diff --git a/swift3/controllers/acl.py b/swift3/controllers/acl.py index 0bbbf510..10f09abb 100644 --- a/swift3/controllers/acl.py +++ b/swift3/controllers/acl.py @@ -79,11 +79,11 @@ def swift_acl_translate(acl, group='', user='', xml=False): that yet. """ swift_acl = {} - swift_acl['public-read'] = [['HTTP_X_CONTAINER_READ', '.r:*,.rlistings']] + swift_acl['public-read'] = [['X-Container-Read', '.r:*,.rlistings']] # Swift does not support public write: # https://answers.launchpad.net/swift/+question/169541 - swift_acl['public-read-write'] = [['HTTP_X_CONTAINER_WRITE', '.r:*'], - ['HTTP_X_CONTAINER_READ', + swift_acl['public-read-write'] = [['X-Container-Write', '.r:*'], + ['X-Container-Read', '.r:*,.rlistings']] # TODO: if there's a way to get group and user, this should work for @@ -91,8 +91,8 @@ def swift_acl_translate(acl, group='', user='', xml=False): # swift_acl['private'] = \ # [['HTTP_X_CONTAINER_WRITE', group + ':' + user], \ # ['HTTP_X_CONTAINER_READ', group + ':' + user]] - swift_acl['private'] = [['HTTP_X_CONTAINER_WRITE', '.'], - ['HTTP_X_CONTAINER_READ', '.']] + swift_acl['private'] = [['X-Container-Write', '.'], + ['X-Container-Read', '.']] if xml: # We are working with XML and need to parse it try: diff --git a/swift3/test/unit/test_acl.py b/swift3/test/unit/test_acl.py index bb2e0b64..49da870b 100644 --- a/swift3/test/unit/test_acl.py +++ b/swift3/test/unit/test_acl.py @@ -19,6 +19,7 @@ from swift.common.swob import Request from swift3.test.unit import Swift3TestCase from swift3.etree import fromstring, tostring, Element, SubElement +from swift3.controllers.acl import handle_acl_header XMLNS_XSI = 'http://www.w3.org/2001/XMLSchema-instance' @@ -107,5 +108,24 @@ class TestSwift3Acl(Swift3TestCase): status, headers, body = self.call_swift3(req) self.assertEquals(self._get_error_code(body), 'MalformedACLError') + def test_handle_acl_header(self): + def check_generated_acl_header(acl, targets): + req = Request.blank('/bucket', + headers={'X-Amz-Acl': acl}) + handle_acl_header(req) + for target in targets: + self.assertTrue(target[0] in req.headers) + self.assertEquals(req.headers[target[0]], target[1]) + + check_generated_acl_header('public-read', + [('X-Container-Read', '.r:*,.rlistings')]) + check_generated_acl_header('public-read-write', + [('X-Container-Read', '.r:*,.rlistings'), + ('X-Container-Write', '.r:*')]) + check_generated_acl_header('private', + [('X-Container-Read', '.'), + ('X-Container-Write', '.')]) + + if __name__ == '__main__': unittest.main() diff --git a/swift3/test/unit/test_bucket.py b/swift3/test/unit/test_bucket.py index 11bdd391..3d367643 100644 --- a/swift3/test/unit/test_bucket.py +++ b/swift3/test/unit/test_bucket.py @@ -231,6 +231,17 @@ class TestSwift3Bucket(Swift3TestCase): status, headers, body = self.call_swift3(req) self.assertEquals(status.split()[0], '200') + def test_bucket_PUT_with_canned_acl(self): + req = Request.blank('/bucket', + environ={'REQUEST_METHOD': 'PUT'}, + headers={'Authorization': 'AWS test:tester:hmac', + 'X-Amz-Acl': 'public-read'}) + status, headers, body = self.call_swift3(req) + self.assertEquals(status.split()[0], '200') + _, _, headers = self.swift.calls_with_headers[-1] + self.assertTrue('X-Container-Read' in headers) + self.assertEquals(headers.get('X-Container-Read'), '.r:*,.rlistings') + def test_bucket_PUT_with_location_error(self): elem = Element('CreateBucketConfiguration') SubElement(elem, 'LocationConstraint').text = 'XXX'