accessPolicy: Implement Put, Get, Delete access policy.

This patch implements Get,Put,Delete bucket policies Supporting - http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html Currently supports following actions. "*": true, "s3:*": true, "s3:GetObject": true, "s3:ListBucket": true, "s3:PutObject": true, "s3:CreateBucket": true, "s3:GetBucketLocation": true, "s3:DeleteBucket": true, "s3:DeleteObject": true, "s3:AbortMultipartUpload": true, "s3:ListBucketMultipartUploads": true, "s3:ListMultipartUploadParts": true, following conditions for "StringEquals" and "StringNotEquals" "s3:prefix", "s3:max-keys"
2025-11-13 15:21:36 -05:00 · 2016-02-03 16:46:56 -08:00
parent 846410c563
commit d5057b3c51
24 changed files with 1107 additions and 755 deletions
--- a/server_fs_test.go
+++ b/server_fs_test.go
@@ -524,7 +524,6 @@ func (s *MyAPIFSCacheSuite) TestHeader(c *C) {
 func (s *MyAPIFSCacheSuite) TestPutBucket(c *C) {
 	request, err := s.newRequest("PUT", testAPIFSCacheServer.URL+"/put-bucket", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "private")

 	client := http.Client{}
 	response, err := client.Do(request)
@@ -533,7 +532,6 @@ func (s *MyAPIFSCacheSuite) TestPutBucket(c *C) {

 	request, err = s.newRequest("PUT", testAPIFSCacheServer.URL+"/put-bucket-slash/", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "private")

 	client = http.Client{}
 	response, err = client.Do(request)
@@ -582,7 +580,6 @@ func (s *MyAPIFSCacheSuite) TestCopyObject(c *C) {
 func (s *MyAPIFSCacheSuite) TestPutObject(c *C) {
 	request, err := s.newRequest("PUT", testAPIFSCacheServer.URL+"/put-object", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "private")

 	client := http.Client{}
 	response, err := client.Do(request)
@@ -627,7 +624,6 @@ func (s *MyAPIFSCacheSuite) TestNotBeAbleToCreateObjectInNonexistantBucket(c *C)
 func (s *MyAPIFSCacheSuite) TestHeadOnObject(c *C) {
 	request, err := s.newRequest("PUT", testAPIFSCacheServer.URL+"/headonobject", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "private")

 	client := http.Client{}
 	response, err := client.Do(request)
@@ -671,7 +667,6 @@ func (s *MyAPIFSCacheSuite) TestHeadOnObject(c *C) {
 func (s *MyAPIFSCacheSuite) TestHeadOnBucket(c *C) {
 	request, err := s.newRequest("PUT", testAPIFSCacheServer.URL+"/headonbucket", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "private")

 	client := http.Client{}
 	response, err := client.Do(request)
@@ -837,7 +832,6 @@ func (s *MyAPIFSCacheSuite) TestListObjectsHandlerErrors(c *C) {

 	request, err = s.newRequest("PUT", testAPIFSCacheServer.URL+"/objecthandlererrors", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "private")

 	client = http.Client{}
 	response, err = client.Do(request)
@@ -855,7 +849,6 @@ func (s *MyAPIFSCacheSuite) TestListObjectsHandlerErrors(c *C) {
 func (s *MyAPIFSCacheSuite) TestPutBucketErrors(c *C) {
 	request, err := s.newRequest("PUT", testAPIFSCacheServer.URL+"/putbucket-.", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "private")

 	client := http.Client{}
 	response, err := client.Do(request)
@@ -864,7 +857,6 @@ func (s *MyAPIFSCacheSuite) TestPutBucketErrors(c *C) {

 	request, err = s.newRequest("PUT", testAPIFSCacheServer.URL+"/putbucket", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "private")

 	client = http.Client{}
 	response, err = client.Do(request)
@@ -873,7 +865,6 @@ func (s *MyAPIFSCacheSuite) TestPutBucketErrors(c *C) {

 	request, err = s.newRequest("PUT", testAPIFSCacheServer.URL+"/putbucket", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "private")

 	response, err = client.Do(request)
 	c.Assert(err, IsNil)
@@ -881,7 +872,6 @@ func (s *MyAPIFSCacheSuite) TestPutBucketErrors(c *C) {

 	request, err = s.newRequest("PUT", testAPIFSCacheServer.URL+"/putbucket?acl", 0, nil)
 	c.Assert(err, IsNil)
-	request.Header.Add("x-amz-acl", "unknown")

 	response, err = client.Do(request)
 	c.Assert(err, IsNil)