GetObjectACL用來獲取某個Bucket下的某個Object的存取權限。
請求文法
GET /ObjectName?acl HTTP/1.1
Host: BucketName.oss-cn-hangzhou.aliyuncs.com
Date: GMT Date
Authorization: SignatureValue響應元素(Response Elements)
| 名稱 | 類型 | 描述 |
|---|---|---|
| AccessControlList | 容器 | 儲存ACL資訊的容器 父節點:AccessControlPolicy |
| AccessControlPolicy | 容器 | 保存Get Object ACL結果的容器 父節點:None |
| DisplayName | 字元串 | Bucket擁有者的名稱.。(目前和ID一致) 父節點:AccessControlPolicy.Owner |
| Grant | 枚舉字元串 | Object的ACL許可權 有效值:private,public-read,public-read-write 父節點:AccessControlPolicy.AccessControlList |
| ID | 字元串 | Bucket擁有者的用戶ID 父節點:AccessControlPolicy.Owner |
| Owner | 容器 | 保存Bucket擁有者資訊的容器。 父節點:AccessControlPolicy |
細節分析
- 只有Bucket的擁有者才能使用GetObjectACL這個介面來獲取該Bucket下某個Object的ACL,非Bucket Owner調用該介面時,返回403 Forbidden消息。錯誤碼:AccessDenied,提示You do not have read acl permission on this object。
- 如果從來沒有對某個Object設定過ACL,則調用GetObjectACL時,OSS返回的ObjectACL會是default,表明該Object ACL遵循Bucket ACL。即:如果Bucket是private的,則該object也是private的;如果該object是public-read-write的,則該object也是public-read-write的。
樣本
請求樣本:
GET /test-object?acl HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Wed, 29 Apr 2015 05:21:12 GMT
Authorization: OSS qn6qrrqxo2oawuk53otfjbyc:CTkuxpLAi4XZ+WwIfNm0FmgbrQ0=返回樣本:
HTTP/1.1 200 OK
x-oss-request-id: 559CC9BDC755F95A64485981
Date: Wed, 29 Apr 2015 05:21:12 GMT
Content-Length: 253
Content-Tupe: application/xml
Connection: keep-alive
Server: AliyunOSS
<?xml version="1.0" ?>
<AccessControlPolicy>
<Owner>
<ID>00220120222</ID>
<DisplayName>00220120222</DisplayName>
</Owner>
<AccessControlList>
<Grant>public-read </Grant>
</AccessControlList>
</AccessControlPolicy>