Represents an access control list (ACL) for S3. More...
#import <S3AccessControlList.h>
Public Member Functions | |
(id) | - initWithOwner: |
Initialize the object with an owner. | |
(void) | - addGrant: |
Adds the grant to the grant list. | |
(NSString *) | - toXml |
Returns the XML represenation of the ACL. | |
Protected Attributes | |
NSMutableArray * | grantList |
Properties | |
S3Owner * | owner |
Gets and sets the owner. | |
NSArray * | grantList |
Returns the current grant list. |
Represents an access control list (ACL) for S3.
An AccessControlList is represented by an Owner, and a list of Grants, where each Grant is a Grantee and a Permission.
Each bucket and object in Amazon S3 has an ACL that defines its access control policy. When a request is made, Amazon S3 authenticates the request using its standard authentication procedure and then checks the ACL to verify the sender was granted access to the bucket or object. If the sender is approved, the request proceeds. Otherwise, Amazon S3 returns an error.
An ACL is a list of grants. A grant consists of one grantee and one permission. ACLs only grant permissions; they do not deny them.
Note: Bucket and object ACLs are completely independent; an object does not inherit the ACL from its bucket. For example, if you create a bucket and grant write access to another user, you will not be able to access the user's objects unless the user explicitly grants access. This also applies if you grant anonymous write access to a bucket. Only the user "anonymous" will be able to access objects the user created unless permission is explicitly granted to the bucket owner.
- (void S3AccessControlList.)addGrant: | (S3Grant *) | aGrant |
Adds the grant to the grant list.
aGrant | A Grant to add to the list. |