Obtaining Object ACL Configuration

Functions

The implementation of this operation returns the ACL configuration of an object. You can perform this operation to view the ACL of an object, as long as you have the read permission for the object ACL.

Versioning

By default, this operation obtains the ACL of the latest version of an object. If the object has a delete marker, status code 404 is returned. To obtain the ACL of a specified version, the versionId parameter can be used to specify the desired version.

Request Syntax

GET /ObjectName?acl HTTP/1.1
Host: bucketname.obs.region.example.com
Date: date
Authorization: authorization

Request Parameters

The request parameter specifies the object ACL to be obtained. For details about the parameters, see Table 1.

Table 1 Request parameters

Parameter

Description

Mandatory

versionId

Version number of an object.

Type: string

No

Request Headers

This request uses common headers. For details, see Table 3.

Request Elements

This request involves no elements.

Response Syntax

HTTP/1.1 status_code
Date: date
Content-Length: length
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AccessControlPolicy xmlns="http://obs.region.example.com/doc/2015-06-30/">
    <Owner>
        <ID>id</ID>
    </Owner>
    <Delivered>true</Delivered>
    <AccessControlList>
        <Grant>
            <Grantee>
                <ID>id</ID>
            </Grantee>
            <Permission>permission</Permission>
        </Grant>
    </AccessControlList>
</AccessControlPolicy>

Response Headers

The response to the request uses common headers. For details, see Table 1.

In addition to the common response headers, the headers listed in Table 2 may be used.

Table 2 Additional response header

Header

Description

x-obs-version-id

Version number of an object.

Valid value: string

Default value: none

Response Elements

The response message of the request returns the ACL information of the object. Table 3 describes the elements.

Table 3 Response elements

Element

Description

ID

User account ID

Type: string

AccessControlList

List of users and their permissions for the bucket.

Type: XML

Grant

Identifies the grantee and the permissions of the grantee.

Type: XML

Grantee

Container for the details about the grantee.

Type: XML

Delivered

Indicates whether an object ACL inherits the ACL of a bucket.

Type: boolean

Permission

Permissions of a specified user for the bucket.

Type: string

Error Responses

No special error responses are returned. For details about error responses, see Table 2.

Sample Request

GET /object011?acl HTTP/1.1
User-Agent: curl/7.29.0
Host: examplebucket.obs.region.example.com
Accept: */*
Date: WED, 01 Jul 2015 04:45:55 GMT
Authorization: OBS H4IPJX0TQTHTHEBQQCEC:YcmvNQxItGjFeeC1K2HeUEp8MMM=

Sample Response

HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 8DF400000163D3E650F3065C2295674C
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS+wsHqRuA2Tx+mXUpNtBbWLPMle9CIx
Content-Type: application/xml
Date: WED, 01 Jul 2015 04:45:55 GMT
Content-Length: 769

<?xml version="1.0" encoding="utf-8"?>
<AccessControlPolicy xmlns="http://obs.region.example.com/doc/2015-06-30/">
  <Owner>
    <ID>b4bf1b36d9ca43d984fbcb9491b6fce9</ID>
  </Owner>
  <Delivered>false</Delivered>
  <AccessControlList>
    <Grant>
      <Grantee>
        <ID>b4bf1b36d9ca43d984fbcb9491b6fce9</ID>
      </Grantee>
      <Permission>FULL_CONTROL</Permission>
    </Grant>
    <Grant>
      <Grantee>
        <ID>783fc6652cf246c096ea836694f71855</ID>
      </Grantee>
      <Permission>READ</Permission>
      </Grant>
    <Grant>
      <Grantee>
        <Canned>Everyone</Canned>
      </Grantee>
      <Permission>READ_ACP</Permission>
    </Grant>
  </AccessControlList>
</AccessControlPolicy>