Add support for canned acls when putting object to S3 for cross account resource scenarios

James Barnett · James Barnett · commit 0ca7b167c217 · 2019-12-06T15:32:58.000+11:00
diff --git a/src/main/java/com/amazon/sqs/javamessaging/AmazonSQSExtendedClient.java b/src/main/java/com/amazon/sqs/javamessaging/AmazonSQSExtendedClient.java
@@ -1334,6 +1334,9 @@ private void storeTextInS3(String s3Key, String messageContentStr, Long messageC
 		messageContentStreamMetadata.setContentLength(messageContentSize);
 		PutObjectRequest putObjectRequest = new PutObjectRequest(clientConfiguration.getS3BucketName(), s3Key,
 				messageContentStream, messageContentStreamMetadata);
+		if (clientConfiguration.isCannedAccessControlListDefined()) {
+			putObjectRequest.withCannedAcl(clientConfiguration.getCannedAccessControlList());
+		}
 		try {
 			clientConfiguration.getAmazonS3Client().putObject(putObjectRequest);
 		} catch (AmazonServiceException e) {
diff --git a/src/main/java/com/amazon/sqs/javamessaging/ExtendedClientConfiguration.java b/src/main/java/com/amazon/sqs/javamessaging/ExtendedClientConfiguration.java
@@ -17,6 +17,7 @@
 
 import com.amazonaws.AmazonClientException;
 import com.amazonaws.services.s3.AmazonS3;
+import com.amazonaws.services.s3.model.CannedAccessControlList;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import com.amazonaws.annotation.NotThreadSafe;
@@ -36,6 +37,7 @@ public class ExtendedClientConfiguration {
 	private boolean largePayloadSupport = false;
 	private boolean alwaysThroughS3 = false;
 	private int messageSizeThreshold = SQSExtendedClientConstants.DEFAULT_MESSAGE_SIZE_THRESHOLD;
+	private CannedAccessControlList cannedAccessControlList;
 
 	public ExtendedClientConfiguration() {
 		s3 = null;
@@ -48,6 +50,7 @@ public ExtendedClientConfiguration(ExtendedClientConfiguration other) {
 		this.largePayloadSupport = other.largePayloadSupport;
 		this.alwaysThroughS3 = other.alwaysThroughS3;
 		this.messageSizeThreshold = other.messageSizeThreshold;
+		this.cannedAccessControlList = other.cannedAccessControlList;
 	}
 
 	/**
@@ -214,4 +217,39 @@ public ExtendedClientConfiguration withAlwaysThroughS3(boolean alwaysThroughS3)
 	public boolean isAlwaysThroughS3() {
 		return alwaysThroughS3;
 	}
+
+	/**
+	 * Configures the ACL to apply to the Amazon S3 putObject request.
+	 * @param cannedAccessControlList
+	 *            The ACL to be used when storing objects in Amazon S3
+	 */
+	public void setCannedAccessControlList(CannedAccessControlList cannedAccessControlList) {
+		this.cannedAccessControlList = cannedAccessControlList;
+	}
+
+	/**
+	 * Configures the ACL to apply to the Amazon S3 putObject request.
+	 * @param cannedAccessControlList
+	 *            The ACL to be used when storing objects in Amazon S3
+	 */
+	public ExtendedClientConfiguration withCannedAccessControlList(CannedAccessControlList cannedAccessControlList) {
+		setCannedAccessControlList(cannedAccessControlList);
+		return this;
+	}
+
+	/**
+	 * Checks whether an ACL have been configured for storing objects in Amazon S3.
+	 * @return True if ACL is defined
+	 */
+	public boolean isCannedAccessControlListDefined() {
+		return null != cannedAccessControlList;
+	}
+
+	/**
+	 * Gets the AWS ACL to apply to the Amazon S3 putObject request.
+	 * @return Amazon S3 object ACL
+	 */
+	public CannedAccessControlList getCannedAccessControlList() {
+		return cannedAccessControlList;
+	}
 }
diff --git a/src/test/java/com/amazon/sqs/javamessaging/AmazonSQSExtendedClientTest.java b/src/test/java/com/amazon/sqs/javamessaging/AmazonSQSExtendedClientTest.java
@@ -21,6 +21,7 @@
 import java.util.Map;
 
