forked from TrueCloudLab/s3-tests
4054d4b37f
Make sure 403 is returned when access is denied via s3:GetBucketPublicAccessBlock action on GetBucketPublicAccessBlock
Refs: https://github.com/ceph/ceph/pull/55652
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 3af42312bf
)
46 lines
1.3 KiB
Python
46 lines
1.3 KiB
Python
import json
|
|
|
|
class Statement(object):
|
|
def __init__(self, action, resource, principal = {"AWS" : "*"}, effect= "Allow", condition = None):
|
|
self.principal = principal
|
|
self.action = action
|
|
self.resource = resource
|
|
self.condition = condition
|
|
self.effect = effect
|
|
|
|
def to_dict(self):
|
|
d = { "Action" : self.action,
|
|
"Principal" : self.principal,
|
|
"Effect" : self.effect,
|
|
"Resource" : self.resource
|
|
}
|
|
|
|
if self.condition is not None:
|
|
d["Condition"] = self.condition
|
|
|
|
return d
|
|
|
|
class Policy(object):
|
|
def __init__(self):
|
|
self.statements = []
|
|
|
|
def add_statement(self, s):
|
|
self.statements.append(s)
|
|
return self
|
|
|
|
def to_json(self):
|
|
policy_dict = {
|
|
"Version" : "2012-10-17",
|
|
"Statement":
|
|
[s.to_dict() for s in self.statements]
|
|
}
|
|
|
|
return json.dumps(policy_dict)
|
|
|
|
def make_json_policy(action, resource, principal={"AWS": "*"}, effect="Allow", conditions=None):
|
|
"""
|
|
Helper function to make single statement policies
|
|
"""
|
|
s = Statement(action, resource, principal, effect=effect, condition=conditions)
|
|
p = Policy()
|
|
return p.add_statement(s).to_json()
|