Feature/acl extension operations (#17)

- Add bearer token coverage with the request filter #8
- Add eACL coverage with the request filter #9
- Add Bearer token coverage of the case with different permissions for operations in the complex operations #15 (Check Сompound Operations)
- Add eACL token coverage of the case with different permissions for operations in the complex operations
- Add latest nodes and services logs to the artifacts in case of failure #10
- Prepare neofs-testcases repository for the public #11 - new eACL and bearer token generation by rules.
- Readme update
- Fixes and additional extensions of the existed test cases
- Large file size has been changed from 20mb to 10mb
This commit is contained in:
anatoly-bogatyrev 2020-12-29 22:55:33 +03:00 committed by GitHub
parent 708bf2a012
commit fb5da3dc21
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 1028 additions and 1151 deletions

View file

@ -35,7 +35,7 @@ In this case, dev-env should be running with the tested environment.
### Running an arbitrary test case ### Running an arbitrary test case
To run an arbitrary testcase, you need to run the command: To run an arbitrary testcase, you need to run the command:
`robot --timestampoutputs --outputdir artifacts/ robot/testsuites/integration/<testsuite name>.robot ` `robot --outputdir artifacts/ robot/testsuites/integration/<testsuite name>.robot `
The following scripts are available for execution: The following scripts are available for execution:
@ -76,7 +76,7 @@ Dev-env is not needed. But you need to install neo-go.
- `make` - `make`
- `sudo cp bin/neo-go /usr/local/bin/neo-go` or add alias path to bin/neo-go - `sudo cp bin/neo-go /usr/local/bin/neo-go` or add alias path to bin/neo-go
3. To run smoke test: `robot --timestampoutputs --outputdir artifacts/ robot/testsuites/smoke/selectelcdn_smoke.robot` 3. To run smoke test: `robot --outputdir artifacts/ robot/testsuites/smoke/selectelcdn_smoke.robot`
## Generation of documentation ## Generation of documentation

View file

@ -1,69 +0,0 @@
{
"records": [
{
"operation": "GET",
"action": "ALLOW",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "HEAD",
"action": "ALLOW",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "PUT",
"action": "ALLOW",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "DELETE",
"action": "ALLOW",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "SEARCH",
"action": "ALLOW",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "GETRANGE",
"action": "ALLOW",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "GETRANGEHASH",
"action": "ALLOW",
"targets": [
{
"role": "OTHERS"
}
]
}
]
}

View file

@ -1,132 +0,0 @@
{
"records": [
{
"operation": "GET",
"action": "ALLOW",
"targets": [
{
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
}
]
},
{
"operation": "HEAD",
"action": "ALLOW",
"targets": [
{
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
}
]
},
{
"operation": "PUT",
"action": "ALLOW",
"targets": [
{
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
}
]
},
{
"operation": "DELETE",
"action": "ALLOW",
"targets": [
{
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
}
]
},
{
"operation": "SEARCH",
"action": "ALLOW",
"targets": [
{
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
}
]
},
{
"operation": "GETRANGE",
"action": "ALLOW",
"targets": [
{
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
}
]
},
{
"operation": "GETRANGEHASH",
"action": "ALLOW",
"targets": [
{
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
}
]
},
{
"operation": "GET",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "HEAD",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "PUT",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "DELETE",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "SEARCH",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "GETRANGE",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "GETRANGEHASH",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
}
]
}

View file

@ -1,68 +0,0 @@
{
"records": [
{
"operation": "GET",
"action": "ALLOW",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "HEAD",
"action": "ALLOW",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "PUT",
"action": "ALLOW",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "DELETE",
"action": "ALLOW",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "SEARCH",
"action": "ALLOW",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "GETRANGE",
"action": "ALLOW",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "GETRANGEHASH",
"action": "ALLOW",
"targets": [
{
"role": "SYSTEM"
}
]
}
]
}

View file

@ -1,68 +0,0 @@
{
"records": [
{
"operation": "GET",
"action": "ALLOW",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "HEAD",
"action": "ALLOW",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "PUT",
"action": "ALLOW",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "DELETE",
"action": "ALLOW",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "SEARCH",
"action": "ALLOW",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "GETRANGE",
"action": "ALLOW",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "GETRANGEHASH",
"action": "ALLOW",
"targets": [
{
"role": "USER"
}
]
}
]
}

View file

@ -1,68 +0,0 @@
{
"records": [
{
"operation": "GET",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "HEAD",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "PUT",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "DELETE",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "SEARCH",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "GETRANGE",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "GETRANGEHASH",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
}
]
}

