From 520477b0a65558503fc57be86fc9257ba953599c Mon Sep 17 00:00:00 2001
From: Wan Liuyang <tsfdye@gmail.com>
Date: Tue, 4 Sep 2018 11:13:36 +0800
Subject: [PATCH] Explicitly set AWS default ACL to None

---
 docs/settings.rst                                    |  2 ++
 .../config/settings/production.py                    | 12 ++++++++----
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/docs/settings.rst b/docs/settings.rst
index 6e71a5151..7cf465010 100644
--- a/docs/settings.rst
+++ b/docs/settings.rst
@@ -44,6 +44,8 @@ Environment Variable                    Django Setting              Development
 DJANGO_AWS_ACCESS_KEY_ID                AWS_ACCESS_KEY_ID           n/a                                            raises error
 DJANGO_AWS_SECRET_ACCESS_KEY            AWS_SECRET_ACCESS_KEY       n/a                                            raises error
 DJANGO_AWS_STORAGE_BUCKET_NAME          AWS_STORAGE_BUCKET_NAME     n/a                                            raises error
+DJANGO_AWS_DEFAULT_ACL                  AWS_DEFAULT_ACL             n/a                                            None
+DJANGO_AWS_BUCKET_ACL                   AWS_BUCKET_ACL              n/a                                            None
 SENTRY_DSN                              SENTRY_DSN                  n/a                                            raises error
 DJANGO_SENTRY_CLIENT                    SENTRY_CLIENT               n/a                                            raven.contrib.django.raven_compat.DjangoClient
 DJANGO_SENTRY_LOG_LEVEL                 SENTRY_LOG_LEVEL            n/a                                            logging.INFO
diff --git a/{{cookiecutter.project_slug}}/config/settings/production.py b/{{cookiecutter.project_slug}}/config/settings/production.py
index 606535d4c..1662124f6 100644
--- a/{{cookiecutter.project_slug}}/config/settings/production.py
+++ b/{{cookiecutter.project_slug}}/config/settings/production.py
@@ -73,6 +73,10 @@ AWS_SECRET_ACCESS_KEY = env('DJANGO_AWS_SECRET_ACCESS_KEY')
 # https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html#settings
 AWS_STORAGE_BUCKET_NAME = env('DJANGO_AWS_STORAGE_BUCKET_NAME')
 # https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html#settings
+AWS_DEFAULT_ACL = env('DJANGO_AWS_DEFAULT_ACL', default=None)
+# https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html#settings
+AWS_BUCKET_ACL = env('DJANGO_AWS_BUCKET_ACL', default=None)
+# https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html#settings
 AWS_QUERYSTRING_AUTH = False
 # DO NOT change these unless you know what you're doing.
 _AWS_EXPIRY = 60 * 60 * 24 * 7
@@ -86,7 +90,7 @@ AWS_S3_OBJECT_PARAMETERS = {
 {% if cookiecutter.use_whitenoise == 'y' -%}
 STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
 {%- else %}
-STATICFILES_STORAGE = 'config.settings.production.StaticRootS3BotoStorage'
+STATICFILES_STORAGE = 'config.settings.production.StaticRootS3Boto3Storage'
 STATIC_URL = f'https://s3.amazonaws.com/{AWS_STORAGE_BUCKET_NAME}/static/'
 {%- endif %}
 
@@ -101,17 +105,17 @@ MEDIA_URL = f'https://s3.amazonaws.com/{AWS_STORAGE_BUCKET_NAME}/'
 from storages.backends.s3boto3 import S3Boto3Storage  # noqa E402
 
 
-class StaticRootS3BotoStorage(S3Boto3Storage):
+class StaticRootS3Boto3Storage(S3Boto3Storage):
     location = 'static'
 
 
-class MediaRootS3BotoStorage(S3Boto3Storage):
+class MediaRootS3Boto3Storage(S3Boto3Storage):
     location = 'media'
     file_overwrite = False
 
 
 # endregion
-DEFAULT_FILE_STORAGE = 'config.settings.production.MediaRootS3BotoStorage'
+DEFAULT_FILE_STORAGE = 'config.settings.production.MediaRootS3Boto3Storage'
 MEDIA_URL = f'https://s3.amazonaws.com/{AWS_STORAGE_BUCKET_NAME}/media/'
 {%- endif %}