Obtaining a Bucket ACL (SDK for C)
Function
Access control lists (ACLs) allow resource owners to grant other accounts the permissions to access resources. By default, only the resource owner has full control over resources when a bucket or object is created. That is, the bucket creator has full control over the bucket, and the object uploader has full control over the object. Other accounts do not have the permissions to access resources. If resource owners want to grant other accounts the read and write permissions on resources, they can use ACLs. ACLs grant permissions to accounts. After an account is granted permissions, both the account and its IAM users can access the resources.
For more information, see ACLs.
This API returns the ACL of a bucket.
Restrictions
- To obtain the ACL of a bucket, you must be the bucket owner or have the required permission (obs:bucket:GetBucketAcl in IAM or GetBucketAcl in a bucket policy). For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy.
Method
void get_bucket_acl(const obs_options * options, manager_acl_info * aclinfo, 
           obs_response_handler * handler, void *callback_data);
 Request Parameters
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| options | const obs_options* | Yes | Explanation: The context of the requested bucket. Refer to Configuring option (SDK for C) to set the AK, SK, endpoint, bucket, timeout, and temporary credentials through obs_options. Restrictions: None | 
| aclinfo | Yes | Explanation: ACL structure. Restrictions: None | |
| handler | Yes | Explanation: A callback structure where all members are pointers to callback functions, used to set the callback functions that handle response data. You can set a callback function to copy the response data from the server to your custom callback_data. Restrictions: None | |
| callback_data | void * | Yes | Explanation: Custom callback data. Restrictions: None Value range: None Default value: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| bucket_options | Yes | Explanation: Bucket settings. Restrictions: None | |
| request_options | Yes | Explanation: Request-related settings. Restrictions: None | |
| temp_auth | No | Explanation: The structure used to calculate a temporary signature. Set it to NULL if it is not used. Restrictions: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| object_info | Yes | Explanation: Object name and version ID. If the object is not a versioned object, set version to NULL. Restrictions: None | |
| owner_id | char * | Yes | Explanation: Account (domain) ID of the bucket owner. Restrictions: None Value range: For details about how to obtain the account ID of the bucket owner, see How Do I Get My Account ID and User ID? Default value: None | 
| owner_display_name | char * | Yes | Explanation: Display name of a user Restrictions: None Value range: None Default value: None | 
| acl_grant_count_return | int * | Yes | Explanation: Length of the acl_grants array. Restrictions: None Value range: None Default value: None | 
| object_delivered | Yes | Explanation: Whether the ACL of the bucket applies to its objects Restrictions: None Value range: For details, see obs_object_delivered. | |
| acl_grants | Yes | Explanation: Permissions information structure. Restrictions: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| key | char * | Yes | Explanation: Object name Restrictions: None Value range: None Default value: None | 
| version_id | char * | No | Explanation: Object version ID. If the object is not a versioned object, set version_id to NULL. Restrictions: None Value range: None Default value: None | 
| Value | Description | 
|---|---|
| OBJECT_DELIVERED_TRUE | The ACL of the bucket applies to its objects. | 
| OBJECT_DELIVERED_FALSE | The ACL of the bucket does not apply to its objects. | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| grantee_type | Yes | Explanation: Description of the authorized user type Restrictions: None Value range: For details, see obs_grantee_type. | |
| grantee.canonical_user.id | char[] | No | Explanation: User ID of the authorized user. Restrictions: None Value range: For details about how to obtain the ID of an authorized user, see How Do I Get My Account ID and User ID?. Default value: None | 
| permission | Yes | Explanation: Bucket ACL. Restrictions: None Value range: For details, see obs_permission. | |
| bucket_delivered | Yes | Explanation: Whether the bucket ACL is passed to objects in the bucket. Restrictions: None Value range: For details, see obs_bucket_delivered. Default value: BUCKET_DELIVERED_FALSE (indicating that the bucket ACL is not passed to the objects in the bucket) | 
| Value | Description | 
|---|---|
| OBS_GRANTEE_TYPE_CANONICAL_USER | An OBS user. Bucket or object permissions can be granted to any user who has an OBS account. Authorized users can use the AK and SK to access OBS. | 
