add policy

bucket_policy.go

@@ -0,0 +1,71 @@
+package cos
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"net/http"
+	"strings"
+)
+
+type BucketStatement struct {
+	Principal map[string][]string               `json:"principal,omitempty"`
+	Action    []string                          `json:"action,omitempty"`
+	Effect    string                            `json:"effect,omitempty"`
+	Resource  []string                          `json:"resource,omitempty"`
+	Condition map[string]map[string]interface{} `json:"condition,omitempty"`
+}
+
+type BucketPutPolicyOptions struct {
+	Statement []BucketStatement   `json:"statement,omitempty"`
+	Version   string              `json:"version,omitempty"`
+	Principal map[string][]string `json:"principal,omitempty"`
+}
+
+type BucketGetPolicyResult BucketPutPolicyOptions
+
+func (s *BucketService) PutPolicy(ctx context.Context, opt *BucketPutPolicyOptions) (*Response, error) {
+	var f *strings.Reader
+	if opt != nil {
+		bs, err := json.Marshal(opt)
+		if err != nil {
+			return nil, err
+		}
+		body := string(bs)
+		f = strings.NewReader(body)
+	}
+	sendOpt := &sendOptions{
+		baseURL: s.client.BaseURL.BucketURL,
+		uri:     "/?policy",
+		method:  http.MethodPut,
+		body:    f,
+	}
+	resp, err := s.client.send(ctx, sendOpt)
+	return resp, err
+}
+
+func (s *BucketService) GetPolicy(ctx context.Context) (*BucketGetPolicyResult, *Response, error) {
+	var bs bytes.Buffer
+	var res BucketGetPolicyResult
+	sendOpt := &sendOptions{
+		baseURL: s.client.BaseURL.BucketURL,
+		uri:     "/?policy",
+		method:  http.MethodGet,
+		result:  &bs,
+	}
+	resp, err := s.client.send(ctx, sendOpt)
+	if err == nil {
+		err = json.Unmarshal(bs.Bytes(), &res)
+	}
+	return &res, resp, err
+}
+
+func (s *BucketService) DeletePolicy(ctx context.Context) (*Response, error) {
+	sendOpt := &sendOptions{
+		baseURL: s.client.BaseURL.BucketURL,
+		uri:     "/?policy",
+		method:  http.MethodDelete,
+	}
+	resp, err := s.client.send(ctx, sendOpt)
+	return resp, err
+}

example/bucket/delPolicy.go

@@ -0,0 +1,35 @@
+package main
+
+import (
+	"context"
+	"net/http"
+	"net/url"
+	"os"
+
+	"github.com/tencentyun/cos-go-sdk-v5"
+	"github.com/tencentyun/cos-go-sdk-v5/debug"
+)
+
+func main() {
+	u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
+	b := &cos.BaseURL{
+		BucketURL: u,
+	}
+	c := cos.NewClient(b, &http.Client{
+		Transport: &cos.AuthorizationTransport{
+			SecretID:  os.Getenv("COS_SECRETID"),
+			SecretKey: os.Getenv("COS_SECRETKEY"),
+			Transport: &debug.DebugRequestTransport{
+				RequestHeader:  true,
+				RequestBody:    true,
+				ResponseHeader: true,
+				ResponseBody:   true,
+			},
+		},
+	})
+
+	_, err := c.Bucket.DeletePolicy(context.Background())
+	if err != nil {
+		panic(err)
+	}
+}

example/bucket/getPolicy.go

@@ -0,0 +1,39 @@
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"net/url"
+	"os"
+
+	"github.com/tencentyun/cos-go-sdk-v5"
+	"github.com/tencentyun/cos-go-sdk-v5/debug"
+)
+
+func main() {
+	u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
+	b := &cos.BaseURL{
+		BucketURL: u,
+	}
+	c := cos.NewClient(b, &http.Client{
+		Transport: &cos.AuthorizationTransport{
+			SecretID:  os.Getenv("COS_SECRETID"),
+			SecretKey: os.Getenv("COS_SECRETKEY"),
+			Transport: &debug.DebugRequestTransport{
+				RequestHeader:  true,
+				RequestBody:    true,
+				ResponseHeader: true,
+				ResponseBody:   true,
+			},
+		},
+	})
+
+	res, _, err := c.Bucket.GetPolicy(context.Background())
+	if err != nil {
+		panic(err)
+	}
+	bs, err := json.Marshal(res)
+	fmt.Println(string(bs))
+}

example/bucket/putPolicy.go

@@ -0,0 +1,63 @@
+package main
+
+import (
+	"context"
+	"net/http"
+	"net/url"
+	"os"
+
+	"github.com/tencentyun/cos-go-sdk-v5"
+	"github.com/tencentyun/cos-go-sdk-v5/debug"
+)
+
+func main() {
+	u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
+	b := &cos.BaseURL{
+		BucketURL: u,
+	}
+	c := cos.NewClient(b, &http.Client{
+		Transport: &cos.AuthorizationTransport{
+			SecretID:  os.Getenv("COS_SECRETID"),
+			SecretKey: os.Getenv("COS_SECRETKEY"),
+			Transport: &debug.DebugRequestTransport{
+				RequestHeader:  true,
+				RequestBody:    true,
+				ResponseHeader: true,
+				ResponseBody:   true,
+			},
+		},
+	})
+
+	opt := &cos.BucketPutPolicyOptions{
+		Version: "2.0",
+		Statement: []cos.BucketStatement{
+			{
+				Principal: map[string][]string{
+					"qcs": []string{
+						"qcs::cam::uin/100000000001:uin/100000000011", //替换成您想授予权限的账户uin
+					},
+				},
+				Action: []string{
+					"name/cos:GetObject",
+				},
+				Effect: "allow",
+				Resource: []string{
+					//这里改成允许的路径前缀，可以根据自己网站的用户登录态判断允许上传的具体路径，例子： a.jpg 或者 a/* 或者 * (使用通配符*存在重大安全风险, 请谨慎评估使用)
+					"qcs::cos:ap-guangzhou:uid/1259654469:test-1259654469/exampleobject",
+				},
+				Condition: map[string]map[string]interface{}{
+					"ip_not_equal": map[string]interface{}{
+						"qcs:ip": []string{
+							"192.168.1.1",
+						},
+					},
+				},
+			},
+		},
+	}
+
+	_, err := c.Bucket.PutPolicy(context.Background(), opt)
+	if err != nil {
+		panic(err)
+	}
+}