bucket policy: improve the helper functions used for tagging upwards

- Improve `make_json_policy` to support conditionals in policy
- Move the helper functions for creating policies up so that bucket
  policy tests can use these
- add bucket-policy attribute to the tagging tests using policy

Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
This commit is contained in:
Abhishek Lekshmanan 2017-10-12 15:16:14 +02:00
parent 6bef6ad125
commit eee2d9a82c

View file

@ -8737,6 +8737,28 @@ def test_sse_kms_read_declare():
e = assert_raises(boto.exception.S3ResponseError, key.get_contents_as_string, headers=sse_kms_client_headers) e = assert_raises(boto.exception.S3ResponseError, key.get_contents_as_string, headers=sse_kms_client_headers)
eq(e.status, 400) eq(e.status, 400)
def _make_arn_resource(path="*"):
return "arn:aws:s3:::{}".format(path)
def make_json_policy(action, resource, principal={"AWS": "*"}, conditions=None):
policy = {
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": principal,
"Action": action,
"Resource": [
resource
],
}]
}
if conditions is not None:
policy["Statement"]["Condition"] = conditions
return json.dumps(policy)
@attr(resource='bucket') @attr(resource='bucket')
@attr(method='get') @attr(method='get')
@attr(operation='Test Bucket Policy') @attr(operation='Test Bucket Policy')
@ -9273,28 +9295,13 @@ def test_put_obj_with_tags():
res_tagset = _get_obj_tags(bucket, key.name) res_tagset = _get_obj_tags(bucket, key.name)
eq(input_tagset.to_dict(), res_tagset.to_dict()) eq(input_tagset.to_dict(), res_tagset.to_dict())
def _make_arn_resource(path="*"):
return "arn:aws:s3:::{}".format(path)
def make_json_policy(action, resource, principal={"AWS": "*"}):
return json.dumps(
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": principal,
"Action": action,
"Resource": [
resource
]
}]
})
@attr(resource='object') @attr(resource='object')
@attr(method='get') @attr(method='get')
@attr(operation='Test GetObjTagging public read') @attr(operation='Test GetObjTagging public read')
@attr(assertion='success') @attr(assertion='success')
@attr('tagging') @attr('tagging')
@attr('bucket-policy')
def test_get_tags_acl_public(): def test_get_tags_acl_public():
bucket, key = _create_key_with_random_content('testputtagsacl') bucket, key = _create_key_with_random_content('testputtagsacl')
@ -9315,6 +9322,7 @@ def test_get_tags_acl_public():
@attr(operation='Test PutObjTagging public wrote') @attr(operation='Test PutObjTagging public wrote')
@attr(assertion='success') @attr(assertion='success')
@attr('tagging') @attr('tagging')
@attr('bucket-policy')
def test_put_tags_acl_public(): def test_put_tags_acl_public():
bucket, key = _create_key_with_random_content('testputtagsacl') bucket, key = _create_key_with_random_content('testputtagsacl')