S3 keys inherit bucket ACL
This commit is contained in:
Jack Danger
parent
4b1120b064
commit
ca7661bc1e
@ -636,6 +636,8 @@ class ResponseObject(_TemplateEnvironmentMixin):
|
|||||||
|
|
||||||
storage_class = request.headers.get('x-amz-storage-class', 'STANDARD')
|
storage_class = request.headers.get('x-amz-storage-class', 'STANDARD')
|
||||||
acl = self._acl_from_headers(request.headers)
|
acl = self._acl_from_headers(request.headers)
|
||||||
|
if acl is None:
|
||||||
|
acl = self.backend.get_bucket(bucket_name).acl
|
||||||
tagging = self._tagging_from_headers(request.headers)
|
tagging = self._tagging_from_headers(request.headers)
|
||||||
|
|
||||||
if 'acl' in query:
|
if 'acl' in query:
|
||||||
@ -740,7 +742,7 @@ class ResponseObject(_TemplateEnvironmentMixin):
|
|||||||
if grants:
|
if grants:
|
||||||
return FakeAcl(grants)
|
return FakeAcl(grants)
|
||||||
else:
|
else:
|
||||||
return get_canned_acl('private')
|
return None
|
||||||
|
|
||||||
def _tagging_from_headers(self, headers):
|
def _tagging_from_headers(self, headers):
|
||||||
if headers.get('x-amz-tagging'):
|
if headers.get('x-amz-tagging'):
|
||||||
|
|||||||
@ -870,7 +870,7 @@ def test_s3_object_in_public_bucket():
|
|||||||
s3 = boto3.resource('s3')
|
s3 = boto3.resource('s3')
|
||||||
bucket = s3.Bucket('test-bucket')
|
bucket = s3.Bucket('test-bucket')
|
||||||
bucket.create(ACL='public-read')
|
bucket.create(ACL='public-read')
|
||||||
bucket.put_object(ACL='public-read', Body=b'ABCD', Key='file.txt')
|
bucket.put_object(Body=b'ABCD', Key='file.txt')
|
||||||
|
|
||||||
s3_anonymous = boto3.resource('s3')
|
s3_anonymous = boto3.resource('s3')
|
||||||
s3_anonymous.meta.client.meta.events.register('choose-signer.s3.*', disable_signing)
|
s3_anonymous.meta.client.meta.events.register('choose-signer.s3.*', disable_signing)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user