From 6e6ebc3a9e2e6cec74321148738184503a4fbb51 Mon Sep 17 00:00:00 2001
From: "bogdan.virtosu" <virtosu.bogdan@gmail.com>
Date: Fri, 25 Mar 2016 18:18:45 +0200
Subject: [PATCH] Add option to prevent setting bucket policy.

---
 flask_s3.py          | 9 +++++++--
 test_flask_static.py | 6 ++++++
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/flask_s3.py b/flask_s3.py
index 39eedce..8b87cb8 100644
--- a/flask_s3.py
+++ b/flask_s3.py
@@ -294,7 +294,7 @@ def _upload_files(s3, app, files_, bucket, hashes=None):
 
 def create_all(app, user=None, password=None, bucket_name=None,
                location=None, include_hidden=False,
-               filepath_filter_regex=None):
+               filepath_filter_regex=None, put_bucket_acl=True):
     """
     Uploads of the static assets associated with a Flask application to
     Amazon S3.
@@ -348,6 +348,10 @@ def create_all(app, user=None, password=None, bucket_name=None,
         store, set to r'^css'.
     :type filepath_filter_regex: `basestring` or None
 
+    :param put_bucket_acl: by default Flask-S3 will set the bucket ACL
+        to public. Set this to false to leave the policy unchanged.
+    :type put_bucket_acl: `bool`
+
     .. _bucket restrictions: http://docs.amazonwebservices.com/AmazonS3\
     /latest/dev/BucketRestrictions.html
 
@@ -380,7 +384,8 @@ def create_all(app, user=None, password=None, bucket_name=None,
         else:
             raise
 
-    s3.put_bucket_acl(Bucket=bucket_name, ACL='public-read')
+    if put_bucket_acl:
+        s3.put_bucket_acl(Bucket=bucket_name, ACL='public-read')
 
     if app.config['FLASKS3_ONLY_MODIFIED']:
         try:
diff --git a/test_flask_static.py b/test_flask_static.py
index 0ab1eff..fbf2e38 100644
--- a/test_flask_static.py
+++ b/test_flask_static.py
@@ -395,6 +395,12 @@ def test_static_folder_path(self):
         for i, e in zip(inputs, expected):
             self.assertEquals(e, flask_s3._static_folder_path(*i))
 
+    @patch('flask_s3.boto3')
+    def test__bucket_acl_not_set(self, mock_boto3):
+        flask_s3.create_all(self.app, put_bucket_acl=False)
+        self.assertFalse(mock_boto3.client().put_bucket_acl.called,
+                         "put_bucket_acl was called!")
+
     @patch('flask_s3._write_files')
     def test__upload_uses_prefix(self, mock_write_files):
         s3_mock = Mock()