From e37f53707ff7414eff9ac0d1e119d16be6c065c8 Mon Sep 17 00:00:00 2001
From: linmuxin <linmuxin1023lin>
Date: Thu, 19 Oct 2023 21:13:09 +0800
Subject: [PATCH] =?UTF-8?q?fix=EF=BC=9A=E5=88=9B=E5=BB=BA=E6=96=B0?=
 =?UTF-8?q?=E7=9A=84=E5=AD=98=E5=82=A8=E6=A1=B6=E8=AE=BE=E7=BD=AEpublic?=
 =?UTF-8?q?=E6=9D=83=E9=99=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/lld/im/service/utils/MinioUtil.java   | 25 +++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/hs-im-server/im-service/src/main/java/com/lld/im/service/utils/MinioUtil.java b/hs-im-server/im-service/src/main/java/com/lld/im/service/utils/MinioUtil.java
index 8b89f35..e65e9c9 100644
--- a/hs-im-server/im-service/src/main/java/com/lld/im/service/utils/MinioUtil.java
+++ b/hs-im-server/im-service/src/main/java/com/lld/im/service/utils/MinioUtil.java
@@ -69,6 +69,8 @@ public class MinioUtil {
             } else {
                 // 创建一个名为ota的存储桶
                 minioClient.makeBucket(MakeBucketArgs.builder().bucket(newBucket).build());
+                // 创建新的存储桶时设置public权限
+                minioClient.setBucketPolicy(SetBucketPolicyArgs.builder().bucket(bucketName).config(policy(bucketName)).build());
                 log.info("create a new bucket.");
             }
             //update-begin-author:liusq date:20210809 for: 过滤上传文件类型
@@ -230,6 +232,8 @@ public class MinioUtil {
         } else {
             // 创建一个名为ota的存储桶
             minioClient.makeBucket(MakeBucketArgs.builder().bucket(bucketName).build());
+            // 创建新的存储桶时设置public权限
+            minioClient.setBucketPolicy(SetBucketPolicyArgs.builder().bucket(bucketName).config(policy(bucketName)).build());
             log.info("create a new bucket.");
         }
         PutObjectArgs objectArgs = PutObjectArgs.builder().object(relativePath)
@@ -241,4 +245,25 @@ public class MinioUtil {
         return minioUrl+bucketName+"/"+relativePath;
     }
 
+    private static String policy(String bucket) {
+        return "{\n" +
+                "\t\"Version\": \"2012-10-17\",\n" +
+                "\t\"Statement\": [{\n" +
+                "\t\t\"Effect\": \"Allow\",\n" +
+                "\t\t\"Principal\": {\n" +
+                "\t\t\t\"AWS\": [\"*\"]\n" +
+                "\t\t},\n" +
+                "\t\t\"Action\": [\"s3:GetBucketLocation\", \"s3:ListBucket\", \"s3:ListBucketMultipartUploads\"],\n" +
+                "\t\t\"Resource\": [\"arn:aws:s3:::" + bucket + "\"]\n" +
+                "\t}, {\n" +
+                "\t\t\"Effect\": \"Allow\",\n" +
+                "\t\t\"Principal\": {\n" +
+                "\t\t\t\"AWS\": [\"*\"]\n" +
+                "\t\t},\n" +
+                "\t\t\"Action\": [\"s3:AbortMultipartUpload\", \"s3:DeleteObject\", \"s3:GetObject\", \"s3:ListMultipartUploadParts\", \"s3:PutObject\"],\n" +
+                "\t\t\"Resource\": [\"arn:aws:s3:::" + bucket + "/*\"]\n" +
+                "\t}]\n" +
+                "}\n";
+    }
+
 }