use of com.aliyun.oss.model.BucketReferer in project aliyun-oss-java-sdk by aliyun.
the class BucketOperationsSample method doBucketRefererOperations.
private static void doBucketRefererOperations() {
List<String> refererList = new ArrayList<String>();
refererList.add("http://www.aliyun.com");
refererList.add("https://www.aliyun.com");
refererList.add("http://www.*.com");
refererList.add("https://www.?.aliyuncs.com");
BucketReferer r = new BucketReferer();
r.setRefererList(refererList);
System.out.println("Setting bucket referer\n");
client.setBucketReferer(bucketName, r);
System.out.println("Getting bucket referer:");
r = client.getBucketReferer(bucketName);
List<String> returedRefererList = r.getRefererList();
System.out.println("\tAllow empty referer? " + r.isAllowEmptyReferer() + ", referer list=" + returedRefererList + "\n");
r.clearRefererList();
System.out.println("Clearing bucket referer\n");
client.setBucketReferer(bucketName, r);
}
use of com.aliyun.oss.model.BucketReferer in project aliyun-oss-java-sdk by aliyun.
the class OSSBucketOperation method setBucketReferer.
/**
* Set bucket referer.
*/
public void setBucketReferer(SetBucketRefererRequest setBucketRefererRequest) throws OSSException, ClientException {
assertParameterNotNull(setBucketRefererRequest, "setBucketRefererRequest");
String bucketName = setBucketRefererRequest.getBucketName();
assertParameterNotNull(bucketName, "bucketName");
ensureBucketNameValid(bucketName);
BucketReferer referer = setBucketRefererRequest.getReferer();
if (referer == null) {
referer = new BucketReferer();
}
Map<String, String> params = new HashMap<String, String>();
params.put(SUBRESOURCE_REFERER, null);
RequestMessage request = new OSSRequestMessageBuilder(getInnerClient()).setEndpoint(getEndpoint()).setMethod(HttpMethod.PUT).setBucket(bucketName).setParameters(params).setInputStreamWithLength(bucketRefererMarshaller.marshall(referer)).setOriginalRequest(setBucketRefererRequest).build();
doOperation(request, emptyResponseParser, bucketName, null);
}
use of com.aliyun.oss.model.BucketReferer in project aliyun-oss-java-sdk by aliyun.
the class BucketRefererTest method testUnormalSetBucketReferer.
@Test
public void testUnormalSetBucketReferer() {
final String bucketName = "unormal-set-bucket-referer";
final String referer0 = "http://www.aliyun.com";
final String referer1 = "https://www.aliyun.com";
try {
ossClient.createBucket(bucketName);
BucketReferer r = new BucketReferer();
List<String> refererList = new ArrayList<String>();
refererList.add(referer0);
refererList.add(referer1);
r.setRefererList(refererList);
// Set non-existent source bucket
final String nonexistentBucket = "nonexistent-bucket";
try {
ossClient.setBucketReferer(nonexistentBucket, r);
Assert.fail("Set bucket referer should not be successful");
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.NO_SUCH_BUCKET, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(NO_SUCH_BUCKET_ERR));
}
// Set bucket without ownership
final String bucketWithoutOwnership = "oss";
try {
ossClient.setBucketReferer(bucketWithoutOwnership, r);
Assert.fail("Set bucket referer should not be successful");
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
}
// TODO: Why not failed ?
try {
r.setAllowEmptyReferer(false);
r.clearRefererList();
ossClient.setBucketReferer(bucketName, r);
} catch (Exception e) {
Assert.fail(e.getMessage());
}
} finally {
ossClient.deleteBucket(bucketName);
}
}
use of com.aliyun.oss.model.BucketReferer in project aliyun-oss-java-sdk by aliyun.
the class BucketRefererTest method testUnormalGetBucketReferer.
@Test
public void testUnormalGetBucketReferer() {
// Get non-existent bucket
final String nonexistentBucket = "unormal-get-bucket-referer";
try {
ossClient.getBucketReferer(nonexistentBucket);
Assert.fail("Get bucket referer should not be successful");
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.NO_SUCH_BUCKET, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(NO_SUCH_BUCKET_ERR));
}
// Get bucket without ownership
final String bucketWithoutOwnership = "oss";
try {
ossClient.getBucketReferer(bucketWithoutOwnership);
Assert.fail("Get bucket referer should not be successful");
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
}
// Get bucket without setting referer list
final String bucketWithoutRefererRule = "bucket-without-referer";
try {
ossClient.createBucket(bucketWithoutRefererRule);
BucketReferer r = ossClient.getBucketReferer(bucketWithoutRefererRule);
Assert.assertEquals(DEFAULT_EMPTY_REFERER_ALLOWED, r.isAllowEmptyReferer());
Assert.assertEquals(0, r.getRefererList().size());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
ossClient.deleteBucket(bucketWithoutRefererRule);
}
}
use of com.aliyun.oss.model.BucketReferer in project aliyun-oss-java-sdk by aliyun.
the class SecurityTokenTest method testBucketOperationsWithToken.
