git-svn-id: https://s3tools.svn.sourceforge.net/svnroot/s3tools/s3cmd/trunk@327 830e0280-6d2a-0410-9c65-932aecc39d9d
Michal Ludvig authored on 2009/01/06 21:02:11... | ... |
@@ -1,5 +1,7 @@ |
1 | 1 |
2009-01-07 Michal Ludvig <michal@logix.cz> |
2 | 2 |
|
3 |
+ * S3/ACL.py: New object for handling ACL issues. |
|
4 |
+ * S3/S3.py: Moved most of S3.get_acl() to ACL class. |
|
3 | 5 |
* S3/Utils.py: Reworked XML helpers - remove XMLNS before |
4 | 6 |
parsing the input XML to avoid having all Tags prefixed |
5 | 7 |
with {XMLNS} by ElementTree. |
6 | 8 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,74 @@ |
0 |
+## Amazon S3 - Access Control List representation |
|
1 |
+## Author: Michal Ludvig <michal@logix.cz> |
|
2 |
+## http://www.logix.cz/michal |
|
3 |
+## License: GPL Version 2 |
|
4 |
+ |
|
5 |
+from Utils import * |
|
6 |
+ |
|
7 |
+try: |
|
8 |
+ import xml.etree.ElementTree as ET |
|
9 |
+except ImportError: |
|
10 |
+ import elementtree.ElementTree as ET |
|
11 |
+ |
|
12 |
+class ACL(object): |
|
13 |
+ EMPTY_ACL = """ |
|
14 |
+ <AccessControlPolicy> |
|
15 |
+ <AccessControlList> |
|
16 |
+ </AccessControlList> |
|
17 |
+ </AccessControlPolicy> |
|
18 |
+ """ |
|
19 |
+ GRANT_PUBLIC_READ = """ |
|
20 |
+ <Grant> |
|
21 |
+ <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group"> |
|
22 |
+ <URI>http://acs.amazonaws.com/groups/global/AllUsers</URI> |
|
23 |
+ </Grantee> |
|
24 |
+ <Permission>READ</Permission> |
|
25 |
+ </Grant> |
|
26 |
+ """ |
|
27 |
+ def __init__(self, xml = None): |
|
28 |
+ if not xml: |
|
29 |
+ xml = ACL.EMPTY_ACL |
|
30 |
+ self.tree = getTreeFromXml(xml) |
|
31 |
+ |
|
32 |
+ def getGrants(self): |
|
33 |
+ acl = {} |
|
34 |
+ for grant in self.tree.findall(".//Grant"): |
|
35 |
+ grantee = grant.find(".//Grantee") |
|
36 |
+ grantee = dict([(tag.tag, tag.text) for tag in grant.find(".//Grantee")]) |
|
37 |
+ if grantee.has_key('DisplayName'): |
|
38 |
+ user = grantee['DisplayName'] |
|
39 |
+ elif grantee.has_key('URI'): |
|
40 |
+ user = grantee['URI'] |
|
41 |
+ if user == 'http://acs.amazonaws.com/groups/global/AllUsers': |
|
42 |
+ user = "*anon*" |
|
43 |
+ else: |
|
44 |
+ user = grantee[grantee.keys()[0]] |
|
45 |
+ acl[user] = grant.find('Permission').text |
|
46 |
+ return acl |
|
47 |
+ |
|
48 |
+if __name__ == "__main__": |
|
49 |
+ xml = """<?xml version="1.0" encoding="UTF-8"?> |
|
50 |
+<AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> |
|
51 |
+<Owner> |
|
52 |
+ <ID>12345678901234567890</ID> |
|
53 |
+ <DisplayName>owner-nickname</DisplayName> |
|
54 |
+</Owner> |
|
55 |
+<AccessControlList> |
|
56 |
+ <Grant> |
|
57 |
+ <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"> |
|
58 |
+ <ID>12345678901234567890</ID> |
|
59 |
+ <DisplayName>owner-nickname</DisplayName> |
|
60 |
+ </Grantee> |
|
61 |
+ <Permission>FULL_CONTROL</Permission> |
|
62 |
+ </Grant> |
|
63 |
+ <Grant> |
|
64 |
+ <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="Group"> |
|
65 |
+ <URI>http://acs.amazonaws.com/groups/global/AllUsers</URI> |
|
66 |
+ </Grantee> |
|
67 |
+ <Permission>READ</Permission> |
|
68 |
+ </Grant> |
|
69 |
+</AccessControlList> |
|
70 |
+</AccessControlPolicy> |
|
71 |
+ """ |
|
72 |
+ acl = ACL(xml) |
|
73 |
+ print acl.getGrants() |
... | ... |
@@ -25,6 +25,7 @@ from SortedDict import SortedDict |
25 | 25 |
from BidirMap import BidirMap |
26 | 26 |
from Config import Config |
27 | 27 |
from Exceptions import * |
28 |
+from ACL import ACL |
|
28 | 29 |
|
29 | 30 |
class S3(object): |
30 | 31 |
http_methods = BidirMap( |
... | ... |
@@ -250,19 +251,10 @@ class S3(object): |
250 | 250 |
request = self.create_request("OBJECT_GET", uri = uri, extra = "?acl") |
251 | 251 |
else: |
252 | 252 |
request = self.create_request("BUCKET_LIST", bucket = uri.bucket(), extra = "?acl") |
253 |
- acl = {} |
|
253 |
+ |
|
254 | 254 |
response = self.send_request(request) |
255 |
- grants = getListFromXml(response['data'], "Grant") |
|
256 |
- for grant in grants: |
|
257 |
- if grant['Grantee'][0].has_key('DisplayName'): |
|
258 |
- user = grant['Grantee'][0]['DisplayName'] |
|
259 |
- if grant['Grantee'][0].has_key('URI'): |
|
260 |
- user = grant['Grantee'][0]['URI'] |
|
261 |
- if user == 'http://acs.amazonaws.com/groups/global/AllUsers': |
|
262 |
- user = "*anon*" |
|
263 |
- perm = grant['Permission'] |
|
264 |
- acl[user] = perm |
|
265 |
- return acl |
|
255 |
+ acl = ACL(response['data']) |
|
256 |
+ return acl.getGrants() |
|
266 | 257 |
|
267 | 258 |
## Low level methods |
268 | 259 |
def urlencode_string(self, string): |