adjusts to policy tests

MagaluCloud · Feb 7, 2025 · 0acd4ae · 0acd4ae
1 parent 47f8959
commit 0acd4ae
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 7 deletions.
diff --git a/docs/policies_test.py b/docs/policies_test.py
@@ -156,8 +156,6 @@ def test_setup_policies(s3_client, existing_bucket_name, policies_args):
     {"action": "s3:PutObject", "boto3_action": "put_object"},
     {"action": "s3:GetObject", "boto3_action": "get_object"},
     {"action": "s3:DeleteObject", "boto3_action": "delete_object"},
-    {"action": "s3:PutBucketObjectLockConfiguration", "boto3_action": "put_object_lock_configuration"},
-    {"action": "s3:GetBucketObjectLockConfiguration", "boto3_action": "get_object_lock_configuration"},
 ]
 test_cases = [
     ({"number_clients": number_clients}, {"policy_dict": policy_dict_template, "actions": item["action"], "effect": "Deny"}, item["boto3_action"])
@@ -180,10 +178,6 @@ def test_denied_policy_operations_by_owner(s3_client, bucket_with_one_object_pol
     if boto3_action == 'put_object' :
         kwargs['Body'] = 'The answer for everthing is 42'
 
-    # put_object_lock_configuration expects a ObjectLockConfiguration argument
-    if boto3_action == 'put_object_lock_configuration' :
-        kwargs['ObjectLockConfiguration'] = policy_dict_template
-
     # put_object_retention expects a Retention argument
     if boto3_action == 'put_object_retention' :
         kwargs['Retention'] = {
@@ -192,6 +186,7 @@ def test_denied_policy_operations_by_owner(s3_client, bucket_with_one_object_pol
         }
 
     #retrieve the method passed as argument
+    logging.info(f"call boto3_action:{boto3_action}, with args:{kwargs}")
     method = getattr(s3_client, boto3_action)
     try:
         response = method(**kwargs)

diff --git a/docs/s3_helpers.py b/docs/s3_helpers.py
@@ -1,4 +1,5 @@
 import os
+
 import boto3
 from botocore.exceptions import ClientError
 from datetime import datetime, timedelta
@@ -263,8 +264,9 @@ def change_policies_json(bucket, policy_args: dict, tenants: list) -> json:
     policy["Statement"][0]["Effect"] = effect
     policy["Statement"][0]["Principal"] = tenants
     policy["Statement"][0]["Action"] = actions
-    policy["Statement"][0]["Resource"] = bucket + "/*"
+    policy["Statement"][0]["Resource"] = [bucket + "/*", bucket]
 
+    logging.info(f"POLICY: {json.dumps(policy)}")
     return json.dumps(policy)