Access control

Last updated: 2020-03-25 16:13:06

PDF

Note

This document provides an overview of the API related to the Access control list (ACL) of Bucket and the object, as well as the SDK sample code.

Bucket ACL

API Operation name pedagogical operation
PUT Bucket acl Set Bucket ACL Set the (ACL) of Access and Permission control list of specified Bucket
GET Bucket acl Query Bucket ACL Get the (ACL) of Access and Permission control list of specified Bucket

Object ACL

API Operation name pedagogical operation
PUT Object acl Set object ACL Set the Access control list for an object in Bucket
GET Object acl Query object ACL Access control list for querying objects

Bucket ACL

Set Bucket ACL

Function description

Set the Access Permission control list (ACL) of the specified Bucket.

Method prototype

PutBucketACLResult PutBucketACL(PutBucketACLRequest request);

void PutBucketACL(PutBucketACLRequest request, COSXML.Callback.OnSuccessCallback<CosResult> successCallback, COSXML.Callback.OnFailedCallback failCallback);

Request Sample

CosXmlConfig config = new CosXmlConfig.Builder()
  .SetConnectionTimeoutMs(60000) 
  .SetReadWriteTimeoutMs(40000)  
  .IsHttps(true)  
  .SetAppid("1250000000") 
  .SetRegion("COS_REGION") 
  .Build();

string secretId = "COS_SECRETID";  
string secretKey = "COS_SECRETKEY"; 
long durationSecond = 600;         
QCloudCredentialProvider qCloudCredentialProvider = new DefaultQCloudCredentialProvider(secretId, 
  secretKey, durationSecond);

CosXml cosXml = new CosXmlServer(config, qCloudCredentialProvider);

try
{
  string bucket = "examplebucket-1250000000"; 
  PutBucketACLRequest request = new PutBucketACLRequest(bucket);
  request.SetSign(TimeUtils.GetCurrentTime(TimeUnit.SECONDS), 600);
  request.SetCosACL(CosACL.PRIVATE);
  COSXML.Model.Tag.GrantAccount readAccount = new COSXML.Model.Tag.GrantAccount();
  readAccount.AddGrantAccount("1131975903", "1131975903");
  request.SetXCosGrantRead(readAccount);
  PutBucketACLResult result = cosXml.PutBucketACL(request);
  Console.WriteLine(result.GetResultInfo());
}
catch (COSXML.CosException.CosClientException clientEx)
{
  Console.WriteLine("CosClientException: " + clientEx);
}
catch (COSXML.CosException.CosServerException serverEx)
{
  Console.WriteLine("CosServerException: " + serverEx.GetInfo());
}

Parameter description

Parameter name Setting method Description Type
Bucket Construction method Bucket's name, format: BucketName-APPID String
CosAcl SetCosAcl Set up Bucket's ACL Permission String
GrantAccount SetXCosGrantRead or SetXCosGrantWrite or SetXCosReadWrite Allow users to read and write Permission GrantAccount
SignStartTimeSecond SetSign Start time of signature validity (Unix timestamp), for example, 1557902800 Long
DurationSecond SetSign The validity period of the signature (in seconds). For example, the validity period of the signature is 1 minute: 60. Long
HeaderKeys SetSign Signed request header List<string>
QueryParameterKeys SetSign Signed request parameters List<string>

Return result description

Request result is returned through PutBucketACLResult.

Member variable Type Description
HttpCode Int HTTP Code, [200,300) indicates that the operation was successful, otherwise it indicates that the operation failed.When the operation fails, the system throws a CosClientException or CosServerException Abnormal.

Query Bucket ACL

Function description

Query the specified Access Permission control list (ACL) of Bucket.

Method prototype

GetBucketACLResult GetBucketACL(GetBucketACLRequest request);

void GetBucketACL(GetBucketACLRequest request, COSXML.Callback.OnSuccessCallback<CosResult> successCallback, COSXML.Callback.OnFailedCallback failCallback);

Request Sample

CosXmlConfig config = new CosXmlConfig.Builder()
  .SetConnectionTimeoutMs(60000)  
  .SetReadWriteTimeoutMs(40000)  
  .IsHttps(true)  
  .SetAppid("1250000000") 
  .SetRegion("COS_REGION") 
  .Build();

string secretId = "COS_SECRETID";   
string secretKey = "COS_SECRETKEY"; 
long durationSecond = 600;          
QCloudCredentialProvider qCloudCredentialProvider = new DefaultQCloudCredentialProvider(secretId, 
  secretKey, durationSecond);

CosXml cosXml = new CosXmlServer(config, qCloudCredentialProvider);

try
{
  string bucket = "examplebucket-1250000000"; 
  GetBucketACLRequest request = new GetBucketACLRequest(bucket);
  request.SetSign(TimeUtils.GetCurrentTime(TimeUnit.SECONDS), 600);
  GetBucketACLResult result = cosXml.GetBucketACL(request);
  AccessControlPolicy acl = result.accessControlPolicy;
}
catch (COSXML.CosException.CosClientException clientEx)
{
  Console.WriteLine("CosClientException: " + clientEx);
}
catch (COSXML.CosException.CosServerException serverEx)
{
  Console.WriteLine("CosServerException: " + serverEx.GetInfo());
}

Parameter description

Parameter name Setting method Description Type
Bucket Construction method Bucket's name, format: BucketName-APPID String
SignStartTimeSecond SetSign Start time of signature validity (Unix timestamp), for example, 1557902800 Long
DurationSecond SetSign The validity period of the signature (in seconds). For example, the validity period of the signature is 1 minute: 60. Long
HeaderKeys SetSign Signed request header List<string>
QueryParameterKeys SetSign Signed request parameters List<string>

Return result description

Request result is returned through GetBucketACLResult.

