rust_qcos/
acl.rs

1//!访问控制列表（ACL）
2
3use std::collections::HashMap;
4
5/// 对象的预设 ACL, 见[文档](https://cloud.tencent.com/document/product/436/30752#.E9.A2.84.E8.AE.BE.E7.9A.84-acl)
6#[derive(Debug, PartialEq)]
7pub enum ObjectAcl {
8    /// 空描述，此时根据各级目录的显式设置及存储桶的设置来确定是否允许请求（默认）
9    DEFAULT,
10    /// 创建者（主账号）具备 FULL_CONTROL 权限，其他人没有权限
11    PRIVATE,
12    /// 创建者具备 FULL_CONTROL 权限，匿名用户组具备 READ 权限
13    PublicRead,
14    /// 创建者具备 FULL_CONTROL 权限，认证用户组具备 READ 权限
15    AuthenticatedRead,
16    /// 创建者具备 FULL_CONTROL 权限，存储桶拥有者具备 READ 权限
17    BucketOwnerRead,
18    /// 创建者和存储桶拥有者都具备 FULL_CONTROL 权限
19    BucketOwnerFullControl,
20}
21
22/// 存储桶的预设 ACL
23#[derive(Debug, PartialEq)]
24pub enum BucketAcl {
25    /// 创建者（主账号）具备 FULL_CONTROL 权限，其他人没有权限（默认）
26    PRIVATE,
27    /// 创建者具备 FULL_CONTROL 权限，匿名用户组具备 READ 权限
28    PublicRead,
29    /// 创建者和匿名用户组都具备 FULL_CONTROL 权限，通常不建议授予此权限
30    PublicReadWrite,
31    /// 创建者具备 FULL_CONTROL 权限，认证用户组具备 READ 权限
32    AuthenticatedRead,
33}
34
35#[derive(Debug, Default)]
36pub struct AclHeader {
37    headers: HashMap<String, String>,
38}
39
40impl AclHeader {
41    pub fn new() -> AclHeader {
42        AclHeader {
43            headers: HashMap::new(),
44        }
45    }
46
47    pub fn get_headers(&self) -> &HashMap<String, String> {
48        &self.headers
49    }
50
51    /// 插入object x-cos-acl
52    /// 定义对象的访问控制列表（ACL）属性。枚举值请参见 ACL 概述 文档中对象的预设 ACL 部分，
53    /// 例如 default，private，public-read 等，默认为 default
54    /// 注意：如果您不需要进行对象 ACL 控制，请设置为 default 或者此项不进行设置，默认继承存储桶权限
55    pub fn insert_object_x_cos_acl(&mut self, x_cos_acl: ObjectAcl) -> &mut Self {
56        let v = match x_cos_acl {
57            ObjectAcl::AuthenticatedRead => "authenticated-read",
58            ObjectAcl::DEFAULT => "default",
59            ObjectAcl::PublicRead => "public-read",
60            ObjectAcl::PRIVATE => "private",
61            ObjectAcl::BucketOwnerRead => "bucket-owner-read",
62            ObjectAcl::BucketOwnerFullControl => "bucket-owner-full-control",
63        };
64        self.headers.insert("x-cos-acl".to_string(), v.to_string());
65        self
66    }
67
68    /// 赋予被授权者读取对象(桶)的权限，格式为 id="\[OwnerUin\]"，
69    /// 例如 id="100000000001"，可使用半角逗号（,）分隔多组被授权者，例如id="100000000001",id="100000000002"
70    pub fn insert_x_cos_grant_read(&mut self, x_cos_grant_read: String) -> &mut Self {
71        self.headers
72            .insert("x-cos-grant-read".to_string(), x_cos_grant_read);
73        self
74    }
75
76    /// 赋予被授权者读取对象(桶)的访问控制列表（ACL）的权限，格式为 id="\[OwnerUin\]"，
77    /// 例如 id="100000000001"，可使用半角逗号（,）分隔多组被授权者，例如id="100000000001",id="100000000002"
78    pub fn insert_x_cos_grant_read_acp(&mut self, x_cos_grant_read_acp: String) -> &mut Self {
79        self.headers
80            .insert("x-cos-grant-read-acp".to_string(), x_cos_grant_read_acp);
81        self
82    }
83    /// 赋予被授权者写入对象(桶)的访问控制列表（ACL）的权限，格式为 id="\[OwnerUin\]"，
