youjiageng1/doc-exports
1
0
Fork 0
forked from laiweijian4/doc-exports
Code Pull Requests Activity
doc-exports/docs/obs/api-ref/obs_04_0089.html
zhangyue f61b26432c OBS API DOC 
Reviewed-by: Sabelnikov, Dmitriy <dmitriy.sabelnikov@t-systems.com>
Co-authored-by: zhangyue <zhangyue164@huawei.com>
Co-committed-by: zhangyue <zhangyue164@huawei.com>
2023-07-25 08:23:43 +00:00

281 lines
21 KiB
HTML
Raw Blame History

<a name="obs_04_0089"></a><a name="obs_04_0089"></a>
<h1 class="topictitle1">Configuring an Object ACL</h1>
<div id="body4721024"><div class="section" id="obs_04_0089__section5584184924715"><h4 class="sectiontitle">Functions</h4><p id="obs_04_0089__p9640200">OBS supports the control of access permission for objects. By default, only the object creator has the read and write permissions for the object. However, the creator can set a public access policy to assign the read permission to all other users. Even if the ACL is configured for an object encrypted in the SSE-KMS mode, the inter-tenant access is unavailable.</p>
<p id="obs_04_0089__p19652939">You can set an access control policy when uploading an object or make a call of an API operation to modify or obtain the object ACL. An object ACL supports a maximum of 100 grants.</p>
<p id="obs_04_0089__p42658724">This section explains how to modify an object ACL and change access permission on an object.</p>
</div>
<div class="section" id="obs_04_0089__section48384196"><h4 class="sectiontitle">Versioning</h4><p id="obs_04_0089__p46858659">By default, this operation modifies the ACL of the latest version of an object. To specify a specified version, the request can carry the <strong id="obs_04_0089__b4568647191517">versionId</strong> parameter.</p>
</div>
<div class="section" id="obs_04_0089__section32804580"><h4 class="sectiontitle">Request Syntax</h4><div class="codecoloring" codetype="Xml" id="obs_04_0089__screen15997160"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span></pre></div></td><td class="code"><div><pre><span></span>PUT<span class="w"> </span>/ObjectName?acl<span class="w"> </span>HTTP/1.1<span class="w"> </span>
Host:<span class="w"> </span>bucketname.obs.region.example.com
Date:<span class="w"> </span>date
Authorization:<span class="w"> </span>authorization
<span class="nt">&lt;AccessControlPolicy&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Owner&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;ID&gt;</span>ID<span class="nt">&lt;/ID&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/Owner&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Delivered&gt;</span>true<span class="nt">&lt;/Delivered&gt;</span>
<span class="w"> </span><span class="nt">&lt;AccessControlList&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Grant&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Grantee&gt;</span>
<span class="w"> </span><span class="nt">&lt;ID&gt;</span>ID<span class="nt">&lt;/ID&gt;</span>
<span class="w"> </span><span class="nt">&lt;/Grantee&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Permission&gt;</span>permission<span class="nt">&lt;/Permission&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/Grant&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/AccessControlList&gt;</span><span class="w"> </span>
<span class="nt">&lt;/AccessControlPolicy&gt;</span>
</pre></div></td></tr></table></div>
</div>
</div>
<div class="section" id="obs_04_0089__section26805765"><h4 class="sectiontitle">Request Parameters</h4><p id="obs_04_0089__p20701582"><a href="#obs_04_0089__table44298471191845">Table 1</a> describes the request parameters.</p>
<div class="tablenoborder"><a name="obs_04_0089__table44298471191845"></a><a name="table44298471191845"></a><table cellpadding="4" cellspacing="0" summary="" id="obs_04_0089__table44298471191845" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Request parameters</caption><thead align="left"><tr id="obs_04_0089__row25509231"><th align="left" class="cellrowborder" valign="top" width="22.220000000000002%" id="mcps1.3.4.3.2.4.1.1"><p id="obs_04_0089__p52981853">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="62.629999999999995%" id="mcps1.3.4.3.2.4.1.2"><p id="obs_04_0089__p36174163">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="15.15%" id="mcps1.3.4.3.2.4.1.3"><p id="obs_04_0089__p64290664">Mandatory</p>
