/** * Create a container with the given name. * * This creates a new container on the ObjectStorage * server with the name provided in $name. * * A boolean is returned when the operation did not generate an error * condition. * * - true means that the container was created. * - false means that the container was not created because it already * exists. * * Any actual error will cause an exception to be thrown. These will * be the HTTP-level exceptions. * * ACLs * * Swift supports an ACL stream that allows for specifying (with * certain caveats) various levels of read and write access. However, * there are two standard settings that cover the vast majority of * cases. * * - Make the resource private: This grants read and write access to * ONLY the creating user tenant. This is the default; it can also be * specified with ACL::makeNonPublic(). * - Make the resource public: This grants READ permission to any * requesting host, yet only allows the creator to WRITE to the * object. This level can be granted by ACL::makePublic(). * * Note that ACLs operate at a container level. Thus, marking a * container public will allow access to ALL objects inside of the * container. * * To find out whether an existing container is public, you can * write something like this: * * <?php * // Get the container. * $container = $objectStorage->container('my_container'); * * //Check the permission on the ACL: * $boolean = $container->acl()->isPublic(); * ?> * * For details on ACLs, see \OpenStack\ObjectStore\v1\Resource\ACL. * * @param string $name The name of the container. * @param object $acl \OpenStack\ObjectStore\v1\Resource\ACL An access control * list object. By default, a container is non-public * (private). To change this behavior, you can add a * custom ACL. To make the container publically * readable, you can use this: \OpenStack\ObjectStore\v1\Resource\ACL::makePublic(). * @param array $metadata An associative array of metadata to attach to the * container. * * @return boolean true if the container was created, false if the container * was not created because it already exists. */ public function createContainer($name, ACL $acl = null, $metadata = []) { $url = $this->url() . '/' . rawurlencode($name); $headers = ['X-Auth-Token' => $this->token()]; if (!empty($metadata)) { $prefix = Container::CONTAINER_METADATA_HEADER_PREFIX; $headers += Container::generateMetadataHeaders($metadata, $prefix); } // Add ACLs to header. if (!empty($acl)) { $headers += $acl->headers(); } $data = $this->client->put($url, null, ['headers' => $headers]); $status = $data->getStatusCode(); if ($status == 201) { return true; } elseif ($status == 202) { return false; } else { // According to the OpenStack docs, there are no other return codes. throw new Exception('Server returned unexpected code: ' . $status); } }
public function testHeaders() { $acl = new ACL(); $acl->addAccount(ACL::READ_WRITE, 'test'); $headers = $acl->headers(); $this->assertEquals(2, count($headers)); $read = $headers[ACL::HEADER_READ]; $write = $headers[ACL::HEADER_WRITE]; $this->assertEquals('test', $read); $this->assertEquals('test', $write); // Test hostname rules, which should only appear in READ. $acl = new ACL(); $acl->addReferrer(ACL::READ_WRITE, '.example.com'); $headers = $acl->headers(); $this->assertEquals(1, count($headers), print_r($headers, true)); $read = $headers[ACL::HEADER_READ]; $this->assertEquals('.r:.example.com', $read); }