84    /// 例如 id="100000000001"，可使用半角逗号（,）分隔多组被授权者，例如id="100000000001",id="100000000002"
85    pub fn insert_x_cos_grant_write_acp(&mut self, x_cos_grant_write_acp: String) -> &mut Self {
86        self.headers
87            .insert("x-cos-grant-write-acp".to_string(), x_cos_grant_write_acp);
88        self
89    }
90    /// 赋予被授权者操作对象(桶)的所有权限，格式为 id="\[OwnerUin\]"，
91    /// 例如 id="100000000001"，可使用半角逗号（,）分隔多组被授权者，例如id="100000000001",id="100000000002"
92    pub fn insert_x_cos_grant_full_control(
93        &mut self,
94        x_cos_grant_full_control: String,
95    ) -> &mut Self {
96        self.headers.insert(
97            "x-cos-grant-full-control".to_string(),
98            x_cos_grant_full_control,
99        );
100        self
101    }
102
103    /// 定义存储桶的访问控制列表（ACL）属性。枚举值请参见 ACL 概述 文档中存储桶的预设 ACL 部分，
104    /// 如 private，public-read 等，默认为 private
105    pub fn insert_bucket_x_cos_acl(&mut self, x_cos_acl: BucketAcl) -> &mut Self {
106        let v = match x_cos_acl {
107            BucketAcl::AuthenticatedRead => "authenticated-read",
108            BucketAcl::PRIVATE => "private",
109            BucketAcl::PublicRead => "publish-read",
110            BucketAcl::PublicReadWrite => "public-read-write",
111        };
112        self.headers.insert("x-cos-acl".to_string(), v.to_string());
113        self
114    }
115
116    /// 赋予被授权者写入存储桶的权限，格式为 id="\[OwnerUin\]"，
117    /// 如 id="100000000001"，可使用半角逗号（,）分隔多组被授权者，如 id="100000000001",id="100000000002"
118    pub fn insert_bucket_x_cos_grant_write(&mut self, x_cos_grant_write: String) -> &mut Self {
119        self.headers
120            .insert("x-cos-grant-write".to_string(), x_cos_grant_write);
121        self
122    }
123}
124
125#[cfg(test)]
126mod test {
127
128    use crate::acl;
129
130    #[test]
131    fn test_acl() {
132        let mut acl_header = acl::AclHeader::new();
133        acl_header
134            .insert_bucket_x_cos_acl(acl::BucketAcl::PublicRead)
135            .insert_x_cos_grant_read("x-cos-grant-read".to_string())
136            .insert_x_cos_grant_read_acp("x_cos_grant_read_acp".to_string())
137            .insert_x_cos_grant_write_acp("x_cos_grant_write_acp".to_string())
138            .insert_bucket_x_cos_grant_write("x_cos_grant_write".to_string());
139
140        assert_eq!(acl_header.headers["x-cos-acl"], "publish-read".to_string());
141        assert_eq!(
142            acl_header.headers["x-cos-grant-read"],
143            "x-cos-grant-read".to_string()
144        );
145        assert_eq!(
146            acl_header.headers["x-cos-grant-read-acp"],
147            "x_cos_grant_read_acp".to_string()
148        );
149        assert_eq!(
150            acl_header.headers["x-cos-grant-write-acp"],
151            "x_cos_grant_write_acp".to_string()
152        );
153        assert_eq!(
154            acl_header.headers["x-cos-grant-write"],
155            "x_cos_grant_write".to_string()
156        );
157    }
158}
rust_qcos/acl.rs

rust_qcos/
acl.rs
