getObjectAcl method

Future<GetObjectAclOutput> getObjectAcl({
  1. required String bucket,
  2. required String key,
  3. String? expectedBucketOwner,
  4. RequestPayer? requestPayer,
  5. String? versionId,
})
Returns the access control list (ACL) of an object. To use this operation, you must have s3:GetObjectAcl permissions or READ_ACP access to the object. For more information, see Mapping of ACL permissions and access policy permissions in the Amazon S3 User Guide

This functionality is not supported for Amazon S3 on Outposts.

By default, GET returns ACL information about the current version of an object. To return ACL information about a different version, use the versionId subresource. The following operations are related to GetObjectAcl:

May throw NoSuchKey.

Parameter bucket : The bucket name that contains the object for which to get the ACL information.

Access points - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see Using access points in the Amazon S3 User Guide.

Parameter key : The key of the object for which to get the ACL information.

Parameter expectedBucketOwner : The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

Parameter versionId : Version ID used to reference a specific version of the object.

Implementation

Future<GetObjectAclOutput> getObjectAcl({
  required String bucket,
  required String key,
  String? expectedBucketOwner,
  RequestPayer? requestPayer,
  String? versionId,
}) async {
  final headers = <String, String>{
    if (expectedBucketOwner != null)
      'x-amz-expected-bucket-owner': expectedBucketOwner.toString(),
    if (requestPayer != null) 'x-amz-request-payer': requestPayer.value,
  };
  final $query = <String, List<String>>{
    if (versionId != null) 'versionId': [versionId],
  };
  final $result = await _protocol.sendRaw(
    method: 'GET',
    requestUri:
        '/${Uri.encodeComponent(bucket)}/${key.split('/').map(Uri.encodeComponent).join('/')}?acl',
    queryParams: $query,
    headers: headers,
    exceptionFnMap: _exceptionFns,
  );
  final $elem = await _s.xmlFromResponse($result);
  return GetObjectAclOutput(
    grants: _s.extractXmlChild($elem, 'AccessControlList')?.let(
        ($elem) => $elem.findElements('Grant').map(Grant.fromXml).toList()),
    owner: _s.extractXmlChild($elem, 'Owner')?.let(Owner.fromXml),
    requestCharged: _s
        .extractHeaderStringValue($result.headers, 'x-amz-request-charged')
        ?.let(RequestCharged.fromString),
  );
}