Updated func tests and made swauth .rlistings check a bit easier to read

swift/common/middleware/swauth.py

@@ -277,9 +277,9 @@ class Swauth(object):
             return None
         referrers, groups = parse_acl(getattr(req, 'acl', None))
         if referrer_allowed(req.referer, referrers):
-            if not obj and '.rlistings' not in groups:
-                return self.denied_response(req)
-            return None
+            if obj or '.rlistings' in groups:
+                return None
+            return self.denied_response(req)
         if not req.remote_user:
             return self.denied_response(req)
         for user_group in user_groups:

test/functionalnosetests/test_container.py

@@ -338,7 +338,7 @@ class TestContainer(unittest.TestCase):
         def post(url, token, parsed, conn):
             conn.request('POST', parsed.path + '/' + self.name, '',
                          {'X-Auth-Token': token,
-                          'X-Container-Read': '.r:*'})
+                          'X-Container-Read': '.r:*,.rlistings'})
             return check_response(conn)
         resp = retry(post)
         resp.read()
@@ -430,7 +430,7 @@ class TestContainer(unittest.TestCase):
         def post(url, token, parsed, conn):
             conn.request('POST', parsed.path + '/' + self.name, '',
                          {'X-Auth-Token': token,
-                          'X-Container-Read': '.r:*'})
+                          'X-Container-Read': '.r:*,.rlistings'})
             return check_response(conn)
         resp = retry(post)
         resp.read()