MCPcopy
hub / github.com/minio/minio-go / TestListBucketPolicies

Function TestListBucketPolicies

pkg/policy/bucket-policy_test.go:1708–1814  ·  view source on GitHub ↗

GetPolicyRules is called and the result is validated

(t *testing.T)

Source from the content-addressed store, hash-verified

1706
1707// GetPolicyRules is called and the result is validated
1708func TestListBucketPolicies(t *testing.T) {
1709 // Condition for read objects
1710 downloadCondMap := make(ConditionMap)
1711 downloadCondKeyMap := make(ConditionKeyMap)
1712 downloadCondKeyMap.Add("s3:prefix", set.CreateStringSet("download"))
1713 downloadCondMap.Add("StringEquals", downloadCondKeyMap)
1714
1715 // Condition for readwrite objects
1716 downloadUploadCondMap := make(ConditionMap)
1717 downloadUploadCondKeyMap := make(ConditionKeyMap)
1718 downloadUploadCondKeyMap.Add("s3:prefix", set.CreateStringSet("both"))
1719 downloadUploadCondMap.Add("StringEquals", downloadUploadCondKeyMap)
1720
1721 commonSetActions := commonBucketActions.Union(readOnlyBucketActions)
1722 testCases := []struct {
1723 statements []Statement
1724 bucketName string
1725 prefix string
1726 expectedResult map[string]BucketPolicy
1727 }{
1728 // Empty statements, bucket name and prefix.
1729 {[]Statement{}, "", "", map[string]BucketPolicy{}},
1730 // Non-empty statements, empty bucket name and empty prefix.
1731 {[]Statement{{
1732 Actions: readOnlyBucketActions,
1733 Effect: "Allow",
1734 Principal: User{AWS: set.CreateStringSet("*")},
1735 Resources: set.CreateStringSet("arn:aws:s3:::mybucket"),
1736 }}, "", "", map[string]BucketPolicy{}},
1737 // Empty statements, non-empty bucket name and empty prefix.
1738 {[]Statement{}, "mybucket", "", map[string]BucketPolicy{}},
1739 // Readonly object statement
1740 {[]Statement{
1741 {
1742 Actions: commonBucketActions,
1743 Effect: "Allow",
1744 Principal: User{AWS: set.CreateStringSet("*")},
1745 Resources: set.CreateStringSet("arn:aws:s3:::mybucket"),
1746 },
1747 {
1748 Actions: readOnlyBucketActions,
1749 Effect: "Allow",
1750 Principal: User{AWS: set.CreateStringSet("*")},
1751 Conditions: downloadCondMap,
1752 Resources: set.CreateStringSet("arn:aws:s3:::mybucket"),
1753 },
1754 {
1755 Actions: readOnlyObjectActions,
1756 Effect: "Allow",
1757 Principal: User{AWS: set.CreateStringSet("*")},
1758 Resources: set.CreateStringSet("arn:aws:s3:::mybucket/download*"),
1759 },
1760 }, "mybucket", "", map[string]BucketPolicy{"mybucket/download*": BucketPolicyReadOnly}},
1761 {[]Statement{
1762 {
1763 Actions: commonSetActions.Union(readOnlyObjectActions),
1764 Effect: "Allow",
1765 Principal: User{AWS: set.CreateStringSet("*")},

Callers

nothing calls this directly

Calls 4

CreateStringSetFunction · 0.92
GetPoliciesFunction · 0.85
AddMethod · 0.45
UnionMethod · 0.45

Tested by

no test coverage detected