Member variable Type Description
HttpCode Int HTTP Code, [200,300) indicates that the operation was successful, otherwise it indicates that the operation failed.

When the operation fails, the system throws a CosClientException or CosServerException Abnormal.

Object ACL

Set object ACL

Function description

Sets the Access control list (ACL) for the specified object.

Method prototype

PutObjectACLResult PutObjectACL(PutObjectACLRequest request);

void PutObjectACL(PutObjectACLRequest request, COSXML.Callback.OnSuccessCallback<CosResult> successCallback, COSXML.Callback.OnFailedCallback failCallback);

Request Sample

CosXmlConfig config = new CosXmlConfig.Builder()
  .SetConnectionTimeoutMs(60000)  
  .SetReadWriteTimeoutMs(40000)  
  .IsHttps(true)  
  .SetAppid("1250000000") 
  .SetRegion("COS_REGION") 
  .Build();

string secretId = "COS_SECRETID";  
string secretKey = "COS_SECRETKEY"; 
long durationSecond = 600;          
QCloudCredentialProvider qCloudCredentialProvider = new DefaultQCloudCredentialProvider(secretId, 
  secretKey, durationSecond);

CosXml cosXml = new CosXmlServer(config, qCloudCredentialProvider);

try
{
  string bucket = "examplebucket-1250000000"; 
  string key = "exampleobject";
  PutObjectACLRequest request = new PutObjectACLRequest(bucket, key);
  request.SetSign(TimeUtils.GetCurrentTime(TimeUnit.SECONDS), 600);
  request.SetCosACL(CosACL.PRIVATE);
  COSXML.Model.Tag.GrantAccount readAccount = new COSXML.Model.Tag.GrantAccount();
  readAccount.AddGrantAccount("1131975903", "1131975903");
  request.SetXCosGrantRead(readAccount);
  PutObjectACLResult result = cosXml.PutObjectACL(request);
  Console.WriteLine(result.GetResultInfo());
}
catch (COSXML.CosException.CosClientException clientEx)
{
  Console.WriteLine("CosClientException: " + clientEx);
}
catch (COSXML.CosException.CosServerException serverEx)
{
  Console.WriteLine("CosServerException: " + serverEx.GetInfo());
}

Parameter description

Parameter name Setting method Description Type
Bucket Construction method Bucket's name, format: BucketName-APPID String
Key Construction method or SetCosPath Stored in Object on COS Object key String
CosAcl SetCosAcl Set up Bucket's ACL Permission String
GrantAccount SetXCosGrantRead or SetXCosGrantWrite or SetXCosReadWrite Allow users to read and write Permission GrantAccount
SignStartTimeSecond SetSign Start time of signature validity (Unix timestamp), for example, 1557902800 Long
DurationSecond SetSign The validity period of the signature (in seconds). For example, the validity period of the signature is 1 minute: 60. Long
HeaderKeys SetSign Signed request header List<string>
QueryParameterKeys SetSign Signed request parameters List<string>

Return result description

Request result is returned through PutObjectACLResult.

Member variable Type Description
HttpCode Int HTTP Code, [200,300) indicates that the operation was successful, otherwise it indicates that the operation failed.When the operation fails, the system throws a CosClientException or CosServerException Abnormal.

Query object ACL

Function description

Query the Access control list of the object.

Method prototype

GetObjectACLResult GetObjectACL(GetObjectACLRequest request);

void GetObjectACL(GetObjectACLRequest request, COSXML.Callback.OnSuccessCallback<CosResult> successCallback, COSXML.Callback.OnFailedCallback failCallback);

Request Sample

CosXmlConfig config = new CosXmlConfig.Builder()
  .SetConnectionTimeoutMs(60000) 
  .SetReadWriteTimeoutMs(40000)
  .IsHttps(true)
  .SetAppid("1250000000")
  .SetRegion("COS_REGION") 
  .Build();

string secretId = "COS_SECRETID";  
string secretKey = "COS_SECRETKEY";
long durationSecond = 600;     
QCloudCredentialProvider qCloudCredentialProvider = new DefaultQCloudCredentialProvider(secretId, 
  secretKey, durationSecond);

CosXml cosXml = new CosXmlServer(config, qCloudCredentialProvider);

try
{
  string bucket = "examplebucket-1250000000"; 
  string key = "exampleobject"; 
  GetObjectACLRequest request = new GetObjectACLRequest(bucket, key);
  request.SetSign(TimeUtils.GetCurrentTime(TimeUnit.SECONDS), 600);
  GetObjectACLResult result = cosXml.GetObjectACL(request);
  AccessControlPolicy acl = result.accessControlPolicy;
}
catch (COSXML.CosException.CosClientException clientEx)
{
  Console.WriteLine("CosClientException: " + clientEx);
}
catch (COSXML.CosException.CosServerException serverEx)
{
  Console.WriteLine("CosServerException: " + serverEx.GetInfo());
}

Parameter description

Parameter name Setting method Description Type
Bucket Construction method Bucket's name, format: BucketName-APPID String
Key Construction method or SetCosPath Stored in Object on COS Object key String
SignStartTimeSecond SetSign Start time of signature validity (Unix timestamp), for example, 1557902800 Long
DurationSecond SetSign The validity period of the signature (in seconds). For example, the validity period of the signature is 1 minute: 60. Long
HeaderKeys SetSign Signed request header List<string>
QueryParameterKeys SetSign Signed request parameters List<string>

Return result description

Request result is returned through GetObjectACLResult.

Member variable Type Description
HttpCode Int HTTP Code, [200,300) indicates that the operation was successful, otherwise it indicates that the operation failed.

When the operation fails, the system throws a CosClientException or CosServerException Abnormal.