private void checkGrants(AccessControlList acl) { String ownerId = acl.getOwner().getId(); assertEquals(acl.getGrants().size(), 4, acl.toString()); assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL), acl.toString()); assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString()); assertTrue(acl.hasPermission(ownerId, Permission.WRITE_ACP), acl.toString()); // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by email addr assertTrue(acl.hasPermission(TEST_ACL_ID, Permission.READ_ACP), acl.toString()); }
private void checkGrants(AccessControlList acl) { String ownerId = acl.getOwner().getId(); assertEquals(acl.getGrants().size(), 4, acl.toString()); assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL), acl.toString()); assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString()); assertTrue(acl.hasPermission(ownerId, Permission.WRITE_ACP), acl.toString()); // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by email addr assertTrue(acl.hasPermission(StubS3AsyncClient.TEST_ACL_ID, Permission.READ_ACP), acl.toString()); }
private void checkGrants(AccessControlList acl) { String ownerId = acl.getOwner().getId(); assertEquals(acl.getGrants().size(), 4, acl.toString()); assertTrue(acl.hasPermission(ownerId, Permission.FULL_CONTROL), acl.toString()); assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString()); assertTrue(acl.hasPermission(ownerId, Permission.WRITE_ACP), acl.toString()); // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by email addr assertTrue(acl.hasPermission(TEST_ACL_ID, Permission.READ_ACP), acl.toString()); }
private void checkGrants(AccessControlList acl) { String ownerId = acl.getOwner().getId(); assertEquals(acl.getGrants().size(), 4, acl.toString()); assertTrue(acl.hasPermission(ownerId, FULL_CONTROL), acl.toString()); assertTrue(acl.hasPermission(ALL_USERS, READ), acl.toString()); assertTrue(acl.hasPermission(ownerId, WRITE_ACP), acl.toString()); // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by email addr assertTrue(acl.hasPermission(TEST_ACL_ID, READ_ACP), acl.toString()); }
public void run() { try { AccessControlList acl = getApi().getBucketACL(bucketName + "eu"); assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString()); } catch (Exception e) { Throwables.propagateIfPossible(e); } } });
public void run() { try { AccessControlList acl = getApi().getBucketACL(bucketName + "eu"); assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString()); } catch (Exception e) { Throwables.propagateIfPossible(e); } } });
public void testPublicReadAccessPolicy() throws Exception { String bucketName = getScratchContainerName(); try { getApi().putBucketInRegion(null, bucketName, withBucketAcl(CannedAccessPolicy.PUBLIC_READ)); AccessControlList acl = getApi().getBucketACL(bucketName); assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString()); // TODO: I believe that the following should work based on the above acl assertion passing. // However, it fails on 403 // URL url = new URL(String.format("http://%s.s3.amazonaws.com", bucketName)); // Utils.toStringAndClose(url.openStream()); } finally { destroyContainer(bucketName); } }
public void testPublicReadAccessPolicy() throws Exception { String bucketName = getScratchContainerName(); try { getApi().putBucketInRegion(null, bucketName, withBucketAcl(PUBLIC_READ)); AccessControlList acl = getApi().getBucketACL(bucketName); assertTrue(acl.hasPermission(ALL_USERS, READ), acl.toString()); // TODO: I believe that the following should work based on the above acl assertion passing. // However, it fails on 403 // URL url = new URL(String.format("http://%s.s3.amazonaws.com", bucketName)); // Utils.toStringAndClose(url.openStream()); } finally { destroyContainer(bucketName); } }
public void run() { try { BucketLogging newLogging = getApi().getBucketLogging(bucketName); assert newLogging !=null; AccessControlList acl = new AccessControlList(); for (Grant grant : newLogging.getTargetGrants()) { // TODO: add permission // checking features to // bucketlogging acl.addPermission(grant.getGrantee(), grant.getPermission()); } // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by // email addr assertTrue(acl.hasPermission(StubS3AsyncClient.TEST_ACL_ID, Permission.FULL_CONTROL), acl.toString()); assertEquals(logging.getTargetBucket(), newLogging.getTargetBucket()); assertEquals(logging.getTargetPrefix(), newLogging.getTargetPrefix()); } catch (Exception e) { Throwables.propagateIfPossible(e); } } });
public void run() { try { BucketLogging newLogging = getApi().getBucketLogging(bucketName); assert newLogging != null; AccessControlList acl = new AccessControlList(); for (Grant grant : newLogging.getTargetGrants()) { // TODO: add permission // checking features to // bucketlogging acl.addPermission(grant.getGrantee(), grant.getPermission()); } // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by // email addr assertTrue(acl.hasPermission(TEST_ACL_ID, FULL_CONTROL), acl.toString()); assertEquals(logging.getTargetBucket(), newLogging.getTargetBucket()); assertEquals(logging.getTargetPrefix(), newLogging.getTargetPrefix()); } catch (Exception e) { Throwables.propagateIfPossible(e); } } });
assertEquals(acl.getGrants().size(), 1); assertEquals(acl.getPermissions(ownerId).size(), 0); assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString()); } finally { returnContainer(containerName);
assertEquals(acl.getGrants().size(), 1); assertEquals(acl.getPermissions(ownerId).size(), 0); assertTrue(acl.hasPermission(GroupGranteeURI.ALL_USERS, Permission.READ), acl.toString()); } finally { returnContainer(containerName);