Merge pull request #60 from EMCECS/issue/42

Implement bucket set_acl method
EMCECS · Apr 5, 2018 · 1c3c546 · 1c3c546
2 parents ba999c0 + e4bf5fa
commit 1c3c546
Show file tree

Hide file tree

Showing 3 changed files with 85 additions and 5 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.1.8
+1.1.9
diff --git a/ecsclient/common/provisioning/bucket.py b/ecsclient/common/provisioning/bucket.py
@@ -556,7 +556,7 @@ def get_acl(self, bucket_name, namespace=None):
             u'permission': []
         }
 
-        :param bucket_name: Name of the bucket for which ACL is to be updated.
+        :param bucket_name: Name of the bucket.
         :param namespace: Namespace with which bucket is associated. If it is
         null, the current user's namespace is used.
         """
@@ -570,6 +570,51 @@ def get_acl(self, bucket_name, namespace=None):
             'object/bucket/{}/acl'.format(bucket_name),
             params=params)
 
+    def set_acl(self, bucket_name, namespace=None, owner=None, default_group=None,
+                user_acl=None, group_acl=None, customgroup_acl=None):
+        """
+        Sets the ACL for the given bucket. If the buckets's namespace is not
+        specified in the payload, the current user's namespace is used.
+
+        Required role(s):
+
+        This call has no restrictions
+
+        :param bucket_name: The name of bucket used to set ACL information
+        :param namespace: The namespace to which the bucket belongs. If not provided,
+        then current user's namespace is used
+        :param owner: The name of bucket owner
+        :param default_group: The default group of the bucket
+        :param user_acl: A collection of users and their corresponding permissions
+        (e.g. `[{'permission': ['full_control'], 'user': 'myuser1'}]`)
+        :param group_acl: A collection of groups and their corresponding permissions
+        (e.g. `[{'permission': ['read'], 'group': 'public'}]`)
+        :param customgroup_acl: A collection of custom groups and their corresponding permissions
+        (e.g. `[{'permission': ['delete', 'read', 'write'], 'customgroup': 'cgroup1'}]`)
+        """
+        payload = {
+            "bucket": bucket_name,
+            "acl": {}
+        }
+
+        if namespace:
+            payload['namespace'] = namespace
+        if owner:
+            payload['acl']['owner'] = owner
+        if default_group:
+            payload['acl']['default_group'] = default_group
+        if user_acl:
+            payload['acl']['user_acl'] = user_acl
+        if group_acl:
+            payload['acl']['group_acl'] = group_acl
+        if customgroup_acl:
+            payload['acl']['customgroup_acl'] = customgroup_acl
+
+        log.info("Setting ACL for bucket '{}'".format(bucket_name))
+        self.conn.put(
+            'object/bucket/{}/acl'.format(bucket_name),
+            json_payload=payload)
+
     def get_acl_permissions(self):
         """
         Gets all ACL permissions.
@@ -666,9 +711,6 @@ def get_acl_groups(self):
         log.info('Getting all ACL groups')
         return self.conn.get('object/bucket/acl/groups')
 
-    def set_acl(self):
-        raise NotImplementedError()
-
     def get_metadata(self, bucket_name, head_type, namespace=None):
         """
         Fetch a page of head-specific metadata for the specified bucket

diff --git a/tests/functional/test_bucket.py b/tests/functional/test_bucket.py
@@ -136,6 +136,44 @@ def test_bucket_acl_groups(self):
         response = self.client.bucket.get_acl_groups()
         self.assertValidSchema(response, schemas.BUCKET_ACL_GROUPS)
 
+    def test_bucket_acl(self):
+        user_acl = [{'permission': ['full_control'], 'user': self.object_user}]
+        group_acl = [{'permission': ['read'], 'group': 'public'}]
+        customgroup_acl = [{'permission': ['delete', 'read', 'write'], 'customgroup': 'cgroup1'}]
+
+        self.client.bucket.set_acl(self.bucket_1,
+                                   namespace=self.namespace_1,
+                                   owner=self.object_user,
+                                   default_group='public',
+                                   user_acl=user_acl,
+                                   group_acl=group_acl,
+                                   customgroup_acl=customgroup_acl)
+
+        acl = self.client.bucket.get_acl(self.bucket_1,
+                                         namespace=self.namespace_1)
+
+        self.assertEqual(acl['acl']['owner'], self.object_user)
+        self.assertEqual(acl['acl']['default_group'], 'public')
+        self.assertEqual(acl['acl']['group_acl'], group_acl)
+        self.assertEqual(acl['acl']['user_acl'], user_acl)
+        acl['acl']['customgroup_acl'][0]['permission'].sort()
+        self.assertEqual(acl['acl']['customgroup_acl'], customgroup_acl)
+        self.assertEqual(acl['bucket'], self.bucket_1)
+        self.assertEqual(acl['namespace'], self.namespace_1)
+
+        # Clear ACLs
+
+        self.client.bucket.set_acl(self.bucket_1,
+                                   namespace=self.namespace_1)
+        acl = self.client.bucket.get_acl(self.bucket_1,
+                                         namespace=self.namespace_1)
+
+        self.assertEqual(acl['acl']['group_acl'], [])
+        self.assertEqual(acl['acl']['user_acl'], [])
+        self.assertEqual(acl['acl']['customgroup_acl'], [])
+        self.assertEqual(acl['bucket'], self.bucket_1)
+        self.assertEqual(acl['namespace'], self.namespace_1)
+
     def test_bucket_user_metadata(self):
         self.client.bucket.set_metadata(self.bucket_1,
                                         "key1",