This topic describes how to manage ACLs of objects in a versioning-enabled bucket.

Configure ACL for an object

PutObjectACL sets the ACL for the current version of the target object by default. If the current version of the target object is a delete marker, the 404 Not Found error is returned. You can set the versionId in the request to set the ACL for a specified version of the target object.

The following code provides an example on how to configure the ACL of an object:

using Aliyun.OSS;
using Aliyun.OSS.Common;
var endpoint = "<yourEndpoint>";
var accessKeyId = "<yourAccessKeyId>";
var accessKeySecret = "<yourAccessKeySecret>";
var bucketName = "<yourBucketName>";
var objectName = "<yourObjectName>";
var versionid = "<yourArchiveObjectVersionid>";
// Create an OSSClient instance.
var client = new OssClient(endpoint, accessKeyId, accessKeySecret);
// Configure the ACL of the object.
try
{
    // Use SetObjectAcl to configure the ACL of the object.
    var request = new SetObjectAclRequest(bucketName, objectName, CannedAccessControlList.PublicRead)
    {
        // Configure the ACL of the specified version of the object.
        VersionId = versionid
    };
    client.SetObjectAcl(request);
    Console.WriteLine("Set Object:{0} ACL succeeded ", objectName);
}
catch (Exception ex)
{
    Console.WriteLine("Set Object ACL failed with error info: {0}", ex.Message);
}
}

For more information about setting the ACL for an object, see PutObjectACL.

Obtain the ACL of an object

GetObjectACL obtains the ACL for the current version of the target object by default. If the current version of the object is a delete marker, the 404 Not Found error is returned. You can specify the versionId in the request to obtain the ACL for a specified version of the target object.

The following code provides an example on how to obtain the ACL of an object:

using Aliyun.OSS;
using Aliyun.OSS.Common;
var endpoint = "<yourEndpoint>";
var accessKeyId = "<yourAccessKeyId>";
var accessKeySecret = "<yourAccessKeySecret>";
var bucketName = "<yourBucketName>";
var objectName = "<yourObjectName>";
var versionid = "<yourArchiveObjectVersionid>";
// Create an OSSClient instance.
var client = new OssClient(endpoint, accessKeyId, accessKeySecret);

// Obtain the ACL of the object.
try
{
    // Use GetObjectAcl to obtain the ACL of the object.
    var request = new GetObjectAclRequest(bucketName, objectName)
    {
        // Query the ACL of the specified version of the object.
        VersionId = versionid
    };
    var result = client.GetObjectAcl(request);
    Console.WriteLine("Get Object ACL succeeded, Id: {0}  ACL: {1}",
        result.Owner.Id, result.ACL.ToString());
}
catch (OssException ex)
{
    Console.WriteLine("Failed with error code: {0}; Error info: {1}. \nRequestID: {2}\tHostID: {3}",
        ex.ErrorCode, ex.Message, ex.RequestId, ex.HostId);
}
catch (Exception ex)
{
    Console.WriteLine("Failed with error info: {0}", ex.Message);
}

For more information about obtaining the ACL for an object, see GetObjectACL.