Access control

Last updated: 2020-03-20 09:53:03

PDF

Note

This document provides an overview of the API related to the Access control list (ACL) of Bucket and the object, as well as the SDK sample code.

Bucket ACL

API Operation name pedagogical operation
PUT Bucket acl Set Bucket ACL Set the (ACL) of Access and Permission control list of specified Bucket
GET Bucket acl Query Bucket ACL Get the (ACL) of Access and Permission control list of specified Bucket

Object ACL

API Operation name pedagogical operation
PUT Object acl Set object ACL Set the ACL of a Object (file / object) in Bucket
GET Object acl Query object ACL Query the ACL of Object (file / object)

Bucket ACL

Set Bucket ACL

Function description

Set the Access Permission control list (ACL) of the specified Bucket.

Method prototype

public Guzzle\Service\Resource\Model putBucketAcl(array $args = array());

Request Sample

try {
    $result = $cosClient->putBucketAcl(array(
        'Bucket' => 'examplebucket-1250000000', 
        'ACL' => 'private',
        'Grants' => array(
            array(
                'Grantee' => array(
                    'DisplayName' => 'qcs::cam::uin/100000000001:uin/100000000001',
                    'ID' => 'qcs::cam::uin/100000000001:uin/100000000001',
                    'Type' => 'CanonicalUser',
                ),  
                'Permission' => 'FULL_CONTROL',
            ),  
            // ... repeated
        ),  
        'Owner' => array(
            'DisplayName' => 'qcs::cam::uin/100000000001:uin/100000000001',
            'ID' => 'qcs::cam::uin/100000000001:uin/100000000001',
        )));
    print_r($result);
} catch (\Exception $e) {
    echo "$e\n";
}

Parameter description

Parameter name Type Description Parent node
Bucket String Bucket's name, format: BucketName-APPID None
Grants Array ACL Permission list None
Grant Array ACL Permission Information Grants
Grantee Array ACL Permission Information Grant
Type String Owner Permission type Grantee
Permission String Permission type. Available values: FULL_CONTROL, WRITE, READ Grant
ACL String overall Permission type. Available values: private, public-read, public-read-write
Owner String Bucket owner information None
DisplayName String The name information of the owner of Permission Grantee/Owner
Id String Permission owner ID Grantee/Owner

Query Bucket ACL

Function description

Gets the Access Permission control list (ACL) of the specified Bucket.

Method prototype

public Guzzle\Service\Resource\Model getBucketAcl(array $args = array());

Request Sample

try {
    $result = $cosClient->getBucketAcl(array(
        'Bucket' => 'examplebucket-1250000000' 
    )); 
    print_r($result);
} catch (\Exception $e) {
    echo($e);
}

Return an example of the result

Array
(
    [data:protected] => Array
        (
          [Owner] => Array
              (
                 [ID] => qcs::cam::uin/100000000001:uin/100000000001
                 [DisplayName] => qcs::cam::uin/100000000001:uin/100000000001
              )

          [Grants] => Array
                (
                  [0] => Array
                      (
                        [Grantee] => Array
                           (
                             [ID] => qcs::cam::uin/100000000001:uin/100000000001
                             [DisplayName] => qcs::cam::uin/100000000001:uin/100000000001
                           )

                        [Permission] => FULL_CONTROL
                      )

                )

          [RequestId] => NWE3YzhjMTRfYzdhMzNiMGFfYjdiOF8yYzZmMzU=
        )
)

Return result description

Parameter name Type Description Parent node
Grants Array ACL Permission list None
Grant Array ACL Permission Information Grants
Grantee Array ACL Permission Information Grant
Permission String Permission type. Available values: FULL_CONTROL, WRITE, READ Grant
Owner String Bucket owner information None
DisplayName String The name information of the owner of Permission Grantee/Owner
Id String Permission owner ID Grantee/Owner

Object ACL

Set object ACL

Function description

Sets the specified object Access Permission control list (ACL) (PUT Object acl).

Method prototype

public Guzzle\Service\Resource\Model putObjectAcl(array $args = array());

Request Sample

try {
    $result = $cosClient->putObjectAcl(array(
        'Bucket' => 'examplebucket-1250000000', 
        'Key' => 'exampleobject',
        'ACL' => 'private',
        'Grants' => array(
            array(
                'Grantee' => array(
                    'DisplayName' => 'qcs::cam::uin/100000000001:uin/100000000001',
                    'ID' => 'qcs::cam::uin/100000000001:uin/100000000001',
                    'Type' => 'CanonicalUser',
                ),  
                'Permission' => 'FULL_CONTROL',
            ),  
            // ... repeated
        ),  
        'Owner' => array(
            'DisplayName' => 'qcs::cam::uin/100000000001:uin/100000000001',
            'ID' => 'qcs::cam::uin/100000000001:uin/100000000001',
        )));
    print_r($result);
} catch (\Exception $e) {
    echo "$e\n";
}

Parameter description

Parameter name Type Description Required/Optional
Bucket String Bucket's name, format: BucketName-APPID Yes
Key String Object key Yes
Grants Array ACL Permission list No
Grant Array ACL Permission Information No
Grantee Array ACL Permission Information No
Type String Owner Permission type No
Permission String Permission type. Available values: FULL_CONTROL, WRITE, READ No
ACL String overall Permission type. Available values: private, public-read
Owner String Bucket owner information No
DisplayName String The name information of the owner of Permission No
Id String Permission owner ID No

Query object ACL

Function description

Query the Access Permission control list (GET Object acl) of the specified object.

Method prototype

public Guzzle\Service\Resource\Model getObjectAcl(array $args = array());

Request Sample

try {
    $result = $cosClient->getObjectAcl(array(
        'Bucket' => 'examplebucket-1250000000', 
        'Key' => 'exampleobject',
    )); 
    print_r($result);
} catch (\Exception $e) {
    echo($e);
}

Return an example of the result

Array
(
    [data:protected] => Array
        (
            [Owner] => Array
                (
                    [ID] => qcs::cam::uin/100000000001:uin/100000000001
                    [DisplayName] => qcs::cam::uin/100000000001:uin/100000000001
                )

            [Grants] => Array
                (
                    [0] => Array
                        (
                            [Grantee] => Array
                                (
                                    [ID] => qcs::cam::uin/100000000001:uin/100000000001
                                    [DisplayName] => qcs::cam::uin/100000000001:uin/100000000001
                                )

                            [Permission] => FULL_CONTROL
                        )

                )

            [RequestId] => NWE3YzhjMTRfYzdhMzNiMGFfYjdiOF8yYzZmMzU=
        )
)

Return result description

Parameter name Type Description Parent node
Grants Array ACL Permission list None
Grant Array ACL Permission Information Grants
Grantee Array ACL Permission Information Grant
Permission String Permission type. Available values: FULL_CONTROL, WRITE, READ Grant
Owner String Bucket owner information None
DisplayName String The name information of the owner of Permission Grantee / Owner
Id String Permission owner ID Grantee / Owner