bugfix for option default_acl not working.

Author: chenwk96

.gitignore

@@ -86,6 +86,7 @@ test/junk_data
 test/s3proxy-*
 test/write_multiblock
 test/direct_read_test
+test/install_ossutil.sh
 #
 # Windows ports
 #

doc/man/ossfs.1.in

@@ -61,8 +61,8 @@ All ossfs options must given in the form where "opt" is:
 \fB\-o\fR bucket
 if it is not specified bucket name (and path) in command line, must specify this option after \-o option for bucket name.
 .TP
-\fB\-o\fR default_acl (default="private")
-the default canned acl to apply to all written oss objects, e.g., "private", "public-read".
+\fB\-o\fR default_acl (default="default")
+the default canned acl to apply to all written oss objects, e.g., "private", "public-read", "public-read-write".
 .TP
 \fB\-o\fR retries (default="5")
 number of times to retry a failed OSS transaction.

src/curl.cpp

@@ -89,7 +89,7 @@ long             S3fsCurl::connect_timeout     = 300;  // default
 time_t           S3fsCurl::readwrite_timeout   = 120;  // default
 int              S3fsCurl::retries             = 5;    // default
 bool             S3fsCurl::is_public_bucket    = false;
-acl_t            S3fsCurl::default_acl         = acl_t::PRIVATE;
+acl_t            S3fsCurl::default_acl         = acl_t::DEFAULT;
 std::string      S3fsCurl::storage_class       = "STANDARD";
 sseckeylist_t    S3fsCurl::sseckeys;
 std::string      S3fsCurl::ssekmsid;
@@ -3268,7 +3268,7 @@ int S3fsCurl::PutHeadRequest(const char* tpath, headers_t& meta, bool is_copy)
     for(headers_t::iterator iter = meta.begin(); iter != meta.end(); ++iter){
         std::string key   = lower(iter->first);
         std::string value = iter->second;
-        if(is_prefix(key.c_str(), "x-oss-acl")){
+        if(is_prefix(key.c_str(), "x-oss-object-acl")){
             // not set value, but after set it.
         }else if(is_prefix(key.c_str(), "x-oss-meta")){
             requestHeaders = curl_slist_sort_insert(requestHeaders, iter->first.c_str(), value.c_str());
@@ -3294,9 +3294,9 @@ int S3fsCurl::PutHeadRequest(const char* tpath, headers_t& meta, bool is_copy)
         }
     }
 
-    // "x-oss-acl", storage class, sse
-    if(S3fsCurl::default_acl != acl_t::PRIVATE){
-        requestHeaders = curl_slist_sort_insert(requestHeaders, "x-oss-acl", S3fsCurl::default_acl.str());
+    // "x-oss-object-acl", storage class, sse
+    if(S3fsCurl::default_acl != acl_t::DEFAULT){
+        requestHeaders = curl_slist_sort_insert(requestHeaders, "x-oss-object-acl", S3fsCurl::default_acl.str());
     }
     if(strcasecmp(GetStorageClass().c_str(), "STANDARD") != 0){
         requestHeaders = curl_slist_sort_insert(requestHeaders, "x-oss-storage-class", GetStorageClass().c_str());
@@ -3408,7 +3408,7 @@ int S3fsCurl::PutRequest(const char* tpath, headers_t& meta, int fd)
     for(headers_t::iterator iter = meta.begin(); iter != meta.end(); ++iter){
         std::string key   = lower(iter->first);
         std::string value = iter->second;
-        if(is_prefix(key.c_str(), "x-oss-acl")){
+        if(is_prefix(key.c_str(), "x-oss-object-acl")){
             // not set value, but after set it.
         }else if(is_prefix(key.c_str(), "x-oss-meta")){
             requestHeaders = curl_slist_sort_insert(requestHeaders, iter->first.c_str(), value.c_str());
@@ -3420,9 +3420,9 @@ int S3fsCurl::PutRequest(const char* tpath, headers_t& meta, int fd)
             // skip this header, because this header is specified after logic.
         }
     }
-    // "x-oss-acl", storage class, sse
-    if(S3fsCurl::default_acl != acl_t::PRIVATE){
-        requestHeaders = curl_slist_sort_insert(requestHeaders, "x-oss-acl", S3fsCurl::default_acl.str());
+    // "x-oss-object-acl", storage class, sse
+    if(S3fsCurl::default_acl != acl_t::DEFAULT){
+        requestHeaders = curl_slist_sort_insert(requestHeaders, "x-oss-object-acl", S3fsCurl::default_acl.str());
     }
     if(strcasecmp(GetStorageClass().c_str(), "STANDARD") != 0){
         requestHeaders = curl_slist_sort_insert(requestHeaders, "x-oss-storage-class", GetStorageClass().c_str());
@@ -3802,7 +3802,7 @@ int S3fsCurl::PreMultipartPostRequest(const char* tpath, headers_t& meta, std::s
     for(headers_t::iterator iter = meta.begin(); iter != meta.end(); ++iter){
         std::string key   = lower(iter->first);
         std::string value = iter->second;
-        if(is_prefix(key.c_str(), "x-oss-acl")){
+        if(is_prefix(key.c_str(), "x-oss-object-acl")){
             // not set value, but after set it.
         }else if(is_prefix(key.c_str(), "x-oss-meta")){
             requestHeaders = curl_slist_sort_insert(requestHeaders, iter->first.c_str(), value.c_str());
@@ -3825,9 +3825,9 @@ int S3fsCurl::PreMultipartPostRequest(const char* tpath, headers_t& meta, std::s
             }
         }
     }
-    // "x-oss-acl", storage class, sse
-    if(S3fsCurl::default_acl != acl_t::PRIVATE){
-        requestHeaders = curl_slist_sort_insert(requestHeaders, "x-oss-acl", S3fsCurl::default_acl.str());
+    // "x-oss-object-acl", storage class, sse
+    if(S3fsCurl::default_acl != acl_t::DEFAULT){
+        requestHeaders = curl_slist_sort_insert(requestHeaders, "x-oss-object-acl", S3fsCurl::default_acl.str());
     }
     if(strcasecmp(GetStorageClass().c_str(), "STANDARD") != 0){
         requestHeaders = curl_slist_sort_insert(requestHeaders, "x-oss-storage-class", GetStorageClass().c_str());
@@ -4207,7 +4207,7 @@ int S3fsCurl::CopyMultipartPostSetup(const char* from, const char* to, int part_
         }else if(key == "x-oss-copy-source-range"){
             requestHeaders = curl_slist_sort_insert(requestHeaders, iter->first.c_str(), value.c_str());
         }
-        // NOTICE: x-oss-acl, x-oss-server-side-encryption is not set!
+        // NOTICE: x-oss-object-acl, x-oss-server-side-encryption is not set!
     }
 
     op = "PUT";

src/s3fs_help.cpp

@@ -61,9 +61,9 @@ static const char help_string[] =
     "      - if it is not specified bucket name (and path) in command line,\n"
     "        must specify this option after -o option for bucket name.\n"
     "\n"
-    "   default_acl (default=\"private\")\n"
+    "   default_acl (default=\"default\")\n"
     "      - the default canned acl to apply to all written oss objects,\n"
-    "        e.g., private, public-read.\n"
+    "         e.g., private, public-read, public-read-write.\n"
     "\n"
     "   retries (default=\"5\")\n"
     "      - number of times to retry a failed OSS transaction\n"

src/types.h

@@ -70,18 +70,18 @@ typedef std::map<std::string, PXATTRVAL> xattrs_t;
 
 //-------------------------------------------------------------------
 // acl_t
+// Note: Header "x-oss-object-acl" is for acl. OSS's acl is not compatible with S3. 
+// OSS object's acl is "private", "public-read", "public-read-write", "default"
+// ref: https://help.aliyun.com/zh/oss/developer-reference/putobjectacl?spm=a2c4g.11186623.0.i26
+//      https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl
 //-------------------------------------------------------------------
 class acl_t{
     public:
         enum Value{
             PRIVATE,
             PUBLIC_READ,
             PUBLIC_READ_WRITE,
-            AWS_EXEC_READ,
-            AUTHENTICATED_READ,
-            BUCKET_OWNER_READ,
-            BUCKET_OWNER_FULL_CONTROL,
-            LOG_DELIVERY_WRITE,
+            DEFAULT,
             UNKNOWN
         };
 
