update 优化 删除桶自动创建代码逻辑(云厂商限制不允许操作桶)
This commit is contained in:
疯狂的狮子Li
parent
761586cc3c
commit
2a9f245b39
@ -9,7 +9,6 @@ import org.dromara.common.core.utils.file.FileUtils;
|
|||||||
import org.dromara.common.oss.constant.OssConstant;
|
import org.dromara.common.oss.constant.OssConstant;
|
||||||
import org.dromara.common.oss.entity.UploadResult;
|
import org.dromara.common.oss.entity.UploadResult;
|
||||||
import org.dromara.common.oss.enumd.AccessPolicyType;
|
import org.dromara.common.oss.enumd.AccessPolicyType;
|
||||||
import org.dromara.common.oss.enumd.PolicyType;
|
|
||||||
import org.dromara.common.oss.exception.OssException;
|
import org.dromara.common.oss.exception.OssException;
|
||||||
import org.dromara.common.oss.properties.OssProperties;
|
import org.dromara.common.oss.properties.OssProperties;
|
||||||
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
|
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
|
||||||
@ -23,7 +22,6 @@ import software.amazon.awssdk.services.s3.S3Configuration;
|
|||||||
import software.amazon.awssdk.services.s3.crt.S3CrtHttpConfiguration;
|
import software.amazon.awssdk.services.s3.crt.S3CrtHttpConfiguration;
|
||||||
import software.amazon.awssdk.services.s3.model.GetObjectResponse;
|
import software.amazon.awssdk.services.s3.model.GetObjectResponse;
|
||||||
import software.amazon.awssdk.services.s3.model.NoSuchBucketException;
|
import software.amazon.awssdk.services.s3.model.NoSuchBucketException;
|
||||||
import software.amazon.awssdk.services.s3.model.S3Exception;
|
|
||||||
import software.amazon.awssdk.services.s3.presigner.S3Presigner;
|
import software.amazon.awssdk.services.s3.presigner.S3Presigner;
|
||||||
import software.amazon.awssdk.transfer.s3.S3TransferManager;
|
import software.amazon.awssdk.transfer.s3.S3TransferManager;
|
||||||
import software.amazon.awssdk.transfer.s3.model.*;
|
import software.amazon.awssdk.transfer.s3.model.*;
|
||||||
@ -115,8 +113,7 @@ public class OssClient {
|
|||||||
.serviceConfiguration(config)
|
.serviceConfiguration(config)
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
// 创建存储桶
|
checkBucket();
|
||||||
createBucket();
|
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
if (e instanceof OssException) {
|
if (e instanceof OssException) {
|
||||||
throw e;
|
throw e;
|
||||||
@ -126,36 +123,18 @@ public class OssClient {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 同步创建存储桶
|
* 检查桶是否存在
|
||||||
* 如果存储桶不存在,会进行创建;如果存储桶存在,不执行任何操作
|
|
||||||
*
|
*
|
||||||
* @throws OssException 当创建存储桶时发生异常时抛出
|
* @throws OssException 当创建存储桶时发生异常时抛出
|
||||||
*/
|
*/
|
||||||
public void createBucket() {
|
public void checkBucket() {
|
||||||
String bucketName = properties.getBucketName();
|
String bucketName = properties.getBucketName();
|
||||||
try {
|
try {
|
||||||
// 尝试获取存储桶的信息
|
// 尝试获取存储桶的信息
|
||||||
client.headBucket(
|
client.headBucket(x -> x.bucket(bucketName).build()).join();
|
||||||
x -> x.bucket(bucketName)
|
|
||||||
.build())
|
|
||||||
.join();
|
|
||||||
} catch (Exception ex) {
|
} catch (Exception ex) {
|
||||||
if (ex.getCause() instanceof NoSuchBucketException) {
|
if (ex.getCause() instanceof NoSuchBucketException) {
|
||||||
try {
|
throw new OssException("Bucket桶是不存在的,请核对配置信息:[" + ex.getMessage() + "]");
|
||||||
// 存储桶不存在,尝试创建存储桶
|
|
||||||
client.createBucket(
|
|
||||||
x -> x.bucket(bucketName))
|
|
||||||
.join();
|
|
||||||
|
|
||||||
// 设置存储桶的访问策略(Bucket Policy)
|
|
||||||
client.putBucketPolicy(
|
|
||||||
x -> x.bucket(bucketName)
|
|
||||||
.policy(getPolicy(bucketName, getAccessPolicy().getPolicyType())))
|
|
||||||
.join();
|
|
||||||
} catch (S3Exception e) {
|
|
||||||
// 存储桶创建或策略设置失败
|
|
||||||
throw new OssException("创建Bucket失败, 请核对配置信息:[" + e.getMessage() + "]");
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
throw new OssException("判断Bucket是否存在失败,请核对配置信息:[" + ex.getMessage() + "]");
|
