vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/obs/api-ref/obs_04_0089.html
Jawei, Li f1cb839979 OBS api-ref 2.0.38.SP5 
Reviewed-by: gtema <artem.goncharov@gmail.com>
Co-authored-by: Jawei, Li <lijiawei5@huawei.com>
Co-committed-by: Jawei, Li <lijiawei5@huawei.com>
2022-11-03 11:54:51 +00:00

275 lines
16 KiB
HTML
Raw Blame History

<a name="obs_04_0089"></a><a name="obs_04_0089"></a>
<h1 class="topictitle1">Configuring an Object ACL</h1>
<div id="body4721024"><div class="section" id="obs_04_0089__section5584184924715"><h4 class="sectiontitle">Functions</h4><p id="obs_04_0089__p9640200">OBS supports the control of access permission for objects. By default, only the object creator has the read and write permissions for the object. However, the creator can set a public access policy to assign the read permission to all other users. Even if the ACL is configured for an object encrypted in the SSE-KMS mode, the inter-tenant access is unavailable.</p>
<p id="obs_04_0089__p19652939">You can set an access control policy when uploading an object or make a call of an API operation to modify or obtain the object ACL. An object ACL supports a maximum of 100 grants.</p>
<p id="obs_04_0089__p42658724">This section explains how to modify an object ACL and change access permission on an object.</p>
</div>
<div class="section" id="obs_04_0089__section48384196"><h4 class="sectiontitle">Versioning</h4><p id="obs_04_0089__p46858659">By default, this operation modifies the ACL of the latest version of an object. To specify a specified version, the request can carry the <strong id="obs_04_0089__b4568647191517">versionId</strong> parameter.</p>
</div>
<div class="section" id="obs_04_0089__section32804580"><h4 class="sectiontitle">Request Syntax</h4><div class="codecoloring" codetype="Xml" id="obs_04_0089__screen15997160"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre> 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19</pre></div></td><td class="code"><div class="highlight"><pre><span></span>PUT /ObjectName?acl HTTP/1.1
Host: bucketname.obs.region.example.com
Date: date
Authorization: authorization
<span class="nt">&lt;AccessControlPolicy&gt;</span>
<span class="nt">&lt;Owner&gt;</span>
<span class="nt">&lt;ID&gt;</span>ID<span class="nt">&lt;/ID&gt;</span>
<span class="nt">&lt;/Owner&gt;</span>
<span class="nt">&lt;Delivered&gt;</span>true<span class="nt">&lt;/Delivered&gt;</span>
<span class="nt">&lt;AccessControlList&gt;</span>
<span class="nt">&lt;Grant&gt;</span>
<span class="nt">&lt;Grantee&gt;</span>
<span class="nt">&lt;ID&gt;</span>ID<span class="nt">&lt;/ID&gt;</span>
<span class="nt">&lt;/Grantee&gt;</span>
<span class="nt">&lt;Permission&gt;</span>permission<span class="nt">&lt;/Permission&gt;</span>
<span class="nt">&lt;/Grant&gt;</span>
<span class="nt">&lt;/AccessControlList&gt;</span>
<span class="nt">&lt;/AccessControlPolicy&gt;</span>
</pre></div>
</td></tr></table></div>
</div>
<div class="section" id="obs_04_0089__section26805765"><h4 class="sectiontitle">Request Parameters</h4><p id="obs_04_0089__p20701582"><a href="#obs_04_0089__table44298471191845">Table 1</a> describes the request parameters.</p>
<div class="tablenoborder"><a name="obs_04_0089__table44298471191845"></a><a name="table44298471191845"></a><table cellpadding="4" cellspacing="0" summary="" id="obs_04_0089__table44298471191845" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Request parameters</caption><thead align="left"><tr id="obs_04_0089__row25509231"><th align="left" class="cellrowborder" valign="top" width="22.220000000000002%" id="mcps1.3.4.3.2.4.1.1"><p id="obs_04_0089__p52981853">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="62.629999999999995%" id="mcps1.3.4.3.2.4.1.2"><p id="obs_04_0089__p36174163">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="15.15%" id="mcps1.3.4.3.2.4.1.3"><p id="obs_04_0089__p64290664">Mandatory</p>
</th>
</tr>
</thead>
<tbody><tr id="obs_04_0089__row25907270"><td class="cellrowborder" valign="top" width="22.220000000000002%" headers="mcps1.3.4.3.2.4.1.1 "><p id="obs_04_0089__p18114101">versionId</p>
</td>
<td class="cellrowborder" valign="top" width="62.629999999999995%" headers="mcps1.3.4.3.2.4.1.2 "><p id="obs_04_0089__p57956065">Object version ID. Object ACL of a specified version is to be changed.</p>
<p id="obs_04_0089__p51842537">Type: string</p>
</td>
<td class="cellrowborder" valign="top" width="15.15%" headers="mcps1.3.4.3.2.4.1.3 "><p id="obs_04_0089__p38495930">No</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="obs_04_0089__section39925296"><h4 class="sectiontitle">Request Headers</h4><p id="obs_04_0089__p31162620">This request uses common headers. For details, see <a href="obs_04_0007.html#obs_04_0007__table25197309">Table 3</a>.</p>
</div>
