Updated on 2025-08-22 GMT+08:00

Obtaining Object ACL Configuration

Functions

The implementation of this operation returns the ACL configuration of an object. You can perform this operation to view the ACL of an object, as long as you have the read permission for the object ACL.

Versioning

By default, this operation obtains the ACL of the latest version of an object. If the object has a delete marker, status code 404 is returned. To obtain the ACL of a specified version, the versionId parameter can be used to specify the desired version.

Request Syntax

1
2
3
4
GET /ObjectName?acl HTTP/1.1 
Host: bucketname.obs.region.myhuaweicloud.com 
Date: date
Authorization: authorization

Request Parameters

The request parameters required are described in Table 1.

Table 1 Request parameters

Parameter

Mandatory (Yes/No)

Type

Description

acl

Yes

String

Definition:

Indicates that the request is to obtain the object ACL.

Constraints:

None

Range:

None

Default value:

None

versionId

No

String

Definition:

Version number of an object. For details about how to obtain the version ID of an object, see Listing Objects in a Bucket.

Constraints:

None

Range:

The value must contain 32 characters.

Default value:

None. If this parameter is not configured, the latest version of the object is specified.

Request Headers

This request uses common headers. For details, see Table 3.

Request Elements

This request involves no elements.

Response Syntax

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
HTTP/1.1 status_code
Date: date
Content-Length: length
Content-Type: application/xml 

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> 
<AccessControlPolicy xmlns="http://obs.region.myhuaweicloud.com/doc/2015-06-30/">
    <Owner> 
        <ID>id</ID> 
    </Owner> 
    <Delivered>true</Delivered>
    <AccessControlList> 
        <Grant> 
            <Grantee> 
                <ID>id</ID> 
            </Grantee> 
            <Permission>permission</Permission> 
        </Grant> 
    </AccessControlList> 
</AccessControlPolicy>

Response Headers

The response to the request uses common headers. For details, see Table 1.

In addition to the common response headers, the headers listed in Table 2 may be used.

Table 2 Additional response headers

Parameter

Type

Description

x-obs-version-id

String

Definition:

Version number of an object.

Range:

The value must contain 32 characters.

Response Elements

The response message of the request returns the ACL information of the object. Table 3 describes the elements.

Table 3 Response elements

Parameter

Type

Description

AccessControlList

XML

Definition:

List of users and their permissions for the bucket. AccessControlList is the parent node of Grant, Grantee, and Permission.

Range:

For details, see Table 4.

ID

String

Definition:

Domain ID of the user.

Range:

None

Delivered

Boolean

Definition:

Whether an object ACL inherits the ACL of a bucket.

Range:

  • true: The object inherits the bucket ACL.
  • false: The object does not inherit the bucket ACL.
Table 4 AccessControlList parameters

Parameter

Type

Description

Grant

XML

Definition:

Used to identify users and their permissions. Grant is the parent node of Grantee and Delivered.

Range:

None

Grantee

XML

Definition:

Grantee information.

Range:

None

Permission

String

Definition:

Permissions of a specified user for the bucket.

Range:

  • READ: Allows the grantee to obtain the object content and metadata.
  • READ_ACP: Allows the grantee to read the ACL attributes of an object.
  • WRITE_ACP: Allows the grantee to update the ACL of an object.
  • FULL_CONTROL: The grantee has the READ, READ_ACP, and WRITE_ACP permissions on the object.

Error Responses

No special error responses are returned. For details about error responses, see Table 2.

Sample Request

1
2
3
4
5
6
GET /object011?acl HTTP/1.1
User-Agent: curl/7.29.0
Host: examplebucket.obs.region.myhuaweicloud.com
Accept: */*
Date: WED, 01 Jul 2015 04:45:55 GMT
Authorization: OBS H4IPJX0TQTHTHEBQQCEC:YcmvNQxItGjFeeC1K2HeUEp8MMM=

Sample Response

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 8DF400000163D3E650F3065C2295674C
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS+wsHqRuA2Tx+mXUpNtBbWLPMle9CIx
Content-Type: application/xml
Date: WED, 01 Jul 2015 04:45:55 GMT
Content-Length: 769

<?xml version="1.0" encoding="utf-8"?>
<AccessControlPolicy xmlns="http://obs.region.myhuaweicloud.com/doc/2015-06-30/">
  <Owner> 
    <ID>b4bf1b36d9ca43d984fbcb9491b6fce9</ID> 
  </Owner>  
  <Delivered>false</Delivered> 
  <AccessControlList> 
    <Grant> 
      <Grantee> 
        <ID>b4bf1b36d9ca43d984fbcb9491b6fce9</ID> 
      </Grantee>  
      <Permission>FULL_CONTROL</Permission> 
    </Grant>  
    <Grant> 
      <Grantee> 
        <ID>783fc6652cf246c096ea836694f71855</ID> 
      </Grantee>  
      <Permission>READ</Permission>  
      </Grant>  
    <Grant> 
      <Grantee> 
        <Canned>Everyone</Canned> 
      </Grantee>  
      <Permission>READ_ACP</Permission> 
    </Grant> 
  </AccessControlList> 
</AccessControlPolicy>

Sample Request: Obtaining the ACL of a Specific Object Version

GET /object01?acl&versionId=G001118A6803675AFFFFD3043F7F91D0 HTTP/1.1
Authorization: OBS H4IPJX0TQTHTHEBQQCEC:iqSPeUBl66PwXDApxjRKk6hlcN4=
User-Agent: curl/7.29.0
Host: examplebucket.obs.region.myhuaweicloud.com
Date: WED, 01 Jul 2015 02:37:22 GMT
Content-Type: application/xml

Sample Response: Obtaining the ACL of a Specific Object Version

x-obs-id-2: 32AAAQAAEAABSAAgAAEAABAAAQAAEAABCSmpL2dv6zZLM2HmUrXKTAi258MPqmrp
x-obs-request-id: 0000018A2A73AF59D3085C8F8ABF0C65
Server: OBS
Content-Length: 0
Date: WED, 01 Jul 2015 02:37:22 GMT
x-obs-version-id: G001118A6803675AFFFFD3043F7F91D0
 
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AccessControlPolicy  xmlns="http://obs.myhwclouds.com/doc/2015-06-30/">
    <Owner>
        <ID>d6s58yhnm83f3081577800575ee4cf</ID>
    </Owner>
    <Delivered>false</Delivered>
    <AccessControlList>
        <Grant>
            <Grantee>
                <ID>f262a63g69422e8f330af1349c588f</ID>
            </Grantee>
            <Permission>READ</Permission>
        </Grant>
        <Grant>
            <Grantee>
                <ID>c965gfda2a849422e8f3985562432dsaa</ID>
            </Grantee>
            <Permission>FULL_CONTROL</Permission>
        </Grant>
        <Grant>
            <Grantee>
                <Canned>Everyone</Canned>
            </Grantee>
            <Permission>READ</Permission>
        </Grant>
    </AccessControlList>
</AccessControlPolicy>