向 Cloud Storage 存储桶添加默认访问控制列表 (ACL)。
深入探索
如需查看包含此代码示例的详细文档,请参阅以下内容:
代码示例
C#
如需了解详情,请参阅 Cloud Storage C# API 参考文档。
using Google.Apis.Storage.v1.Data;
using Google.Cloud.Storage.V1;
using System;
public class AddBucketDefaultOwnerSample
{
public Bucket AddBucketDefaultOwner(
string bucketName = "your-unique-bucket-name",
string userEmail = "dev@iam.gserviceaccount.com")
{
var storage = StorageClient.Create();
var bucket = storage.GetBucket(bucketName, new GetBucketOptions { Projection = Projection.Full });
bucket.DefaultObjectAcl.Add(new ObjectAccessControl
{
Bucket = bucketName,
Entity = $"user-{userEmail}",
Role = "OWNER",
});
var updatedBucket = storage.UpdateBucket(bucket);
Console.WriteLine($"Added user {userEmail} as a default owner on bucket {bucketName}.");
return updatedBucket;
}
}
C++
如需了解详情,请参阅 Cloud Storage C++ API 参考文档。
namespace gcs = ::google::cloud::storage;
using ::google::cloud::StatusOr;
[](gcs::Client client, std::string const& bucket_name,
std::string const& entity, std::string const& role) {
StatusOr<gcs::ObjectAccessControl> default_object_acl =
client.CreateDefaultObjectAcl(bucket_name, entity, role);
if (!default_object_acl) {
throw std::runtime_error(default_object_acl.status().message());
}
std::cout << "Role " << default_object_acl->role()
<< " will be granted default to " << default_object_acl->entity()
<< " on any new object created on bucket "
<< default_object_acl->bucket() << "\n"
<< "Full attributes: " << *default_object_acl << "\n";
}
Go
如需了解详情,请参阅 Cloud Storage Go API 参考文档。
import (
"context"
"fmt"
"cloud.google.com/go/storage"
)
// addBucketDefaultOwner adds default ACL to the specified bucket.
func addBucketDefaultOwner(bucket string, entity storage.ACLEntity) error {
// bucket := "bucket-name"
// entity := storage.AllUsers
role := storage.RoleOwner
ctx := context.Background()
client, err := storage.NewClient(ctx)
if err != nil {
return fmt.Errorf("storage.NewClient: %v", err)
}
defer client.Close()
acl := client.Bucket(bucket).DefaultObjectACL()
if err := acl.Set(ctx, entity, role); err != nil {
return fmt.Errorf("ACLHandle.Set: %v", err)
}
return nil
}
Java
如需了解详情,请参阅 Cloud Storage Java API 参考文档。
import com.google.cloud.storage.Acl;
import com.google.cloud.storage.Acl.Role;
import com.google.cloud.storage.Acl.User;
import com.google.cloud.storage.Bucket;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageOptions;
public class AddBucketDefaultOwner {
public static void addBucketDefaultOwner(String bucketName, String userEmail) {
// The ID of your GCS bucket
// String bucketName = "your-unique-bucket-name";
// The email of the user you wish to add as a default owner
// String userEmail = "someuser@domain.com"
Storage storage = StorageOptions.newBuilder().build().getService();
Bucket bucket = storage.get(bucketName);
Acl newDefaultOwner = Acl.of(new User(userEmail), Role.OWNER);
bucket.createDefaultAcl(newDefaultOwner);
System.out.println("Added user " + userEmail + " as an owner on " + bucketName);
}
}
Node.js
如需了解详情,请参阅 Cloud Storage Node.js API 参考文档。
/**
* TODO(developer): Uncomment the following lines before running the sample.
*/
// The ID of your GCS bucket
// const bucketName = 'your-unique-bucket-name';
// The email address of the user to add
// const userEmail = 'user-email-to-add';
// Imports the Google Cloud client library
const {Storage} = require('@google-cloud/storage');
// Creates a client
const storage = new Storage();
async function addBucketDefaultOwner() {
// Makes the user an owner in the default ACL of the bucket. You can use
// addAllUsers(), addDomain(), addProject(), addGroup(), and
// addAllAuthenticatedUsers() to grant access to different types of entities.
// You can also use "readers" and "writers" to grant different roles.
await storage.bucket(bucketName).acl.default.owners.addUser(userEmail);
console.log(`Added user ${userEmail} as an owner on bucket ${bucketName}.`);
}
addBucketDefaultOwner().catch(console.error);
PHP
如需了解详情,请参阅 Cloud Storage PHP API 参考文档。
use Google\Cloud\Storage\StorageClient;
/**
* Add an entity and role to a bucket's default ACL.
*
* @param string $bucketName The name of your Cloud Storage bucket.
* @param string $entity The entity for which to update access controls.
* @param string $role The permissions to add for the specified entity.
*/
function add_bucket_default_acl($bucketName, $entity, $role)
{
// $bucketName = 'my-bucket';
// $entity = 'user-example@domain.com';
// $role = 'OWNER';
$storage = new StorageClient();
$bucket = $storage->bucket($bucketName);
$acl = $bucket->defaultAcl();
$acl->add($entity, $role);
printf('Added %s (%s) to gs://%s default ACL' . PHP_EOL, $entity, $role, $bucketName);
}
Python
如需了解详情,请参阅 Cloud Storage Python API 参考文档。
from google.cloud import storage
def add_bucket_default_owner(bucket_name, user_email):
"""Adds a user as an owner in the given bucket's default object access
control list."""
# bucket_name = "your-bucket-name"
# user_email = "name@example.com"
storage_client = storage.Client()
bucket = storage_client.bucket(bucket_name)
# Reload fetches the current ACL from Cloud Storage.
bucket.acl.reload()
# You can also use `group`, `domain`, `all_authenticated` and `all` to
# grant access to different types of entities. You can also use
# `grant_read` or `grant_write` to grant different roles.
bucket.default_object_acl.user(user_email).grant_owner()
bucket.default_object_acl.save()
print(
"Added user {} as an owner in the default acl on bucket {}.".format(
user_email, bucket_name
)
)
Ruby
如需了解详情,请参阅 Cloud Storage Ruby API 参考文档。
# The ID of your GCS bucket
# bucket_name = "your-unique-bucket-name"
# email = "Google Cloud Storage ACL Entity email"
require "google/cloud/storage"
storage = Google::Cloud::Storage.new
bucket = storage.bucket bucket_name
bucket.default_acl.add_owner email
puts "Added default OWNER permission for #{email} to #{bucket_name}"
后续步骤
如需搜索和过滤其他 Google Cloud 产品的代码示例,请参阅 Google Cloud 示例浏览器。