@SuppressWarnings("deprecation")
@Test
public void testBucketOperationsWithToken() throws JSONException {
List<String> actions = new ArrayList<String>();
actions.add("oss:ListBuckets");
List<String> resources = new ArrayList<String>();
resources.add("acs:oss:*:" + STS_USER + ":*");
// List buckets with security token is not supported
OSSClient sessionClient = createSessionClient(actions, resources);
try {
sessionClient.listBuckets();
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Delete bucket if already exists
final String bucketName = "test-bucket-operations-with-token";
actions.add("oss:DeleteBucket");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.deleteBucket(bucketName);
} catch (OSSException oe) {
Assert.assertEquals(OSSErrorCode.NO_SUCH_BUCKET, oe.getErrorCode());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
waitForCacheExpiration(2);
// Put bucket with valid security token
actions.add("oss:PutBucket");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.createBucket(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
// Put unmatched bucket with valid security token
String unmatchedBucketName = bucketName + DUMMY_SUFFIX;
try {
sessionClient.createBucket(unmatchedBucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
}
// Put bucket with non-existent username && valid security token
final String nonexistentUser = "non-existent-user";
actions.add("oss:PutBucket");
resources.add("acs:oss:*:" + nonexistentUser + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.createBucket(unmatchedBucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Allow anyone to trigger operations start with 'Put'
final String anyone = "*";
actions.add("oss:Put*");
resources.add("acs:oss:*:" + anyone + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.createBucket(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket acl
actions.add("oss:PutBucketAcl");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.setBucketAcl(bucketName, CannedAccessControlList.PublicRead);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
sessionClient.getBucketAcl(bucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Get bucket acl
actions.add("oss:GetBucketAcl");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
AccessControlList returnedAcl = sessionClient.getBucketAcl(bucketName);
Set<Grant> grants = returnedAcl.getGrants();
Assert.assertEquals(1, grants.size());
Grant grant = (Grant) grants.toArray()[0];
Assert.assertEquals(GroupGrantee.AllUsers, grant.getGrantee());
Assert.assertEquals(Permission.Read, grant.getPermission());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
sessionClient.setBucketAcl(bucketName, CannedAccessControlList.Private);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket logging
final String targetPrefix = "bucket-logging-prefix";
actions.add("oss:PutBucketLogging");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketLoggingRequest request = new SetBucketLoggingRequest(bucketName);
request.setTargetBucket(bucketName);
request.setTargetPrefix(targetPrefix);
sessionClient.setBucketLogging(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
sessionClient.getBucketLogging(bucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Get bucket logging
actions.add("oss:GetBucketLogging");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
BucketLoggingResult result = sessionClient.getBucketLogging(bucketName);
Assert.assertEquals(bucketName, result.getTargetBucket());
Assert.assertEquals(targetPrefix, result.getTargetPrefix());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
SetBucketLoggingRequest request = new SetBucketLoggingRequest(bucketName);
request.setTargetBucket(bucketName);
request.setTargetPrefix(targetPrefix);
sessionClient.setBucketLogging(request);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Delete bucket logging
actions.add("oss:DeleteBucketLogging");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.deleteBucketLogging(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket website
final String indexDocument = "index.html";
final String errorDocument = "error.html";
actions.add("oss:PutBucketWebsite");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketWebsiteRequest request = new SetBucketWebsiteRequest(bucketName);
request.setIndexDocument(indexDocument);
request.setErrorDocument(errorDocument);
sessionClient.setBucketWebsite(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket referer
final String referer0 = "http://www.aliyun.com";
final String referer1 = "https://www.aliyun.com";
final String referer2 = "http://www.*.com";
final String referer3 = "https://www.?.aliyuncs.com";
actions.add("oss:PutBucketReferer");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
// Set non-empty referer list
BucketReferer r = new BucketReferer();
List<String> refererList = new ArrayList<String>();
refererList.add(referer0);
refererList.add(referer1);
refererList.add(referer2);
refererList.add(referer3);
r.setRefererList(refererList);
sessionClient.setBucketReferer(bucketName, r);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket lifecycle
final String ruleId0 = "delete obsoleted files";
final String matchPrefix0 = "obsoleted/";
final String ruleId1 = "delete temporary files";
final String matchPrefix1 = "temporary/";
actions.add("oss:PutBucketLifecycle");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketLifecycleRequest request = new SetBucketLifecycleRequest(bucketName);
request.AddLifecycleRule(new LifecycleRule(ruleId0, matchPrefix0, RuleStatus.Enabled, 3));
request.AddLifecycleRule(new LifecycleRule(ruleId1, matchPrefix1, RuleStatus.Enabled, DateUtil.parseIso8601Date("2022-10-12T00:00:00.000Z")));
sessionClient.setBucketLifecycle(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket cors
actions.add("oss:PutBucketCors");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r0 = new CORSRule();
r0.addAllowdOrigin("http://www.a.com");
r0.addAllowdOrigin("http://www.b.com");
r0.addAllowedMethod("GET");
r0.addAllowedHeader("Authorization");
r0.addExposeHeader("x-oss-test");
r0.addExposeHeader("x-oss-test1");
r0.setMaxAgeSeconds(100);
request.addCorsRule(r0);
sessionClient.setBucketCORS(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// List objects
actions.add("oss:ListObjects");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
ObjectListing objectListing = sessionClient.listObjects(bucketName);
Assert.assertEquals(0, objectListing.getObjectSummaries().size());
Assert.assertEquals(bucketName, objectListing.getBucketName());
Assert.assertNull(objectListing.getDelimiter());
Assert.assertNull(objectListing.getPrefix());
Assert.assertNull(objectListing.getMarker());
Assert.assertNull(objectListing.getNextMarker());
Assert.assertFalse(objectListing.isTruncated());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Cleanup bucket if already exists
actions.add("oss:DeleteBucket");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.deleteBucket(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
}
Aggregations