def add_user_grant(self, permission, user_id, recursive=False):
"""
Convenience method that provides a quick way to add a canonical user grant to a bucket.
This method retrieves the current ACL, creates a new grant based on the parameters
passed in, adds that grant to the ACL and then PUT's the new ACL back to S3.
:type permission: string
:param permission: The permission being granted. Should be one of:
READ|WRITE|READ_ACP|WRITE_ACP|FULL_CONTROL
See http://docs.amazonwebservices.com/AmazonS3/2006-03-01/UsingAuthAccess.html
for more details on permissions.
:type user_id: string
:param user_id: The canonical user id associated with the AWS account your are granting
the permission to.
:type recursive: bool
:param recursive: A boolean value that controls whether the command will apply the
grant to all keys within the bucket or not. The default value is False.
By passing a True value, the call will iterate through all keys in the
bucket and apply the same grant to each key.
CAUTION: If you have a lot of keys, this could take a long time!
"""
if permission not in S3Permissions:
raise S3PermissionsError('Unknown Permission: %s' % permission)
policy = self.get_acl()
policy.acl.add_user_grant(permission, user_id)
self.set_acl(policy)
if recursive:
for key in self:
key.add_user_grant(permission, user_id)
def add_user_grant(self,
permission,
user_id,
recursive=False,
headers=None):
"""
Convenience method that provides a quick way to add a canonical user grant to a bucket.
This method retrieves the current ACL, creates a new grant based on the parameters
passed in, adds that grant to the ACL and then PUT's the new ACL back to S3.
:type permission: string
:param permission: The permission being granted. Should be one of:
(READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL).
:type user_id: string
:param user_id: The canonical user id associated with the AWS account your are granting
the permission to.
:type recursive: boolean
:param recursive: A boolean value to controls whether the command
will apply the grant to all keys within the bucket
or not. The default value is False. By passing a
True value, the call will iterate through all keys
in the bucket and apply the same grant to each key.
CAUTION: If you have a lot of keys, this could take
a long time!
"""
if permission not in S3Permissions:
raise S3PermissionsError('Unknown Permission: %s' % permission)
policy = self.get_acl(headers=headers)
policy.acl.add_user_grant(permission, user_id)
self.set_acl(policy, headers=headers)
if recursive:
for key in self:
key.add_user_grant(permission, user_id, headers=headers)
def add_email_grant(self, permission, email_address, recursive=False, headers=None):
"""
Convenience method that provides a quick way to add an email grant to a bucket.
This method retrieves the current ACL, creates a new grant based on the parameters
passed in, adds that grant to the ACL and then PUTs the new ACL back to GS.
:param permission: The permission being granted. Should be one of: (READ, WRITE, FULL_CONTROL).
See http://code.google.com/apis/storage/docs/developer-guide.html#authorization for more details on permissions.
:type permission: string
:param email_address: The email address associated with the GS account to which you are granting permission.
:type email_address: string
:param recursive: A boolean value to controls whether the command will apply the
grant to all keys within the bucket or not. The default value is False.
By passing a True value, the call will iterate through all keys in the
bucket and apply the same grant to each key.
CAUTION: If you have a lot of keys, this could take a long time!
:type recursive: boolean
"""
if permission not in GSPermissions:
raise S3PermissionsError('Unknown Permission: %s' % permission)
acl = self.get_acl(headers=headers)
acl.add_email_grant(permission, email_address)
self.set_acl(acl, headers=headers)
if recursive:
for key in self:
key.add_email_grant(permission, email_address, headers=headers)