Question

我希望能够直接从Google Storage提供图像文件。我正在关注code suggestion from Google，但仍然得到Access Denied和Anonymous caller does not have storage.objects.get access。我正在Google App Engine项目中运行它：

require_once 'vendor/autoload.php';

use Google\Cloud\Storage\StorageClient;
use google\appengine\api\cloud_storage\CloudStorageTools;

$storage = new StorageClient();
$storage->registerStreamWrapper();

$text = "Contained text: ".date("Y-m-d H:i:s")."\n";

$options = ['gs' => ['acl' => 'public-read']];
$context = stream_context_create($options);
$filepath = "gs://$project.appspot.com/public_file.txt";
file_put_contents($filepath, $text, 0, $context);

$publicurl = CloudStorageTools::getPublicUrl($filepath, false);

文件已成功写入Google存储空间。我已经通过Cloud Console中的存储浏览器进行了查看。

但是当我尝试浏览到它时，我得到Access Denied。我想念什么？

$ gsutil acl get gs://my-app-project.appspot.com/public_file.txt

[
  {
    "entity": "project-owners-XXXXXXXXXXXX",
    "projectTeam": {
      "projectNumber": "XXXXXXXXXXXX",
      "team": "owners"
    },
    "role": "OWNER"
  },
  {
    "entity": "project-editors-XXXXXXXXXXXX",
    "projectTeam": {
      "projectNumber": "XXXXXXXXXXXX",
      "team": "editors"
    },
    "role": "OWNER"
  },
  {
    "entity": "project-viewers-XXXXXXXXXXXX",
    "projectTeam": {
      "projectNumber": "XXXXXXXXXXXX",
      "team": "viewers"
    },
    "role": "READER"
  },
  {
    "email": "my-app-project@appspot.gserviceaccount.com",
    "entity": "user-my-app-project@appspot.gserviceaccount.com",
    "role": "OWNER"
  }
]

Answer 1

我不确定为什么上面的代码无法将权限设置为public，但这是一种解决方法。

如果您正在使用可以完全公开的存储桶，则可以将存储桶上的默认ACL设置为public-read，那么无论何时在该存储桶中创建文件，它们都已经是公共的。

这是我从以下位置获得命令的地方： https://cloud.google.com/php/getting-started/using-cloud-storage

gsutil defacl set public-read gs://[YOUR-PROJECT-ID]

无法公开gs：//文件以直接从Google存储空间提供服务

1 个答案: