Example 1 with SetBucketCORSRequest
use of com.aliyun.oss.model.SetBucketCORSRequest in project aliyun-oss-java-sdk by aliyun.
the class BucketCORSTest method testNormalSetBucketCORS.
@Test
public void testNormalSetBucketCORS() {
final String bucketName = "normal-set-bucket-cors";
try {
ossClient.createBucket(bucketName);
// Set bucket cors
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r0 = new CORSRule();
r0.addAllowdOrigin("http://www.a.com");
r0.addAllowdOrigin("http://www.b.com");
r0.addAllowedMethod("GET");
r0.addAllowedHeader("Authorization");
r0.addExposeHeader("x-oss-test");
r0.addExposeHeader("x-oss-test1");
r0.setMaxAgeSeconds(100);
request.addCorsRule(r0);
ossClient.setBucketCORS(request);
// Get bucket cors
List<CORSRule> rules = ossClient.getBucketCORSRules(bucketName);
r0 = rules.get(0);
Assert.assertEquals(1, rules.size());
Assert.assertEquals(2, r0.getAllowedOrigins().size());
Assert.assertEquals(1, r0.getAllowedMethods().size());
Assert.assertEquals(1, r0.getAllowedHeaders().size());
Assert.assertEquals(2, r0.getExposeHeaders().size());
Assert.assertEquals(100, r0.getMaxAgeSeconds().intValue());
// Override existing bucket cors
CORSRule r1 = new CORSRule();
r1.addAllowdOrigin("*");
r1.addAllowedMethod("GET");
r1.addAllowedMethod("PUT");
r1.addAllowedHeader("Authorization");
request.clearCorsRules();
request.addCorsRule(r1);
ossClient.setBucketCORS(request);
rules = ossClient.getBucketCORSRules(bucketName);
r1 = rules.get(0);
Assert.assertEquals(1, rules.size());
Assert.assertEquals(1, r1.getAllowedOrigins().size());
Assert.assertEquals(2, r1.getAllowedMethods().size());
Assert.assertEquals(1, r1.getAllowedHeaders().size());
// Delete bucket cors
ossClient.deleteBucketCORSRules(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
ossClient.deleteBucket(bucketName);
}
}
Also used :
CORSRule(com.aliyun.oss.model.SetBucketCORSRequest.CORSRule)
SetBucketCORSRequest(com.aliyun.oss.model.SetBucketCORSRequest)
OSSException(com.aliyun.oss.OSSException)
Test(org.junit.Test)
Example 2 with SetBucketCORSRequest
use of com.aliyun.oss.model.SetBucketCORSRequest in project aliyun-oss-java-sdk by aliyun.
the class SecurityTokenTest method testBucketOperationsWithToken.
@SuppressWarnings("deprecation")
@Test
public void testBucketOperationsWithToken() throws JSONException {
List<String> actions = new ArrayList<String>();
actions.add("oss:ListBuckets");
List<String> resources = new ArrayList<String>();
resources.add("acs:oss:*:" + STS_USER + ":*");
// List buckets with security token is not supported
OSSClient sessionClient = createSessionClient(actions, resources);
try {
sessionClient.listBuckets();
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Delete bucket if already exists
final String bucketName = "test-bucket-operations-with-token";
actions.add("oss:DeleteBucket");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.deleteBucket(bucketName);
} catch (OSSException oe) {
Assert.assertEquals(OSSErrorCode.NO_SUCH_BUCKET, oe.getErrorCode());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
waitForCacheExpiration(2);
// Put bucket with valid security token
actions.add("oss:PutBucket");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.createBucket(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
// Put unmatched bucket with valid security token
String unmatchedBucketName = bucketName + DUMMY_SUFFIX;
try {
sessionClient.createBucket(unmatchedBucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
}
// Put bucket with non-existent username && valid security token
final String nonexistentUser = "non-existent-user";
actions.add("oss:PutBucket");
resources.add("acs:oss:*:" + nonexistentUser + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.createBucket(unmatchedBucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Allow anyone to trigger operations start with 'Put'
final String anyone = "*";
actions.add("oss:Put*");
resources.add("acs:oss:*:" + anyone + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.createBucket(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket acl
