Sha256: b68204c84a291f200d24f3faf55782464cce8718213063accf3c235d232bec08

Contents?: true

Size: 1.8 KB

Versions: 3

Compression:

Stored size: 1.8 KB

Contents

module Heirloom
  module ACL
    class S3
      include Heirloom::Utils::Email

      attr_accessor :accounts, :config, :logger, :region

      def initialize(args)
        self.config = args[:config]
        self.region = args[:region]
        self.logger = config.logger
      end

      def allow_read_access_from_accounts(args)
        bucket     = args[:bucket]
        key_name   = args[:key_name]
        key_folder = args[:key_folder]
        accounts   = args[:accounts]

        key          = "#{key_folder}/#{key_name}"

        current_acls = s3.get_bucket_acl bucket
        name         = current_acls['Owner']['Name']
        id           = current_acls['Owner']['ID']

        grants = build_bucket_grants :id       => id,
                                     :name     => name,
                                     :accounts => accounts

        accounts.each do |a|
          logger.debug "Authorizing #{a} to s3://#{bucket}/#{key}."
        end
        s3.put_object_acl bucket, key, grants
      end

      private

      def build_bucket_grants(args)
        id = args[:id]
        name = args[:name]
        accounts = args[:accounts]

        a = Array.new

        accounts.each do |g|
            a << { 'Grantee' => grantee(g), 'Permission' => 'READ' }
        end

        a << { 'Grantee' => { 'DisplayName' => name, 'ID' => id },
               'Permission' => 'FULL_CONTROL'
             }

        {
          'Owner' => {
            'DisplayName' => name,
            'ID' => id
          },
          'AccessControlList' => a
        }
      end

      def s3
        @s3 ||= AWS::S3.new :config => @config,
                            :region => @region
      end

      def grantee(account)
          valid_email?(account) ? { 'EmailAddress' => account } : { 'ID' => account }
      end

    end
  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version Path
heirloom-0.11.0 lib/heirloom/acl/s3.rb
heirloom-0.11.0.beta.2 lib/heirloom/acl/s3.rb
heirloom-0.11.0.beta.1 lib/heirloom/acl/s3.rb