forked from TrueCloudLab/s3-tests
add test for block public policy
Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
(cherry picked from commit b4516725f2
)
This commit is contained in:
parent
a48cf75391
commit
0a495efc8c
1 changed files with 22 additions and 0 deletions
|
@ -12649,3 +12649,25 @@ def test_block_public_object_canned_acls():
|
||||||
eq(status, 403)
|
eq(status, 403)
|
||||||
|
|
||||||
|
|
||||||
|
@attr(resource='bucket')
|
||||||
|
@attr(method='put')
|
||||||
|
@attr(operation='block public acls on canned acls')
|
||||||
|
@attr(assertion='succeeds')
|
||||||
|
@attr('policy_status')
|
||||||
|
def test_block_public_policy():
|
||||||
|
bucket_name = get_new_bucket()
|
||||||
|
client = get_client()
|
||||||
|
|
||||||
|
access_conf = {'BlockPublicAcls': False,
|
||||||
|
'IgnorePublicAcls': False,
|
||||||
|
'BlockPublicPolicy': True,
|
||||||
|
'RestrictPublicBuckets': False}
|
||||||
|
|
||||||
|
client.put_public_access_block(Bucket=bucket_name, PublicAccessBlockConfiguration=access_conf)
|
||||||
|
resource = _make_arn_resource("{}/{}".format(bucket_name, "*"))
|
||||||
|
policy_document = make_json_policy("s3:GetObject",
|
||||||
|
resource)
|
||||||
|
|
||||||
|
check_access_denied(client.put_bucket_policy, Bucket=bucket_name, Policy=policy_document)
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue