Updated put_bucket_acl to support canned ACLs.

lib/fog/storage/requests/aws/put_bucket_acl.rb

@@ -20,12 +20,17 @@ module Fog
         #       or
         #         * 'URI'<~String> - URI of group to grant access for
         #     * Permission<~String> - Permission, in [FULL_CONTROL, WRITE, WRITE_ACP, READ, READ_ACP]
+        # * acl<~String> - Permissions, must be in ['private', 'public-read', 'public-read-write', 'authenticated-read']
         #
         # ==== See Also
         # http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTacl.html
 
         def put_bucket_acl(bucket_name, acl)
-          data =
+          data = ""
+          headers = {}
+          
+          if acl.is_a?(Hash)
+            data =
 <<-DATA
 <AccessControlPolicy>
   <Owner>
@@ -35,35 +40,45 @@ module Fog
   <AccessControlList>
 DATA
 
-          acl['AccessControlList'].each do |grant|
+            acl['AccessControlList'].each do |grant|
-            data << "    <Grant>"
+              data << "    <Grant>\n"
-            type = case grant['Grantee'].keys.sort
+              type = case grant['Grantee'].keys.sort
-            when ['DisplayName', 'ID']
+              when ['DisplayName', 'ID']
-              'CanonicalUser'
+                'CanonicalUser'
-            when ['EmailAddress']
+              when ['EmailAddress']
-              'AmazonCustomerByEmail'
+                'AmazonCustomerByEmail'
-            when ['URI']
+              when ['URI']
-              'Group'
+                'Group'
+              end
+              data << "      <Grantee xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:type=\"#{type}\">\n"
+              for key, value in grant['Grantee']
+                data << "        <#{key}>#{value}</#{key}>\n"
+              end
+              data << "      </Grantee>\n"
+              data << "      <Permission>#{grant['Permission']}</Permission>\n"
+              data << "    </Grant>\n"
             end
-            data << "      <Grantee xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:type=\"#{type}\">"
-            for key, value in grant['Grantee']
-              data << "        <#{key}>#{value}</#{key}>"
-            end
-            data << "      </Grantee>"
-            data << "      <Permission>#{grant['Permission']}</Permission>"
-            data << "    </Grant>"
-          end
 
-          data <<
+            data <<
 <<-DATA
   </AccessControlList>
 </AccessControlPolicy>
 DATA
+          else
+            if !['private', 'public-read', 'public-read-write', 'authenticated-read'].include?(acl)
+              raise Excon::Errors::BadRequest.new('invalid x-amz-acl')
+            end
+            headers['x-amz-acl'] = acl
+          end
+
+          headers['Content-MD5'] = Base64.encode64(Digest::MD5.digest(data)).strip
+          headers['Content-Type'] = 'application/json'
+          headers['Date'] = Fog::Time.now.to_date_header
 
           request({
             :body     => data,
             :expects  => 200,
-            :headers  => {},
+            :headers  => headers,
             :host     => "#{bucket_name}.#{@host}",
             :method   => 'PUT',
             :query    => {'acl' => nil}

lib/fog/storage/requests/aws/put_object_acl.rb

@@ -79,7 +79,7 @@ DATA
             headers['x-amz-acl'] = acl
           end
 
-          headers['Content-MD5'] = Base64.encode64(Digest::MD5.digest('')).strip
+          headers['Content-MD5'] = Base64.encode64(Digest::MD5.digest(data)).strip
           headers['Content-Type'] = 'application/json'
           headers['Date'] = Fog::Time.now.to_date_header
           

spec/storage/aws/put_bucket_acl_spec.rb

@@ -0,0 +1,62 @@
+require 'spec_helper'
+require 'storage/aws/aws_spec_helper'
+
+describe Fog::Storage::AWS do
+
+  describe "canned ACL" do
+    it "should raise an error with an invalid canned ACL" do
+      lambda { 
+        aws_storage.put_bucket_acl('bucket', 'invalid') 
+      }.should raise_error(Excon::Errors::BadRequest, "invalid x-amz-acl")
+    end
+    it "should produce a request with an x-amz-acl header" do
+      hash = aws_storage.put_bucket_acl('bucket', 'private')
+      hash[:body].should == ""
+      hash[:expects].should == 200
+      hash[:headers]["x-amz-acl"].should == "private"
+      hash[:headers]["Content-Type"].should == "application/json"      
+      hash[:host].should == "bucket.s3.amazonaws.com"
+      hash[:method].should == "PUT"
+      hash[:path].should be_nil
+      hash[:query].should == { "acl" => nil }
+    end
+  end
+  
+  describe "xml ACL" do
+    it "sends valid ACL XML" do
+      hash = aws_storage.put_bucket_acl('bucket', {
+        'Owner' => { 'ID' => "8a6925ce4adf5f21c32aa379004fef", 'DisplayName' => "mtd@amazon.com" },
+        'AccessControlList' => [
+          { 
+            'Grantee' => { 'ID' => "8a6925ce4adf588a4532142d3f74dd8c71fa124b1ddee97f21c32aa379004fef", 'DisplayName' => "mtd@amazon.com" }, 
+            'Permission' => "FULL_CONTROL" 
+          }
+        ]
+      })
+      hash[:body].should == <<-BODY
+<AccessControlPolicy>
+  <Owner>
+    <ID>8a6925ce4adf5f21c32aa379004fef</ID>
+    <DisplayName>mtd@amazon.com</DisplayName>
+  </Owner>
+  <AccessControlList>
+    <Grant>
+      <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
+        <ID>8a6925ce4adf588a4532142d3f74dd8c71fa124b1ddee97f21c32aa379004fef</ID>
+        <DisplayName>mtd@amazon.com</DisplayName>
+      </Grantee>
+      <Permission>FULL_CONTROL</Permission>
+    </Grant>
+  </AccessControlList>
+</AccessControlPolicy>
+BODY
+      hash[:expects].should == 200
+      hash[:headers]["Content-Type"].should == "application/json"      
+      hash[:host].should == "bucket.s3.amazonaws.com"
+      hash[:method].should == "PUT"
+      hash[:path].should be_nil
+      hash[:query].should == { "acl" => nil }
+    end
+  end
+  
+end