Example 1 with Grant
use of com.aliyun.oss.model.Grant in project aliyun-oss-java-sdk by aliyun.
the class CreateBucketTest method testPutWithStorageTypeAndLocation.
@Test
public void testPutWithStorageTypeAndLocation() {
final String bucketName = "bucket-with-storage-and-location";
CreateBucketRequest createBucketRequest = new CreateBucketRequest(bucketName);
createBucketRequest.setStorageClass(StorageClass.Standard);
createBucketRequest.setLocationConstraint(OSS_TEST_REGION);
try {
ossClient.createBucket(createBucketRequest);
AccessControlList returnedAcl = ossClient.getBucketAcl(bucketName);
Set<Grant> grants = returnedAcl.getGrants();
Assert.assertEquals(0, grants.size());
System.out.println(returnedAcl.toString());
BucketList buckets = ossClient.listBuckets(bucketName, "", 100);
Assert.assertEquals(1, buckets.getBucketList().size());
Assert.assertEquals(StorageClass.Standard, buckets.getBucketList().get(0).getStorageClass());
Assert.assertEquals(OSS_TEST_REGION, buckets.getBucketList().get(0).getLocation());
Assert.assertEquals(buckets.getRequestId().length(), REQUEST_ID_LEN);
} catch (Exception ex) {
Assert.fail(ex.getMessage());
} finally {
ossClient.deleteBucket(bucketName);
}
}
Also used :
AccessControlList(com.aliyun.oss.model.AccessControlList)
CannedAccessControlList(com.aliyun.oss.model.CannedAccessControlList)
Grant(com.aliyun.oss.model.Grant)
CreateBucketRequest(com.aliyun.oss.model.CreateBucketRequest)
BucketList(com.aliyun.oss.model.BucketList)
OSSException(com.aliyun.oss.OSSException)
Test(org.junit.Test)
Example 2 with Grant
use of com.aliyun.oss.model.Grant in project aliyun-oss-java-sdk by aliyun.
the class CreateBucketTest method testPutWithCannedACL.
@Test
public void testPutWithCannedACL() {
final String bucketName = "bucket-with-canned-acl";
CreateBucketRequest createBucketRequest = new CreateBucketRequest(bucketName);
try {
// Create bucket with default(private) acl
ossClient.createBucket(createBucketRequest);
AccessControlList returnedAcl = ossClient.getBucketAcl(bucketName);
Set<Grant> grants = returnedAcl.getGrants();
Assert.assertEquals(0, grants.size());
Assert.assertEquals(returnedAcl.getCannedACL(), CannedAccessControlList.Private);
// Try to create existing bucket without setting acl
ossClient.createBucket(bucketName);
waitForCacheExpiration(5);
returnedAcl = ossClient.getBucketAcl(bucketName);
grants = returnedAcl.getGrants();
Assert.assertEquals(0, grants.size());
// Create bucket with public-read acl
createBucketRequest.setCannedACL(CannedAccessControlList.PublicRead);
ossClient.createBucket(createBucketRequest);
waitForCacheExpiration(5);
returnedAcl = ossClient.getBucketAcl(bucketName);
grants = returnedAcl.getGrants();
Assert.assertEquals(1, grants.size());
Grant grant = (Grant) grants.toArray()[0];
Assert.assertEquals(GroupGrantee.AllUsers, grant.getGrantee());
Assert.assertEquals(Permission.Read, grant.getPermission());
Assert.assertEquals(returnedAcl.getCannedACL(), CannedAccessControlList.PublicRead);
// Try to create existing bucket without setting acl
ossClient.createBucket(bucketName);
waitForCacheExpiration(5);
returnedAcl = ossClient.getBucketAcl(bucketName);
grants = returnedAcl.getGrants();
Assert.assertEquals(1, grants.size());
grant = (Grant) grants.toArray()[0];
Assert.assertEquals(GroupGrantee.AllUsers, grant.getGrantee());
Assert.assertEquals(Permission.Read, grant.getPermission());
// Create bucket with public-read-write acl
createBucketRequest.setCannedACL(CannedAccessControlList.PublicReadWrite);
ossClient.createBucket(createBucketRequest);
waitForCacheExpiration(5);
returnedAcl = ossClient.getBucketAcl(bucketName);
grants = returnedAcl.getGrants();
Assert.assertEquals(1, grants.size());
grant = (Grant) grants.toArray()[0];
Assert.assertEquals(GroupGrantee.AllUsers, grant.getGrantee());
