From 2dff666c614eed15c7da9a8c2036b82053087149 Mon Sep 17 00:00:00 2001 From: Neil South Date: Mon, 25 Jul 2022 09:41:13 +0100 Subject: [PATCH] fix for policy allowAllInFolder part Signed-off-by: Neil South --- src/S3Policy/PolicyExtensions.cs | 2 +- .../Tests/Extensions/PolicyExtensionsTest.cs | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/src/S3Policy/PolicyExtensions.cs b/src/S3Policy/PolicyExtensions.cs index 296858a..1774ea2 100644 --- a/src/S3Policy/PolicyExtensions.cs +++ b/src/S3Policy/PolicyExtensions.cs @@ -139,7 +139,7 @@ public static Policy ToPolicy(PolicyRequest[] policyRequests) Action = new string[] { "s3:*" }, Effect = "Allow", Resource = policyRequests - .Select(pr => System.IO.Path.Join(pr.BucketName, pr.FolderName, "*")) + .Select(pr => $"{pr.BucketName}/{pr.FolderName}/*") .Distinct() .ToArray(), }, diff --git a/src/S3Policy/Tests/Extensions/PolicyExtensionsTest.cs b/src/S3Policy/Tests/Extensions/PolicyExtensionsTest.cs index 586e73d..03ec530 100644 --- a/src/S3Policy/Tests/Extensions/PolicyExtensionsTest.cs +++ b/src/S3Policy/Tests/Extensions/PolicyExtensionsTest.cs @@ -14,6 +14,7 @@ * limitations under the License. */ +using Monai.Deploy.Storage.S3Policy.Policies; using Newtonsoft.Json; namespace Monai.Deploy.Storage.S3Policy.Tests.Extensions @@ -100,6 +101,22 @@ public void ToPolicy_NullFolder_ThrowsException() Assert.Throws(() => PolicyExtensions.ToPolicy("test-bucket", null)); } + [Fact] + public async Task ToPolicy_Should_Set_Correct_Allow_All_Path() + { + const string bucketName = "test-bucket"; + const string payloadId = "00000000-1000-0000-0000-000000000000"; + + var policys = new PolicyRequest[] { new PolicyRequest(bucketName, payloadId) }; + + var policyMade = PolicyExtensions.ToPolicy(policys); + + Assert.EndsWith( + $"{bucketName}/{payloadId}/*", + policyMade.Statement.First(p => p.Sid == "AllowAllS3ActionsInUserFolder").Resource?.First()); + + } + #endregion ToPolicy } }