I own a S3 bucket, which has two objects inside:
testPublic.jpg , which is public (everyone, given the URL, can access it)
testNotPublic.jpg , which is not set as public.
I need a method that can tell me if the file in question is visible by everyone.
From S3, I can execute the following:
dd($s3->getObject([
'Bucket' => $bucketName,
'Key' => $filekey,
]));
Which returns information about the object, but nothing about its permissions.
I can also execute the following:
dd($s3->getObjectAcl([
'Bucket' => $bucketName,
'Key' => $filekey,
]));
Which returns information about the permissions, something like
object(Aws\Result)[1125]
private 'data' =>
array (size=4)
'RequestCharged' => string '' (length=0)
'Owner' =>
array (size=1)
'ID' => string 'ca299b95fREDACTED129f7' (length=64)
'Grants' =>
array (size=2)
0 =>
array (size=2)
...
1 =>
array (size=2)
...
'@metadata' =>
array (size=4)
'statusCode' => int 200
'effectiveUri' => string 'https://s3.us-REDACTED-2.amazonaws.com/REDACTED/test.jpg?acl' (length=73)
'headers' =>
array (size=6)
...
'transferStats' =>
array (size=1)
...
Which inside the key Grants has something like
array (size=2)
0 =>
array (size=2)
'Grantee' =>
array (size=1)
'ID' => string 'ca2REDACTEDf7' (length=64)
'Permission' => string 'FULL_CONTROL' (length=12)
1 =>
array (size=2)
'Grantee' =>
array (size=1)
'URI' => string 'http://acs.amazonaws.com/groups/global/AllUsers' (length=47)
'Permission' => string 'READ' (length=4)
This last item only visible if the file is public.
So far I haven't found an implemented method that could allow me to pass it the $filekey and return if this file is visible by everyone.
The only way I see I could do it is to implement it myself, looking at the result of getObjectAcl() and performing a search for the element that has http://acs.amazonaws.com/groups/global/AllUsers with permision READ
¿Is there a better way I am missing?
