From da334c3bc1eb4db693a25553fdf73880f7062919 Mon Sep 17 00:00:00 2001 From: "anatoly@nspcc.ru" Date: Fri, 14 Aug 2020 01:09:00 +0300 Subject: [PATCH] update --- README.md | 10 + robot/resources/lib/neofs.py | 74 ++- robot/testsuites/integration/acl_basic.robot | 55 ++- .../testsuites/integration/acl_extended.robot | 433 ++++++++++++++++++ 4 files changed, 558 insertions(+), 14 deletions(-) create mode 100644 robot/testsuites/integration/acl_extended.robot diff --git a/README.md b/README.md index 3710c60..a65c021 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,16 @@ 3. Логи будут доступны в папке artifacts/ после завершения тестов с любым из статусов. +### Запуск произвольного тесткейса +Для запуска произвольного тесткейса нужно выполнить команду: +`robot --timestampoutputs --outputdir artifacts/ robot/testsuites/integration/.robot ` + +Для запуска доступны следущие сценарии: + * acl_basic.robot - базовый ACL + * acl_extended.robot - extended ACL + * object_complex.robot - операции над простым объектом + * object_simple.robot - операции над большим объектом + ### Запуск тесткейсов в докере 1. Задать переменные окружения для работы с dev-env: diff --git a/robot/resources/lib/neofs.py b/robot/resources/lib/neofs.py index fbc5c7d..a6ac4e3 100644 --- a/robot/resources/lib/neofs.py +++ b/robot/resources/lib/neofs.py @@ -62,10 +62,31 @@ def validate_storage_policy_for_object(private_key: bytes, expected_copies: int, raise Exception("Not enough object copies to match storage policyю Found: %s, expexted: %s." % (copies, expected_copies)) +# docker exec neofs-cli neofs-cli --host 192.168.123.71:8080 --key 1ed43848107fd2d513c38ebfba3bb8c33d5abd2b6a99fafb09d07a30191989af container set-eacl --cid DNG1DCV3PTfxuYCLdbdMpRmrumfvacyWmyqLzNrV1koi --eacl 0a4b080210021a1e080310011a0a686561646572206b6579220c6865616465722076616c7565222508031221031a6c6fbbdf02ca351745fa86b9ba5a9452d785ac4f7fc2b7548ca2a46c4fcf4a +# Updating ACL rules of container... + +@keyword('Get eACL') +def get_eacl(private_key: bytes, cid: str): + + Cmd = f'{CLI_PREFIX}neofs-cli --host {NEOFS_ENDPOINT} --key {binascii.hexlify(private_key).decode()} container get-eacl --cid {cid}' + logger.info("Cmd: %s" % Cmd) + complProc = subprocess.run(Cmd, check=True, universal_newlines=True, + stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=150, shell=True) + output = complProc.stdout + logger.info("Output: %s" % output) + + +@keyword('Set eACL') +def set_eacl(private_key: bytes, cid: str, eacl: str): + + Cmd = f'{CLI_PREFIX}neofs-cli --host {NEOFS_ENDPOINT} --key {binascii.hexlify(private_key).decode()} container set-eacl --cid {cid} --eacl {eacl}' + logger.info("Cmd: %s" % Cmd) + complProc = subprocess.run(Cmd, check=True, universal_newlines=True, + stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=150, shell=True) + output = complProc.stdout + logger.info("Output: %s" % output) + -#docker exec neofs-cli neofs-cli --host 192.168.123.71:8080 --key 22b2f3faea9383e27262364c96d8e5ef7e893abf7a6ad7bf31ee1f2c2b3cfc42 -# object get-range --cid 4H9iChvzYdBg6qntfYUWGWCzsJFBDdo99KegefsD721Q --oid a101d078-b3d4-4325-8fe8-41dce6917097 0:10 -#fead193c1f6f488255f7 @keyword('Get Range') def get_range(private_key: bytes, cid: str, oid: str, range_cut: str): @@ -300,9 +321,56 @@ def head_object(private_key: bytes, cid: str, oid: str, full_headers:bool=False, else: raise Exception("User header %s was not found in the command output: \t%s" % (user_header, complProc.stdout)) + return complProc.stdout + except subprocess.CalledProcessError as e: raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output)) + + + +@keyword('Parse Object Header') +def parse_object_header(header: str): + result_header = dict() + + #SystemHeader + result_header['ID'] = _parse_oid(header) + result_header['CID'] = _parse_cid(header) + + logger.info("Result: %s" % result_header) + + + + m = re.search(r'ID: ([a-zA-Z0-9-]+)', header) + if m.start() != m.end(): # e.g., if match found something + oid = m.group(1) + else: + raise Exception("no OID was parsed from command output: \t%s" % output) + + return oid + + return +# SystemHeader: +# - ID=c9fdc3e8-6576-4822-9bc4-2a0addcbf105 +# - CID=42n81QNr7o513t2pTGuzM2PPFiHLhJ1MeSCJzizQW1wP +# - OwnerID=ANwbVH8nyWfTg7G6L9uzZxfXhKUhdjTYDa +# - Version=1 +# - PayloadLength=1024 +# - CreatedAt={UnixTime=1597330026 Epoch=2427} +# ExtendedHeaders: +# - Type=UserHeader +# Value={Key=key1 Val=1} +# - Type=UserHeader +# Value={Key=key2 Val='abc1'} +# - Type=Token +# Value={ID=6143e50f-5dbf-4964-ba16-266517e4fe9a Verb=Put} +# - Type=HomoHash +# Value=4c3304688e23b884f29a3e50cb65e067357d074f52e1e634a940a7488f40a3f53ffb0cb94d4b9c619432307fa615eb076d0c3d153acdd77835acac0553992238 +# - Type=PayloadChecksum +# Value=776bc1c03d2c72885c4976b000e2483df57275964308cc67eb36a829cad9a2c3 +# - Type=Integrity +# Value={Checksum=45859b067c6525b6f9fa78b9764ceca0a0eeb506cefd71c374aabd4cfd773430 Signature=04e80f81919fa14879b04fcad0fab411ebb0b7c38f00f030c98a4813ae402300b79b666c705317b358a17963d50ee5dceab4f6f3599e54da210b860df2f8b2a63c} + @keyword('Delete object') def delete_object(private_key: bytes, cid: str, oid: str): diff --git a/robot/testsuites/integration/acl_basic.robot b/robot/testsuites/integration/acl_basic.robot index a58dbbd..4546c03 100644 --- a/robot/testsuites/integration/acl_basic.robot +++ b/robot/testsuites/integration/acl_basic.robot @@ -31,10 +31,12 @@ Generate Keys ${USER_KEY_GEN} = Generate Neo private key ${OTHER_KEY_GEN} = Generate Neo private key ${SYSTEM_KEY_GEN} = Form Privkey from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21 + ${SYSTEM_KEY_GEN_SN} = Form Privkey from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2 - Set Global Variable ${USER_KEY} ${USER_KEY_GEN} - Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN} - Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN} + Set Global Variable ${USER_KEY} ${USER_KEY_GEN} + Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN} + Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN} + Set Global Variable ${SYSTEM_KEY_STOR_NODE} ${SYSTEM_KEY_GEN_SN} # Basic ACL manual page: https://neospcc.atlassian.net/wiki/spaces/NEOF/pages/362348545/NeoFS+ACL # TODO: X - Sticky bit validation on public container!!! @@ -42,7 +44,7 @@ Generate Keys Create Containers # Create containers: Log Create Private Container - ${PRIV_CID_GEN} = Create container ${USER_KEY} 0x1C8C8CCC + ${PRIV_CID_GEN} = Create container ${USER_KEY} 0x1C8C8CCC Container Existing ${USER_KEY} ${PRIV_CID_GEN} Log Create Public Container @@ -50,7 +52,7 @@ Create Containers Container Existing ${USER_KEY} ${PUBLIC_CID_GEN} Log Create Read-Only Container - ${READONLY_CID_GEN} = Create container ${USER_KEY} 0x1FFFCCFF + ${READONLY_CID_GEN} = Create container ${USER_KEY} 0x1FFF8CFF Container Existing ${USER_KEY} ${READONLY_CID_GEN} Set Global Variable ${PRIV_CID} ${PRIV_CID_GEN} @@ -76,6 +78,9 @@ Check Private Container ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PRIV_CID} Run Keyword And Expect Error * ... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${PRIV_CID} + ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_STOR_NODE} ${FILE_S} ${PRIV_CID} + + # Get @@ -83,7 +88,8 @@ Check Private Container Run Keyword And Expect Error * ... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} s_file_read Run Keyword And Expect Error * - ... Get object from NeoFS ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER} s_file_read + ... Get object from NeoFS ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER} s_file_read + Get object from NeoFS ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${S_OID_USER} s_file_read # Get Range Get Range ${USER_KEY} ${PRIV_CID} ${S_OID_USER} 0:256 @@ -91,6 +97,8 @@ Check Private Container ... Get Range ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} 0:256 Run Keyword And Expect Error * ... Get Range ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER} 0:256 + Run Keyword And Expect Error * + ... Get Range ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${S_OID_USER} 0:256 # TODO: GetRangeHash # get-range-hash --cid --oid [--bearer ] [--verify --file ] [--salt ] [: [...]] @@ -100,11 +108,12 @@ Check Private Container # Search - @{S_OBJ_PRIV} = Create List ${S_OID_USER} - Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV} + @{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN} + Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV} Run Keyword And Expect Error * ... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV} Search object ${SYSTEM_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV} + Search object ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV} # Head @@ -112,6 +121,8 @@ Check Private Container Run Keyword And Expect Error * ... Head object ${OTHER_KEY} ${PRIV_CID} ${S_OBJ_PRIV} ${True} Head object ${SYSTEM_KEY} ${PRIV_CID} ${S_OBJ_PRIV} ${True} + Head object ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${S_OBJ_PRIV} ${True} + # Delete @@ -120,6 +131,8 @@ Check Private Container ... Delete object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} Run Keyword And Expect Error * ... Delete object ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER} + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${S_OID_USER} @@ -133,6 +146,7 @@ Check Public Container # By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment Run Keyword And Expect Error * ... