diff --git a/hs-im-server/im-service/src/main/java/com/lld/im/service/utils/MinioUtil.java b/hs-im-server/im-service/src/main/java/com/lld/im/service/utils/MinioUtil.java index 8b89f35..e65e9c9 100644 --- a/hs-im-server/im-service/src/main/java/com/lld/im/service/utils/MinioUtil.java +++ b/hs-im-server/im-service/src/main/java/com/lld/im/service/utils/MinioUtil.java @@ -69,6 +69,8 @@ public class MinioUtil { } else { // 创建一个名为ota的存储桶 minioClient.makeBucket(MakeBucketArgs.builder().bucket(newBucket).build()); + // 创建新的存储桶时设置public权限 + minioClient.setBucketPolicy(SetBucketPolicyArgs.builder().bucket(bucketName).config(policy(bucketName)).build()); log.info("create a new bucket."); } //update-begin-author:liusq date:20210809 for: 过滤上传文件类型 @@ -230,6 +232,8 @@ public class MinioUtil { } else { // 创建一个名为ota的存储桶 minioClient.makeBucket(MakeBucketArgs.builder().bucket(bucketName).build()); + // 创建新的存储桶时设置public权限 + minioClient.setBucketPolicy(SetBucketPolicyArgs.builder().bucket(bucketName).config(policy(bucketName)).build()); log.info("create a new bucket."); } PutObjectArgs objectArgs = PutObjectArgs.builder().object(relativePath) @@ -241,4 +245,25 @@ public class MinioUtil { return minioUrl+bucketName+"/"+relativePath; } + private static String policy(String bucket) { + return "{\n" + + "\t\"Version\": \"2012-10-17\",\n" + + "\t\"Statement\": [{\n" + + "\t\t\"Effect\": \"Allow\",\n" + + "\t\t\"Principal\": {\n" + + "\t\t\t\"AWS\": [\"*\"]\n" + + "\t\t},\n" + + "\t\t\"Action\": [\"s3:GetBucketLocation\", \"s3:ListBucket\", \"s3:ListBucketMultipartUploads\"],\n" + + "\t\t\"Resource\": [\"arn:aws:s3:::" + bucket + "\"]\n" + + "\t}, {\n" + + "\t\t\"Effect\": \"Allow\",\n" + + "\t\t\"Principal\": {\n" + + "\t\t\t\"AWS\": [\"*\"]\n" + + "\t\t},\n" + + "\t\t\"Action\": [\"s3:AbortMultipartUpload\", \"s3:DeleteObject\", \"s3:GetObject\", \"s3:ListMultipartUploadParts\", \"s3:PutObject\"],\n" + + "\t\t\"Resource\": [\"arn:aws:s3:::" + bucket + "/*\"]\n" + + "\t}]\n" + + "}\n"; + } + }