diff options
Diffstat (limited to 'pkg/policy/bucket-policy_test.go')
-rw-r--r-- | pkg/policy/bucket-policy_test.go | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/pkg/policy/bucket-policy_test.go b/pkg/policy/bucket-policy_test.go index b6b4551..1a71d87 100644 --- a/pkg/policy/bucket-policy_test.go +++ b/pkg/policy/bucket-policy_test.go @@ -1592,6 +1592,7 @@ func TestListBucketPolicies(t *testing.T) { downloadUploadCondKeyMap.Add("s3:prefix", set.CreateStringSet("both")) downloadUploadCondMap.Add("StringEquals", downloadUploadCondKeyMap) + commonSetActions := commonBucketActions.Union(readOnlyBucketActions) testCases := []struct { statements []Statement bucketName string @@ -1630,6 +1631,13 @@ func TestListBucketPolicies(t *testing.T) { Principal: User{AWS: set.CreateStringSet("*")}, Resources: set.CreateStringSet("arn:aws:s3:::mybucket/download*"), }}, "mybucket", "", map[string]BucketPolicy{"mybucket/download*": BucketPolicyReadOnly}}, + {[]Statement{ + { + Actions: commonSetActions.Union(readOnlyObjectActions), + Effect: "Allow", + Principal: User{AWS: set.CreateStringSet("*")}, + Resources: set.CreateStringSet("arn:aws:s3:::mybucket", "arn:aws:s3:::mybucket/*"), + }}, "mybucket", "", map[string]BucketPolicy{"mybucket/*": BucketPolicyReadOnly}}, // Write Only {[]Statement{ { |