</th>
</tr>
</thead>
<tbody><tr id="obs_04_0089__row25907270"><td class="cellrowborder" valign="top" width="22.220000000000002%" headers="mcps1.3.4.3.2.4.1.1 "><p id="obs_04_0089__p18114101">versionId</p>
</td>
<td class="cellrowborder" valign="top" width="62.629999999999995%" headers="mcps1.3.4.3.2.4.1.2 "><p id="obs_04_0089__p57956065">Object version ID. Object ACL of a specified version is to be changed.</p>
<p id="obs_04_0089__p51842537">Type: string</p>
</td>
<td class="cellrowborder" valign="top" width="15.15%" headers="mcps1.3.4.3.2.4.1.3 "><p id="obs_04_0089__p38495930">No</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="obs_04_0089__section39925296"><h4 class="sectiontitle">Request Headers</h4><p id="obs_04_0089__p31162620">This request uses common headers. For details, see <a href="obs_04_0007.html#obs_04_0007__table25197309">Table 3</a>.</p>
</div>
<div class="section" id="obs_04_0089__section23783351"><h4 class="sectiontitle">Request Elements</h4><p id="obs_04_0089__p34754188">The request message carries the ACL information of the object by using message elements. For the meanings of the elements, see <a href="#obs_04_0089__table6365150">Table 2</a>.</p>
<div class="tablenoborder"><a name="obs_04_0089__table6365150"></a><a name="table6365150"></a><table cellpadding="4" cellspacing="0" summary="" id="obs_04_0089__table6365150" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Request elements</caption><thead align="left"><tr id="obs_04_0089__row46397570"><th align="left" class="cellrowborder" valign="top" width="25.509999999999998%" id="mcps1.3.6.3.2.4.1.1"><p id="obs_04_0089__p106807">Element</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="41.839999999999996%" id="mcps1.3.6.3.2.4.1.2"><p id="obs_04_0089__p10753930">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="32.65%" id="mcps1.3.6.3.2.4.1.3"><p id="obs_04_0089__p54986906">Mandatory</p>
</th>
</tr>
</thead>
<tbody><tr id="obs_04_0089__row81162241151"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p011612411158">Owner</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p611620248154">Bucket owner information, including the ID</p>
<p id="obs_04_0089__p7278511155">Type: XML</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p811612418156">Yes</p>
</td>
</tr>
<tr id="obs_04_0089__row21463316"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p60807051">ID</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p26424127">Domain ID of a user.</p>
<p id="obs_04_0089__p36490555">Type: string</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p2944980">Yes</p>
</td>
</tr>
<tr id="obs_04_0089__row28071611121611"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p380716119168">Grant</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p138073114168">Container for the grantee and the granted permissions. A single object ACL can contain no more than 100 grants.</p>
<p id="obs_04_0089__p1963323112169">Type: XML</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p168071011121614">No</p>
</td>
</tr>
<tr id="obs_04_0089__row4485119164"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p10435131616"><span style="color:#252B3A;">Grantee</span></p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p4445114169">Container for the details about the grantee.</p>
<p id="obs_04_0089__p53916815177">Type: XML</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p55155378177">No</p>
</td>
</tr>
<tr id="obs_04_0089__row894715455174"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p15947204519171"><span style="color:#252B3A;">Canned</span></p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p315337111814">Grants permissions to all users.</p>
<p id="obs_04_0089__p515397121813">Value range: Everyone</p>
<p id="obs_04_0089__p1415347201812">Type: string</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p642792581816">No</p>
</td>
</tr>
<tr id="obs_04_0089__row4036034411024"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p4238406111028">Delivered</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p1055692911028">Indicates whether an object ACL inherits the ACL of a bucket.</p>
<p id="obs_04_0089__p1688752415154">Type: boolean</p>