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${PUBLIC_CID} + ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_STOR_NODE} ${FILE_S} ${PUBLIC_CID} # Get Get object from NeoFS ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_file_read @@ -140,6 +154,7 @@ Check Public Container # By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment Run Keyword And Expect Error * ... Get object from NeoFS ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} s_file_read + Get object from NeoFS ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_USER} s_file_read # Get Range Get Range ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} 0:256 @@ -147,6 +162,7 @@ Check Public Container # By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment Run Keyword And Expect Error * ... Get Range ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} 0:256 + Get Range ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_USER} 0:256 # TODO: GetRangeHash # get-range-hash --cid --oid [--bearer ] [--verify --file ] [--salt ] [: [...]] @@ -156,26 +172,36 @@ Check Public Container # Search - @{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} + @{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV} Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV} Search object ${SYSTEM_KEY} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV} + Search object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV} # Head Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${True} Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${True} Head object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} ${True} + Head object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_USER} ${True} Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${True} Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${True} Head object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${True} + Head object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_OTHER} ${True} + + Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${True} + Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${True} + Head object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${True} + Head object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_SYS_SN} ${True} + # Delete Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} Run Keyword And Expect Error * ... Delete object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} + Delete object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_USER} Check Read-Only Container @@ -187,6 +213,7 @@ Check Read-Only Container ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${READONLY_CID} Run Keyword And Expect Error * ... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${READONLY_CID} + ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_STOR_NODE} ${FILE_S} ${READONLY_CID} # Get Get object from NeoFS ${USER_KEY} ${READONLY_CID} ${S_OID_USER} s_file_read @@ -194,6 +221,7 @@ Check Read-Only Container # By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment Run Keyword And Expect Error * ... Get object from NeoFS ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} s_file_read + Get object from NeoFS ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${S_OID_USER} s_file_read # Get Range Get Range ${USER_KEY} ${READONLY_CID} ${S_OID_USER} 0:256 @@ -201,6 +229,7 @@ Check Read-Only Container # By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment Run Keyword And Expect Error * ... Get Range ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} 0:256 + Get Range ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${S_OID_USER} 0:256 # TODO: GetRangeHash # get-range-hash --cid --oid [--bearer ] [--verify --file ] [--salt ] [: [...]] @@ -210,20 +239,24 @@ Check Read-Only Container # Search - @{S_OBJ_RO} = Create List ${S_OID_USER} + @{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN} Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO} Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO} Search object ${SYSTEM_KEY} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO} + Search object ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO} # Head Head object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${True} Head object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${True} Head object ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} ${True} + Head object ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${S_OID_USER} ${True} # Delete