• Object Storage Service

obs
  1. Help Center
  2. Object Storage Service
  3. Developer Guide (Python SDK)
  4. Versioning Management
  5. Setting or Obtaining a Versioning Object ACL

Setting or Obtaining a Versioning Object ACL

Directly Setting a Versioning Object ACL

You can call ObsClient.setObjectAcl to pass the version ID (versionId) to set the ACL for a versioning object. Sample code is as follows:

# Import the module.
from com.obs.client.obs_client import ObsClient
 
# Create an instance of ObsClient.
obsClient = ObsClient(
    access_key_id='*** Provide your Access Key ***',    
    secret_access_key='*** Provide your Secret Key ***',    
    server='yourdomainname'
)

# Set the versioning object ACL to public-read by specifying the pre-defined access control policy.
resp = obsClient.setObjectAcl('bucketname', 'objectkey', aclControl='public-read', versionId='versionid')
if resp.status < 300:    
    print('requestId:', resp.requestId)
else:    
    print('errorCode:', resp.errorCode)    
    print('errorMessage:', resp.errorMessage)

from com.obs.models.acl import ACL
from com.obs.models.owner import Owner
from com.obs.models.grant import Grant, Permission
from com.obs.models.grantee import Grantee, Group
owner = Owner(owner_id='ownerid', owner_name='ownername')

# Grant all permissions to a specified user.
grant0 = Grant(grantee=Grantee(grantee_id='userid', grantee_name='username'), permission=Permission.FULL_CONTROL) 

# Grant the READ permission to all users.
grant1 = Grant(grantee=Grantee(group=Group.ALL_USERE), permission=Permission.READ) 

# Grant the WRITE permission to authorized users.
grant2 = Grant(grantee=Grantee(group=Group.ALL_USERE), permission=Permission.WRITE) 
acl = ACL(owner=owner, grants=[grant0, grant1, grant2])

# Set ACL for a specified versioning object.
resp = obsClient.setObjectAcl('bucketname', 'objectkey', acl=acl, versionId='versionid')
if resp.status < 300:    
    print('requestId:', resp.requestId)
else:    
    print('errorCode:', resp.errorCode)    
    print('errorMessage:', resp.errorMessage)
NOTE:
  • The owner or grantee ID needed in the ACL indicates the account ID, which can be viewed on the My Credential page of OBS Console.
  • OBS objects support two types of grantee group:
    • Authorized users: http://acs.amazonaws.com/groups/global/AuthenticatedUsers
    • All users: http://acs.amazonaws.com/groups/global/AllUsers

Obtaining a Versioning Object ACL

You can call ObsClient.getObjectAcl to pass the version ID (versionId) to obtain the ACL of a versioning object. Sample code is as follows:

# Import the module.
from com.obs.client.obs_client import ObsClient
 
# Create an instance of ObsClient.
obsClient = ObsClient(
    access_key_id='*** Provide your Access Key ***',    
    secret_access_key='*** Provide your Secret Key ***',    
    server='yourdomainname'
)

resp = obsClient.getObjectAcl('bucketname', 'objectkey', versionId='versionid')
if resp.status < 300:
    print('requestId:', resp.requestId)
    print('owner_id:', resp.body.owner.owner_id)
    print('owner_name:', resp.body.owner.owner_name)
    index = 1    
    for grant in resp.body.grants:        
        print('grant [' + str(index) + ']')        
        print('grantee_id:', grant.grantee.grantee_id)        
        print('grantee_name:', grant.grantee.grantee_name)        
        print('group:', grant.grantee.group)        
        print('permission:', grant.permission)        
        index += 1
else:
    print('errorCode:', resp.errorCode)
    print('errorMessage:', resp.errorMessage)