 import com.amazonaws.services.s3.AmazonS3;
+import com.amazonaws.services.s3.model.CannedAccessControlList;
 import com.amazonaws.services.s3.model.PutObjectRequest;
 import com.amazonaws.services.sqs.AmazonSQS;
 import com.amazonaws.services.sqs.AmazonSQSClient;
@@ -209,7 +210,7 @@ public void testWhenSmallMessageIsSentThenNoAttributeIsAdded() {
     }
 
     @Test
-    public void testWhenLargeMessgaeIsSentThenAttributeWithPayloadSizeIsAdded() {
+    public void testWhenLargeMessageIsSentThenAttributeWithPayloadSizeIsAdded() {
         int messageLength = MORE_THAN_SQS_SIZE_LIMIT;
         String messageBody = generateStringWithLength(messageLength);
 
@@ -224,6 +225,24 @@ public void testWhenLargeMessgaeIsSentThenAttributeWithPayloadSizeIsAdded() {
         Assert.assertEquals(messageLength, (int)Integer.valueOf(attributes.get(SQSExtendedClientConstants.RESERVED_ATTRIBUTE_NAME).getStringValue()));
     }
 
+    @Test
+    public void testWhenSendMessageWIthCannedAccessControlListDefined() {
+        CannedAccessControlList expected = CannedAccessControlList.BucketOwnerFullControl;
+        String messageBody = generateStringWithLength(MORE_THAN_SQS_SIZE_LIMIT);
+        ExtendedClientConfiguration extendedClientConfiguration = new ExtendedClientConfiguration()
+                .withLargePayloadSupportEnabled(mockS3, S3_BUCKET_NAME).withCannedAccessControlList(expected);
+        AmazonSQS sqsExtended = spy(new AmazonSQSExtendedClient(mockSqsBackend, extendedClientConfiguration));
+
+        SendMessageRequest messageRequest = new SendMessageRequest(SQS_QUEUE_URL, messageBody);
+        sqsExtended.sendMessage(messageRequest);
+
+        ArgumentCaptor<PutObjectRequest> captor = ArgumentCaptor.forClass(PutObjectRequest.class);
+
+        verify(mockS3).putObject(captor.capture());
+
+        Assert.assertEquals(expected, captor.getValue().getCannedAcl());
+    }
+
     private String generateStringWithLength(int messageLength) {
         char[] charArray = new char[messageLength];
         Arrays.fill(charArray, 'x');
diff --git a/src/test/java/com/amazon/sqs/javamessaging/ExtendedClientConfigurationTest.java b/src/test/java/com/amazon/sqs/javamessaging/ExtendedClientConfigurationTest.java
@@ -16,6 +16,7 @@
 package com.amazon.sqs.javamessaging;
 
 import com.amazonaws.services.s3.AmazonS3;
+import com.amazonaws.services.s3.model.CannedAccessControlList;
 import com.amazonaws.services.s3.model.PutObjectRequest;
 import junit.framework.Assert;
 import org.junit.Before;
@@ -116,5 +117,18 @@ public void testMessageSizeThreshold() {
 
     }
 
+    @Test
+    public void testCannedAccessControlList() {
+
+        ExtendedClientConfiguration extendedClientConfiguration = new ExtendedClientConfiguration();
+
+        Assert.assertFalse(extendedClientConfiguration.isCannedAccessControlListDefined());
+
+        final CannedAccessControlList accessControlList = CannedAccessControlList.BucketOwnerFullControl;
+        extendedClientConfiguration.withCannedAccessControlList(accessControlList);
+        Assert.assertTrue(extendedClientConfiguration.isCannedAccessControlListDefined());
+        Assert.assertEquals(accessControlList, extendedClientConfiguration.getCannedAccessControlList());
+
+    }
 
 }