Delete object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} Run Keyword And Expect Error * ... Delete object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} Run Keyword And Expect Error * - ... Delete object ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} \ No newline at end of file + ... Delete object ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${S_OID_USER} \ No newline at end of file diff --git a/robot/testsuites/integration/acl_extended.robot b/robot/testsuites/integration/acl_extended.robot new file mode 100644 index 0000000..e66e3eb --- /dev/null +++ b/robot/testsuites/integration/acl_extended.robot @@ -0,0 +1,433 @@ +*** Settings *** +Variables ../../variables/common.py + + +Library ${RESOURCES}/environment.py +Library ${RESOURCES}/neo.py +Library ${RESOURCES}/neofs.py +Library ${RESOURCES}/payment.py +Library ${RESOURCES}/assertions.py +Library ${RESOURCES}/neo.py + + +*** Variables *** +&{FILE_USR_HEADER} = key1=1 key2='abc1' +&{FILE_USR_HEADER_DEL} = key1=del key2=del +&{FILE_OTH_HEADER} = key1=oth key2=oth + +*** Test cases *** +Basic ACL Operations + [Documentation] Testcase to validate NeoFS operations with extended ACL. + [Tags] ACL NeoFS NeoCLI + [Timeout] 20 min + + Generate Keys + Generate file + Prepare eACL rules + +# Check Filters + Check Actions + + + + +*** Keywords *** + +Check Actions + Check eACL Deny and Allow All Other + Check eACL Deny and Allow All User + Check eACL Deny and Allow All System + + Check eACL Deny All Other and Allow All Pubkey + + + + +Check Filters + Check eACL MatchType String + + + +Check eACL MatchType String + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER} + ${HEADER} = Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${True} + Get nodes with object ${SYSTEM_KEY} ${CID} ${S_OID_USER} + Parse Object Header ${HEADER} + + +#### Format +# +#{ +# "Records": [ +# { +# "Operation": OPERATION, +# "Action": ACTION, +# "Filters": [ +# { +# "HeaderType": HEADER_TYPE, +# "MatchType": MATCH_TYPE, +# "Name": {HeaderType = ObjectSystem ? SYSTEM_HEADER : ANY_STRING}, +# "Value": ANY_STRING, +# } +# ], +# "Targets": [ +# { +# "Role": ROLE, +# "Keys": BASE64_STRING[...] +# } +# ] +# } +# ] +#} + + +# * ANY_STRING - any JSON string value +# * BASE64_STRING - any Base64 string (RFC 4648) +# * ACTION - string, one of +# * Deny +# * Allow + + +# * ROLE - string, one of +# * User +# * System +# * Others +# * Pubkey +# * OPERATION - string, one of +# * GET +# * HEAD +# * PUT +# * DELETE +# * SEARCH +# * GETRANGE +# * GETRANGEHASH + + + +# * HEADER_TYPE - string, one of +# * Request +# * ObjectSystem +# * ObjectUser + + +# * MATCH_TYPE - string, one of +# * StringEqual +# * StringNotEqual + + +# * SYSTEM_HEADER - string one of +# * ID +# * CID +# * OWNER_ID +# * VERSION +# * PAYLOAD_LENGTH +# * CREATED_UNIX +# * CREATED_EPOCH +# * LINK_PREV +# * LINK_NEXT +# * LINK_CHILD +# * LINK_PAR +# * LINK_SG + + + + + + +Generate Keys + ${USER_KEY_GEN} = Generate Neo private key + ${OTHER_KEY_GEN} = Generate Neo private key + ${EACL_KEY_GEN} = Form Privkey from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de + Get Neo public key ${EACL_KEY_GEN} + ${SYSTEM_KEY_GEN} = Form Privkey from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21 + + + ${SYSTEM_KEY_GEN_SN} = Form Privkey from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2 + + + Set Global Variable ${USER_KEY} ${USER_KEY_GEN} + Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN} + Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN} + Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN} + + Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN} + + + + +Create Container Public + Log Create Public Container + ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x2FFFFFFF + [Return] ${PUBLIC_CID_GEN} + + + +Generate file + # Generate small file + ${FILE_S_GEN} = Generate file of bytes 1024 + ${FILE_S_HASH_GEN} = Get file hash ${FILE_S_GEN} + + Set Global Variable ${FILE_S} ${FILE_S_GEN} + Set Global Variable ${FILE_S_HASH} ${FILE_S_HASH_GEN} + +Prepare eACL rules + Log Set eACL for different cases + Set Global Variable ${EACL_DENY_ALL_OTHER} 0007000000020000000100000001000000030000000000020000000300000001000000030000000000020000000200000001000000030000000000020000000500000001000000030000000000020000000400000001000000030000000000020000000600000001000000030000000000020000000700000001000000030000 + Set Global Variable ${EACL_ALLOW_ALL_OTHER} 0007000000010000000100000001000000030000000000010000000300000001000000030000000000010000000200000001000000030000000000010000000500000001000000030000000000010000000400000001000000030000000000010000000600000001000000030000000000010000000700000001000000030000 + + Set Global Variable ${EACL_DENY_ALL_USER} 0007000000020000000100000001000000010000000000020000000300000001000000010000000000020000000200000001000000010000000000020000000500000001000000010000000000020000000400000001000000010000000000020000000600000001000000010000000000020000000700000001000000010000 + Set Global Variable ${EACL_ALLOW_ALL_USER} 0007000000010000000100000001000000010000000000010000000300000001000000010000000000010000000200000001000000010000000000010000000500000001000000010000000000010000000400000001000000010000000000010000000600000001000000010000000000010000000700000001000000010000 + + Set Global Variable ${EACL_DENY_ALL_SYSTEM} 0007000000020000000100000001000000020000000000020000000300000001000000020000000000020000000200000001000000020000000000020000000500000001000000020000000000020000000400000001000000020000000000020000000600000001000000020000000000020000000700000001000000020000 + Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} 0007000000010000000100000001000000020000000000010000000300000001000000020000000000010000000200000001000000020000000000010000000500000001000000020000000000010000000400000001000000020000000000010000000600000001000000020000000000010000000700000001000000020000 + + + Set Global Variable ${EACL_ALLOW_ALL_Pubkey} 000e000000010000000100000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000300000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000200000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000500000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000400000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000600000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000700000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000020000000100000001000000030000000000020000000300000001000000030000000000020000000200000001000000030000000000020000000500000001000000030000000000020000000400000001000000030000000000020000000600000001000000030000000000020000000700000001000000030000 + + + +Check eACL Deny and Allow All User + Check eACL Deny and Allow All ${USER_KEY} ${EACL_DENY_ALL_USER} ${EACL_ALLOW_ALL_USER} + + +Check eACL Deny and Allow All Other + Check eACL Deny and Allow All ${OTHER_KEY} ${EACL_DENY_ALL_OTHER} ${EACL_ALLOW_ALL_OTHER} + + +Check eACL Deny and Allow All System + + + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + # By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment + Run Keyword And Expect Error * + ... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + + Run Keyword And Expect Error * + ... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} local_file_eacl + + Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} local_file_eacl + + Search object ${SYSTEM_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + + + Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${True} + Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${True} + + + Run Keyword And Expect Error * + ... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} 0:256 + Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} 0:256 + + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER} + Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER} + + + Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM} + Sleep 30sec + + + + Run Keyword And Expect Error * + ... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + Run Keyword And Expect Error * + ... Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + + Run Keyword And Expect Error * + ... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} local_file_eacl + Run Keyword And Expect Error * + ... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} local_file_eacl + + Run Keyword And Expect Error * + ... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + + + Run Keyword And Expect Error * + ... Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${True} + Run Keyword And Expect Error * + ... Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${True} + + Run Keyword And Expect Error * + ... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} 0:256 + Run Keyword And Expect Error * + ... Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} 0:256 + + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY} ${CID} ${S_OID_USER} + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} + + + Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM} + Sleep 30sec + + + Run Keyword And Expect Error * + ... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + + Run Keyword And Expect Error * + ... