添加 Cloud Storage 存储分区中的对象的所有者访问控制列表 (ACL)。
深入探索
如需查看包含此代码示例的详细文档,请参阅以下内容:
代码示例
C++
如需了解详情,请参阅 Cloud Storage C++ API 参考文档。
namespace gcs = ::google::cloud::storage;
using ::google::cloud::StatusOr;
[](gcs::Client client, std::string const& bucket_name,
std::string const& object_name, std::string const& entity) {
StatusOr<gcs::ObjectAccessControl> patched_acl =
client.CreateObjectAcl(bucket_name, object_name, entity,
gcs::ObjectAccessControl::ROLE_OWNER());
if (!patched_acl) throw std::move(patched_acl).status();
std::cout << "ACL entry for " << patched_acl->entity() << " in object "
<< patched_acl->object() << " in bucket " << patched_acl->bucket()
<< " is now " << *patched_acl << "\n";
}
C#
如需了解详情,请参阅 Cloud Storage C# API 参考文档。
using Google.Apis.Storage.v1.Data;
using Google.Cloud.Storage.V1;
using System;
public class AddFileOwnerSample
{
public Google.Apis.Storage.v1.Data.Object AddFileOwner(
string bucketName = "your-unique-bucket-name",
string objectName = "my-file-name",
string userEmail = "dev@iam.gserviceaccount.com")
{
var storage = StorageClient.Create();
var storageObject = storage.GetObject(bucketName, objectName, new GetObjectOptions
{
Projection = Projection.Full
});
storageObject.Acl.Add(new ObjectAccessControl
{
Bucket = bucketName,
Entity = $"user-{userEmail}",
Role = "OWNER",
});
var updatedObject = storage.UpdateObject(storageObject);
Console.WriteLine($"Added user { userEmail} as an owner on file { objectName}.");
return updatedObject;
}
}
Go
如需了解详情,请参阅 Cloud Storage Go API 参考文档。
import (
"context"
"fmt"
"cloud.google.com/go/storage"
)
// addFileOwner adds ACL to the specified object.
func addFileOwner(bucket, object string, entity storage.ACLEntity) error {
// bucket := "bucket-name"
// object := "object-name"
// entity := storage.AllUsers
role := storage.RoleOwner
ctx := context.Background()
client, err := storage.NewClient(ctx)
if err != nil {
return fmt.Errorf("storage.NewClient: %v", err)
}
defer client.Close()
acl := client.Bucket(bucket).Object(object).ACL()
if err := acl.Set(ctx, entity, role); err != nil {
return fmt.Errorf("ACLHandle.Set: %v", err)
}
return nil
}
Java
如需了解详情,请参阅 Cloud Storage Java API 参考文档。
import com.google.cloud.storage.Acl;
import com.google.cloud.storage.Acl.Role;
import com.google.cloud.storage.Acl.User;
import com.google.cloud.storage.Blob;
import com.google.cloud.storage.BlobId;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageOptions;
public class AddFileOwner {
public static void addFileOwner(
String projectId, String bucketName, String userEmail, String blobName) {
// The ID of your GCP project
// String projectId = "your-project-id";
// The ID of your GCS bucket
// String bucketName = "your-unique-bucket-name";
// Email of the user you wish to add as a file owner
// String userEmail = "someuser@domain.com"
// The name of the blob/file that you wish to modify permissions on
// String blobName = "your-blob-name";
Storage storage = StorageOptions.newBuilder().setProjectId(projectId).build().getService();
Blob blob = storage.get(BlobId.of(bucketName, blobName));
Acl newOwner = Acl.of(new User(userEmail), Role.OWNER);
blob.createAcl(newOwner);
System.out.println(
"Added user "
+ userEmail
+ " as an owner on file "
+ blobName
+ " in bucket "
+ bucketName);
}
}
Node.js
如需了解详情,请参阅 Cloud Storage Node.js API 参考文档。
/**
* TODO(developer): Uncomment the following lines before running the sample.
*/
// The ID of your GCS bucket
// const bucketName = 'your-unique-bucket-name';
// The name of the file to access
// const fileName = 'file.txt';
// The email address of the user to add
// const userEmail = 'user-email-to-add';
// Imports the Google Cloud client library
const {Storage} = require('@google-cloud/storage');
// Creates a client
const storage = new Storage();
async function addFileOwner() {
await storage
.bucket(bucketName)
.file(fileName)
.acl.owners.addUser(userEmail);
console.log(`Added user ${userEmail} as an owner on file ${fileName}.`);
}
addFileOwner().catch(console.error);
PHP
如需了解详情,请参阅 Cloud Storage PHP API 参考文档。
use Google\Cloud\Storage\StorageClient;
/**
* Add an entity and role to an object's ACL.
*
* @param string $bucketName The name of your Cloud Storage bucket.
* (e.g. 'my-bucket')
* @param string $objectName The name of your Cloud Storage object.
* (e.g. 'my-object')
* @param string $entity The entity for which to update access controls.
* (e.g. 'user-example@domain.com')
* @param string $role The permissions to add for the specified entity.
* (e.g. 'OWNER')
*/
function add_object_acl(string $bucketName, string $objectName, string $entity, string $role): void
{
$storage = new StorageClient();
$bucket = $storage->bucket($bucketName);
$object = $bucket->object($objectName);
$acl = $object->acl();
$acl->add($entity, $role);
printf('Added %s (%s) to gs://%s/%s ACL' . PHP_EOL, $entity, $role, $bucketName, $objectName);
}
Python
如需了解详情,请参阅 Cloud Storage Python API 参考文档。
from google.cloud import storage
def add_blob_owner(bucket_name, blob_name, user_email):
"""Adds a user as an owner on the given blob."""
# bucket_name = "your-bucket-name"
# blob_name = "your-object-name"
# user_email = "name@example.com"
storage_client = storage.Client()
bucket = storage_client.bucket(bucket_name)
blob = bucket.blob(blob_name)
# Reload fetches the current ACL from Cloud Storage.
blob.acl.reload()
# You can also use `group`, `domain`, `all_authenticated` and `all` to
# grant access to different types of entities. You can also use
# `grant_read` or `grant_write` to grant different roles.
blob.acl.user(user_email).grant_owner()
blob.acl.save()
print(
"Added user {} as an owner on blob {} in bucket {}.".format(
user_email, blob_name, bucket_name
)
)
Ruby
如需了解详情,请参阅 Cloud Storage Ruby API 参考文档。
# The ID of your GCS bucket
# bucket_name = "your-unique-bucket-name"
# file_name = "Name of a file in the Storage bucket"
# email = "Google Cloud Storage ACL Entity email"
require "google/cloud/storage"
storage = Google::Cloud::Storage.new
bucket = storage.bucket bucket_name
file = bucket.file file_name
file.acl.add_owner email
puts "Added OWNER permission for #{email} to #{file_name}"
后续步骤
如需搜索和过滤其他 Google Cloud 产品的代码示例,请参阅 Google Cloud 示例浏览器。