[
https://issues.apache.org/jira/browse/NIFI-2507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15412463#comment-15412463
]
ASF GitHub Bot commented on NIFI-2507:
--------------------------------------
Github user jvwing commented on a diff in the pull request:
https://github.com/apache/nifi/pull/801#discussion_r73953981
--- Diff:
nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/s3/AbstractS3Processor.java
---
@@ -184,35 +194,59 @@ protected String getUrlForObject(final String bucket,
final String key) {
}
protected final AccessControlList createACL(final ProcessContext
context, final FlowFile flowFile) {
- final AccessControlList acl = new AccessControlList();
+ // lazy-initialize ACL, as it should not be used if no properties
were specified
+ AccessControlList acl = null;
final String ownerId =
context.getProperty(OWNER).evaluateAttributeExpressions(flowFile).getValue();
if (!StringUtils.isEmpty(ownerId)) {
final Owner owner = new Owner();
owner.setId(ownerId);
+ if (acl == null) {
+ acl = new AccessControlList();
+ }
acl.setOwner(owner);
}
for (final Grantee grantee :
createGrantees(context.getProperty(FULL_CONTROL_USER_LIST).evaluateAttributeExpressions(flowFile).getValue()))
{
+ if (acl == null) {
+ acl = new AccessControlList();
+ }
acl.grantPermission(grantee, Permission.FullControl);
}
for (final Grantee grantee :
createGrantees(context.getProperty(READ_USER_LIST).evaluateAttributeExpressions(flowFile).getValue()))
{
+ if (acl == null) {
+ acl = new AccessControlList();
+ }
acl.grantPermission(grantee, Permission.Read);
}
for (final Grantee grantee :
createGrantees(context.getProperty(WRITE_USER_LIST).evaluateAttributeExpressions(flowFile).getValue()))
{
+ if (acl == null) {
+ acl = new AccessControlList();
+ }
acl.grantPermission(grantee, Permission.Write);
}
for (final Grantee grantee :
createGrantees(context.getProperty(READ_ACL_LIST).evaluateAttributeExpressions(flowFile).getValue()))
{
+ if (acl == null) {
+ acl = new AccessControlList();
+ }
acl.grantPermission(grantee, Permission.ReadAcp);
}
for (final Grantee grantee :
createGrantees(context.getProperty(WRITE_ACL_LIST).evaluateAttributeExpressions(flowFile).getValue()))
{
+ if (acl == null) {
+ acl = new AccessControlList();
+ }
acl.grantPermission(grantee, Permission.WriteAcp);
}
return acl;
}
+
+ protected final CannedAccessControlList createCannedACL(final
ProcessContext context, final FlowFile flowFile) {
+ final String cannedAcl =
context.getProperty(CANNED_ACL).evaluateAttributeExpressions(flowFile).getValue();
+ return (!StringUtils.isEmpty(cannedAcl)) ?
CannedAccessControlList.valueOf(cannedAcl) : null;
--- End diff --
How about breaking this out into a few simpler if/else lines?
> PutS3Object should support Canned ACLs
> --------------------------------------
>
> Key: NIFI-2507
> URL: https://issues.apache.org/jira/browse/NIFI-2507
> Project: Apache NiFi
> Issue Type: Improvement
> Affects Versions: 0.7.0
> Reporter: Tim Reardon
> Assignee: James Wing
> Priority: Minor
>
> In order to support cross-account scenarios, PutS3Object should support
> specifying canned ACL's such as "bucket-owner-full-control".
> See
> http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
