From 86051d0cd918820555285716b3438bee68112a98 Mon Sep 17 00:00:00 2001
From: caleb miles <caselim@gmail.com>
Date: Fri, 1 Feb 2013 16:01:31 -0500
Subject: [PATCH] test_s3: Add tests for additional canned acl support.

Corresponds to tracker issue 3667.

Signed-off-by: caleb miles <caleb.miles@inktank.com>
---
 s3tests/functional/test_s3.py | 87 +++++++++++++++++++++++++++++++++++
 1 file changed, 87 insertions(+)

diff --git a/s3tests/functional/test_s3.py b/s3tests/functional/test_s3.py
index 7f9a495..ee6c494 100644
--- a/s3tests/functional/test_s3.py
+++ b/s3tests/functional/test_s3.py
@@ -1940,6 +1940,93 @@ def test_object_acl_canned_authenticatedread():
         )
 
 
+@attr(resource='object.acls')
+@attr(method='put')
+@attr(operation='acl bucket-owner-read')
+@attr(assertion='read back expected values')
+def test_object_acl_canned_bucketownerread():
+    bucket = get_new_bucket(s3.main)
+    bucket.set_acl('public-read-write')
+
+    key = s3.alt.get_bucket(bucket.name).new_key('foo')
+    key.set_contents_from_string('bar')
+
+    bucket_policy = bucket.get_acl()
+    bucket_owner_id = bucket_policy.owner.id
+    bucket_owner_display = bucket_policy.owner.display_name
+
+    key.set_acl('bucket-owner-read')
+    policy = key.get_acl()
+    print repr(policy)
+    check_grants(
+        policy.acl.grants,
+        [
+            dict(
+                permission='FULL_CONTROL',
+                id=policy.owner.id,
+                display_name=policy.owner.display_name,
+                uri=None,
+                email_address=None,
+                type='CanonicalUser',
+                ),
+            dict(
+                permission='READ',
+                id=bucket_owner_id,
+                display_name=bucket_owner_display,
+                uri=None,
+                email_address=None,
+                type='CanonicalUser',
+                ),
+            ],
+        )
+
+    key.delete()
+    bucket.delete()
+
+
+@attr(resource='object.acls')
+@attr(method='put')
+@attr(operation='acl bucket-owner-read')
+@attr(assertion='read back expected values')
+def test_object_acl_canned_bucketownerfullcontrol():
+    bucket = get_new_bucket(s3.main)
+    bucket.set_acl('public-read-write')
+
+    key = s3.alt.get_bucket(bucket.name).new_key('foo')
+    key.set_contents_from_string('bar')
+
+    bucket_policy = bucket.get_acl()
+    bucket_owner_id = bucket_policy.owner.id
+    bucket_owner_display = bucket_policy.owner.display_name
+
+    key.set_acl('bucket-owner-full-control')
+    policy = key.get_acl()
+    print repr(policy)
+    check_grants(
+        policy.acl.grants,
+        [
+            dict(
+                permission='FULL_CONTROL',
+                id=policy.owner.id,
+                display_name=policy.owner.display_name,
+                uri=None,
+                email_address=None,
+                type='CanonicalUser',
+                ),
+            dict(
+                permission='FULL_CONTROL',
+                id=bucket_owner_id,
+                display_name=bucket_owner_display,
+                uri=None,
+                email_address=None,
+                type='CanonicalUser',
+                ),
+            ],
+        )
+
+    key.delete()
+    bucket.delete()
+
 @attr(resource='bucket')
 @attr(method='ACLs')
 @attr(operation='set acl private')