Assert.assertEquals(Permission.FullControl, grant.getPermission());
Assert.assertEquals(returnedAcl.getCannedACL(), CannedAccessControlList.PublicReadWrite);
// Try to create existing bucket without setting acl
ossClient.createBucket(bucketName);
waitForCacheExpiration(5);
returnedAcl = ossClient.getBucketAcl(bucketName);
grants = returnedAcl.getGrants();
Assert.assertEquals(1, grants.size());
grant = (Grant) grants.toArray()[0];
Assert.assertEquals(GroupGrantee.AllUsers, grant.getGrantee());
Assert.assertEquals(Permission.FullControl, grant.getPermission());
} catch (Exception ex) {
Assert.fail(ex.getMessage());
} finally {
ossClient.deleteBucket(bucketName);
}
}
Also used :
AccessControlList(com.aliyun.oss.model.AccessControlList)
CannedAccessControlList(com.aliyun.oss.model.CannedAccessControlList)
Grant(com.aliyun.oss.model.Grant)
CreateBucketRequest(com.aliyun.oss.model.CreateBucketRequest)
OSSException(com.aliyun.oss.OSSException)
Test(org.junit.Test)
Example 3 with Grant
use of com.aliyun.oss.model.Grant in project aliyun-oss-java-sdk by aliyun.
the class CreateBucketTest method testPutWithStorageTypeFunc.
@Ignore
public void testPutWithStorageTypeFunc() {
final String bucketName = "bucket-with-storage-type-func";
try {
ossClient.createBucket(new CreateBucketRequest(bucketName).withStorageType(StorageClass.IA));
AccessControlList returnedAcl = ossClient.getBucketAcl(bucketName);
Set<Grant> grants = returnedAcl.getGrants();
Assert.assertEquals(0, grants.size());
BucketList buckets = ossClient.listBuckets(bucketName, "", 100);
Assert.assertEquals(1, buckets.getBucketList().size());
Assert.assertEquals(StorageClass.IA, buckets.getBucketList().get(0).getStorageClass());
} catch (Exception ex) {
Assert.fail(ex.getMessage());
} finally {
ossClient.deleteBucket(bucketName);
}
}
Also used :
AccessControlList(com.aliyun.oss.model.AccessControlList)
CannedAccessControlList(com.aliyun.oss.model.CannedAccessControlList)
Grant(com.aliyun.oss.model.Grant)
CreateBucketRequest(com.aliyun.oss.model.CreateBucketRequest)
BucketList(com.aliyun.oss.model.BucketList)
OSSException(com.aliyun.oss.OSSException)
Ignore(org.junit.Ignore)
Example 4 with Grant
use of com.aliyun.oss.model.Grant in project aliyun-oss-java-sdk by aliyun.
the class BucketAclTest method testUnormalGetBucketAcl.
@Test
public void testUnormalGetBucketAcl() {
// Get non-existent bucket
final String nonexistentBucket = "unormal-get-bucket-acl";
try {
ossClient.getBucketAcl(nonexistentBucket);
Assert.fail("Get bucket acl should not be successful");
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.NO_SUCH_BUCKET, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(NO_SUCH_BUCKET_ERR));
}
// Get bucket without ownership
final String bucketWithoutOwnership = "oss";
try {
ossClient.getBucketAcl(bucketWithoutOwnership);
Assert.fail("Get bucket referer should not be successful");
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
}
// Get bucket using default acl
final String bucketUsingDefaultAcl = "bucket-using-default-acl";
try {
ossClient.createBucket(bucketUsingDefaultAcl);
AccessControlList returnedACL = ossClient.getBucketAcl(bucketUsingDefaultAcl);
Set<Grant> grants = returnedACL.getGrants();
// No grants when using default acl
Assert.assertEquals(0, grants.size());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
ossClient.deleteBucket(bucketUsingDefaultAcl);
}
}
Also used :
AccessControlList(com.aliyun.oss.model.AccessControlList)
CannedAccessControlList(com.aliyun.oss.model.CannedAccessControlList)
Grant(com.aliyun.oss.model.Grant)
OSSException(com.aliyun.oss.OSSException)
OSSException(com.aliyun.oss.OSSException)
Test(org.junit.Test)
Example 5 with Grant
use of com.aliyun.oss.model.Grant in project aliyun-oss-java-sdk by aliyun.
the class SecurityTokenTest method testBucketOperationsWithToken.