| OBS_GRANTEE_TYPE_ALL_USERS | All users can access buckets or objects, including anonymous users. | 
| Value | Description | 
|---|---|
| OBS_PERMISSION_READ | Read permission. A grantee with this permission for a bucket can obtain the list of objects in and metadata of the bucket. A grantee with this permission for an object can obtain the object content and metadata. | 
| OBS_PERMISSION_WRITE | Write permission. A grantee with this permission for a bucket can upload, overwrite, and delete any object in the bucket. This permission is not available for objects. | 
| OBS_PERMISSION_READ_ACP | ACP read permission. A grantee with this permission can obtain the ACL of a bucket or object. A bucket or object owner has this permission for their bucket or object ACL by default. | 
| OBS_PERMISSION_WRITE_ACP | ACP write permission. A grantee with this permission can update the ACL of a bucket or object. A bucket or object owner has this permission for their bucket or object ACL by default. This permission allows the grantee to change the access control policies, meaning the grantee has full control over a bucket or object. | 
| OBS_PERMISSION_FULL_CONTROL | Full control permission. A grantee with this permission for a bucket has READ, WRITE, READ_ACP, and WRITE_ACP permissions for the bucket. A grantee with this permission for an object has READ, READ_ACP, and WRITE_ACP permissions for the object. | 
| Value | Description | 
|---|---|
| BUCKET_DELIVERED_FALSE | A bucket ACL is not applied to the objects in the bucket. | 
| BUCKET_DELIVERED_TRUE | A bucket ACL is applied to the objects in the bucket. | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| properties_callback | Yes | Explanation: The pointer to the response callback function. The content of properties in the callback can be recorded in callback_data (custom callback data). Restrictions: None | |
| complete_callback | Yes | Explanation: The pointer to the completion callback function. The content of obs_status and obs_error_details in the callback can be recorded in callback_data (custom callback data). Restrictions: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| host_name | char * | Yes | Explanation: The requested host name, used as an address for connecting to OBS. It is the domain name (the endpoint) of the server where the requested resource is stored. Example: host_name = "obs.eu-west-101.myhuaweicloud.eu"; Restrictions: The value does not need to contain http:// or https:// as a prefix, which is controlled using obs_protocol. Default value: None | 
| bucket_name | char * | Yes | Explanation: Bucket name. Restrictions: 
 Value range: None Default value: None | 
| useCname | bool | No | Explanation: Whether to use a custom domain name to access OBS. Restrictions: None Value range: true: A custom domain name is used. false: A custom domain name is not used. Default value: false | 
| protocol | No | Explanation: Whether to use the HTTP or HTTPS protocol. Restrictions: None Value range: For details, see obs_protocol. Default value: OBS_PROTOCOL_HTTPS (HTTPS is used by default.) | |
| access_key | char * | Yes | Explanation: Access key ID (AK). Restrictions: None Value range: For details, see Creating Access Keys. Default value: None | 
| secret_access_key | char * | Yes | Explanation: Secret access key (SK). Restrictions: None Value range: For details, see Creating Access Keys. Default value: None | 
| storage_class | No | Explanation: Bucket storage class that can be specified at bucket creation. Restrictions: None Value range: For details, see obs_storage_class. Default value: OBS_STORAGE_CLASS_STANDARD (Standard storage class) | |
| token | char * | No | Explanation: The security token in temporary credentials. Restrictions: None Value range: For details, see Creating Access Keys. Default value: None | 
| epid | char * | No | Explanation: Enterprise project ID that can be specified during bucket creation. If you have enabled EPS, you can obtain the project ID from the EPS console. Restrictions: The value needs to be represented as a UUID. This parameter is not required if EPS is not enabled. Example: 9892d768-2d13-450f-aac7-ed0e44c2585f Default value: None | 
| Value | Description | 
|---|---|
| OBS_STORAGE_CLASS_STANDARD | Standard storage class. This class features low access latency and high throughput and is used for storing massive, frequently accessed (multiple times a month) or small objects (< 1 MB) requiring quick response. | 
| OBS_STORAGE_CLASS_STANDARD_IA | Infrequent Access storage class. Used for storing data that is semi-frequently accessed (fewer than 12 times a year) but becomes instantly available when needed. | 