<p id="obs_04_0089__p2790349711028">Default value: <strong id="obs_04_0089__b1963623817542">true</strong></p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p4559078011028">No</p>
</td>
</tr>
<tr id="obs_04_0089__row34127147"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p12835559">Permission</p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p33047326">Authorized permission.</p>
<p id="obs_04_0089__p189461810103910">Value options: <strong id="obs_04_0089__b53722408526">READ</strong>, <strong id="obs_04_0089__b337354012524">READ_ACP</strong>, <strong id="obs_04_0089__b23751740145215">WRITE_ACP</strong>, <strong id="obs_04_0089__b13375124005210">FULL_CONTROL</strong></p>
<p id="obs_04_0089__p28990484">Type: string</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p66527890">No</p>
</td>
</tr>
<tr id="obs_04_0089__row410314511813"><td class="cellrowborder" valign="top" width="25.509999999999998%" headers="mcps1.3.6.3.2.4.1.1 "><p id="obs_04_0089__p61031045101817"><span style="color:#252B3A;">AccessControlList</span></p>
</td>
<td class="cellrowborder" valign="top" width="41.839999999999996%" headers="mcps1.3.6.3.2.4.1.2 "><p id="obs_04_0089__p19103145161813">Indicates an ACL, which consists of three elements: <strong id="obs_04_0089__b8535103818590">Grant</strong>, <strong id="obs_04_0089__b165404382593">Grantee</strong>, and <strong id="obs_04_0089__b1554114383593">Permission</strong>.</p>
<p id="obs_04_0089__p11789616194">Type: XML</p>
</td>
<td class="cellrowborder" valign="top" width="32.65%" headers="mcps1.3.6.3.2.4.1.3 "><p id="obs_04_0089__p1971561191916">Yes</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="obs_04_0089__section12723569"><h4 class="sectiontitle">Response Syntax</h4><div class="codecoloring" codetype="Xml" id="obs_04_0089__screen46751052191012"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span></pre></div></td><td class="code"><div><pre><span></span>HTTP/1.1<span class="w"> </span>status_code
Content-Length:<span class="w"> </span>length
Content-Type:<span class="w"> </span>application/xml
</pre></div></td></tr></table></div>
</div>
</div>
<div class="section" id="obs_04_0089__section47403265"><h4 class="sectiontitle">Response Headers</h4><p class="msonormal" id="obs_04_0089__p1512332591013">The response to the request uses common headers. For details, see <a href="obs_04_0013.html#obs_04_0013__d0e686">Table 1</a>.</p>
<p id="obs_04_0089__p44587388">In addition to the common response headers, the following message headers may also be used. For details, see <a href="#obs_04_0089__table21765641102739">Table 3</a>.</p>
<div class="tablenoborder"><a name="obs_04_0089__table21765641102739"></a><a name="table21765641102739"></a><table cellpadding="4" cellspacing="0" summary="" id="obs_04_0089__table21765641102739" frame="border" border="1" rules="all"><caption><b>Table 3 </b>Additional response header parameters</caption><thead align="left"><tr id="obs_04_0089__row52223563"><th align="left" class="cellrowborder" valign="top" width="40.400000000000006%" id="mcps1.3.8.4.2.3.1.1"><p id="obs_04_0089__p2250249">Header</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="59.599999999999994%" id="mcps1.3.8.4.2.3.1.2"><p id="obs_04_0089__p48052491">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="obs_04_0089__row67046586"><td class="cellrowborder" valign="top" width="40.400000000000006%" headers="mcps1.3.8.4.2.3.1.1 "><p id="obs_04_0089__p62064381">x-obs-version-id</p>
</td>
<td class="cellrowborder" valign="top" width="59.599999999999994%" headers="mcps1.3.8.4.2.3.1.2 "><p id="obs_04_0089__p61158973">Version number of the object whose ACL is to be modified.</p>
<p id="obs_04_0089__p13559847">Type: string</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="obs_04_0089__section23976207"><h4 class="sectiontitle">Response Elements</h4><p id="obs_04_0089__p24605804">This response involves no elements.</p>
</div>
<div class="section" id="obs_04_0089__section14459276"><h4 class="sectiontitle">Error Responses</h4><p id="obs_04_0089__p46913122">No special error responses are returned. For details about error responses, see <a href="obs_04_0115.html#obs_04_0115__d0e843">Table 2</a>.</p>
</div>
<div class="section" id="obs_04_0089__section817219485150"><h4 class="sectiontitle">Sample Request</h4><div class="codecoloring" codetype="Xml" id="obs_04_0089__screen11158432101718"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span>
