[jira] [Commented] (JCLOUDS-1042) S3BlobStore.putBlob() makes a call to get ACL which maybe blocked by S3 policy, resulting in failure of the operation.

Wed, 13 Jan 2016 07:25:46 -0800 

    [ 
https://issues.apache.org/jira/browse/JCLOUDS-1042?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15096332#comment-15096332
 ] 

Igor Alekseev commented on JCLOUDS-1042:
----------------------------------------

[~gaul] similar code also exists in the ObjectToBlobMetadata.  Please see the 
snippet below.  The error will happen when calling getBlob().  

https://github.com/jclouds/jclouds/blob/master/apis/s3/src/main/java/org/jclouds/s3/blobstore/functions/ObjectToBlobMetadata.java


public class ObjectToBlobMetadata implements Function<ObjectMetadata, 
MutableBlobMetadata> {
 ....
   public MutableBlobMetadata apply(ObjectMetadata from) {
....
      try {
         AccessControlList bucketAcl = 
bucketAcls.getUnchecked(from.getBucket());
         if (bucketAcl.hasPermission(GroupGranteeURI.ALL_USERS, 
Permission.READ))
            to.setPublicUri(from.getUri());
      } catch (CacheLoader.InvalidCacheLoadException e) {
         // nulls not permitted from cache loader
      }
     ....
 return to;
   }
}

> S3BlobStore.putBlob() makes a call to get ACL which maybe blocked by S3 
> policy, resulting in failure of the operation.
> ----------------------------------------------------------------------------------------------------------------------
>
>                 Key: JCLOUDS-1042
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-1042
>             Project: jclouds
>          Issue Type: Bug
>    Affects Versions: 1.9.1
>            Reporter: Igor Alekseev
>            Assignee: Andrew Gaul
>             Fix For: 2.0.0
>
>
> A user may be prevented by S3 bucket policy from getting ACL, but can still 
> have rights to do put/get/delete.  Currently the code below fails to do put 
> when there's an exception getting ACL.
> {code:java}
> public String putBlob(String container, Blob blob, PutOptions overrides) {
>       if (overrides.isMultipart()) {
>          // need to use a provider if the strategy object is stateful
>          return multipartUploadStrategy.get().execute(container, blob);
>       }
>       // TODO: Make use of options overrides
>       PutObjectOptions options = new PutObjectOptions();
>       try {
>          AccessControlList acl = bucketAcls.getUnchecked(container);
>          if (acl != null && acl.hasPermission(GroupGranteeURI.ALL_USERS, 
> Permission.READ))
>             options.withAcl(CannedAccessPolicy.PUBLIC_READ);
>       } catch (CacheLoader.InvalidCacheLoadException e) {
>          // nulls not permitted from cache loader
>       }
>       return sync.putObject(container, blob2Object.apply(blob), options);
>    }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to