@SuppressWarnings("deprecation")
@Test
public void testBucketOperationsWithToken() throws JSONException {
List<String> actions = new ArrayList<String>();
actions.add("oss:ListBuckets");
List<String> resources = new ArrayList<String>();
resources.add("acs:oss:*:" + STS_USER + ":*");
// List buckets with security token is not supported
OSSClient sessionClient = createSessionClient(actions, resources);
try {
sessionClient.listBuckets();
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Delete bucket if already exists
final String bucketName = "test-bucket-operations-with-token";
actions.add("oss:DeleteBucket");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.deleteBucket(bucketName);
} catch (OSSException oe) {
Assert.assertEquals(OSSErrorCode.NO_SUCH_BUCKET, oe.getErrorCode());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
waitForCacheExpiration(2);
// Put bucket with valid security token
actions.add("oss:PutBucket");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.createBucket(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
// Put unmatched bucket with valid security token
String unmatchedBucketName = bucketName + DUMMY_SUFFIX;
try {
sessionClient.createBucket(unmatchedBucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
}
// Put bucket with non-existent username && valid security token
final String nonexistentUser = "non-existent-user";
actions.add("oss:PutBucket");
resources.add("acs:oss:*:" + nonexistentUser + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.createBucket(unmatchedBucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Allow anyone to trigger operations start with 'Put'
final String anyone = "*";
actions.add("oss:Put*");
resources.add("acs:oss:*:" + anyone + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.createBucket(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket acl
actions.add("oss:PutBucketAcl");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.setBucketAcl(bucketName, CannedAccessControlList.PublicRead);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
sessionClient.getBucketAcl(bucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Get bucket acl
actions.add("oss:GetBucketAcl");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
AccessControlList returnedAcl = sessionClient.getBucketAcl(bucketName);
Set<Grant> grants = returnedAcl.getGrants();
Assert.assertEquals(1, grants.size());
Grant grant = (Grant) grants.toArray()[0];
Assert.assertEquals(GroupGrantee.AllUsers, grant.getGrantee());
Assert.assertEquals(Permission.Read, grant.getPermission());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
sessionClient.setBucketAcl(bucketName, CannedAccessControlList.Private);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket logging
final String targetPrefix = "bucket-logging-prefix";
actions.add("oss:PutBucketLogging");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketLoggingRequest request = new SetBucketLoggingRequest(bucketName);
request.setTargetBucket(bucketName);
request.setTargetPrefix(targetPrefix);
sessionClient.setBucketLogging(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
sessionClient.getBucketLogging(bucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Get bucket logging
actions.add("oss:GetBucketLogging");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
BucketLoggingResult result = sessionClient.getBucketLogging(bucketName);
Assert.assertEquals(bucketName, result.getTargetBucket());
Assert.assertEquals(targetPrefix, result.getTargetPrefix());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
SetBucketLoggingRequest request = new SetBucketLoggingRequest(bucketName);
request.setTargetBucket(bucketName);
request.setTargetPrefix(targetPrefix);
sessionClient.setBucketLogging(request);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Delete bucket logging
actions.add("oss:DeleteBucketLogging");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.deleteBucketLogging(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket website
final String indexDocument = "index.html";
final String errorDocument = "error.html";
actions.add("oss:PutBucketWebsite");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketWebsiteRequest request = new SetBucketWebsiteRequest(bucketName);
request.setIndexDocument(indexDocument);
request.setErrorDocument(errorDocument);
sessionClient.setBucketWebsite(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket referer
final String referer0 = "http://www.aliyun.com";
final String referer1 = "https://www.aliyun.com";
