Ejemplos de AccessControlList en Python

Ejemplo n.º 1

Archivo: fds_cli.py Proyecto: MiguelCYF/galaxy-fds-sdk-python

def put_bucket_acl(bucket_name, gratee_list, permission_list):
    check_bucket_name(bucket_name=bucket_name)
    bucketAcl = AccessControlList()
    for role in gratee_list:
        grant = Grant(Grantee(role), Permission(permission).get_value())
        if role in [UserGroups.ALL_USERS, UserGroups.AUTHENTICATED_USERS]:
            grant.type = GrantType.GROUP
        bucketAcl.add_grant(grant)
    fds_client.set_bucket_acl(bucket_name=bucket_name, acl=bucketAcl)

Ejemplo n.º 2

Archivo: fds_cli.py Proyecto: XiaoMi/galaxy-fds-sdk-python

def delete_bucket_acl(bucket_name, gratee_list, permission_list):
  check_bucket_name(bucket_name=bucket_name)
  bucketAcl = AccessControlList()
  for role in gratee_list:
    grant = Grant(Grantee(role), Permission(permission_list).get_value())
    if role in [UserGroups.ALL_USERS, UserGroups.AUTHENTICATED_USERS]:
      grant.type = GrantType.GROUP
    bucketAcl.add_grant(grant)
  fds_client.delete_bucket_acl(bucket_name=bucket_name, acl=bucketAcl)

Ejemplo n.º 3

def delete_object_acl(bucket_name, object_name, gratee_list, permission_list, is_archive=False):
  check_bucket_name(bucket_name)
  check_bucket_name(object_name)
  object_acl = AccessControlList()
  for role in gratee_list:
    grant = Grant(Grantee(role), Permission(permission_list).get_value())
    if role in [UserGroups.ALL_USERS, UserGroups.AUTHENTICATED_USERS]:
      grant.type = GrantType.GROUP
    object_acl.add_grant(grant)
  fds_client.delete_object_acl(bucket_name, object_name, object_acl, is_archive=is_archive)

Ejemplo n.º 4

Archivo: client_test.py Proyecto: MiguelCYF/galaxy-fds-sdk-python

    def test_object_acl(self):
        object_name = "test1"
        content = "test1"
        self.client.put_object(self.bucket_name, object_name, content)
        for bucket in self.client.list_objects(self.bucket_name):
            print(bucket)
        print(self.client.get_object_acl(self.bucket_name, object_name))
        objectAcl = AccessControlList()
        objectAcl.add_grant(Grant(Grantee("111"), Permission.READ))
        objectAcl.add_grant(Grant(Grantee("109901"), Permission.FULL_CONTROL))
        objectAcl.add_grant(Grant(Grantee(acl_ak), Permission.FULL_CONTROL))
        self.client.set_object_acl(self.bucket_name, object_name, objectAcl)
        acl = self.client.get_object_acl(self.bucket_name, object_name)
        self.assertTrue(objectAcl.is_subset(acl))

        acl_client = GalaxyFDSClient(
            acl_ak, acl_access_secret,
            FDSClientConfiguration(region_name,
                                   False,
                                   False,
                                   False,
                                   endpoint=endpoint))
        self.assertTrue(
            self.client.does_object_exists(self.bucket_name, object_name))
        print(acl_client.get_object(self.bucket_name, object_name))
        self.client.delete_object(self.bucket_name, object_name)
        self.assertFalse(
            self.client.does_object_exists(self.bucket_name, object_name))

Ejemplo n.º 5

Archivo: fds_cli.py Proyecto: XiaoMi/galaxy-fds-sdk-python

def put_object_acl(bucket_name, object_name, gratee_list, permission_list):
  check_bucket_name(bucket_name=bucket_name)
  check_object_name(object_name=object_name)
  object_acl = AccessControlList()
  for role in gratee_list:
    grant = Grant(Grantee(role), Permission(permission_list).get_value())
    if role in [UserGroups.ALL_USERS, UserGroups.AUTHENTICATED_USERS]:
      grant.type = GrantType.GROUP
    object_acl.add_grant(grant)
  fds_client.set_object_acl(bucket_name, object_name, object_acl)
  logger.info('set [%s/%s] acl success', bucket_name, object_name)

