C# 删除“；“每个人”；来自aws s3对象ACL'；s使用.NETAPI_C#_Amazon Web Services_Amazon S3_Aws Sdk

C# 删除“；“每个人”；来自aws s3对象ACL'；s使用.NETAPI

c# amazon-web-services amazon-s3

C# 删除“；“每个人”；来自aws s3对象ACL'；s使用.NETAPI,c#,amazon-web-services,amazon-s3,aws-sdk,C#,Amazon Web Services,Amazon S3,Aws Sdk,我将遍历bucket中的所有对象ACL，以从所有对象中删除“Everyone”权限。这里的想法是保留所有当前权限我的问题是PutACL调用不起作用。在下面的示例中，创建了一个新的AccessControlList，省略了“everyone”条目。PutACL调用成功返回，但对象的ACL保持不变也许有一种更简单的方法来确定和取消特定的补助金 AmazonS3Client s3 = new AmazonS3Client(); GetACLRequest aclRequest = new GetA

我将遍历bucket中的所有对象ACL，以从所有对象中删除“Everyone”权限。这里的想法是保留所有当前权限

我的问题是PutACL调用不起作用。在下面的示例中，创建了一个新的AccessControlList，省略了“everyone”条目。PutACL调用成功返回，但对象的ACL保持不变

也许有一种更简单的方法来确定和取消特定的补助金

AmazonS3Client s3 = new AmazonS3Client();
GetACLRequest aclRequest = new GetACLRequest() { BucketName = "my-bucket", Key = "/dir/protect_me.txt" };
var aclResponse = s3.GetACL(aclRequest);

bool foundEveryonePriv = false;  //if found at least one.

S3AccessControlList newAcl = new S3AccessControlList();
foreach (var grant in aclResponse.AccessControlList.Grants)
{
    bool grantToEveryone = string.Compare(grant.Grantee.URI, "http://acs.amazonaws.com/groups/global/AllUsers") == 0;
    Logger.log.InfoFormat("{0},{1},{2},{3}", aclRequest.BucketName, o.Key, grant.Permission, (everyoneHasThisPriv ? "EVERYONE" : string.Empty));

    if (grantToEveryone)
    {
        foundEveryonePriv = true;
        newAcl.AddGrant(grant.Grantee, grant.Permission);
    }
}

//modify the items if necessary and requested.
if (foundEveryonePriv)
{
    newAcl.Owner = aclResponse.AccessControlList.Owner;
    var response = s3.PutACL(new PutACLRequest() { AccessControlList = newAcl, BucketName = aclRequest.BucketName, Key = o.Key });
}

尝试从GET中修改现有ACL以删除公共授权。然后在PUT请求中发送修改后的ACL。以下是我所做的，保留原始拨款并从给定对象中删除公共拨款效果良好

    private void RemovePublicAcl(AmazonS3Client client, string bucket, string key)
    {
        var aclRequest = new GetACLRequest { BucketName = bucket, Key = key };
        var aclResponse = client.GetACL(aclRequest);
        var acl = aclResponse.AccessControlList;

        const string PUBLIC_GRANTEE = "http://acs.amazonaws.com/groups/global/AllUsers";

        if (acl.Grants.Any(x =>
            !string.IsNullOrWhiteSpace(x.Grantee.URI) &&
            x.Grantee.URI.Equals(PUBLIC_GRANTEE)))
        {
            var publicGrant = new S3Grantee();
            publicGrant.URI = PUBLIC_GRANTEE;
            acl.Grants.RemoveAll(x =>
                !string.IsNullOrWhiteSpace(x.Grantee.URI) &&
                x.Grantee.URI.Equals(PUBLIC_GRANTEE));

            var aclUpdate = new PutACLRequest();
            aclUpdate.BucketName = bucket;
            aclUpdate.Key = key;
            aclUpdate.AccessControlList = acl;

            var response = client.PutACL(aclUpdate);
        }