString());
 // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by email addr
 assertTrue(acl.hasPermission(StubS3AsyncClient.TEST_ACL_ID, Permission.READ_ACP), acl.toString());
}

@Test
public void testAccessControlListExtreme() throws HttpException {
 String ownerId = "1a405254c932b52e5b5caaa88186bc431a1bacb9ece631f835daddaf0c47677c";
 AccessControlList acl = createParser().parse(Strings2.toInputStream(aclExtreme));
 assertEquals(acl.getOwner().getId(), ownerId);
 assertEquals(acl.getOwner().getDisplayName(), "jamesmurty");
 assertEquals(acl.getPermissions(ownerId).size(), 3);
 assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
 assertTrue(acl.hasPermission(ownerId, Permission.READ));
 assertTrue(acl.hasPermission(ownerId, Permission.WRITE));
 assertEquals(acl.getGrants().size(), 9);
 assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ));
 assertTrue(acl.hasPermission(GroupGranteeURI.AUTHENTICATED_USERS, Permission.READ));
 assertTrue(acl.hasPermission(GroupGranteeURI.AUTHENTICATED_USERS, Permission.WRITE));
 assertTrue(acl.hasPermission(GroupGranteeURI.AUTHENTICATED_USERS, Permission.READ_ACP));
 assertTrue(acl.hasPermission(GroupGranteeURI.AUTHENTICATED_USERS, Permission.WRITE_ACP));
 assertTrue(acl.hasPermission(GroupGranteeURI.LOG_DELIVERY, Permission.WRITE));
}

public void testPrivateAclIsDefaultForBucket() throws InterruptedException, ExecutionException, TimeoutException,
   IOException {
 String bucketName = getContainerName();
 try {
   AccessControlList acl = getApi().getBucketACL(bucketName);
   assertEquals(acl.getGrants().size(), 1);
   assertNotNull(acl.getOwner());
   String ownerId = acl.getOwner().getId();
   assertTrue(acl.hasPermission(ownerId, FULL_CONTROL));
 } finally {
   returnContainer(bucketName);
 }
}

private void checkGrants(AccessControlList acl) {
 String ownerId = acl.getOwner().getId();
 assertEquals(acl.getGrants().size(), 4, acl.toString());
 assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL), acl.toString());
 assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString());
 assertTrue(acl.hasPermission(ownerId, Permission.WRITE_ACP), acl.toString());
 // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by email addr
 assertTrue(acl.hasPermission(TEST_ACL_ID, Permission.READ_ACP), acl.toString());
}

private void checkGrants(AccessControlList acl) {
 String ownerId = acl.getOwner().getId();
 assertEquals(acl.getGrants().size(), 4, acl.toString());
 assertTrue(acl.hasPermission(ownerId, FULL_CONTROL), acl.toString());
 assertTrue(acl.hasPermission(ALL_USERS, READ), acl.toString());
 assertTrue(acl.hasPermission(ownerId, WRITE_ACP), acl.toString());
 // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by email addr
 assertTrue(acl.hasPermission(TEST_ACL_ID, READ_ACP), acl.toString());
}

public void testUpdateBucketACL() throws InterruptedException, ExecutionException, TimeoutException, IOException,
   Exception {
 String bucketName = getContainerName();
 try {
   // Confirm the bucket is private
   AccessControlList acl = getApi().getBucketACL(bucketName);
   String ownerId = acl.getOwner().getId();
   assertEquals(acl.getGrants().size(), 1);
   assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
   addGrantsToACL(acl);
   assertEquals(acl.getGrants().size(), 4);
   assertTrue(getApi().putBucketACL(bucketName, acl));
   // Confirm that the updated ACL has stuck.
   acl = getApi().getBucketACL(bucketName);
   checkGrants(acl);
 } finally {
   destroyContainer(bucketName);
 }
}

public void testPrivateAclIsDefaultForObject() throws InterruptedException, ExecutionException, TimeoutException,
    IOException {
 String privateObjectKey = "private-acl";
 String containerName = getContainerName();
 try {
   // Private object
   addBlobToContainer(containerName, privateObjectKey);
   AccessControlList acl = getApi().getObjectACL(containerName, privateObjectKey);
   assertEquals(acl.getGrants().size(), 1);
   assertNotNull(acl.getOwner());
   String ownerId = acl.getOwner().getId();
   assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
 } finally {
   returnContainer(containerName);
 }
}

public void testPrivateAclIsDefaultForObject() throws InterruptedException, ExecutionException, TimeoutException,
    IOException {
 String privateObjectKey = "private-acl";
 String containerName = getContainerName();
 try {
   // Private object
   addBlobToContainer(containerName, privateObjectKey);
   AccessControlList acl = getApi().getObjectACL(containerName, privateObjectKey);
   assertEquals(acl.getGrants().size(), 1);
   assertNotNull(acl.getOwner());
   String ownerId = acl.getOwner().getId();
   assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL));
 } finally {
   returnContainer(containerName);
 }
}