actions.add("oss:PutBucketAcl");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.setBucketAcl(bucketName, CannedAccessControlList.PublicRead);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
sessionClient.getBucketAcl(bucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Get bucket acl
actions.add("oss:GetBucketAcl");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
AccessControlList returnedAcl = sessionClient.getBucketAcl(bucketName);
Set<Grant> grants = returnedAcl.getGrants();
Assert.assertEquals(1, grants.size());
Grant grant = (Grant) grants.toArray()[0];
Assert.assertEquals(GroupGrantee.AllUsers, grant.getGrantee());
Assert.assertEquals(Permission.Read, grant.getPermission());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
sessionClient.setBucketAcl(bucketName, CannedAccessControlList.Private);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket logging
final String targetPrefix = "bucket-logging-prefix";
actions.add("oss:PutBucketLogging");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketLoggingRequest request = new SetBucketLoggingRequest(bucketName);
request.setTargetBucket(bucketName);
request.setTargetPrefix(targetPrefix);
sessionClient.setBucketLogging(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
sessionClient.getBucketLogging(bucketName);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Get bucket logging
actions.add("oss:GetBucketLogging");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
BucketLoggingResult result = sessionClient.getBucketLogging(bucketName);
Assert.assertEquals(bucketName, result.getTargetBucket());
Assert.assertEquals(targetPrefix, result.getTargetPrefix());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
}
try {
SetBucketLoggingRequest request = new SetBucketLoggingRequest(bucketName);
request.setTargetBucket(bucketName);
request.setTargetPrefix(targetPrefix);
sessionClient.setBucketLogging(request);
} catch (OSSException e) {
Assert.assertEquals(OSSErrorCode.ACCESS_DENIED, e.getErrorCode());
Assert.assertTrue(e.getMessage().startsWith(SECURITY_TOKEN_ACCESS_DENIED_ERR));
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Delete bucket logging
actions.add("oss:DeleteBucketLogging");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.deleteBucketLogging(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket website
final String indexDocument = "index.html";
final String errorDocument = "error.html";
actions.add("oss:PutBucketWebsite");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketWebsiteRequest request = new SetBucketWebsiteRequest(bucketName);
request.setIndexDocument(indexDocument);
request.setErrorDocument(errorDocument);
sessionClient.setBucketWebsite(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket referer
final String referer0 = "http://www.aliyun.com";
final String referer1 = "https://www.aliyun.com";
final String referer2 = "http://www.*.com";
final String referer3 = "https://www.?.aliyuncs.com";
actions.add("oss:PutBucketReferer");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
// Set non-empty referer list
BucketReferer r = new BucketReferer();
List<String> refererList = new ArrayList<String>();
refererList.add(referer0);
refererList.add(referer1);
refererList.add(referer2);
refererList.add(referer3);
r.setRefererList(refererList);
sessionClient.setBucketReferer(bucketName, r);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket lifecycle
final String ruleId0 = "delete obsoleted files";
final String matchPrefix0 = "obsoleted/";
final String ruleId1 = "delete temporary files";
final String matchPrefix1 = "temporary/";
actions.add("oss:PutBucketLifecycle");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketLifecycleRequest request = new SetBucketLifecycleRequest(bucketName);
request.AddLifecycleRule(new LifecycleRule(ruleId0, matchPrefix0, RuleStatus.Enabled, 3));
request.AddLifecycleRule(new LifecycleRule(ruleId1, matchPrefix1, RuleStatus.Enabled, DateUtil.parseIso8601Date("2022-10-12T00:00:00.000Z")));