| OBS_STORAGE_CLASS_GLACIER | Archive storage class. Used for storing rarely accessed (once a year) data. | 
| Value | Description | 
|---|---|
| OBS_PROTOCOL_HTTPS | HTTPS is used for access. | 
| OBS_PROTOCOL_HTTP | HTTP is used for access. | 
| Value | Description | 
|---|---|
| OBS_BUCKET_OBJECT | Object bucket | 
| Value | Description | 
|---|---|
| OBS_BUCKET_LIST_ALL | Lists all buckets. | 
| OBS_BUCKET_LIST_OBJECT | Lists all object buckets. | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| connect_time | int | Yes | Explanation: Timeout period for establishing an HTTP/HTTPS connection, in ms. Restrictions: None Value range: [10000, 60000] Default value: 60000 | 
| max_connected_time | int | Yes | Explanation: Timeout period (in seconds) of a request. Restrictions: None Value range: None Default value: 0 (There is never automatic disconnection.) | 
| proxy_auth | char* | No | Explanation: Proxy authentication information, in the format username:password Restrictions: None Value range: None Default value: None | 
| proxy_host | char* | No | Explanation: IP address or host name of the proxy server. Restrictions: None Value range: None Default value: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| expires | long long int | Yes | Explanation: Validity period of the temporary credentials, in seconds. Restrictions: None Value range: [0-630720000] Default value: None | 
| temp_auth_callback | void(*temp_auth_callback)(char *temp_auth_url, uint64_t temp_auth_url_len, char*temp_auth_headers, uint64_t temp_auth_headers_len, void*callback_data) | Yes | Explanation: The pointer to the custom callback function, which is used to record the temporary URL and involved signature header to the custom callback data. Restrictions: None | 
| callback_data | void * | Yes | Explanation: Custom callback data. Restrictions: None Value range: None Default value: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| temp_auth_url | char * | Yes | Explanation: Temporary URL. OBS allows you to construct a URL for a specific operation. In such a URL, you use Query parameters to provide authentication information including the user AK, signature, and validity period. Anyone who has the URL can perform the specified operation. After receiving a request made using such a URL, OBS treats the requester as the user who issued the URL and processes the request. For example, if you construct a pre-signed URL for downloading an object and provide it to various users, they can use the URL to download the object without authentication, but they must do so within the validity period specified by the Expires parameter. Restrictions: None Value range: None Default value: None | 
| temp_auth_url_len | uint64_t | Yes | Explanation: Length of the temporary URL. Restrictions: None Value range: None Default value: None | 
| temp_auth_headers | char * | Yes | Explanation: Headers for temporary authentication. Restrictions: None Value range: None Default value: None | 
| temp_auth_headers_len | uint64_t | Yes | Explanation: Number of temporary authentication headers. Restrictions: None Value range: None Default value: None | 
| callback_data | void * | Yes | Explanation: Custom callback data. Restrictions: None Value range: None Default value: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| properties | const obs_response_properties* | Yes | Explanation: Parameters in the response headers. You are advised to record them to callback_data (custom callback data). Restrictions: None | 
| callback_data | void * | Yes | Explanation: The pointer to the custom callback data. Restrictions: None Value range: None Default value: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| status | Yes | Explanation: Internal request status code of the SDK. Restrictions: None Value range: For details, see obs_status. | |
| error_details | const obs_error_details* | Yes | Explanation: The pointer to the response callback function. The content of properties in the callback can be recorded in callback_data (custom callback data). Restrictions: None | 
| callback_data | void * | Yes | Explanation: The pointer to the custom callback data. Restrictions: None Value range: None Default value: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| request_id | const char * | No | Explanation: The value created by OBS to uniquely identify the request. OBS uses this value to locate the fault. Restrictions: None Value range: None Default value: None | 
| request_id2 | const char * | No | Explanation: A special symbol that helps troubleshoot. Restrictions: None Value range: None Default value: None | 
| content_type | const char * | No | Explanation: MIME type of the object. MIME type is a standard way of describing a data type and is used by the browser to decide how to display data. Restrictions: None Value range: None Default value: None | 