Ejemplo n.º 6

Archivo: fds_cli.py Proyecto: MiguelCYF/galaxy-fds-sdk-python

def put_object_acl(bucket_name, object_name, gratee_list, permission_list):
    check_bucket_name(bucket_name=bucket_name)
    check_object_name(object_name=object_name)
    object_acl = AccessControlList()
    for role in gratee_list:
        grant = Grant(Grantee(role), Permission(permission).get_value())
        if role in [UserGroups.ALL_USERS, UserGroups.AUTHENTICATED_USERS]:
            grant.type = GrantType.GROUP
        object_acl.add_grant(grant)
    fds_client.set_object_acl(bucket_name, object_name, object_acl)
    logger.info('set [%s/%s] acl success', bucket_name, object_name)

Ejemplo n.º 7

Archivo: client_test.py Proyecto: JanKari/galaxy-fds-sdk-python

    def test_bucket_acl(self):
        print(self.bucket_name)

        self.client.get_bucket_acl(self.bucket_name)
        bucketAcl = AccessControlList()
        bucketAcl.add_grant(Grant(Grantee("111"), Permission.READ))
        bucketAcl.add_grant(Grant(Grantee('109901'), Permission.FULL_CONTROL))
        bucketAcl.add_grant(Grant(Grantee('123456'), Permission.SSO_WRITE))
        bucketAcl.add_grant(Grant(Grantee(appid), Permission.FULL_CONTROL))
        self.client.set_bucket_acl(self.bucket_name, bucketAcl)

        aclListGot = self.client.get_bucket_acl(self.bucket_name)
        readAclCnt = 0
        fullControlCnt = 0
        writeWithSSOCnt = 0
        for i in aclListGot.get_grant_list():
            if i['grantee']['id'] == '111':
                self.assertTrue(i['permission'].to_string() == Permission(
                    Permission.READ).to_string())
                readAclCnt += 1
            elif i['grantee']['id'] == '109901':
                self.assertTrue(i['permission'].to_string() == Permission(
                    Permission.FULL_CONTROL).to_string())
                fullControlCnt += 1
            elif i['grantee']['id'] == '123456':
                self.assertTrue(i['permission'].to_string() == Permission(
                    Permission.SSO_WRITE).to_string())
                writeWithSSOCnt += 1
        self.assertTrue(readAclCnt == 1)
        self.assertTrue(fullControlCnt == 1)
        self.assertTrue(writeWithSSOCnt == 1)

        #    self.client.set_bucket_acl(self.bucket_name, bucketAcl)
        acl = self.client.get_bucket_acl(self.bucket_name)
        self.assertTrue(bucketAcl.is_subset(acl))
        acl_client = GalaxyFDSClient(
            acl_ak, acl_access_secret,
            FDSClientConfiguration(region_name,
                                   False,
                                   False,
                                   False,
                                   endpoint=endpoint))
        object_name = "testBucketAcl7"
        acl_client.put_object(self.bucket_name, object_name, "hahhah")
        self.assertTrue(
            self.client.does_object_exists(self.bucket_name, object_name))
        acl_client.list_objects(self.bucket_name)
        acl_client.delete_object(self.bucket_name, object_name)
        self.assertFalse(
            self.client.does_object_exists(self.bucket_name, object_name))
        self.assertTrue(acl_client.does_bucket_exist(self.bucket_name))
        try:
            acl_client.delete_bucket(self.bucket_name)
        except GalaxyFDSClientException as e:
            print(e.message)
        self.assertTrue(self.client.does_bucket_exist(self.bucket_name))

Ejemplo n.º 8

Archivo: galaxy_fds_client.py Proyecto: tallercc/galaxy-fds-sdk-python

 def _acp_to_acl(self, acp):
   '''
   Translate AccessControlPolicy to AccessControlList.
   '''
   if acp is not None:
     acl = AccessControlList()
     for item in acp['accessControlList']:
       grantee = item['grantee']
       grant_id = grantee['id']
       permission = item['permission']
       g = Grant(Grantee(grant_id), permission)
       acl.add_grant(g)
     return acl
   return str()

