PutObjectAcl

API description

This command is used to set the access permission of an object. Currently, BOS supports two methods for setting ACLs. The first method is to use Canned ACL. During PutObjectAcl, the object access permission is set via the header "x-bce-acl" or "x-bce-grant-permission". Currently configurable permissions include private and public-read. The two types of headers cannot appear in the same request simultaneously. The second method is to upload an ACL file. Refer to [ACL File Format](BOS/API Reference/Access control.md#Permission control by uploading ACL files) for the file format. Currently, ACL files only support the accessControlList, grantee, id and permission fields.

Currently, setting Canned ACL and uploading ACL files cannot be done simultaneously in a single request.

Request

• ACL file request syntax

  Plain Text Copy

  1PUT /<ObjectKey>?acl HTTP/1.1
  2Host: <BucketName>.bj.bcebos.com
  3x-bce-date: <Date>
  4Authorization: <AuthorizationString>
  5Content-Type: application/json; charset=utf-8
  6Content-Length: <ContentLength>

• Canned ACL file request syntax (setting x-bce-acl)

  Plain Text Copy

  1 PUT /<ObjectKey>?acl HTTP/1.1
  2 Host: <BucketName>.bj.bcebos.com
  3 x-bce-date: <Date>
  4 Authorization: <AuthorizationString>
  5 x-bce-acl: <ObjectAcl>
  6 Content-Length: <ContentLength>
  7 Content-Type: application/json; charset=utf-8

• Canned ACL file request syntax (setting x-bce-grant-permission)

  Plain Text Copy

  1PUT /<ObjectKey>?acl HTTP/1.1
  2Host: <BucketName>.bj.bcebos.com
  3x-bce-date: <Date>
  4Authorization: <AuthorizationString>
  5x-bce-grant-read: <ObjectGrantRead>
  6Content-Length: <ContentLength>
  7Content-Type: application/json; charset=utf-8

• Request headers

1 >**Note**
2 >
3 > - Only the bucket owner or users with FULL_CONTROL permission are allowed to set an object's ACL.
4 > - When an object is uploaded, its permission is null by default. If no permission is set for the object, meaning the permission remains null, it will inherit the bucket's permission by default.
5 > -   In case of a conflict between object permissions and bucket permissions, the object permissions take precedence.
6 > -  If archive storage class objects have not been completely restored, or if the archive storage class files were recently uploaded (refer to the restoration duration for specifics), the Object ACL cannot be set.

• Request parameters

  No special parameters

Response

• Response headers

  No special parameters returned

• Response parameters

  None

Example

• Example of ACL file request

  Plain Text Copy

  1 PUT /ObjectName?acl HTTP/1.1
  2 Host: BucketName.bj.bcebos.com
  3 x-bce-date: 2017-05-01T12:23:49Z
  4 Authorization: AuthorizationString
  5 Content-Type: application/json; charset=utf-8
  6 Content-Length: 315
  7 {
  8     "accessControlList":[
  9     {
  10         "grantee":[{
  11             "id":"e13b12d0131b4c8bae959df4969387b8"
  12         }],
  13         "permission":["READ"]
  14     }
  15     ]
  16 }

• Canned ACL request example (setting x-bce-acl)

  Plain Text Copy

  1PUT /ObjectName?acl HTTP/1.1
  2Host: BucketName.bj.bcebos.com
  3x-bce-date: 2017-05-01T12:23:49Z
  4Authorization: AuthorizationString
  5x-bce-acl: public-read
  6Content-Length: 0
  7Content-Type: application/json; charset=utf-8

• Canned ACL request example (setting x-bce-grant-permission)

  Plain Text Copy

  1PUT /ObjectName?acl HTTP/1.1
  2Host: BucketName.bj.bcebos.com
  3x-bce-date: 2017-05-01T12:23:49Z
  4Authorization: AuthorizationString
  5x-bce-grant-read:id="e13b12d0131b4c8bae959df4969387b8",id="8c47a952db4444c5a097b41be3f24c94"
  6Content-Length: 0
  7Content-Type: application/json; charset=utf-8

• Response example

  Plain Text Copy

  1HTTP/1.1 200 OK
  2Date: Wed, 01 Mar 2017 12:25:00 GMT
  3Content-Length: 0
  4Server: BceBos
  5x-bce-request-id:413e34fd-118d-4049-b992-1b1f3a68b1f5