sessionClient.setBucketLifecycle(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Put bucket cors
actions.add("oss:PutBucketCors");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r0 = new CORSRule();
r0.addAllowdOrigin("http://www.a.com");
r0.addAllowdOrigin("http://www.b.com");
r0.addAllowedMethod("GET");
r0.addAllowedHeader("Authorization");
r0.addExposeHeader("x-oss-test");
r0.addExposeHeader("x-oss-test1");
r0.setMaxAgeSeconds(100);
request.addCorsRule(r0);
sessionClient.setBucketCORS(request);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// List objects
actions.add("oss:ListObjects");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
ObjectListing objectListing = sessionClient.listObjects(bucketName);
Assert.assertEquals(0, objectListing.getObjectSummaries().size());
Assert.assertEquals(bucketName, objectListing.getBucketName());
Assert.assertNull(objectListing.getDelimiter());
Assert.assertNull(objectListing.getPrefix());
Assert.assertNull(objectListing.getMarker());
Assert.assertNull(objectListing.getNextMarker());
Assert.assertFalse(objectListing.isTruncated());
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
// Cleanup bucket if already exists
actions.add("oss:DeleteBucket");
resources.add("acs:oss:*:" + STS_USER + ":" + bucketName);
sessionClient = createSessionClient(actions, resources);
try {
sessionClient.deleteBucket(bucketName);
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
actions.clear();
resources.clear();
sessionClient.shutdown();
}
}
Also used :
CannedAccessControlList(com.aliyun.oss.model.CannedAccessControlList)
AccessControlList(com.aliyun.oss.model.AccessControlList)
Grant(com.aliyun.oss.model.Grant)
BucketLoggingResult(com.aliyun.oss.model.BucketLoggingResult)
OSSClient(com.aliyun.oss.OSSClient)
ArrayList(java.util.ArrayList)
CORSRule(com.aliyun.oss.model.SetBucketCORSRequest.CORSRule)
OSSException(com.aliyun.oss.OSSException)
ObjectListing(com.aliyun.oss.model.ObjectListing)
BucketReferer(com.aliyun.oss.model.BucketReferer)
LifecycleRule(com.aliyun.oss.model.LifecycleRule)
OSSException(com.aliyun.oss.OSSException)
IOException(java.io.IOException)
JSONException(org.codehaus.jettison.json.JSONException)
SetBucketCORSRequest(com.aliyun.oss.model.SetBucketCORSRequest)
SetBucketWebsiteRequest(com.aliyun.oss.model.SetBucketWebsiteRequest)
SetBucketLifecycleRequest(com.aliyun.oss.model.SetBucketLifecycleRequest)
SetBucketLoggingRequest(com.aliyun.oss.model.SetBucketLoggingRequest)
Test(org.junit.Test)
Example 3 with SetBucketCORSRequest
use of com.aliyun.oss.model.SetBucketCORSRequest in project aliyun-oss-java-sdk by aliyun.
the class BucketCORSTest method testUnormalSetBucketCORS.
@Test
public void testUnormalSetBucketCORS() {
final String bucketName = "unormal-set-bucket-cors";
try {
ossClient.createBucket(bucketName);
// Set count of cors rules exceed MAX_CORS_RULE_LIMIT
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r = new CORSRule();
for (int i = 0; i < MAX_CORS_RULE_LIMIT; i++) {
request.addCorsRule(r);
}
request.addCorsRule(r);
Assert.fail("Set bucket cors should not be successful");
} catch (Exception e) {
Assert.assertTrue(e instanceof IllegalArgumentException);
}
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r = new CORSRule();
List<CORSRule> rules = new ArrayList<CORSRule>();
for (int i = 0; i < MAX_CORS_RULE_LIMIT; i++) {
rules.add(r);
}
rules.add(r);
request.setCorsRules(rules);
Assert.fail("Set bucket cors should not be successful");
} catch (Exception e) {
Assert.assertTrue(e instanceof IllegalArgumentException);
}
// Miss required field 'AllowedOrigins'
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r = new CORSRule();
r.addAllowedMethod("GET");
r.addAllowedMethod("PUT");
r.addAllowedHeader("Authorization");
request.addCorsRule(r);
Assert.fail("Set bucket cors should not be successful");
} catch (Exception e) {
Assert.assertTrue(e instanceof IllegalArgumentException);
}
// Miss required field 'AllowedMethods'
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r = new CORSRule();
r.addAllowdOrigin("*");
r.addAllowedHeader("Authorization");
