Help Center> Object Storage Service> Node.js> Versioning Management> Setting or Obtaining a Versioning Object ACL
Updated on 2023-11-09 GMT+08:00

Setting or Obtaining a Versioning Object ACL

If you have any questions during development, post them on the Issues page of GitHub. For details about parameters and usage of each API, see the API Reference.

Directly Setting a Versioning Object ACL

You can call ObsClient.setObjectAcl to set the ACL for a versioning object by specifying the version ID (VersionId). Sample code is as follows:

// Import the OBS library.
// Use npm to install the client.
var ObsClient = require('esdk-obs-nodejs');
// Use source codes to install the client.
// var ObsClient = require('./lib/obs');

// Create an instance of ObsClient.
var obsClient = new ObsClient({
       //Obtain an AK/SK pair using environment variables or import the AK/SK pair in other ways. Using hard coding may result in leakage.
       //Obtain an AK/SK pair on the management console. For details, see https://support.huaweicloud.com/intl/en-us/usermanual-ca/ca_01_0003.html.
       access_key_id: process.env.ACCESS_KEY_ID,
       secret_access_key: process.env.SECRET_ACCESS_KEY,
       server : 'https://your-endpoint'
});

obsClient.setObjectAcl({
       Bucket : 'bucketname',
       Key : 'objectname',
       VersionId : 'versionid',
       // Set the versioning object ACL to public-read by specifying the pre-defined access control policy.
       ACL : obsClient.enums.AclPublicRead
}, (err, result) => {
       if(err){
              console.log('Error-->' + err);
       }else{
              console.log('Status-->' + result.CommonMsg.Status);
       }
});

obsClient.setObjectAcl({
       Bucket : 'bucketname',
       Key : 'objectname',
       VersionId : 'versionid',
       // Set the object owner.       
       Owner:{'ID':'ownerid'},
       Grants:{                         
         Grant:[                               
                // Grant the READ permission to all users.                      
               { Grantee:{Type : 'Group', URI : obsClient.enums.GroupAllUsers}, Permission : obsClient.enums.PermissionRead}, 
                // Grant the WRITE_ACP permission to all users.                      
               { Grantee:{Type : 'Group', URI : obsClient.enums.GroupAllUsers}, Permission : obsClient.enums.PermissionWriteAcp}
         ]
       }
}, (err, result) => {
       if(err){
              console.log('Error-->' + err);
       }else{
              console.log('Status-->' + result.CommonMsg.Status);
       }
});
  • Use the Owner parameter to specify the object owner and use the Grants parameter to grant permissions for authorized users.
  • The owner or grantee ID needed in the ACL indicates the account ID, which can be viewed on the My Credentials page of OBS Console.
  • OBS buckets support the following grantee group:
    • All users: ObsClient.enums.GroupAllUsers

Obtaining a Versioning Object ACL

You can call ObsClient.getObjectAcl to obtain the ACL of a versioning object by specifying the version ID (VersionId). Sample code is as follows:

// Import the OBS library.
// Use npm to install the client.
var ObsClient = require('esdk-obs-nodejs');
// Use source codes to install the client.
// var ObsClient = require('./lib/obs');

// Create an instance of ObsClient.
var obsClient = new ObsClient({
       //Obtain an AK/SK pair using environment variables or import the AK/SK pair in other ways. Using hard coding may result in leakage.
       //Obtain an AK/SK pair on the management console. For details, see https://support.huaweicloud.com/intl/en-us/usermanual-ca/ca_01_0003.html.
       access_key_id: process.env.ACCESS_KEY_ID,
       secret_access_key: process.env.SECRET_ACCESS_KEY,
       server : 'https://your-endpoint'
});

obsClient.getObjectAcl({
       Bucket : 'bucketname',
       Key : 'objectname',
       VersionId : 'versionid'
}, (err, result) => {
       if(err){
              console.log('Error-->' + err);
       }else{
              console.log('Status-->' + result.CommonMsg.Status); 
              if(result.CommonMsg.Status < 300 && result.InterfaceResult){                            
                  console.log('Owner[ID]-->' + result.InterfaceResult.Owner.ID);                
                  for(let i=0;i<result.InterfaceResult.Grants.Grant.length;i++){ 
                         console.log('Grant[' + i + ']:'); 
                         console.log('Grantee[ID]-->' + result.InterfaceResult.Grants.Grant[i]['Grantee']['ID']);          
                         console.log('Grantee[URI]-->' + result.InterfaceResult.Grants.Grant[i]['Grantee']['URI']); 
                         console.log('Permission-->'+ result.InterfaceResult.Grants.Grant[i]['Permission']); 
                  } 
              }
       }
});