def PUT(self, app): if not self.obj: # Initiate Multipart Uploads (put +segment container) resp = self._handle_acl(app, 'HEAD') req_acl = ACL.from_headers(self.req.headers, resp.bucket_acl.owner, Owner(self.user_id, self.user_id)) acl_headers = encode_acl('object', req_acl) self.req.headers[sysmeta_header('object', 'tmpacl')] = \ acl_headers[sysmeta_header('object', 'acl')]
def encode_acl(resource, acl): header_value = {"Owner": acl.owner.id} header_value.update({"Grant": acl.grant}) headers = {} key = sysmeta_header(resource, 'acl') headers[key] = header_value['Grant'] return headers
def test_fake_swift_sysmeta(self): swift = FakeSwift() orig_headers = HeaderKeyDict() orig_headers.update({ sysmeta_header('container', 'acl'): 'test', 'x-container-meta-foo': 'bar' }) swift.register(self.method, self.path, MagicMock(), orig_headers, None) self._check_headers(swift, self.method, self.path, orig_headers) new_headers = orig_headers.copy() del new_headers[sysmeta_header('container', 'acl').title()] swift.register(self.method, self.path, MagicMock(), new_headers, None) self._check_headers(swift, self.method, self.path, orig_headers)
def test_encode_acl_object(self): acl = ACLPrivate(Owner(id='test:tester', name='test:tester')) acp = encode_acl('object', acl) header_value = json.loads(acp[sysmeta_header('object', 'acl')]) self.assertTrue('Owner' in header_value) self.assertTrue('Grant' in header_value) self.assertEqual('test:tester', header_value['Owner']) self.assertEqual(len(header_value['Grant']), 1)
def test_decode_acl_object(self): access_control_policy = \ {'Owner': 'test:tester', 'Grant': [{'Permission': 'FULL_CONTROL', 'Grantee': 'test:tester'}]} headers = { sysmeta_header('object', 'acl'): json.dumps(access_control_policy) } acl = decode_acl('object', headers) self.assertEqual(type(acl), ACL) self.assertEqual(acl.owner.id, 'test:tester') self.assertEqual(len(acl.grants), 1) self.assertEqual(str(acl.grants[0].grantee), 'test:tester') self.assertEqual(acl.grants[0].permission, 'FULL_CONTROL')
def test_encode_acl_many_grant(self): headers = {} users = [] for i in range(0, 99): users.append('id=test:tester%s' % str(i)) users = ','.join(users) headers['x-oss-grant-read'] = users acl = ACL.from_headers(headers, Owner('test:tester', 'test:tester')) acp = encode_acl('container', acl) header_value = acp[sysmeta_header('container', 'acl')] header_value = json.loads(header_value) self.assertTrue('Owner' in header_value) self.assertTrue('Grant' in header_value) self.assertEqual('test:tester', header_value['Owner']) self.assertEqual(len(header_value['Grant']), 99)
def decode_acl(resource, headers, owner): value = '' key = sysmeta_header(resource, 'acl') if key in headers: value = headers[key] if value == '': return ACL(Owner(None, None), []) try: id = None name = None if owner is not None: id = owner name = owner if id is not None and name is not None: return ACL(Owner(id, name), value) except Exception as e: LOGGER.debug(e) pass raise InvalidSubresource((resource, 'acl', value))
def test_decode_acl_with_invalid_json(self): headers = {sysmeta_header('container', 'acl'): '['} self.assertRaises(InvalidSubresource, decode_acl, 'container', headers)
def test_decode_acl_empty_list(self): headers = {sysmeta_header('container', 'acl'): '[]'} acl = decode_acl('container', headers) self.assertEqual(type(acl), ACL) self.assertIsNone(acl.owner.id) self.assertEqual(len(acl.grants), 0)
def deleter(self): self.headers[sysmeta_header(resource, 'acl')] = ''
def PUT(self, app): container = self.req.container_name + MULTIUPLOAD_SUFFIX obj = '%s/%s' % (self.obj, self.req.params['uploadId']) resp = self.req._get_response(app, 'HEAD', container, obj) self.req.headers[sysmeta_header('object', 'acl')] = \ resp.sysmeta_headers.get(sysmeta_header('object', 'tmpacl'))