Ejemplo n.º 9

Archivo: client_test.py Proyecto: XiaoMi/galaxy-fds-sdk-python

  def test_bucket_acl(self):
    print(self.bucket_name)

    self.client.get_bucket_acl(self.bucket_name)
    bucketAcl = AccessControlList()
    bucketAcl.add_grant(Grant(Grantee("111"), Permission.READ))
    bucketAcl.add_grant(Grant(Grantee('109901'), Permission.FULL_CONTROL))
    bucketAcl.add_grant(Grant(Grantee('123456'), Permission.SSO_WRITE))
    bucketAcl.add_grant(Grant(Grantee(app_id), Permission.FULL_CONTROL))
    self.client.set_bucket_acl(self.bucket_name, bucketAcl)

    aclListGot = self.client.get_bucket_acl(self.bucket_name)
    readAclCnt = 0
    fullControlCnt = 0
    writeWithSSOCnt = 0
    for i in aclListGot.get_grant_list():
      if i['grantee']['id'] == '111':
        self.assertTrue(i['permission'].to_string() == Permission(Permission.READ).to_string())
        readAclCnt += 1
      elif i['grantee']['id'] == '109901':
        self.assertTrue(
          i['permission'].to_string() == Permission(Permission.FULL_CONTROL).to_string())
        fullControlCnt += 1
      elif i['grantee']['id'] == '123456':
        self.assertTrue(i['permission'].to_string() == Permission(Permission.SSO_WRITE).to_string())
        writeWithSSOCnt += 1
    self.assertTrue(readAclCnt == 1)
    self.assertTrue(fullControlCnt == 1)
    self.assertTrue(writeWithSSOCnt == 1)

    #    self.client.set_bucket_acl(self.bucket_name, bucketAcl)
    acl = self.client.get_bucket_acl(self.bucket_name)
    self.assertTrue(bucketAcl.is_subset(acl))
    acl_client = GalaxyFDSClient(acl_ak, acl_access_secret,
                                 FDSClientConfiguration(region_name, False, False, False,
                                                        endpoint=endpoint))
    object_name = "testBucketAcl7"
    acl_client.put_object(self.bucket_name, object_name, "hahhah")
    self.assertTrue(
      self.client.does_object_exists(self.bucket_name, object_name))
    acl_client.list_objects(self.bucket_name)
    acl_client.delete_object(self.bucket_name, object_name)
    self.assertFalse(
      self.client.does_object_exists(self.bucket_name, object_name))
    self.assertTrue(acl_client.does_bucket_exist(self.bucket_name))

Ejemplo n.º 10

Archivo: fdscli_cli.py Proyecto: MiguelCYF/galaxy-fds-sdk-python

 def make_public(self, url):
     if not FDSURL.is_fds_url(url):
         CLIPrinter.wrong_format()
         return
     url = FDSURL(url)
     if url.is_object_url():
         try:
             self._fds.set_public(url.bucket_name(), url.object_name())
         except GalaxyFDSClientException as e:
             CLIPrinter.fail(e.message)
             return
     elif url.is_bucket_url():
         try:
             acl = AccessControlList()
             grant = Grant(Grantee(UserGroups.ALL_USERS), Permission.READ)
             grant.type = GrantType.GROUP
             acl.add_grant(grant)
             self._fds.set_bucket_acl(url.bucket_name(), acl)
         except GalaxyFDSClientException as e:
             CLIPrinter.fail(e.message)
             return
     else:
         CLIPrinter.wrong_format()
         return

Ejemplo n.º 11

Archivo: fdscli_cli.py Proyecto: XiaoMi/galaxy-fds-sdk-python

 def make_public(self, url):
   if not FDSURL.is_fds_url(url):
     CLIPrinter.wrong_format()
     return
   url = FDSURL(url)
   if url.is_object_url():
     try:
       self._fds.set_public(url.bucket_name(), url.object_name())
     except GalaxyFDSClientException as e:
       CLIPrinter.fail(e.message)
       return
   elif url.is_bucket_url():
     try:
       acl = AccessControlList()
       grant = Grant(Grantee(UserGroups.ALL_USERS), Permission.READ)
       grant.type = GrantType.GROUP
       acl.add_grant(grant)
       self._fds.set_bucket_acl(url.bucket_name(), acl)
     except GalaxyFDSClientException as e:
       CLIPrinter.fail(e.message)
       return
   else: 
     CLIPrinter.wrong_format()
     return