<div class="section" id="obs_04_0089__section23783351"><h4 class="sectiontitle">Request Elements</h4><p id="obs_04_0089__p34754188">The request message carries the ACL information of the object by using message elements. For the meanings of the elements, see <a href="#obs_04_0089__table6365150">Table 2</a>.</p>
<div class="tablenoborder"><a name="obs_04_0089__table6365150"></a><a name="table6365150"></a><table cellpadding="4" cellspacing="0" summary="" id="obs_04_0089__table6365150" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Request elements</caption><thead align="left"><tr id="obs_04_0089__row46397570"><th align="left" class="cellrowborder" valign="top" width="25.509999999999998%" id="mcps1.3.6.3.2.4.1.1"><p id="obs_04_0089__p106807">Element</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="41.839999999999996%" id="mcps1.3.6.3.2.4.1.2"><p id="obs_04_0089__p10753930">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="32.65%" id="mcps1.3.6.3.2.4.1.3"><p id="obs_04_0089__p54986906">Mandatory</p>
</th>
</tr>
</thead>
<tbody><tr id="obs_04_0089__row81162241151"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p011612411158">Owner</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p611620248154">Bucket owner information, including the ID</p>
<p id="obs_04_0089__p7278511155">Type: XML</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p811612418156">Yes</p>
</td>
</tr>
<tr id="obs_04_0089__row21463316"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p60807051">ID</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p26424127">Domain ID of a user.</p>
<p id="obs_04_0089__p36490555">Type: string</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p2944980">Yes</p>
</td>
</tr>
<tr id="obs_04_0089__row28071611121611"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p380716119168">Grant</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p138073114168">Container for the grantee and the granted permissions. A single object ACL can contain no more than 100 grants.</p>
<p id="obs_04_0089__p1963323112169">Type: XML</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p168071011121614">No</p>
</td>
</tr>
<tr id="obs_04_0089__row4485119164"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p10435131616"><span style="color:#252B3A;">Grantee</span></p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p4445114169">Container for the details about the grantee.</p>
<p id="obs_04_0089__p53916815177">Type: XML</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p55155378177">No</p>
</td>
</tr>
<tr id="obs_04_0089__row894715455174"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p15947204519171"><span style="color:#252B3A;">Canned</span></p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p315337111814">Grants permissions to all users.</p>
<p id="obs_04_0089__p515397121813">Value range: Everyone</p>
<p id="obs_04_0089__p1415347201812">Type: enumeration</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p642792581816">No</p>
</td>
</tr>
<tr id="obs_04_0089__row4036034411024"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p4238406111028">Delivered</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p1055692911028">Indicates whether an object ACL inherits the ACL of a bucket.</p>
<p id="obs_04_0089__p2790349711028">Type: boolean Default value: true</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p4559078011028">No</p>
</td>
</tr>
<tr id="obs_04_0089__row34127147"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p12835559">Permission</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p33047326">Authorized permission.</p>
<p id="obs_04_0089__p28990484">Type: enumeration</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p66527890">No</p>
</td>
</tr>
<tr id="obs_04_0089__row410314511813"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p61031045101817"><span style="color:#252B3A;">AccessControlList</span></p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p19103145161813">Indicates an ACL, which consists of three elements: <strong id="obs_04_0089__b8535103818590">Grant</strong>, <strong id="obs_04_0089__b165404382593">Grantee</strong>, and <strong id="obs_04_0089__b1554114383593">Permission</strong>.</p>
<p id="obs_04_0089__p11789616194">Type: XML</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p1971561191916">Yes</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="obs_04_0089__section12723569"><h4 class="sectiontitle">Response Syntax</h4><div class="codecoloring" codetype="Xml" id="obs_04_0089__screen46751052191012"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre>1
2
3</pre></div></td><td class="code"><div class="highlight"><pre><span></span>HTTP/1.1 status_code
Content-Length: length
Content-Type: application/xml
</pre></div>
</td></tr></table></div>
</div>
<div class="section" id="obs_04_0089__section47403265"><h4 class="sectiontitle">Response Headers</h4><p class="msonormal" id="obs_04_0089__p1512332591013">The response to the request uses common headers. For details, see <a href="obs_04_0013.html#obs_04_0013__d0e686">Table 1</a>.</p>
