Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed AWS Config S3 ACL issues

Browse Source 
- AWS Config appears to have changed how ACLs are returned
- This PR makes moto's behavior consistent with AWS Config's S3 representation

Fixes #3986
This commit is contained in:
Mike Grima 2021-06-04 09:21:59 -07:00
parent 5602c4e73e
commit ba7a0fe3a2
2 changed files with 25 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
moto/s3/models.py
View File

@ -436,10 +436,6 @@ class FakeAcl(BaseModel):
) )
for permission in permissions: for permission in permissions:
for grantee in grant.grantees: for grantee in grant.grantees:
# Config does not add the owner if its permissions are FULL_CONTROL:
if permission == "FULL_CONTROL" and grantee.id == OWNER:
continue
if grantee.uri: if grantee.uri:
grant_list.append( grant_list.append(
{ {

26
tests/test_s3/test_s3.py
View File

@ -4648,7 +4648,15 @@ def test_s3_acl_to_config_dict():
# Get the config dict with nothing other than the owner details: # Get the config dict with nothing other than the owner details:
acls = s3_config_query.backends["global"].buckets["logbucket"].acl.to_config_dict() acls = s3_config_query.backends["global"].buckets["logbucket"].acl.to_config_dict()
assert acls == {"grantSet": None, "owner": {"displayName": None, "id": OWNER}} owner_acl = {
"grantee": {"id": OWNER, "displayName": None},
"permission": "FullControl",
}
assert acls == {
"grantSet": None,
"owner": {"displayName": None, "id": OWNER},
"grantList": [owner_acl],
}
# Add some Log Bucket ACLs: # Add some Log Bucket ACLs:
log_acls = FakeAcl( log_acls = FakeAcl(
@ -4672,6 +4680,13 @@ def test_s3_acl_to_config_dict():
"grantList": [ "grantList": [
{"grantee": "LogDelivery", "permission": "Write"}, {"grantee": "LogDelivery", "permission": "Write"},
{"grantee": "LogDelivery", "permission": "ReadAcp"}, {"grantee": "LogDelivery", "permission": "ReadAcp"},
{
"grantee": {
"displayName": None,
"id": "75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a",
},
"permission": "FullControl",
},
], ],
"owner": {"displayName": None, "id": OWNER}, "owner": {"displayName": None, "id": OWNER},
} }
@ -4791,6 +4806,15 @@ def test_s3_config_dict():
json.loads(bucket1_result["supplementaryConfiguration"]["AccessControlList"]) json.loads(bucket1_result["supplementaryConfiguration"]["AccessControlList"])
) == { ) == {
"grantSet": None, "grantSet": None,
"grantList": [
{
"grantee": {
"displayName": None,
"id": "75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a",
},
"permission": "FullControl",
},
],
"owner": { "owner": {
"displayName": None, "displayName": None,
"id": "75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a", "id": "75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a",