Set object or bucket Access Control Policy
function yss_s3_distribution($type, $id)
{
global $ym_formgen, $yss_cloudfront, $yss_db, $wpdb;
// file details
$s3file = yss_get($id);
if ($_POST) {
// here we go
$distro = $_POST['distro'];
list($can, $oai, $bucket, $file, $domain, $type) = explode('|', $distro);
$packet = array('type' => 'CanonicalUser', 'id' => $can, 'name' => 'CloudFront Origin Access Identity ' . $oai, 'permission' => 'READ');
$acp = array();
require_once YSS_CLASSES_DIR . 'S3.php';
$s3 = new S3();
$s3->setAuth(get_option('yss_user_key'), get_option('yss_secret_key'));
//get existing and merge
$acp = $s3->getAccessControlPolicy($bucket, $file);
$acp['acl'][] = $packet;
if ($s3->setAccessControlPolicy($bucket, $file, $acp)) {
$acp = $s3->getAccessControlPolicy($bucket, $file);
// store
$distribution = json_decode($s3file->distribution);
if ($type == 'stream') {
$distribution->streaming = $domain;
} else {
$distribution->download = $domain;
}
$distribution = json_encode($distribution);
$sql = 'UPDATE ' . $yss_db . ' SET
distribution = \'' . $distribution . '\'
WHERE id = ' . $id;
$wpdb->query($sql);
echo '<div id="message" class="updated"><p>Permissions updated</p></div>';
yss_s3_list();
return;
} else {
echo '<div id="message" class="error"><p>Permissions update failed</p></div>';
}
}
if ($type == 'stream') {
$data = $yss_cloudfront->get_streaming();
} else {
$data = $yss_cloudfront->get_distribution();
}
if (is_array($data)) {
$test = array_keys($data);
if ($test[0] != '0') {
$data = array($data);
}
}
if (is_array($data)) {
echo ym_box_top('Deploy');
echo '
<form action="" method="post">
<fieldset>
<p>You can select a distribution to expose the file, ' . $s3file->bucket . '/' . $s3file->resource_path . ' onto</p>
<table class="form-table">
';
$items = array('blank' => 'Select');
foreach ($data as $item) {
$bucket = $item['S3Origin']['DNSName']['value'];
list($bucket, $null) = explode('.', $bucket, 2);
$enabled = $item['Enabled']['value'];
if ($enabled == 'true' && $s3file->bucket == $bucket) {
// Distribution is enabled and is for this bucket matches
$status = $item['Status']['value'];
$domain = $item['DomainName']['value'];
$oai = $item['S3Origin']['OriginAccessIdentity']['value'];
list($null, $nulm, $oai) = explode('/', $oai);
// oai needs canonical
$canonical = $yss_cloudfront->get_oai_canonical($oai);
$value = $canonical . '|' . $oai . '|' . $bucket . '|' . $s3file->resource_path . '|' . $domain . '|' . $type;
//echo '<option value="' . $value . '">' . $domain . '</option>';
$items[$value] = $domain;
}
}
$ym_formgen->render_combo_from_array_row('Distribution', 'distro', $items, '', 'Which Distribution to expose this file on');
echo '
</table>
<p class="submit">
<input type="submit" value="Deploy!" />
</p>
</fieldset>
</form>
';
echo ym_box_bottom();
} else {
echo '<div id="message" class="error"><p>Failed to load Distributions or none available</p></div>';
}
}
public static function connectAndAuthorize($key, $secret, $bucket, $email, $auth_type = 'FULL_CONTROL')
{
require_once CASH_PLATFORM_ROOT . '/lib/S3.php';
$s3_instance = new S3($key, $secret);
$bucket_exists = $s3_instance->getBucket($bucket);
if (!$bucket_exists) {
$bucket_exists = $s3_instance->putBucket($bucket);
}
if ($bucket_exists) {
$acp = $s3_instance->getAccessControlPolicy($bucket);
if (is_array($acp)) {
$acp['acl'][] = array('email' => $email, 'permission' => $auth_type);
return $s3_instance->setAccessControlPolicy($bucket, '', $acp);
} else {
return false;
}
}
}