| content_length | uint64_t | No | Explanation: The size (in bytes) of the response body. Restrictions: None Value range: None Default value: None | 
| server | const char * | No | Explanation: Server header in an HTTP request. Restrictions: None Value range: None Default value: None | 
| etag | const char * | No | Explanation: Base64-encoded, 128-bit MD5 value of an object. It uniquely identifies the content of an object and can be used to check the object integrity. For example, if the ETag is A when an object is uploaded and is B when the object is downloaded, it indicates that the object content has been changed. The ETag reflects changes to the contents of the object, not its metadata. An object created by an upload or copy operation has a unique ETag. Restrictions: If an object is encrypted using server-side encryption, the ETag is not the MD5 value of the object. Value range: The value must contain 32 characters. Default value: None | 
| expiration | const char * | No | Explanation: Expiration details of the object. Restrictions: None Value range: An integer greater than 0, in days. Default value: None | 
| website_redirect_location | const char * | No | Explanation: Indicates where an object request is redirected. If the bucket that contains the object is configured with Website settings, this parameter can be set in the object metadata so that the request for the object can be redirected to another object in the same bucket or an external URL after the website returns a 301 redirect response. To another object in the same bucket: x-obs-website-redirect-location:/anotherPage.html To an external URL: x-obs-website-redirect-location:http://www.example.com/ OBS obtains the specified value from the header and stores it in the object metadata WebsiteRedirectLocation. Restrictions: 
 Default value: None | 
| version_id | const char * | No | Explanation: Object version ID. If the object has no version ID, the value is NULL. Restrictions: None Value range: The value must contain 32 characters. Default value: None | 
| meta_data_count | int | No | Explanation: Number of elements in the meta_data array. Restrictions: None Value range: None Default value: None | 
| meta_data | const obs_name_value * | No | Explanation: Custom metadata of the object. You can add custom metadata headers that start with x-obs-meta- for easy object management. When you retrieve or query the metadata of the object, the added custom metadata headers will be returned in the response. Restrictions: None | 
| use_server_side_encryption | char | No | Explanation: If server-side encryption is enabled, this parameter is set to '\1'. Restrictions: None Value range: None Default value: None | 
| allow_origin | const char * | No | Explanation: Returned if the request origin meets the CORS configured on the server. Restrictions: None Value range: The value that complies with the CORS Default value: None | 
| allow_headers | const char * | No | Explanation: Returned if the request headers meet the CORS configured on the server. Restrictions: At most one asterisk (*) is allowed. Spaces, ampersands (&), colons (:), less-than signs (<), and full-width characters are not allowed. Value range: The value that complies with the CORS Default value: None | 
| max_age | const char * | No | Explanation: MaxAgeSeconds in the CORS rules of the bucket. It specifies the time your client can cache the response for a cross-origin request. Restrictions: Each CORS rule can contain at most one MaxAgeSeconds. Value range: An integer greater than or equal to 0, in seconds. Default value: 3000 | 
| allow_methods | const char * | No | Explanation: Indicates that methods in the rule are included in the response if Access-Control-Request-Method in the request meets the CORS configuration requirements when CORS is configured for buckets. Restrictions: None Value range: 
 Default value: None | 
| expose_headers | const char * | No | Explanation: ExposeHeader in the CORS rules of the bucket. It specifies additional headers allowed in the response by a CORS rule. These headers provide extra information to clients. By default, a browser can access only headers Content-Length and Content-Type. If the browser needs to access other headers, you need to configure them as additional headers. Restrictions: Spaces, asterisks (*), ampersands (&), colons (:), less-than signs (<), and full-width characters are not allowed. Value range: None Default value: None | 
| storage_class | const char * | No | Explanation: Object storage class. Restrictions: This header is returned only when the storage class of an object is not Standard. Value range: 
 Default value: None | 