final String referer2 = "http://www.*.com";
final String referer3 = "https://www.?.aliyuncs.com";
actions.add("oss:PutBucketReferer");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
// Set non-empty referer list
BucketReferer r = new BucketReferer();
List<String> refererList = new ArrayList<String>();
refererList.add(referer0);
refererList.add(referer1);
refererList.add(referer2);
refererList.add(referer3);
r.setRefererList(refererList);
sessionClient.setBucketReferer(bucketName, r);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket lifecycle
final String ruleId0 = "delete obsoleted files";
final String matchPrefix0 = "obsoleted/";
final String ruleId1 = "delete temporary files";
final String matchPrefix1 = "temporary/";
actions.add("oss:PutBucketLifecycle");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketLifecycleRequest request = new SetBucketLifecycleRequest(bucketName);
request.AddLifecycleRule(new LifecycleRule(ruleId0, matchPrefix0, RuleStatus.Enabled, 3));
request.AddLifecycleRule(new LifecycleRule(ruleId1, matchPrefix1, RuleStatus.Enabled, DateUtil.parseIso8601Date("2022-10-12T00:00:00.000Z")));
sessionClient.setBucketLifecycle(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket cors
actions.add("oss:PutBucketCors");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r0 = new CORSRule();
r0.addAllowdOrigin("http://www.a.com");
r0.addAllowdOrigin("http://www.b.com");
r0.addAllowedMethod("GET");
r0.addAllowedHeader("Authorization");
r0.addExposeHeader("x-oss-test");
r0.addExposeHeader("x-oss-test1");
r0.setMaxAgeSeconds(100);
request.addCorsRule(r0);
sessionClient.setBucketCORS(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// List objects
actions.add("oss:ListObjects");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
ObjectListing objectListing = sessionClient.listObjects(bucketName);
Assert.assertEquals(0, objectListing.getObjectSummaries().size());
Assert.assertEquals(bucketName, objectListing.getBucketName());
Assert.assertNull(objectListing.getDelimiter());
Assert.assertNull(objectListing.getPrefix());
Assert.assertNull(objectListing.getMarker());
Assert.assertNull(objectListing.getNextMarker());
Assert.assertFalse(objectListing.isTruncated());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Cleanup bucket if already exists
actions.add("oss:DeleteBucket");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.deleteBucket(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
}
Also used :
CannedAccessControlList(com.aliyun.oss.model.CannedAccessControlList)
AccessControlList(com.aliyun.oss.model.AccessControlList)
Grant(com.aliyun.oss.model.Grant)
BucketLoggingResult(com.aliyun.oss.model.BucketLoggingResult)
OSSClient(com.aliyun.oss.OSSClient)
ArrayList(java.util.ArrayList)
CORSRule(com.aliyun.oss.model.SetBucketCORSRequest.CORSRule)
OSSException(com.aliyun.oss.OSSException)
ObjectListing(com.aliyun.oss.model.ObjectListing)
BucketReferer(com.aliyun.oss.model.BucketReferer)
LifecycleRule(com.aliyun.oss.model.LifecycleRule)
OSSException(com.aliyun.oss.OSSException)
IOException(java.io.IOException)
JSONException(org.codehaus.jettison.json.JSONException)
SetBucketCORSRequest(com.aliyun.oss.model.SetBucketCORSRequest)
SetBucketWebsiteRequest(com.aliyun.oss.model.SetBucketWebsiteRequest)
SetBucketLifecycleRequest(com.aliyun.oss.model.SetBucketLifecycleRequest)
SetBucketLoggingRequest(com.aliyun.oss.model.SetBucketLoggingRequest)
Test(org.junit.Test)
Aggregations
Grant (com.aliyun.oss.model.Grant)8
OSSException (com.aliyun.oss.OSSException)7
AccessControlList (com.aliyun.oss.model.AccessControlList)7
CannedAccessControlList (com.aliyun.oss.model.CannedAccessControlList)7
Test (org.junit.Test)6
CreateBucketRequest (com.aliyun.oss.model.CreateBucketRequest)4
BucketList (com.aliyun.oss.model.BucketList)3
Ignore (org.junit.Ignore)2
OSSClient (com.aliyun.oss.OSSClient)1
BucketInfo (com.aliyun.oss.model.BucketInfo)1
BucketLoggingResult (com.aliyun.oss.model.BucketLoggingResult)1
BucketReferer (com.aliyun.oss.model.BucketReferer)1
LifecycleRule (com.aliyun.oss.model.LifecycleRule)1
ObjectListing (com.aliyun.oss.model.ObjectListing)1
SetBucketCORSRequest (com.aliyun.oss.model.SetBucketCORSRequest)1
CORSRule (com.aliyun.oss.model.SetBucketCORSRequest.CORSRule)1
SetBucketLifecycleRequest (com.aliyun.oss.model.SetBucketLifecycleRequest)1
SetBucketLoggingRequest (com.aliyun.oss.model.SetBucketLoggingRequest)1
SetBucketWebsiteRequest (com.aliyun.oss.model.SetBucketWebsiteRequest)1
IOException (java.io.IOException)1
