Merge pull request #2028 from rosmo/s3-permissions
Added option to set multiple ACLs for S3 objects
This commit is contained in:
commit
951f5807b9
1 changed files with 11 additions and 4 deletions
|
@ -95,7 +95,7 @@ options:
|
||||||
default: null
|
default: null
|
||||||
permission:
|
permission:
|
||||||
description:
|
description:
|
||||||
- This option let's the user set the canned permissions on the object/bucket that are created. The permissions that can be set are 'private', 'public-read', 'public-read-write', 'authenticated-read'.
|
- This option let's the user set the canned permissions on the object/bucket that are created. The permissions that can be set are 'private', 'public-read', 'public-read-write', 'authenticated-read'. Multiple permissions can be specified as a list.
|
||||||
required: false
|
required: false
|
||||||
default: private
|
default: private
|
||||||
version_added: "2.0"
|
version_added: "2.0"
|
||||||
|
@ -198,6 +198,7 @@ try:
|
||||||
from boto.s3.connection import Location
|
from boto.s3.connection import Location
|
||||||
from boto.s3.connection import OrdinaryCallingFormat
|
from boto.s3.connection import OrdinaryCallingFormat
|
||||||
from boto.s3.connection import S3Connection
|
from boto.s3.connection import S3Connection
|
||||||
|
from boto.s3.acl import CannedACLStrings
|
||||||
HAS_BOTO = True
|
HAS_BOTO = True
|
||||||
except ImportError:
|
except ImportError:
|
||||||
HAS_BOTO = False
|
HAS_BOTO = False
|
||||||
|
@ -242,7 +243,8 @@ def create_bucket(module, s3, bucket, location=None):
|
||||||
location = Location.DEFAULT
|
location = Location.DEFAULT
|
||||||
try:
|
try:
|
||||||
bucket = s3.create_bucket(bucket, location=location)
|
bucket = s3.create_bucket(bucket, location=location)
|
||||||
bucket.set_acl(module.params.get('permission'))
|
for acl in module.params.get('permission'):
|
||||||
|
bucket.set_acl(acl)
|
||||||
except s3.provider.storage_response_error, e:
|
except s3.provider.storage_response_error, e:
|
||||||
module.fail_json(msg= str(e))
|
module.fail_json(msg= str(e))
|
||||||
if bucket:
|
if bucket:
|
||||||
|
@ -304,7 +306,8 @@ def upload_s3file(module, s3, bucket, obj, src, expiry, metadata, encrypt, heade
|
||||||
key.set_metadata(meta_key, metadata[meta_key])
|
key.set_metadata(meta_key, metadata[meta_key])
|
||||||
|
|
||||||
key.set_contents_from_filename(src, encrypt_key=encrypt, headers=headers)
|
key.set_contents_from_filename(src, encrypt_key=encrypt, headers=headers)
|
||||||
key.set_acl(module.params.get('permission'))
|
for acl in module.params.get('permission'):
|
||||||
|
key.set_acl(acl)
|
||||||
url = key.generate_url(expiry)
|
url = key.generate_url(expiry)
|
||||||
module.exit_json(msg="PUT operation complete", url=url, changed=True)
|
module.exit_json(msg="PUT operation complete", url=url, changed=True)
|
||||||
except s3.provider.storage_copy_error, e:
|
except s3.provider.storage_copy_error, e:
|
||||||
|
@ -377,7 +380,7 @@ def main():
|
||||||
metadata = dict(type='dict'),
|
metadata = dict(type='dict'),
|
||||||
mode = dict(choices=['get', 'put', 'delete', 'create', 'geturl', 'getstr', 'delobj', 'list'], required=True),
|
mode = dict(choices=['get', 'put', 'delete', 'create', 'geturl', 'getstr', 'delobj', 'list'], required=True),
|
||||||
object = dict(),
|
object = dict(),
|
||||||
permission = dict(choices=['private', 'public-read', 'public-read-write', 'authenticated-read'], default='private'),
|
permission = dict(type='list', default=['private']),
|
||||||
version = dict(default=None),
|
version = dict(default=None),
|
||||||
overwrite = dict(aliases=['force'], default='always'),
|
overwrite = dict(aliases=['force'], default='always'),
|
||||||
prefix = dict(default=None),
|
prefix = dict(default=None),
|
||||||
|
@ -409,6 +412,10 @@ def main():
|
||||||
s3_url = module.params.get('s3_url')
|
s3_url = module.params.get('s3_url')
|
||||||
src = module.params.get('src')
|
src = module.params.get('src')
|
||||||
|
|
||||||
|
for acl in module.params.get('permission'):
|
||||||
|
if acl not in CannedACLStrings:
|
||||||
|
module.fail_json(msg='Unknown permission specified: %s' % str(acl))
|
||||||
|
|
||||||
if overwrite not in ['always', 'never', 'different']:
|
if overwrite not in ['always', 'never', 'different']:
|
||||||
if module.boolean(overwrite):
|
if module.boolean(overwrite):
|
||||||
overwrite = 'always'
|
overwrite = 'always'
|
||||||
|
|
Loading…
Reference in a new issue