org.jets3t.service.acl.AccessControlList Java Examples

The following examples show how to use org.jets3t.service.acl.AccessControlList. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: S3BucketCreateService.java    From cyberduck with GNU General Public License v3.0 6 votes vote down vote up 
public void create(final Path bucket, final String region) throws BackgroundException {
    if(!session.getClient().getConfiguration().getBoolProperty("s3service.disable-dns-buckets", false)) {
        if(!ServiceUtils.isBucketNameValidDNSName(bucket.getName())) {
            throw new InteroperabilityException(LocaleFactory.localizedString("Bucket name is not DNS compatible", "S3"));
        }
    }
    AccessControlList acl;
    if(PreferencesFactory.get().getProperty("s3.bucket.acl.default").equals("public-read")) {
        acl = AccessControlList.REST_CANNED_PUBLIC_READ;
    }
    else {
        acl = AccessControlList.REST_CANNED_PRIVATE;
    }
    try {
        this.create(bucket, acl, region);
    }
    catch(ResolveFailedException e) {
        log.warn(String.format("Failure %s resolving bucket name. Disable use of DNS bucket names", e));
        session.getClient().getConfiguration().setProperty("s3service.disable-dns-buckets", String.valueOf(true));
        this.create(bucket, acl, region);
    }
}
Example #2
Source File: GrantAcl.java    From suro with Apache License 2.0 6 votes vote down vote up 
public boolean grantAcl(S3Object object) throws ServiceException, InterruptedException {
    if(Strings.isNullOrEmpty(s3Acl)){
        return true;
    }

    for (int i = 0; i < s3AclRetries; ++i) {
        try {
            AccessControlList acl = s3Service.getObjectAcl(object.getBucketName(), object.getKey());
            for (String id : s3Acl.split(",")) {
                acl.grantPermission(new CanonicalGrantee(id), Permission.PERMISSION_READ);
            }
            s3Service.putObjectAcl(object.getBucketName(), object.getKey(), acl);
            return true;
        } catch (Exception e) {
            log.error("Exception while granting ACL: " + e.getMessage(), e);
            Thread.sleep(1000 * (i + 1));
        }
    }

    return false;

}
Example #3
Source File: TestGrantAcl.java    From suro with Apache License 2.0 6 votes vote down vote up 
@Test
public void test() throws Exception {
    RestS3Service s3Service = mock(RestS3Service.class);
    AccessControlList acl = new AccessControlList();
    doReturn(acl).when(s3Service).getObjectAcl("bucket", "key");
    doNothing().when(s3Service).putObjectAcl("bucket", "key", acl);

    GrantAcl grantAcl = new GrantAcl(s3Service, "1,2,3", 1);
    S3Object obj = new S3Object("key");
    obj.setBucketName("bucket");
    obj.setAcl(GSAccessControlList.REST_CANNED_BUCKET_OWNER_FULL_CONTROL);
    assertTrue(grantAcl.grantAcl(obj));