<p id="obs_04_0089__p44587388">In addition to the common response headers, the following message headers may also be used. For details, see <a href="#obs_04_0089__table21765641102739">Table 3</a>.</p>
<div class="tablenoborder"><a name="obs_04_0089__table21765641102739"></a><a name="table21765641102739"></a><table cellpadding="4" cellspacing="0" summary="" id="obs_04_0089__table21765641102739" frame="border" border="1" rules="all"><caption><b>Table 3 </b>Additional response header parameters</caption><thead align="left"><tr id="obs_04_0089__row52223563"><th align="left" class="cellrowborder" valign="top" width="40.400000000000006%" id="mcps1.3.8.4.2.3.1.1"><p id="obs_04_0089__p2250249">Header</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="59.599999999999994%" id="mcps1.3.8.4.2.3.1.2"><p id="obs_04_0089__p48052491">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="obs_04_0089__row67046586"><td class="cellrowborder" valign="top" width="40.400000000000006%" headers="mcps1.3.8.4.2.3.1.1 "><p id="obs_04_0089__p62064381">x-obs-version-id</p>
</td>
<td class="cellrowborder" valign="top" width="59.599999999999994%" headers="mcps1.3.8.4.2.3.1.2 "><p id="obs_04_0089__p61158973">Version number of the object whose ACL is to be modified.</p>
<p id="obs_04_0089__p13559847">Type: string</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="obs_04_0089__section23976207"><h4 class="sectiontitle">Response Elements</h4><p id="obs_04_0089__p24605804">This response involves no elements.</p>
</div>
<div class="section" id="obs_04_0089__section14459276"><h4 class="sectiontitle">Error Responses</h4><p id="obs_04_0089__p46913122">No special error responses are returned. For details about error responses, see <a href="obs_04_0115.html#obs_04_0115__d0e843">Table 2</a>.</p>
</div>
<div class="section" id="obs_04_0089__section817219485150"><h4 class="sectiontitle">Sample Request</h4><div class="codecoloring" codetype="Xml" id="obs_04_0089__screen11158432101718"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre> 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34</pre></div></td><td class="code"><div class="highlight"><pre><span></span>PUT /obj2?acl HTTP/1.1
User-Agent: curl/7.29.0
Host: examplebucket.obs.region.example.com
Accept: */*
Date: WED, 01 Jul 2015 04:42:34 GMT
Authorization: OBS H4IPJX0TQTHTHEBQQCEC:8xAODun1ofjkwHm8YhtN0QEcy9M=
Content-Length: 727
<span class="nt">&lt;AccessControlPolicy</span> <span class="na">xmlns=</span><span class="s">&quot;http://obs.example.com/doc/2015-06-30/&quot;</span><span class="nt">&gt;</span>
<span class="nt">&lt;Owner&gt;</span>
<span class="nt">&lt;ID&gt;</span>b4bf1b36d9ca43d984fbcb9491b6fce9<span class="nt">&lt;/ID&gt;</span>
<span class="nt">&lt;/Owner&gt;</span>
<span class="nt">&lt;Delivered&gt;</span>false<span class="nt">&lt;/Delivered&gt;</span>
<span class="nt">&lt;AccessControlList&gt;</span>
<span class="nt">&lt;Grant&gt;</span>
<span class="nt">&lt;Grantee&gt;</span>
<span class="nt">&lt;ID&gt;</span>b4bf1b36d9ca43d984fbcb9491b6fce9<span class="nt">&lt;/ID&gt;</span>
<span class="nt">&lt;/Grantee&gt;</span>
<span class="nt">&lt;Permission&gt;</span>FULL_CONTROL<span class="nt">&lt;/Permission&gt;</span>
<span class="nt">&lt;/Grant&gt;</span>
<span class="nt">&lt;Grant&gt;</span>
<span class="nt">&lt;Grantee&gt;</span>
<span class="nt">&lt;ID&gt;</span>783fc6652cf246c096ea836694f71855<span class="nt">&lt;/ID&gt;</span>
<span class="nt">&lt;/Grantee&gt;</span>
<span class="nt">&lt;Permission&gt;</span>READ<span class="nt">&lt;/Permission&gt;</span>
<span class="nt">&lt;/Grant&gt;</span>
<span class="nt">&lt;Grant&gt;</span>
<span class="nt">&lt;Grantee&gt;</span>
<span class="nt">&lt;Canned&gt;</span>Everyone<span class="nt">&lt;/Canned&gt;</span>
<span class="nt">&lt;/Grantee&gt;</span>
<span class="nt">&lt;Permission&gt;</span>READ<span class="nt">&lt;/Permission&gt;</span>
<span class="nt">&lt;/Grant&gt;</span>
<span class="nt">&lt;/AccessControlList&gt;</span>
<span class="nt">&lt;/AccessControlPolicy&gt;</span>
</pre></div>
</td></tr></table></div>
</div>
<div class="section" id="obs_04_0089__section1981019229519"><h4 class="sectiontitle">Sample Response</h4><div class="codecoloring" codetype="Xml" id="obs_04_0089__screen9931193585114"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre>1
2
3
4
5
6</pre></div></td><td class="code"><div class="highlight"><pre><span></span>HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 8DF400000163D3F0FD2A03D2D30B0542
x-obs-id-2: 32AAAUgAIAABAAAQAAEAABAAAQAAEAABCTjCqTmsA1XRpIrmrJdvcEWvZyjbztdd
Date: WED, 01 Jul 2015 04:42:34 GMT
Content-Length: 0
</pre></div>
</td></tr></table></div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="obs_04_0079.html">Operations on Objects</a></div>
</div>
</div>
View Git Blame Copy Permalink