git-svn-id: https://s3tools.svn.sourceforge.net/svnroot/s3tools/s3cmd/trunk@407 830e0280-6d2a-0410-9c65-932aecc39d9d
Michal Ludvig authored on 2010/05/20 19:26:53... | ... |
@@ -1,5 +1,10 @@ |
1 | 1 |
2010-05-20 Michal Ludvig <mludvig@logix.net.nz> |
2 | 2 |
|
3 |
+ * s3cmd, S3/ACL.py, S3/Config.py: Support for --acl-grant |
|
4 |
+ and --acl-revoke (contributed by Timothee Linden) |
|
5 |
+ |
|
6 |
+2010-05-20 Michal Ludvig <mludvig@logix.net.nz> |
|
7 |
+ |
|
3 | 8 |
* S3/Exceptions.py, S3/S3.py: Some HTTP_400 exceptions |
4 | 9 |
are retriable. |
5 | 10 |
|
... | ... |
@@ -129,6 +129,56 @@ class ACL(object): |
129 | 129 |
def appendGrantee(self, grantee): |
130 | 130 |
self.grantees.append(grantee) |
131 | 131 |
|
132 |
+ def hasGrant(self, name, permission): |
|
133 |
+ name = name.lower() |
|
134 |
+ permission = permission.upper() |
|
135 |
+ |
|
136 |
+ for grantee in self.grantees: |
|
137 |
+ if grantee.name.lower() == name: |
|
138 |
+ if grantee.permission == "FULL_CONTROL": |
|
139 |
+ return True |
|
140 |
+ elif grantee.permission.upper() == permission: |
|
141 |
+ return True |
|
142 |
+ |
|
143 |
+ return False; |
|
144 |
+ |
|
145 |
+ def grant(self, name, permission): |
|
146 |
+ if self.hasGrant(name, permission): |
|
147 |
+ return |
|
148 |
+ |
|
149 |
+ name = name.lower() |
|
150 |
+ permission = permission.upper() |
|
151 |
+ |
|
152 |
+ if "ALL" == permission: |
|
153 |
+ permission = "FULL_CONTROL" |
|
154 |
+ |
|
155 |
+ if "FULL_CONTROL" == permission: |
|
156 |
+ self.revoke(name, "ALL") |
|
157 |
+ |
|
158 |
+ grantee = Grantee() |
|
159 |
+ grantee.name = name |
|
160 |
+ grantee.permission = permission |
|
161 |
+ |
|
162 |
+ if name.find('@') <= -1: # ultra lame attempt to differenciate emails id from canonical ids |
|
163 |
+ grantee.xsi_type = "CanonicalUser" |
|
164 |
+ grantee.tag = "ID" |
|
165 |
+ else: |
|
166 |
+ grantee.xsi_type = "AmazonCustomerByEmail" |
|
167 |
+ grantee.tag = "EmailAddress" |
|
168 |
+ |
|
169 |
+ self.appendGrantee(grantee) |
|
170 |
+ |
|
171 |
+ |
|
172 |
+ def revoke(self, name, permission): |
|
173 |
+ name = name.lower() |
|
174 |
+ permission = permission.upper() |
|
175 |
+ |
|
176 |
+ if "ALL" == permission: |
|
177 |
+ self.grantees = [g for g in self.grantees if not g.name.lower() == name] |
|
178 |
+ else: |
|
179 |
+ self.grantees = [g for g in self.grantees if not (g.name.lower() == name and g.permission.upper() == permission)] |
|
180 |
+ |
|
181 |
+ |
|
132 | 182 |
def __str__(self): |
133 | 183 |
tree = getTreeFromXml(ACL.EMPTY_ACL) |
134 | 184 |
tree.attrib['xmlns'] = "http://s3.amazonaws.com/doc/2006-03-01/" |