fix S3 per-user-directory Policy (#6443)

* fix S3 per-user-directory Policy

* Delete docker/config.json

* add tests

* remove logs

* undo modifications of weed/shell/command_volume_balance.go

* remove modifications of docker-compose

* fix failing test

---------

Co-authored-by: Chris Lu <chrislusf@users.noreply.github.com>

1 files changed, 71 insertions, 0 deletions

diff --git a/weed/iamapi/iamapi_management_handlers_test.go b/weed/iamapi/iamapi_management_handlers_test.go
new file mode 100644
index 000000000..9b4a92c24
--- /dev/null
+++ b/weed/iamapi/iamapi_management_handlers_test.go
@@ -0,0 +1,71 @@
+package iamapi
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestGetActionsUserPath(t *testing.T) {
+
+	policyDocument := PolicyDocument{
+		Version: "2012-10-17",
+		Statement: []*Statement{
+			{
+				Effect: "Allow",
+				Action: []string{
+					"s3:Put*",
+					"s3:PutBucketAcl",
+					"s3:Get*",
+					"s3:GetBucketAcl",
+					"s3:List*",
+					"s3:Tagging*",
+					"s3:DeleteBucket*",
+				},
+				Resource: []string{
+					"arn:aws:s3:::shared/user-Alice/*",
+				},
+			},
+		},
+	}
+
+	actions, _ := GetActions(&policyDocument)
+
+	expectedActions := []string{
+		"Write:shared/user-Alice/*",
+		"WriteAcp:shared/user-Alice/*",
+		"Read:shared/user-Alice/*",
+		"ReadAcp:shared/user-Alice/*",
+		"List:shared/user-Alice/*",
+		"Tagging:shared/user-Alice/*",
+		"DeleteBucket:shared/user-Alice/*",
+	}
+	assert.Equal(t, expectedActions, actions)
+}
+
+func TestGetActionsWildcardPath(t *testing.T) {
+
+	policyDocument := PolicyDocument{
+		Version: "2012-10-17",
+		Statement: []*Statement{
+			{
+				Effect: "Allow",
+				Action: []string{
+					"s3:Get*",
+					"s3:PutBucketAcl",
+				},
+				Resource: []string{
+					"arn:aws:s3:::*",
+				},
+			},
+		},
+	}
+
+	actions, _ := GetActions(&policyDocument)
+
+	expectedActions := []string{
+		"Read",
+		"WriteAcp",
+	}
+	assert.Equal(t, expectedActions, actions)
+}