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} local_file_eacl + + Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} local_file_eacl + + Search object ${SYSTEM_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + + + Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${True} + Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${True} + + + Run Keyword And Expect Error * + ... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} 0:256 + Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} 0:256 + + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER} + Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER} + + + + + +Check eACL Deny All Other and Allow All Pubkey + + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} local_file_eacl + Search object ${EACL_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${True} + Get Range ${EACL_KEY} ${CID} ${S_OID_USER} 0:256 + Delete object ${EACL_KEY} ${CID} ${D_OID_USER} + + Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_Pubkey} + Sleep 30sec + + + + Run Keyword And Expect Error * + ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${OTHER_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${True} + Run Keyword And Expect Error * + ... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} 0:256 + Run Keyword And Expect Error * + ... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} + + Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} local_file_eacl + Search object ${EACL_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${True} + Get Range ${EACL_KEY} ${CID} ${S_OID_USER} 0:256 + Delete object ${EACL_KEY} ${CID} ${D_OID_USER} + + + + +Check eACL Deny and Allow All + [Arguments] ${KEY} ${DENY_EACL} ${ALLOW_EACL} + + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + Put object to NeoFS ${KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} local_file_eacl + Search object ${KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + Head object ${KEY} ${CID} ${S_OID_USER} ${True} + Get Range ${KEY} ${CID} ${S_OID_USER} 0:256 + Delete object ${KEY} ${CID} ${D_OID_USER} + + Set eACL ${USER_KEY} ${CID} ${DENY_EACL} + Sleep 30sec + + Run Keyword And Expect Error * + ... Put object to NeoFS ${KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Head object ${KEY} ${CID} ${S_OID_USER} ${True} + Run Keyword And Expect Error * + ... Get Range ${KEY} ${CID} ${S_OID_USER} 0:256 + Run Keyword And Expect Error * + ... Delete object ${KEY} ${CID} ${S_OID_USER} + + + Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL} + Sleep 30sec + + + Put object to NeoFS ${KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER} + Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} local_file_eacl + Search object ${KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER} + Head object ${KEY} ${CID} ${S_OID_USER} ${True} + Get Range ${KEY} ${CID} ${S_OID_USER} 0:256 + Delete object ${KEY} ${CID} ${D_OID_USER} + + + + + + + + + + + + + + +# docker exec neofs-cli neofs-cli --host 192.168.123.71:8080 --key 13a75c3bc71865ef9474f314dedb7aa9e2b22048a86bd431578abc30971f319a container set-eacl --cid 8PD2SdxUB1P6122mHP14XcRkQtWg2XPHaeDysWKz3ARy --eacl 0a4b080210021a1e080310011a0a686561646572206b6579220c6865616465722076616c7565222508031221031a6c6fbbdf02ca351745fa86b9ba5a9452d785ac4f7fc2b7548ca2a46c4fcf4a +# docker exec neofs-cli neofs-cli --host 192.168.123.71:8080 --key 13a75c3bc71865ef9474f314dedb7aa9e2b22048a86bd431578abc30971f319a container set-eacl --cid 8PD2SdxUB1P6122mHP14XcRkQtWg2XPHaeDysWKz3ARy --eacl 0a4a080210021a1e080310011a0a686561646572206b6579220c6865616465722076616c75652224080312200eef0860d2f81ed724ee45e7275a6a917791503582202c47459804192e1ba04a + +# docker exec neofs-cli neofs-cli --host 192.168.123.71:8080 --key 13a75c3bc71865ef9474f314dedb7aa9e2b22048a86bd431578abc30971f319a container get-eacl --cid 8PD2SdxUB1P6122mHP14XcRkQtWg2XPHaeDysWKz3ARy + + + + + +######################################## +######################################## + +Create Containers DELETE + # Create containers: + + Log Create Private Container + ${INCOR_CID_GEN} = Create container ${USER_KEY} 0x3FFFFFFF + Container Existing ${USER_KEY} ${INCOR_CID_GEN} + + + + Log Create Private Container + ${PRIV_CID_GEN} = Create container ${USER_KEY} 0x0C8C8CCC + Container Existing ${USER_KEY} ${PRIV_CID_GEN} + + Log Create None Container + ${NONE_CID_GEN} = Create container ${USER_KEY} 0x2000000 + Container Existing ${USER_KEY} ${NONE_CID_GEN} + + Set Global Variable ${INCOR_CID} ${INCOR_CID_GEN} + Set Global Variable ${PUBLIC_CID} ${PUBLIC_CID_GEN} + Set Global Variable ${PRIV_CID} ${PRIV_CID_GEN} + Set Global Variable ${NONE_CID} ${NONE_CID_GEN} \ No newline at end of file