From b2003c2ed72ba7aa9a5f71184b3251c3d864cf79 Mon Sep 17 00:00:00 2001
From: Casey Bodley <cbodley@redhat.com>
Date: Wed, 26 Mar 2025 16:10:14 -0400
Subject: [PATCH] test put_bucket_acl with group uri

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 48fac52a3b7d815703cc7946aa0aace6cbfc4367)
---
 s3tests_boto3/functional/test_s3.py | 35 +++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/s3tests_boto3/functional/test_s3.py b/s3tests_boto3/functional/test_s3.py
index c58421da..c974986d 100644
--- a/s3tests_boto3/functional/test_s3.py
+++ b/s3tests_boto3/functional/test_s3.py
@@ -4035,6 +4035,41 @@ def test_bucket_acl_canned_authenticatedread():
             ],
         )
 
+def test_put_bucket_acl_grant_group_read():
+    bucket_name = get_new_bucket()
+    client = get_client()
+    display_name = get_main_display_name()
+    user_id = get_main_user_id()
+
+    grant = {'Grantee': {'Type': 'Group', 'URI': 'http://acs.amazonaws.com/groups/global/AllUsers'}, 'Permission': 'READ'}
+    policy = add_bucket_user_grant(bucket_name, grant)
+
+    client.put_bucket_acl(Bucket=bucket_name, AccessControlPolicy=policy)
+
+    response = client.get_bucket_acl(Bucket=bucket_name)
+
+    check_grants(
+        response['Grants'],
+        [
+            dict(
+                Permission='READ',
+                ID=None,
+                DisplayName=None,
+                URI='http://acs.amazonaws.com/groups/global/AllUsers',
+                EmailAddress=None,
+                Type='Group',
+                ),
+            dict(
+                Permission='FULL_CONTROL',
+                ID=user_id,
+                DisplayName=display_name,
+                URI=None,
+                EmailAddress=None,
+                Type='CanonicalUser',
+                ),
+            ],
+        )
+
 def test_object_acl_default():
     bucket_name = get_new_bucket()
     client = get_client()
-- 
2.39.5