Ejemplo n.º 12

Archivo: client_test.py Proyecto: XiaoMi/galaxy-fds-sdk-python

  def test_object_acl(self):
    object_name = "test1"
    content = "test1"
    self.client.put_object(self.bucket_name, object_name, content)
    for bucket in self.client.list_objects(self.bucket_name):
      print(bucket)
    print(self.client.get_object_acl(self.bucket_name, object_name))
    objectAcl = AccessControlList()
    objectAcl.add_grant(Grant(Grantee("111"), Permission.READ))
    objectAcl.add_grant(Grant(Grantee("109901"), Permission.FULL_CONTROL))
    objectAcl.add_grant(Grant(Grantee(acl_ak), Permission.FULL_CONTROL))
    self.client.set_object_acl(self.bucket_name, object_name, objectAcl)
    acl = self.client.get_object_acl(self.bucket_name, object_name)
    self.assertTrue(objectAcl.is_subset(acl))

    acl_client = GalaxyFDSClient(acl_ak, acl_access_secret,
                                 FDSClientConfiguration(region_name, False, False, False,
                                                        endpoint=endpoint))
    self.assertTrue(
      self.client.does_object_exists(self.bucket_name, object_name))
    print(acl_client.get_object(self.bucket_name, object_name))
    self.client.delete_object(self.bucket_name, object_name)
    self.assertFalse(
      self.client.does_object_exists(self.bucket_name, object_name))

Ejemplo n.º 13

# Delete the object
fds_client.delete_object(bucket_name, object_name)
#####################

#####################
# Create another client
other_ak = 'other_access_key'  # corresponding developerId is 109901
other_access_secret = 'other_access_secret'
other_developerId = 'other_developerId'
other_client = GalaxyFDSClient(other_ak, other_access_secret)

# Create a object and grant READ permission to others
object_name = 'shared-object'
fds_client.put_object(bucket_name, object_name, 'shared_content')
object_acl = AccessControlList()
object_acl.add_grant(Grant(Grantee(other_developerId), Permission.READ))
fds_client.set_object_acl(bucket_name, object_name, object_acl)
# Read the shared object by another client
for chunk in other_client.get_object(bucket_name, object_name).stream:
    sys.stdout.write(chunk)
print('\n')

# Grant FULL_CONTROL permission of bucket to others
bucket_acl = AccessControlList()
bucket_acl.add_grant(Grant(Grantee(other_developerId),
                           Permission.FULL_CONTROL))
fds_client.set_bucket_acl(bucket_name, bucket_acl)

# Post an object by others
result = other_client.post_object(bucket_name, 'post')

Ejemplo n.º 14

Archivo: galaxy_fds_client.py Proyecto: tallercc/galaxy-fds-sdk-python

 def set_public(self, bucket_name, object_name):
   acl = AccessControlList()
   grant = Grant(Grantee(UserGroups.ALL_USERS), Permission.READ)
   grant.type = GrantType.GROUP
   acl.add_grant(grant)
   self.set_object_acl(bucket_name, object_name, acl)

Ejemplo n.º 15

Archivo: fds_client_example.py Proyecto: Shenjiaqi/galaxy-fds-sdk-python

# Delete the object
fds_client.delete_object(bucket_name, object_name)
#####################

#####################
# Create another client
other_ak = 'other_access_key' # corresponding developerId is 109901
other_access_secret = 'other_access_secret'
other_developerId = 'other_developerId'
other_client = GalaxyFDSClient(other_ak, other_access_secret)

# Create a object and grant READ permission to others
object_name = 'shared-object'
fds_client.put_object(bucket_name, object_name, 'shared_content')
object_acl = AccessControlList()
object_acl.add_grant(Grant(Grantee(other_developerId), Permission.READ))
fds_client.set_object_acl(bucket_name, object_name, object_acl)
# Read the shared object by another client
for chunk in other_client.get_object(bucket_name, object_name).stream:
    sys.stdout.write(chunk)
print '\n'

# Grant FULL_CONTROL permission of bucket to others
bucket_acl = AccessControlList()
bucket_acl.add_grant(Grant(Grantee(other_developerId), Permission.FULL_CONTROL))
fds_client.set_bucket_acl(bucket_name, bucket_acl)

# Post an object by others
result = other_client.post_object(bucket_name, 'post')
print result.object_name