本文介绍如何在受版本控制的存储空间(Bucket)中管理文件(Object)的访问权限(ACL)。

设置文件访问权限

PutObjectACL默认设置Object当前版本的ACL权限。如果Object的当前版本是删除标记(Delete Marker),OSS将返回404 Not Found。请求参数中指定versionId可以设置指定Object版本的ACL权限。

以下代码用于设置文件访问权限:
import com.aliyun.oss.ClientException;
import com.aliyun.oss.OSS;
import com.aliyun.oss.OSSClientBuilder;
import com.aliyun.oss.OSSException;
import com.aliyun.oss.model.*;

public class Demo {
    public static void main(String[] args) throws Exception {
        // Endpoint以华东1(杭州)为例,其它Region请按实际情况填写。
        String endpoint = "https://oss-cn-hangzhou.aliyuncs.com";
        // 阿里云账号AccessKey拥有所有API的访问权限,风险很高。强烈建议您创建并使用RAM用户进行API访问或日常运维,请登录RAM控制台创建RAM用户。
        String accessKeyId = "yourAccessKeyId";
        String accessKeySecret = "yourAccessKeySecret";
        // 填写Bucket名称,例如examplebucket。
        String bucketName = "examplebucket";
        // 填写Object的完整路径。Object完整路径中不能包含Bucket名称。
        String objectName = "exampledir/object";
        // 指定文件的versionId。
        String versionId = "CAEQMxiBgICAof2D0BYiIDJhMGE3N2M1YTI1NDQzOGY5NTkyNTI3MGYyMzJm****";

        // 创建OSSClient实例。
        OSS ossClient = new OSSClientBuilder().build(endpoint, accessKeyId, accessKeySecret);

        try {
            // 创建SetObjectAclRequest对象,此示例中设置文件的访问权限为公共读。
            SetObjectAclRequest setObjectAclRequest = new SetObjectAclRequest(bucketName, objectName,
                    versionId, CannedAccessControlList.PublicRead);

            // 设置指定versionId文件的权限。
            ossClient.setObjectAcl(setObjectAclRequest);
        } catch (OSSException oe) {
            System.out.println("Caught an OSSException, which means your request made it to OSS, "
                    + "but was rejected with an error response for some reason.");
            System.out.println("Error Message:" + oe.getErrorMessage());
            System.out.println("Error Code:" + oe.getErrorCode());
            System.out.println("Request ID:" + oe.getRequestId());
            System.out.println("Host ID:" + oe.getHostId());
        } catch (ClientException ce) {
            System.out.println("Caught an ClientException, which means the client encountered "
                    + "a serious internal problem while trying to communicate with OSS, "
                    + "such as not being able to access the network.");
            System.out.println("Error Message:" + ce.getMessage());
        } finally {
            if (ossClient != null) {
                ossClient.shutdown();
            }
        }
    }
}

获取文件访问权限

GetObjectACL默认获取Object当前版本的ACL权限。如果Object的当前版本是删除标记(Delete Marker),OSS将返回404 Not Found。请求参数中指定versionId可以获取指定Object版本的ACL权限。

以下代码用于获取文件访问权限:

import com.aliyun.oss.ClientException;
import com.aliyun.oss.OSS;
import com.aliyun.oss.OSSClientBuilder;
import com.aliyun.oss.OSSException;
import com.aliyun.oss.model.*;

public class Demo {
    public static void main(String[] args) throws Exception {
        // Endpoint以华东1(杭州)为例,其它Region请按实际情况填写。
        String endpoint = "https://oss-cn-hangzhou.aliyuncs.com";
        // 阿里云账号AccessKey拥有所有API的访问权限,风险很高。强烈建议您创建并使用RAM用户进行API访问或日常运维,请登录RAM控制台创建RAM用户。
        String accessKeyId = "yourAccessKeyId";
        String accessKeySecret = "yourAccessKeySecret";
        // 填写Bucket名称,例如examplebucket。
        String bucketName = "examplebucket";
        // 填写Object的完整路径。Object完整路径中不能包含Bucket名称。
        String objectName = "exampledir/object";
        // 指定文件的versionId。
        String versionId = "CAEQMxiBgICAof2D0BYiIDJhMGE3N2M1YTI1NDQzOGY5NTkyNTI3MGYyMzJm****";

        // 创建OSSClient实例。
        OSS ossClient = new OSSClientBuilder().build(endpoint, accessKeyId, accessKeySecret);

        try {
            // 获取文件的访问权限。
            GenericRequest genericRequest = new GenericRequest(bucketName, objectName, versionId);
            ObjectAcl objectAcl = ossClient.getObjectAcl(genericRequest);
            System.out.println("get object acl: " + objectAcl.getPermission().toString());
            System.out.println("object versionid: " + objectAcl.getVersionId());
        } catch (OSSException oe) {
            System.out.println("Caught an OSSException, which means your request made it to OSS, "
                    + "but was rejected with an error response for some reason.");
            System.out.println("Error Message:" + oe.getErrorMessage());
            System.out.println("Error Code:" + oe.getErrorCode());
            System.out.println("Request ID:" + oe.getRequestId());
            System.out.println("Host ID:" + oe.getHostId());
        } catch (ClientException ce) {
            System.out.println("Caught an ClientException, which means the client encountered "
                    + "a serious internal problem while trying to communicate with OSS, "
                    + "such as not being able to access the network.");
            System.out.println("Error Message:" + ce.getMessage());
        } finally {
            if (ossClient != null) {
                ossClient.shutdown();
            }
        }
    }
}

相关文档

  • 关于设置文件访问权限的API接口说明,请参见PutObjectACL
  • 关于获取文件访问权限的API接口说明,请参见GetObjectACL