diff --git a/tests/functional/object/mcg/test_bucket_policy.py b/tests/functional/object/mcg/test_bucket_policy.py index 8fdf7208fba..80eeb93b7ef 100644 --- a/tests/functional/object/mcg/test_bucket_policy.py +++ b/tests/functional/object/mcg/test_bucket_policy.py @@ -37,6 +37,7 @@ s3_delete_bucket_website, s3_get_bucket_versioning, s3_put_bucket_versioning, + s3_list_objects_v2, list_multipart_upload, list_uploaded_parts, complete_multipart_upload, @@ -939,17 +940,20 @@ def test_bucket_policy_elements_NotAction(self, mcg_obj, bucket_factory, effect) """ # Creating obc and obc object to get account details, keys etc - obc_bucket = bucket_factory(amount=1, interface="OC") + obc_bucket = bucket_factory(amount=2, interface="OC") obc_obj = OBC(obc_bucket[0].name) + obc_obj1 = OBC(obc_bucket[1].name) # Set bucket policy for user bucket_policy_generated = gen_bucket_policy( - user_list=obc_obj.obc_account, + user_list=obc_obj1.obc_account, action_property="NotAction", actions_list=["DeleteBucket"], resources_list=[f'{obc_obj.bucket_name}/{"*"}'], effect=effect, ) + if effect == "Allow": + bucket_policy_generated["Statement"][0]["NotAction"][0] = "s3:ListBucket" bucket_policy = json.dumps(bucket_policy_generated) # Add Bucket Policy @@ -968,19 +972,19 @@ def test_bucket_policy_elements_NotAction(self, mcg_obj, bucket_factory, effect) # Put Object is allowed logger.info("Writing index data to the bucket") assert s3_put_object( - s3_obj=obc_obj, + s3_obj=obc_obj1, bucketname=obc_obj.bucket_name, object_key="index.html", data=index, content_type="text/html", ), "Failed to put object." - # Delete bucket get access denied. - logger.info(f"Deleting bucket {obc_obj.bucket_name}") + # List bucket get access denied. + logger.info(f"Listing bucket objects {obc_obj.bucket_name}") try: - s3_delete_bucket_website(s3_obj=obc_obj, bucketname=obc_obj.bucket_name) + s3_list_objects_v2(s3_obj=obc_obj1, bucketname=obc_obj.bucket_name) raise UnexpectedBehaviour( - "Failed: Bucket got deleted, expect to get AccessDenied." + "Failed: Object got listed, expect to get AccessDenied." ) except boto3exception.ClientError as e: logger.info(e.response) @@ -997,7 +1001,7 @@ def test_bucket_policy_elements_NotAction(self, mcg_obj, bucket_factory, effect) logger.info("Writing index data to the bucket") try: s3_put_object( - s3_obj=obc_obj, + s3_obj=obc_obj1, bucketname=obc_obj.bucket_name, object_key="index.html", data=index,