request.addCorsRule(r);
Assert.fail("Set bucket cors should not be successful");
} catch (Exception e) {
Assert.assertTrue(e instanceof IllegalArgumentException);
}
// Fill more one asterisk wildcards in allowed origins
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r = new CORSRule();
r.addAllowdOrigin("www.*.abc.*.com");
r.addAllowedMethod("GET");
r.addAllowedMethod("PUT");
r.addAllowedHeader("Authorization");
request.addCorsRule(r);
Assert.fail("Set bucket cors should not be successful");
} catch (Exception e) {
Assert.assertTrue(e instanceof IllegalArgumentException);
}
// Unsupported method
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r = new CORSRule();
r.addAllowdOrigin("*");
r.addAllowedMethod("OPTIONS");
r.addAllowedHeader("Authorization");
request.addCorsRule(r);
Assert.fail("Set bucket cors should not be successful");
} catch (Exception e) {
Assert.assertTrue(e instanceof IllegalArgumentException);
}
// Fill one asterisk wildcard in allowed origins
try {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r = new CORSRule();
r.addAllowdOrigin("*");
r.addAllowedMethod("GET");
r.addAllowedHeader("Authorization");
r.addExposeHeader("x-oss-*");
request.addCorsRule(r);
Assert.fail("Set bucket cors should not be successful");
} catch (Exception e) {
Assert.assertTrue(e instanceof IllegalArgumentException);
}
} catch (Exception e) {
Assert.fail(e.getMessage());
} finally {
ossClient.deleteBucket(bucketName);
}
}
Also used :
CORSRule(com.aliyun.oss.model.SetBucketCORSRequest.CORSRule)
ArrayList(java.util.ArrayList)
SetBucketCORSRequest(com.aliyun.oss.model.SetBucketCORSRequest)
OSSException(com.aliyun.oss.OSSException)
Test(org.junit.Test)
Example 4 with SetBucketCORSRequest
use of com.aliyun.oss.model.SetBucketCORSRequest in project aliyun-oss-java-sdk by aliyun.
the class BucketOperationsSample method doBucketCORSOperations.
private static void doBucketCORSOperations() {
SetBucketCORSRequest request = new SetBucketCORSRequest(bucketName);
CORSRule r0 = new CORSRule();
r0.addAllowdOrigin("http://www.a.com");
r0.addAllowdOrigin("http://www.b.com");
r0.addAllowedMethod("GET");
r0.addAllowedHeader("Authorization");
r0.addExposeHeader("x-oss-test");
r0.addExposeHeader("x-oss-test1");
r0.setMaxAgeSeconds(100);
request.addCorsRule(r0);
System.out.println("Setting bucket CORS\n");
client.setBucketCORS(request);
System.out.println("Getting bucket CORS:");
List<CORSRule> rules = client.getBucketCORSRules(bucketName);
r0 = rules.get(0);
System.out.println("\tAllowedOrigins " + r0.getAllowedOrigins());
System.out.println("\tAllowedMethods " + r0.getAllowedMethods());
System.out.println("\tAllowedHeaders " + r0.getAllowedHeaders());
System.out.println("\tExposeHeaders " + r0.getExposeHeaders());
System.out.println("\tMaxAgeSeconds " + r0.getMaxAgeSeconds());
System.out.println();
System.out.println("Deleting bucket CORS\n");
client.deleteBucketCORSRules(bucketName);
}
Also used :
CORSRule(com.aliyun.oss.model.SetBucketCORSRequest.CORSRule)
SetBucketCORSRequest(com.aliyun.oss.model.SetBucketCORSRequest)
Aggregations
SetBucketCORSRequest (com.aliyun.oss.model.SetBucketCORSRequest)4
CORSRule (com.aliyun.oss.model.SetBucketCORSRequest.CORSRule)4
OSSException (com.aliyun.oss.OSSException)3
Test (org.junit.Test)3
ArrayList (java.util.ArrayList)2
OSSClient (com.aliyun.oss.OSSClient)1
AccessControlList (com.aliyun.oss.model.AccessControlList)1
BucketLoggingResult (com.aliyun.oss.model.BucketLoggingResult)1
BucketReferer (com.aliyun.oss.model.BucketReferer)1
CannedAccessControlList (com.aliyun.oss.model.CannedAccessControlList)1
Grant (com.aliyun.oss.model.Grant)1
LifecycleRule (com.aliyun.oss.model.LifecycleRule)1
ObjectListing (com.aliyun.oss.model.ObjectListing)1
SetBucketLifecycleRequest (com.aliyun.oss.model.SetBucketLifecycleRequest)1
SetBucketLoggingRequest (com.aliyun.oss.model.SetBucketLoggingRequest)1
SetBucketWebsiteRequest (com.aliyun.oss.model.SetBucketWebsiteRequest)1
IOException (java.io.IOException)1
JSONException (org.codehaus.jettison.json.JSONException)1