@@ -99,16 +99,8 @@ class acl_t{
                     return "public-read";
                 case PUBLIC_READ_WRITE:
                     return "public-read-write";
-                case AWS_EXEC_READ:
-                    return "aws-exec-read";
-                case AUTHENTICATED_READ:
-                    return "authenticated-read";
-                case BUCKET_OWNER_READ:
-                    return "bucket-owner-read";
-                case BUCKET_OWNER_FULL_CONTROL:
-                    return "bucket-owner-full-control";
-                case LOG_DELIVERY_WRITE:
-                    return "log-delivery-write";
+                case DEFAULT:
+                    return "default";
                 case UNKNOWN:
                     return NULL;
             }
@@ -123,16 +115,8 @@ class acl_t{
                 return PUBLIC_READ;
             }else if(0 == strcmp(acl, "public-read-write")){
                 return PUBLIC_READ_WRITE;
-            }else if(0 == strcmp(acl, "aws-exec-read")){
-                return AWS_EXEC_READ;
-            }else if(0 == strcmp(acl, "authenticated-read")){
-                return AUTHENTICATED_READ;
-            }else if(0 == strcmp(acl, "bucket-owner-read")){
-                return BUCKET_OWNER_READ;
-            }else if(0 == strcmp(acl, "bucket-owner-full-control")){
-                return BUCKET_OWNER_FULL_CONTROL;
-            }else if(0 == strcmp(acl, "log-delivery-write")){
-                return LOG_DELIVERY_WRITE;
+            }else if(0 == strcmp(acl, "default")){
+                return DEFAULT;
             }else{
                 return UNKNOWN;
             }

test/integration-test-common.sh

@@ -319,6 +319,17 @@ function common_exit_handler {
 }
 trap common_exit_handler EXIT
 
+function install_ossutil {
+    if ! [ -x "$(command -v ossutil)" ]; then
+        curl https://gosspublic.alicdn.com/ossutil/install.sh > install_ossutil.sh
+        bash install_ossutil.sh
+        if ! [ -x "$(command -v ossutil)" ]; then
+            echo "Failed to install ossutil"
+            exit 1
+        fi
+    fi
+}
+
 #
 # Local variables:
 # tab-width: 4

test/integration-test-main.sh

@@ -2463,6 +2463,26 @@ function test_free_cache_ahead {
     rm_test_file "${TEST_FILE}"
 }
 
+function test_default_acl {
+    describe "Testing defacult acl..."
+    
+    local DIR_NAME; DIR_NAME=$(basename "${PWD}")
+    touch "test.txt"
+ 
+    local CONTENT_TYPE; CONTENT_TYPE=$(ossutil_cmd stat "oss://${TEST_BUCKET_1}/${DIR_NAME}/test.txt" | grep ACL)
+    if ps u -p "${OSSFS_PID}" | grep -q default_acl; then
+        if ! echo "${CONTENT_TYPE}" | grep -q "private"; then 
+            return 1
+        fi
+    else    
+        if ! echo "${CONTENT_TYPE}" | grep -q "default"; then 
+            return 1
+        fi
+    fi
+ 
+    rm -rf "test.txt"
+}
+
 function add_all_tests {
     # shellcheck disable=SC2009
     if ps u -p "${OSSFS_PID}" | grep -q use_cache; then
@@ -2577,6 +2597,10 @@ function add_all_tests {
     if ps u -p "${OSSFS_PID}" | grep -q parallel_count && ps u -p "${OSSFS_PID}" | grep -q fake_diskfree; then
         add_tests test_free_cache_ahead
     fi
+
+    if ! uname | grep -q Darwin; then 
+        add_tests test_default_acl
+    fi
 }
 
 init_suite

test/small-integration-test.sh

@@ -61,6 +61,7 @@ if [ -n "${ALL_TESTS}" ]; then
         "use_xattr=0 -o readdir_optimize -o readdir_check_size=48 -o symlink_in_meta"
         "use_cache=${CACHE_DIR} -o direct_read"
         "fake_diskfree=${FAKE_FREE_DISK_SIZE} -oparallel_count=10 -omultipart_size=10"
+        "default_acl=private"
     )
 else
     FLAGS=(
@@ -69,6 +70,7 @@ else
 fi
 
 start_s3proxy
+install_ossutil
 
 if ! aws_cli s3api head-bucket --bucket "${TEST_BUCKET_1}" --region "${OSS_REGION}"; then
     aws_cli s3 mb "s3://${TEST_BUCKET_1}" --region "${OSS_REGION}"

test/test-utils.sh

@@ -340,6 +340,14 @@ function aws_cli() {
     aws $@ --endpoint-url "${OSS_URL}" --ca-bundle /tmp/keystore.pem ${FLAGS}
 }
 
+function ossutil_cmd() {
+    OSS_ACCESS_KEY_ID=$(cut -d: -f1 "${OSSFS_CREDENTIALS_FILE}")
+    OSS_SECRET_ACCESS_KEY=$(cut -d: -f2 "${OSSFS_CREDENTIALS_FILE}")
+ 
+    ossutil64 -i "${OSS_ACCESS_KEY_ID}" -k "${OSS_SECRET_ACCESS_KEY}" -e "${OSS_URL}" $@
+ 
+}
+
 function wait_for_port() {
     local PORT="$1"
     for _ in $(seq 30); do