from boto3.session import Session
import datetime
#该方法验证桶的权限，桶的创建者针对私有可读可读写的桶都具备查看桶中文件的权限，可以删除桶。非owner，私有的无法访问，可读的只能读取桶中文件列表，无法修改桶，可读写的可以读取桶中文件列表，可以修改桶
def test_lb(bname):
    access_key = "xxxxxxxxxxxxxxxxx"  #ak
    secret_key = "xxxxxxxxxxxxxxxxxxxxx"#sk
    url = "xxxxxxxxx"#云服务提供商的对象存储服务的外网地址
    session = Session(access_key, secret_key)
    s3_client = session.client("s3", endpoint_url=url)
    response = s3_client.list_objects(Bucket=bname, MaxKeys=100)
    for obj in response["Contents"]:#验证可读
        print('object: %s  Size: %s Owner: %s' %(obj["Key"], obj["Size"], obj['Owner']['DisplayName']))
    response = s3_client.delete_bucket(Bucket=bname)#验证可写
    print("result"+response)
#该方法验证文件的权限，桶的创建者对私有可读可读写都可以获取到指定文件信息。非owner,针对私有文件无法获取到文件信息，可读的可以获取到，无法修改文件信息，可读写的可以获取到，可以修改文件信息
def test_ob(bname,key):
    access_key = "xxxxxxxxxxxxxx"
    secret_key = "xxxxxxxxxxxxxxxxxxxxxxxxx"
    url = "xxxxxxxxxx"#云服务提供商的对象存储服务的外网地址
    session = Session(access_key, secret_key)
    s3_client = session.client("s3", endpoint_url=url)
    date = datetime.datetime(2021, 5, 1, 12, 17, 14)
    response = s3_client.get_object(#验证文件可读
        Bucket=bname, Key=key, IfModifiedSince=date
    )
    print(response)
    response = s3_client.put_object_tagging(#验证文件可写
        Bucket=bname,
        Key=key,
        VersionId='null',
        Tagging={
            'TagSet': [
                {
                    'Key': 'key-3',
                    'Value': 'val-3'
                }
            ]
        })
    print(response)
if __name__ == '__main__':
    test_lb('bucket-a198')
    test_ob('bucket-9a1a','test2/2.jpeg')