<span class="normal">24</span>
<span class="normal">25</span>
<span class="normal">26</span>
<span class="normal">27</span>
<span class="normal">28</span>
<span class="normal">29</span>
<span class="normal">30</span>
<span class="normal">31</span>
<span class="normal">32</span>
<span class="normal">33</span>
<span class="normal">34</span></pre></div></td><td class="code"><div><pre><span></span>PUT<span class="w"> </span>/obj2?acl<span class="w"> </span>HTTP/1.1
User-Agent:<span class="w"> </span>curl/7.29.0
Host:<span class="w"> </span>examplebucket.obs.region.example.com
Accept:<span class="w"> </span>*/*
Date:<span class="w"> </span>WED,<span class="w"> </span>01<span class="w"> </span>Jul<span class="w"> </span>2015<span class="w"> </span>04:42:34<span class="w"> </span>GMT
Authorization:<span class="w"> </span>OBS<span class="w"> </span>H4IPJX0TQTHTHEBQQCEC:8xAODun1ofjkwHm8YhtN0QEcy9M=
Content-Length:<span class="w"> </span>727
<span class="nt">&lt;AccessControlPolicy</span><span class="w"> </span><span class="na">xmlns=</span><span class="s">&quot;http://obs.example.com/doc/2015-06-30/&quot;</span><span class="nt">&gt;</span>
<span class="w"> </span><span class="nt">&lt;Owner&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;ID&gt;</span>b4bf1b36d9ca43d984fbcb9491b6fce9<span class="nt">&lt;/ID&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/Owner&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Delivered&gt;</span>false<span class="nt">&lt;/Delivered&gt;</span>
<span class="w"> </span><span class="nt">&lt;AccessControlList&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Grant&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Grantee&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;ID&gt;</span>b4bf1b36d9ca43d984fbcb9491b6fce9<span class="nt">&lt;/ID&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/Grantee&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Permission&gt;</span>FULL_CONTROL<span class="nt">&lt;/Permission&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/Grant&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Grant&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Grantee&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;ID&gt;</span>783fc6652cf246c096ea836694f71855<span class="nt">&lt;/ID&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/Grantee&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Permission&gt;</span>READ<span class="nt">&lt;/Permission&gt;</span>
<span class="w"> </span><span class="nt">&lt;/Grant&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Grant&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Grantee&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Canned&gt;</span>Everyone<span class="nt">&lt;/Canned&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/Grantee&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;Permission&gt;</span>READ<span class="nt">&lt;/Permission&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/Grant&gt;</span><span class="w"> </span>
<span class="w"> </span><span class="nt">&lt;/AccessControlList&gt;</span><span class="w"> </span>
<span class="nt">&lt;/AccessControlPolicy&gt;</span>
</pre></div></td></tr></table></div>
</div>
</div>
<div class="section" id="obs_04_0089__section1981019229519"><h4 class="sectiontitle">Sample Response</h4><div class="codecoloring" codetype="Xml" id="obs_04_0089__screen9931193585114"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span></pre></div></td><td class="code"><div><pre><span></span>HTTP/1.1<span class="w"> </span>200<span class="w"> </span>OK
Server:<span class="w"> </span>OBS
x-obs-request-id:<span class="w"> </span>8DF400000163D3F0FD2A03D2D30B0542
x-obs-id-2:<span class="w"> </span>32AAAUgAIAABAAAQAAEAABAAAQAAEAABCTjCqTmsA1XRpIrmrJdvcEWvZyjbztdd
Date:<span class="w"> </span>WED,<span class="w"> </span>01<span class="w"> </span>Jul<span class="w"> </span>2015<span class="w"> </span>04:42:34<span class="w"> </span>GMT
Content-Length:<span class="w"> </span>0
</pre></div></td></tr></table></div>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="obs_04_0079.html">Operations on Objects</a></div>
</div>
</div>
View Git Blame Copy Permalink