从Appengine(JAVA)更改Google Cloud Storage的ACL [英] Changing ACL for Google Cloud Storage from Appengine (JAVA)
本文介绍了从Appengine(JAVA)更改Google Cloud Storage的ACL的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
是否可以使用appengine Api更改Google Cloud Storage对象(或存储桶)的ACL?我知道这可以使用REST API来完成,但是在appengine的Files Api中是否支持这个功能?可以在使用GSFileObject创建新对象时设置它们,但是您可以更改现有对象吗?
您可以使用< href =https://developers.google.com/appengine/docs/python/urlfetch/fetchfunction =nofollow> urlfetch.fetch 和 app_identity.get_access_token 轻松发送 $ bPython:
#auth #oauthrel =nofollow>已认证的请求到REST api。 pre class =lang-py prettyprint-override>
from google.appengine.api import app_identity $ b $ from google.appengine.api import urlfetch
acl_xml =
< AccessControlList><条目>
<条目>
< Scope type =UserByEmail>> foo@example.com< / Scope>
< Permission> READ< / Permission>
< / Entry>
< /条目>< / AccessControlList>
scope ='https://www.googleapis.com/auth/devstorage.full_control'
token = app_identity.get_access_token(范围)
response = urlfetch。获取(
'http://storage.googleapis.com/bucket/obj?acl',
method = urlfetch.PUT,
payload = acl_xml,
headers = {'授权':'OAuth%s'%token})
Java:
import com.google.appengine.api.appidentity.AppIdentityService;
import com.google.appengine.api。 appidentity.AppIdentityServiceFactory;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.ArrayList;
public String setAcl()抛出异常{
//将foo@example.com更改为有效的电子邮件
//根据需要重复< Entry />多次。
String xmlString =;
xmlString + =< AccessControlList>< Entries>;
xmlString + =< Entry>;
xmlString + =< Scope type = \UserByEmail \> foo@example.com< / Scope>;
xmlString + =< Permission> READ< / Permission>;
xmlString + =< / Entry>;
xmlString + =< /条目>< / AccessControlList>;
ArrayList scopes = new ArrayList();
scopes.add(https://www.googleapis.com/auth/devstorage.full_control);
AppIdentityService.GetAccessTokenResult accessToken =
AppIdentityServiceFactory.getAppIdentityService()。getAccessToken(scopes);
//将bucket和obj更改为感兴趣的存储桶和对象。
网址url =新网址(https://storage.googleapis.com/bucket/obj?acl);
HttpURLConnection连接=(HttpURLConnection)url.openConnection();
connection.setDoOutput(true);
connection.setRequestMethod(PUT);
connection.addRequestProperty(
授权,OAuth+ accessToken.getAccessToken());
OutputStreamWriter writer = new OutputStreamWriter(connection.getOutputStream());
writer.write(xmlString);
writer.close();
if(connection.getResponseCode()!= HttpURLConnection.HTTP_OK){
throw new Exception();
更多信息
- Python: https:/ /developers.google.com/appengine/docs/python/appidentity/overview
- Java: https://developers.google.com/appengine/docs/java/appidentity/overview
- 相关的oauth范围: https://developers.google.com/storage/docs/authentication#oauth
Is it possible to change the ACLs of Google Cloud Storage objects(or buckets) using the appengine Api? I understand that this can be done using the REST API, but is there support for this in the Files Api in appengine? They can be set when creating a new object using GSFileObject, however can you change on existing objects??
解决方案 You can use urlfetch.fetch and app_identity.get_access_token to easily send an authenticated request to the REST api.
Python:
from google.appengine.api import app_identity
from google.appengine.api import urlfetch
acl_xml = """
<AccessControlList><Entries>
<Entry>
<Scope type="UserByEmail">foo@example.com</Scope>
<Permission>READ</Permission>
</Entry>
</Entries></AccessControlList>
"""
scope = 'https://www.googleapis.com/auth/devstorage.full_control'
token = app_identity.get_access_token(scope)
response = urlfetch.fetch(
'http://storage.googleapis.com/bucket/obj?acl',
method=urlfetch.PUT,
payload=acl_xml,
headers={'Authorization': 'OAuth %s' % token})
Java:
import com.google.appengine.api.appidentity.AppIdentityService;
import com.google.appengine.api.appidentity.AppIdentityServiceFactory;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.ArrayList;
public String setAcl() throws Exception {
// Change foo@example.com to a valid email.
// Repeat <Entry/> as many times as necessary.
String xmlString = "";
xmlString += "<AccessControlList><Entries>";
xmlString += " <Entry>";
xmlString += " <Scope type=\"UserByEmail\">foo@example.com</Scope>";
xmlString += " <Permission>READ</Permission>";
xmlString += " </Entry>";
xmlString += "</Entries></AccessControlList>";
ArrayList scopes = new ArrayList();
scopes.add("https://www.googleapis.com/auth/devstorage.full_control");
AppIdentityService.GetAccessTokenResult accessToken =
AppIdentityServiceFactory.getAppIdentityService().getAccessToken(scopes);
// Change bucket and obj to the bucket and object of interest.
URL url = new URL("https://storage.googleapis.com/bucket/obj?acl");
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setDoOutput(true);
connection.setRequestMethod("PUT");
connection.addRequestProperty(
"Authorization", "OAuth " + accessToken.getAccessToken());
OutputStreamWriter writer = new OutputStreamWriter(connection.getOutputStream());
writer.write(xmlString);
writer.close();
if (connection.getResponseCode() != HttpURLConnection.HTTP_OK) {
throw new Exception();
}
}
More info:
- Python: https://developers.google.com/appengine/docs/python/appidentity/overview
- Java: https://developers.google.com/appengine/docs/java/appidentity/overview
- Relevant oauth scopes: https://developers.google.com/storage/docs/authentication#oauth
这篇关于从Appengine(JAVA)更改Google Cloud Storage的ACL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文