Bucket权限控制
更新时间:2022-10-21
设置Bucket的访问权限
基本流程
- 创建BOSClient类的实例;
- 执行BOSClient putBucketACL方法;
- 设置失败时会产生错误。
示例代码
BOSPutBucketAclRequest* request = [[BOSPutBucketAclRequest alloc] init];
request.cannedAcl = BOS_ACL_PUBLIC_READ;
request.bucket = @"<bucketname>";
__block BOSPutBucketAclResponse* response = nil;
BCETask* task = [client putBucketACL:request];
task.then(^(BCEOutput* output) {
if (output.response) {
response = (BOSPutBucketAclResponse*)output.response;
NSLog(@"pub bucket acl success!");
}
if (output.error) {
NSLog(@"pub bucket acl failure with %@", output.error);
}
});
[task waitUtilFinished];说明:cannedAcl 字段可取3个值:
Private、PublicRead和PublicReadWrite,它们分别对应相关权限,具体内容可以参考《BOS API文档 使用CannedAcl方式的权限控制》。
完整示例
#import <BaiduBCEBasic/BaiduBCEBasic.h>
#import <BaiduBCEBOS/BaiduBCEBOS.h>
void example(void) {
// 初始化
BCECredentials* credentials = [[BCECredentials alloc] init];
credentials.accessKey = @"<access key>";
credentials.secretKey = @"<secret key>";
BOSClientConfiguration* configuration = [[BOSClientConfiguration alloc] init];
configuration.credentials = credentials;
BOSClient* client = [[BOSClient alloc] initWithConfiguration:configuration];
BOSPutBucketAclRequest* request = [[BOSPutBucketAclRequest alloc] init];
request.cannedAcl = BOS_ACL_PUBLIC_READ;
request.bucket = @"<bucketname>";
__block BOSPutBucketAclResponse* response = nil;
BCETask* task = [client putBucketACL:request];
task.then(^(BCEOutput* output) {
if (output.response) {
response = (BOSPutBucketAclResponse*)output.response;
NSLog(@"pub bucket acl success!");
}
if (output.error) {
NSLog(@"pub bucket acl failure with %@", output.error);
}
});
[task waitUtilFinished];
}设置指定用户对Bucket的访问权限
基本流程
- 创建BOSClient类的实例。
- 执行putBucketACL方法,您需要创建一个BOSPutBucketAclRequest的实例来提供授权用户信息。
- 设置失败时会抛出异常。
示例代码
#import <BaiduBCEBasic/BaiduBCEBasic.h>
#import <BaiduBCEBOS/BaiduBCEBOS.h>
void example(void) {
// 初始化
BCECredentials* credentials = [[BCECredentials alloc] init];
credentials.accessKey = @"<access key>";
credentials.secretKey = @"<secret key>";
BOSClientConfiguration* configuration = [[BOSClientConfiguration alloc] init];
configuration.credentials = credentials;
BOSClient* client = [[BOSClient alloc] initWithConfiguration:configuration];
NSArray<NSString*>* grantee = @[
@"<grantee1>",
@"<grantee2>"
];
NSArray<NSString*>* permission = @[
[BOSGrant permissionToString:BOSBucketGranteePermissionRead],
[BOSGrant permissionToString:BOSBucketGranteePermissionList],
];
BOSGrant* grant = [[BOSGrant alloc] init];
grant.granteeIDArray = grantee;
grant.permission = permission;
BOSPutBucketAclRequest* request = [[BOSPutBucketAclRequest alloc] init];
request.acl = [[BOSACL alloc] init];
request.acl.grantees = @[grant];
request.bucket = @"<bucketname>";
__block BOSPutBucketAclResponse* response = nil;
BCETask* task = [client putBucketACL:request];
task.then(^(BCEOutput* output) {
if (output.response) {
response = (BOSPutBucketAclResponse*)output.response;
NSLog(@"pub bucket acl success!");
}
if (output.error) {
NSLog(@"pub bucket acl failure with %@", output.error);
}
});
[task waitUtilFinished];
}注意:Permission中的权限设置包含三个值:
READ、WRITE、LIST、GetObject和FULL_CONTROL,它们分别对应相关权限,具体内容可以参考《BOS API文档 上传ACL文件方式的权限控制》。
完整示例
#import <BaiduBCEBasic/BaiduBCEBasic.h>
#import <BaiduBCEBOS/BaiduBCEBOS.h>
void example(void) {
// 初始化
BCECredentials* credentials = [[BCECredentials alloc] init];
credentials.accessKey = @"<access key>";
credentials.secretKey = @"<secret key>";
BOSClientConfiguration* configuration = [[BOSClientConfiguration alloc] init];
configuration.credentials = credentials;
BOSClient* client = [[BOSClient alloc] initWithConfiguration:configuration];
NSArray<NSString*>* grantee = @[
@"<grantee1>",
@"<grantee2>"
];
NSArray<NSString*>* permission = @[
[BOSGrant permissionToString:BOSBucketGranteePermissionRead],
[BOSGrant permissionToString:BOSBucketGranteePermissionList],
];
BOSGrant* grant = [[BOSGrant alloc] init];
grant.granteeIDArray = grantee;
grant.permission = permission;
BOSPutBucketAclRequest* request = [[BOSPutBucketAclRequest alloc] init];
request.acl = @[grant];
request.bucket = @"<bucketname>";
__block BOSPutBucketAclResponse* response = nil;
BCETask* task = [client putBucketACL:request];
task.then(^(BCEOutput* output) {
if (output.response) {
response = (BOSPutBucketAclResponse*)output.response;
NSLog(@"pub bucket acl success!");
}
if (output.error) {
NSLog(@"pub bucket acl failure with %@", output.error);
}
});
[task waitUtilFinished];
}