| server_side_encryption | const char * | No | Explanation: The encryption method used by the server. Example: x-obs-server-side-encryption:kms Restrictions: This header is included in a response if SSE-KMS is used. Value range: 
 Default value: None | 
| kms_key_id | const char * | No | Explanation: Key ID. If the SSE-KMS encryption is used with a specified key, the key ID is required. Restrictions: This header can only be used when you specify kms for the server_side_encryption header. Value range: To obtain the key ID, see Viewing a CMK. Default value: If you specify kms for encryption but do not specify a key ID, the default master key will be used. If there is not a default master key, OBS will create one and use it. | 
| customer_algorithm | const char * | No | Explanation: Indicates a decryption algorithm. This header is included in a response if SSE-C is used. Restrictions: None Value range: AES256 (AES256 decryption algorithm) Default value: None | 
| customer_key_md5 | const char * | No | Explanation: Indicates the MD5 value of a key used to decrypt objects. This header is included in a response if SSE-C is used. Restrictions: Base64-encoded MD5 value of the key, for example, 4XvB3tbNTN+tIEVa0/fGaQ== Value range: Base64-encoded MD5 value of the key ID. Default value: None | 
| bucket_location | const char * | No | Explanation: Indicates the region where the bucket resides. Restrictions: None Value range: None Default value: None | 
| obs_version | const char * | No | Explanation: OBS version of the bucket. Restrictions: None Value range: 
 Default value: None | 
| restore | const char * | No | Explanation: Restoration status of an object. Examples: ongoing-request="true" (the object is being restored); ongoing-request="false", expiry-date="Wed, 7 Nov 2012 00:00:00 GMT" (the object has been restored) expiry-date indicates when the restored object will expire. Restrictions: For an Archive object that is being restored or has been restored, this header is returned. Value range: None Default value: None | 
| obs_object_type | const char * | No | Explanation: Type of the object. Restrictions: This header is returned only when the object is not a Normal object. Value range: Appendable Default value: None | 
| obs_next_append_position | const char * | No | Explanation: Indicates the position to be provided for the next request. Restrictions: This header is returned only when the object is an Appendable object. Value range: None Default value: None | 
| obs_head_epid | const char * | No | Explanation: Enterprise project ID for the current bucket. Users who have enabled the enterprise project function can obtain the ID from the enterprise project service. Restrictions: The value is a UUID. This parameter is not required if you have not enabled an enterprise project. Value range: None Default value: None | 
| reserved_indicator | const char * | No | Explanation: A special symbol that helps troubleshoot. Restrictions: None Value range: None Default value: None | 
| Parameter | Type | Description | 
|---|---|---|
| message | const char* | Explanation: Error details in the XML error response body. Restrictions: None Value range: See Error Codes. Default value: None | 
| resource | const char* | Explanation: Bucket or object related to the error. Restrictions: None Value range: None Default value: None | 
| further_details | const char* | Explanation: The value of the FurtherDetails element in the XML error response body. Restrictions: None Value range: None Default value: None | 
| extra_details_count | int | Explanation: The number of other elements in the XML error response body. Restrictions: None Value range: None Default value: None | 
| extra_details | Explanation: Values of other elements in the XML error response body. Restrictions: None | |
| error_headers_count | int | Explanation: Number of headers in error_headers. Restrictions: None Value range: None Default value: None | 
| error_headers | char** | Explanation: All response headers that contain the error. Restrictions: None Value range: None Default value: None | 
| Parameter | Type | Mandatory (Yes/No) | Description | 
|---|---|---|---|
| name | char * | No | Explanation: Key of a property. Restrictions: None Value range: None Default value: None | 
| value | char * | No | Explanation: Property value. Restrictions: None Value range: None Default value: None | 
| Value | Description | 
|---|---|
| OBS_STATUS_OK | The request is successful. | 
| OBS_STATUS_InitCurlFailed | Failed to initialize curl. | 
| OBS_STATUS_InternalError | Internal error. | 
| OBS_STATUS_OutOfMemory | The local memory is insufficient. | 
| OBS_STATUS_FailedToIInitializeRequest | Failed to initialize the request. | 
| OBS_STATUS_ConnectionFailed | Network connection failed. | 
| OBS_STATUS_XmlParseFailure | Failed to parse the XML file. | 
