69 lines
1.8 KiB
Go
69 lines
1.8 KiB
Go
package file
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"fmt"
|
|
"github.com/cloudwego/hertz/pkg/common/hlog"
|
|
"github.com/minio/minio-go/v7"
|
|
"github.com/minio/minio-go/v7/pkg/credentials"
|
|
)
|
|
|
|
// 全局MinIO客户端实例
|
|
var MinioClient *minio.Client
|
|
|
|
// 初始化MinIO客户端
|
|
func InitMinIO() error {
|
|
endpoint := "127.0.0.1:7001" // MinIO服务地址
|
|
accessKeyID := "admin" // 访问密钥
|
|
secretAccessKey := "1234567890" // 密钥
|
|
useSSL := false // 开发环境通常不使用SSL
|
|
|
|
// 初始化MinIO客户端
|
|
client, err := minio.New(endpoint, &minio.Options{
|
|
Creds: credentials.NewStaticV4(accessKeyID, secretAccessKey, ""),
|
|
Secure: useSSL,
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
hlog.Infof("Created minio client suscces")
|
|
MinioClient = client
|
|
return nil
|
|
}
|
|
|
|
// 设置存储桶的公共读策略,允许永久访问
|
|
func SetBucketPublicRead(ctx context.Context, client *minio.Client, bucketName string) error {
|
|
// 定义存储桶访问策略(允许所有人读取对象)
|
|
policy := map[string]interface{}{
|
|
"Version": "2012-10-17",
|
|
"Statement": []map[string]interface{}{
|
|
{
|
|
"Effect": "Allow",
|
|
"Principal": map[string]interface{}{
|
|
"AWS": []string{"*"}, // 允许所有用户
|
|
},
|
|
"Action": []string{
|
|
"s3:GetObject", // 仅授予读取权限
|
|
},
|
|
"Resource": []string{
|
|
fmt.Sprintf("arn:aws:s3:::%s/*", bucketName), // 匹配桶内所有对象
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
// 转换为JSON字符串
|
|
policyBytes, err := json.Marshal(policy)
|
|
if err != nil {
|
|
return fmt.Errorf("策略序列化失败: %v", err)
|
|
}
|
|
|
|
// 应用策略到存储桶
|
|
if err := client.SetBucketPolicy(ctx, bucketName, string(policyBytes)); err != nil {
|
|
return fmt.Errorf("设置存储桶策略失败: %v", err)
|
|
}
|
|
hlog.Infof("设置存储桶策略成功")
|
|
return nil
|
|
}
|