    Set<GrantAndPermission> grants = new HashSet<GrantAndPermission>(Arrays.asList(acl.getGrantAndPermissions()));
    assertEquals(grants.size(), 3);
    Set<GrantAndPermission> grantSet = new HashSet<GrantAndPermission>();
    for (int i = 1; i <= 3; ++i) {
        grantSet.add(new GrantAndPermission(new CanonicalGrantee(Integer.toString(i)), Permission.PERMISSION_READ));
    }
}
Example #4
Source File: S3BucketCreateService.java    From cyberduck with GNU General Public License v3.0 5 votes vote down vote up 
protected void create(final Path bucket, final AccessControlList acl, final String region) throws BackgroundException {
    try {
        if(StringUtils.isNotBlank(region)) {
            if(S3Session.isAwsHostname(session.getHost().getHostname())) {
                session.getClient().getConfiguration().setProperty("s3service.s3-endpoint", String.format("s3.dualstack.%s.amazonaws.com", region));
            }
        }
        // Create bucket
        session.getClient().createBucket(URIEncoder.encode(containerService.getContainer(bucket).getName()),
            "us-east-1".equals(region) ? "US" : region, acl);
    }
    catch(ServiceException e) {
        throw new S3ExceptionMappingService().map("Cannot create folder {0}", e, bucket);
    }
}
Example #5
Source File: S3AccessControlListFeature.java    From cyberduck with GNU General Public License v3.0 5 votes vote down vote up 
/**
 * @param list ACL from server
 * @return Editable ACL
 */
protected Acl convert(final AccessControlList list) {
    if(log.isDebugEnabled()) {
        try {
            log.debug(list.toXml());
        }
        catch(ServiceException e) {
            log.error(e.getMessage());
        }
    }
    Acl acl = new Acl();
    acl.setOwner(new Acl.CanonicalUser(list.getOwner().getId(), list.getOwner().getDisplayName()));
    for(GrantAndPermission grant : list.getGrantAndPermissions()) {
        Acl.Role role = new Acl.Role(grant.getPermission().toString());
        if(grant.getGrantee() instanceof CanonicalGrantee) {
            acl.addAll(new Acl.CanonicalUser(grant.getGrantee().getIdentifier(),
                ((CanonicalGrantee) grant.getGrantee()).getDisplayName(), false), role);
        }
        else if(grant.getGrantee() instanceof EmailAddressGrantee) {
            acl.addAll(new Acl.EmailUser(grant.getGrantee().getIdentifier()), role);
        }
        else if(grant.getGrantee() instanceof GroupGrantee) {
            acl.addAll(new Acl.GroupUser(grant.getGrantee().getIdentifier()), role);
        }
    }
    return acl;
}
Example #6
Source File: S3FilenameGenerator.java    From red5-examples with Apache License 2.0 5 votes vote down vote up 
public static void upload(String sessionId, String name) {
	logger.debug("Upload - session id: {} name: {}", sessionId, name);
	try {
		// find the file
		StringBuilder sb = new StringBuilder(recordPath);
		sb.append(sessionId);
		sb.append('/');
		sb.append(name);
		sb.append(".flv");
		String filePath = sb.toString();
		logger.debug("File path: {}", filePath);
		File file = new File(filePath);
		if (file.exists()) {
			S3Service s3Service = new RestS3Service(awsCredentials);
			S3Bucket bucket = s3Service.createBucket(bucketName);
			S3Object sob = new S3Object(sessionId + "/" + name + ".flv");
			// force bucket name
			sob.setBucketName(bucketName);
			// point at file
			sob.setDataInputFile(file);
			// set type
			sob.setContentType("video/x-flv");
			// set auth / acl
			sob.setAcl(AccessControlList.REST_CANNED_PUBLIC_READ);				
			logger.debug("Pre-upload: {}", sob);
			sob = s3Service.putObject(bucket, sob);
			logger.debug("Post-upload: {}", sob);						
		} else {
			logger.warn("File was not found");
		}
		file = null;
	} catch (S3ServiceException e) {
		logger.error("Error during upload", e);
	}		
}
Example #7
Source File: S3AccessControlListFeature.java    From cyberduck with GNU General Public License v3.0 4 votes vote down vote up 
/**
 * Convert ACL for writing to service.
 *
 * @param acl Edited ACL
 * @return ACL to write to server
 */
protected AccessControlList convert(final Acl acl) {
    if(Acl.EMPTY.equals(acl)) {
        return null;
    }
    final AccessControlList list = new AccessControlList();
    final Acl.CanonicalUser owner = acl.getOwner();
    if(null != owner) {
        list.setOwner(new S3Owner(owner.getIdentifier(), owner.getDisplayName()));
        list.grantPermission(new CanonicalGrantee(owner.getIdentifier()), Permission.PERMISSION_FULL_CONTROL);
    }
    for(Acl.UserAndRole userAndRole : acl.asList()) {
        if(!userAndRole.isValid()) {
            continue;
        }
        if(userAndRole.getUser() instanceof Acl.EmailUser) {
            list.grantPermission(new EmailAddressGrantee(userAndRole.getUser().getIdentifier()),
                Permission.parsePermission(userAndRole.getRole().getName()));
        }
        else if(userAndRole.getUser() instanceof Acl.GroupUser) {
            if(userAndRole.getUser().getIdentifier().equals(GroupGrantee.ALL_USERS.getIdentifier())
                || userAndRole.getUser().getIdentifier().equals(Acl.GroupUser.EVERYONE)) {
                list.grantPermission(GroupGrantee.ALL_USERS,
                    Permission.parsePermission(userAndRole.getRole().getName()));
            }
            else if(userAndRole.getUser().getIdentifier().equals(Acl.GroupUser.AUTHENTICATED)) {
                list.grantPermission(GroupGrantee.AUTHENTICATED_USERS,
                    Permission.parsePermission(userAndRole.getRole().getName()));
            }
            else {
                list.grantPermission(new GroupGrantee(userAndRole.getUser().getIdentifier()),
                    Permission.parsePermission(userAndRole.getRole().getName()));
            }
        }
        else if(userAndRole.getUser() instanceof Acl.CanonicalUser) {
            list.grantPermission(new CanonicalGrantee(userAndRole.getUser().getIdentifier()),
                Permission.parsePermission(userAndRole.getRole().getName()));
        }
        else {
            log.warn(String.format("Unsupported user %s", userAndRole.getUser()));
        }
    }
    if(log.isDebugEnabled()) {
        try {
            log.debug(list.toXml());
        }
        catch(ServiceException e) {
            log.error(e.getMessage());
        }
    }
    return list;
}