| OBS_STATUS_NameLookupError | Domain name resolution failed. | 
| OBS_STATUS_FailedToConnect | Failed to connect to the server. | 
| OBS_STATUS_PartialFile | Network transmission. | 
| OBS_STATUS_InvalidParameter | Invalid parameter. | 
| OBS_STATUS_NoToken | The current number of concurrent tasks exceeds the maximum number (1000 by default). Use the set_online_request_max_count function to adjust the maximum number of concurrent tasks. | 
| OBS_STATUS_OpenFileFailed | Failed to open the file. | 
| OBS_STATUS_AccessDenied | The request is rejected. | 
| OBS_STATUS_MalformedPolicy | The format of the request policy is incorrect. | 
| OBS_STATUS_MalformedXML | The XML request format is incorrect. | 
| OBS_STATUS_MethodNotAllowed | The request method is not allowed. | 
| OBS_STATUS_SignatureDoesNotMatch | The signatures do not match. Check whether the AK, SK, and token are correct. | 
| OBS_STATUS_ServiceUnavailable | Server exception. | 
| OBS_STATUS_SlowDown | The request frequency is too high. | 
Code Examples: Obtaining a Bucket ACL
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 | #include "eSDKOBS.h" #include <stdio.h> #include <time.h> // The response callback function. The content of properties in the callback can be recorded in callback_data (custom callback data). obs_status response_properties_callback(const obs_response_properties *properties, void *callback_data); // The completion callback function. The content of obs_status and obs_error_details in the callback can be recorded in callback_data (custom callback data). void response_complete_callback(obs_status status, const obs_error_details *error, void *callback_data); manager_acl_info* malloc_acl_info(); void free_acl_info(manager_acl_info **acl); void print_grant_info(int acl_grant_count, obs_acl_grant *acl_grants); int main() { // The following example shows how to obtain the bucket ACL: // Call the obs_initialize method at the program entry to initialize global resources such as the network and memory. obs_initialize(OBS_INIT_ALL); obs_options options; // Create and initialize options, including the access domain name (host_name), access keys (access_key_id and access_key_secret), bucket name (bucket_name), and bucket storage class (storage_class). init_obs_options(&options); // Enter the endpoint corresponding to the bucket for host_name. EU-Dublin is used here as an example. Replace it with the one in your actual situation. options.bucket_options.host_name = "obs.eu-west-101.myhuaweicloud.eu"; // Hard-coded or plaintext AK and SK are risky. For security purposes, encrypt your AK and SK and store them in the configuration file or environment variables. // In this example, the AK and SK are stored in environment variables for identity authentication. Before running the code in this example, configure local environment variables ACCESS_KEY_ID and SECRET_ACCESS_KEY. options.bucket_options.access_key = getenv("ACCESS_KEY_ID"); options.bucket_options.secret_access_key = getenv("SECRET_ACCESS_KEY"); // Specify the bucket name, for example, example-bucket-name. char * bucketName = "example-bucket-name"; options.bucket_options.bucket_name = bucketName; // Set the response callback function. obs_response_handler response_handler = { &response_properties_callback, &response_complete_callback }; obs_status ret_status = OBS_STATUS_BUTT; // Allocate the memory for the ACL structure. manager_acl_info *aclinfo = malloc_acl_info(); // Call the API for obtaining the ACL. get_bucket_acl(&options, aclinfo, &response_handler, &ret_status); if (OBS_STATUS_OK == ret_status) { printf("get bucket acl: -------------"); printf("%s\n", aclinfo->owner_id); if (aclinfo->acl_grant_count_return) { print_grant_info(*aclinfo->acl_grant_count_return, aclinfo->acl_grants); } } else { printf("get bucket acl failed(%s).\n", obs_get_status_name(ret_status)); } // Release the memory. free_acl_info(&aclinfo); // Release the allocated global resources. obs_deinitialize(); } // The response callback function. The content of properties in the callback can be recorded in callback_data (custom callback data). obs_status response_properties_callback(const obs_response_properties *properties, void *callback_data) { if (properties == NULL) { printf("error! obs_response_properties is null!"); if (callback_data != NULL) { obs_sever_callback_data *data = (obs_sever_callback_data *)callback_data; printf("server_callback buf is %s, len is %llu", data->buffer, data->buffer_len); return OBS_STATUS_OK; } else { printf("error! obs_sever_callback_data is null!"); return OBS_STATUS_OK; } } // Print the response. #define print_nonnull(name, field) \ do { \ if (properties-> field) { \ printf("%s: %s\n", name, properties->field); \ } \ } while (0) print_nonnull("request_id", request_id); print_nonnull("request_id2", request_id2); print_nonnull("content_type", content_type); if (properties->content_length) { printf("content_length: %llu\n", properties->content_length); } print_nonnull("server", server); print_nonnull("ETag", etag); print_nonnull("expiration", expiration); print_nonnull("website_redirect_location", website_redirect_location); print_nonnull("version_id", version_id); print_nonnull("allow_origin", allow_origin); print_nonnull("allow_headers", allow_headers); print_nonnull("max_age", max_age); print_nonnull("allow_methods", allow_methods); print_nonnull("expose_headers", expose_headers); print_nonnull("storage_class", storage_class); print_nonnull("server_side_encryption", server_side_encryption); print_nonnull("kms_key_id", kms_key_id); print_nonnull("customer_algorithm", customer_algorithm); print_nonnull("customer_key_md5", customer_key_md5); print_nonnull("bucket_location", bucket_location); print_nonnull("obs_version", obs_version); print_nonnull("restore", restore); print_nonnull("obs_object_type", obs_object_type); print_nonnull("obs_next_append_position", obs_next_append_position); print_nonnull("obs_head_epid", obs_head_epid); print_nonnull("reserved_indicator", reserved_indicator); int i; for (i = 0; i < properties->meta_data_count; i++) { printf("x-obs-meta-%s: %s\n", properties->meta_data[i].name, properties->meta_data[i].value); } return OBS_STATUS_OK; } // The completion callback function. The content of obs_status and obs_error_details in the callback can be recorded in callback_data (custom callback data). void response_complete_callback(obs_status status, const obs_error_details *error, void *callback_data) { if (callback_data) { obs_status *ret_status = (obs_status *)callback_data; *ret_status = status; } else { printf("Callback_data is NULL"); } if (error && error->message) { printf("Error Message: \n %s\n", error->message); } if (error && error->resource) { printf("Error Resource: \n %s\n", error->resource); } if (error && error->further_details) { printf("Error further_details: \n %s\n", error->further_details); } if (error && error->extra_details_count) { int i; for (i = 0; i < error->extra_details_count; i++) { printf("Error Extra Detail(%d):\n %s:%s\n", i, error->extra_details[i].name, error->extra_details[i].value); } } if (error && error->error_headers_count) { int i; for (i = 0; i < error->error_headers_count; i++) { const char *errorHeader = error->error_headers[i]; printf("Error Headers(%d):\n %s\n", i, errorHeader == NULL ? "NULL Header" : errorHeader); } } } manager_acl_info* malloc_acl_info() { manager_acl_info *aclinfo = (manager_acl_info*)malloc(sizeof(manager_acl_info)); memset(aclinfo, 0, sizeof(manager_acl_info)); aclinfo->acl_grants = (obs_acl_grant*)malloc(sizeof(obs_acl_grant) * OBS_MAX_ACL_GRANT_COUNT); memset(aclinfo->acl_grants, 0, sizeof(obs_acl_grant) * OBS_MAX_ACL_GRANT_COUNT); aclinfo->acl_grant_count_return = (int*)malloc(sizeof(int)); *(aclinfo->acl_grant_count_return) = OBS_MAX_ACL_GRANT_COUNT; size_t owner_id_size = (OBS_MAX_GRANTEE_USER_ID_SIZE + 1) * sizeof(char); aclinfo->owner_id = (char *)malloc(owner_id_size); memset(aclinfo->owner_id, 0, owner_id_size); aclinfo->owner_display_name = (char *)malloc(OBS_MAX_GRANTEE_DISPLAY_NAME_SIZE); memset(aclinfo->owner_display_name, 0, OBS_MAX_GRANTEE_DISPLAY_NAME_SIZE); return aclinfo; } void free_acl_info(manager_acl_info **acl) { manager_acl_info *aclinfo = *acl; free(aclinfo->acl_grants); free(aclinfo->owner_display_name); free(aclinfo->owner_id); free(aclinfo->acl_grant_count_return); free(aclinfo); } void print_grant_info(int acl_grant_count, obs_acl_grant *acl_grants) { int i; for (i = 0; i < acl_grant_count; i++) { obs_acl_grant *grant = acl_grants + i; const char *type; char composedId[OBS_MAX_GRANTEE_USER_ID_SIZE + OBS_MAX_GRANTEE_DISPLAY_NAME_SIZE + 16] = { 0 }; const char *id; switch (grant->grantee_type) { case OBS_GRANTEE_TYPE_CANONICAL_USER: type = "UserID"; snprintf(composedId, sizeof(composedId), "%s (%s)", grant->grantee.canonical_user.id, grant->grantee.canonical_user.display_name); id = composedId; break; case OBS_GRANTEE_TYPE_ALL_OBS_USERS: type = "Group"; id = "Authenticated Users"; break; default: type = "Group"; id = "All Users"; break; } const char *perm; switch (grant->permission) { case OBS_PERMISSION_READ: perm = "READ"; break; case OBS_PERMISSION_WRITE: perm = "WRITE"; break; case OBS_PERMISSION_READ_ACP: perm = "READ_ACP"; break; case OBS_PERMISSION_WRITE_ACP: perm = "WRITE_ACP"; break; default: perm = "FULL_CONTROL"; break; } const char *delivered; if (grant->bucket_delivered == BUCKET_DELIVERED_FALSE) delivered = "false"; else delivered = "true"; printf("%-6s %-90s %-12s %-8s\n", type, id, perm, delivered); } } | 
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
 
    