throw new OssException("判断Bucket是否存在失败,请核对配置信息:[" + ex.getMessage() + "]");
|
||||||
}
|
}
|
||||||
@ -529,77 +508,4 @@ public class OssClient {
|
|||||||
return AccessPolicyType.getByType(properties.getAccessPolicy());
|
return AccessPolicyType.getByType(properties.getAccessPolicy());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* 生成 AWS S3 存储桶访问策略
|
|
||||||
*
|
|
||||||
* @param bucketName 存储桶
|
|
||||||
* @param policyType 桶策略类型
|
|
||||||
* @return 符合 AWS S3 存储桶访问策略格式的字符串
|
|
||||||
*/
|
|
||||||
private static String getPolicy(String bucketName, PolicyType policyType) {
|
|
||||||
String policy = switch (policyType) {
|
|
||||||
case WRITE -> """
|
|
||||||
{
|
|
||||||
"Version": "2012-10-17",
|
|
||||||
"Statement": []
|
|
||||||
}
|
|
||||||
""";
|
|
||||||
case READ_WRITE -> """
|
|
||||||
{
|
|
||||||
"Version": "2012-10-17",
|
|
||||||
"Statement": [
|
|
||||||
{
|
|
||||||
"Effect": "Allow",
|
|
||||||
"Principal": "*",
|
|
||||||
"Action": [
|
|
||||||
"s3:GetBucketLocation",
|
|
||||||
"s3:ListBucket",
|
|
||||||
"s3:ListBucketMultipartUploads"
|
|
||||||
],
|
|
||||||
"Resource": "arn:aws:s3:::bucketName"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"Effect": "Allow",
|
|
||||||
"Principal": "*",
|
|
||||||
"Action": [
|
|
||||||
"s3:AbortMultipartUpload",
|
|
||||||
"s3:DeleteObject",
|
|
||||||
"s3:GetObject",
|
|
||||||
"s3:ListMultipartUploadParts",
|
|
||||||
"s3:PutObject"
|
|
||||||
],
|
|
||||||
"Resource": "arn:aws:s3:::bucketName/*"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
""";
|
|
||||||
case READ -> """
|
|
||||||
{
|
|
||||||
"Version": "2012-10-17",
|
|
||||||
"Statement": [
|
|
||||||
{
|
|
||||||
"Effect": "Allow",
|
|
||||||
"Principal": "*",
|
|
||||||
"Action": ["s3:GetBucketLocation"],
|
|
||||||
"Resource": "arn:aws:s3:::bucketName"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"Effect": "Deny",
|
|
||||||
"Principal": "*",
|
|
||||||
"Action": ["s3:ListBucket"],
|
|
||||||
"Resource": "arn:aws:s3:::bucketName"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"Effect": "Allow",
|
|
||||||
"Principal": "*",
|
|
||||||
"Action": "s3:GetObject",
|
|
||||||
"Resource": "arn:aws:s3:::bucketName/*"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
""";
|
|
||||||
};
|
|
||||||
return policy.replaceAll("bucketName", bucketName);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -17,17 +17,17 @@ public enum AccessPolicyType {
|
|||||||
/**
|
/**
|
||||||
* private
|
* private
|
||||||
*/
|
*/
|
||||||
PRIVATE("0", BucketCannedACL.PRIVATE, ObjectCannedACL.PRIVATE, PolicyType.WRITE),
|
PRIVATE("0", BucketCannedACL.PRIVATE, ObjectCannedACL.PRIVATE),
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* public
|
* public
|
||||||
*/
|
*/
|
||||||
PUBLIC("1", BucketCannedACL.PUBLIC_READ_WRITE, ObjectCannedACL.PUBLIC_READ_WRITE, PolicyType.READ_WRITE),
|
PUBLIC("1", BucketCannedACL.PUBLIC_READ_WRITE, ObjectCannedACL.PUBLIC_READ_WRITE),
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* custom
|
* custom
|
||||||
*/
|
*/
|
||||||
CUSTOM("2", BucketCannedACL.PUBLIC_READ, ObjectCannedACL.PUBLIC_READ, PolicyType.READ);
|
CUSTOM("2", BucketCannedACL.PUBLIC_READ, ObjectCannedACL.PUBLIC_READ);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 桶 权限类型(数据库值)
|
* 桶 权限类型(数据库值)
|
||||||
@ -44,11 +44,6 @@ public enum AccessPolicyType {
|
|||||||
*/
|
*/
|
||||||
private final ObjectCannedACL objectCannedACL;
|
private final ObjectCannedACL objectCannedACL;
|
||||||
|
|
||||||
/**
|
|
||||||
* 桶策略类型
|
|
||||||
*/
|
|
||||||
private final PolicyType policyType;
|
|
||||||
|
|
||||||
public static AccessPolicyType getByType(String type) {
|
public static AccessPolicyType getByType(String type) {
|
||||||
for (AccessPolicyType value : values()) {
|
for (AccessPolicyType value : values()) {
|
||||||
if (value.getType().equals(type)) {
|
if (value.getType().equals(type)) {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user