View file

@ -1,68 +0,0 @@
{
"records": [
{
"operation": "GET",
"action": "DENY",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "HEAD",
"action": "DENY",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "PUT",
"action": "DENY",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "DELETE",
"action": "DENY",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "SEARCH",
"action": "DENY",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "GETRANGE",
"action": "DENY",
"targets": [
{
"role": "SYSTEM"
}
]
},
{
"operation": "GETRANGEHASH",
"action": "DENY",
"targets": [
{
"role": "SYSTEM"
}
]
}
]
}

View file

@ -1,68 +0,0 @@
{
"records": [
{
"operation": "GET",
"action": "DENY",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "HEAD",
"action": "DENY",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "PUT",
"action": "DENY",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "DELETE",
"action": "DENY",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "SEARCH",
"action": "DENY",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "GETRANGE",
"action": "DENY",
"targets": [
{
"role": "USER"
}
]
},
{
"operation": "GETRANGEHASH",
"action": "DENY",
"targets": [
{
"role": "USER"
}
]
}
]
}

View file

@ -1,21 +0,0 @@
{
"records": [
{
"operation": "GET",
"action": "DENY",
"filters": [
{
"headerType": "OBJECT",
"matchType": "STRING_NOT_EQUAL",
"key": "$Object:objectID",
"value": "X"
}
],
"targets": [
{
"role": "OTHERS"
}
]
}
]
}

View file

@ -1,68 +0,0 @@
{
"records": [
{
"operation": "GET",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "HEAD",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "PUT",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "DELETE",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "SEARCH",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "GETRANGE",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
},
{
"operation": "GETRANGEHASH",
"action": "DENY",
"targets": [
{
"role": "OTHERS"
}
]
}
]
}

View file

@ -13,6 +13,7 @@ import base64
import base58 import base58
import docker import docker
import json import json
import tarfile
if os.getenv('ROBOT_PROFILE') == 'selectel_smoke': if os.getenv('ROBOT_PROFILE') == 'selectel_smoke':
from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT, from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
@ -166,7 +167,7 @@ def get_eacl(private_key: str, cid: str):
except subprocess.CalledProcessError as e: except subprocess.CalledProcessError as e:
if re.search(r'extended ACL table is not set for this container', e.output): if re.search(r'extended ACL table is not set for this container', e.output):
logger.info("Server is not presented in container.") logger.info("Extended ACL table is not set for this container.")
else: else:
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output)) raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
@ -184,104 +185,44 @@ def set_eacl(private_key: str, cid: str, eacl: str, add_keys: str = ""):
@keyword('Form BearerToken file for all ops') @keyword('Form BearerToken file')
def form_bearertoken_file_for_all_ops(file_name: str, private_key: str, cid: str, action: str, target_role: str, lifetime_exp: str ): def form_bearertoken_file(private_key: str, cid: str, file_name: str, eacl_oper_list, lifetime_exp: str ):
eacl = get_eacl(private_key, cid)
input_records = ""
cid_base58_b = base58.b58decode(cid) cid_base58_b = base58.b58decode(cid)
cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8") cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8")
eacl = get_eacl(private_key, cid)
json_eacl = {}
if eacl: if eacl:
res_json = re.split(r'[\s\n]+\][\s\n]+\}[\s\n]+Signature:', eacl) res_json = re.split(r'[\s\n]+Signature:', eacl)
records = re.split(r'"records": \[', res_json[0]) input_eacl = res_json[0].replace('eACL: ', '')
input_records = ",\n" + records[1] json_eacl = json.loads(input_eacl)
myjson = """ eacl_result = {"body":{ "eaclTable": { "containerID": { "value": cid_base64 }, "records": [] }, "lifetime": {"exp": lifetime_exp, "nbf": "1", "iat": "0"} } }
{
"body": { if eacl_oper_list:
"eaclTable": { for record in eacl_oper_list:
"containerID": { op_data = dict()
"value": \"""" + str(cid_base64) + """"
}, if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
"records": [ op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
{ else:
"operation": "GET", op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
"action": \"""" + action + """",
"targets": [ if 'Filters' in record.keys():
{ op_data["filters"].append(record['Filters'])
"role": \"""" + target_role + """"
} eacl_result["body"]["eaclTable"]["records"].append(op_data)
]
}, # Add records from current eACL
{ if "records" in json_eacl.keys():
"operation": "PUT", for record in json_eacl["records"]:
"action": \"""" + action + """", eacl_result["body"]["eaclTable"]["records"].append(record)
"targets": [
{ with open(file_name, 'w', encoding='utf-8') as f:
"role": \"""" + target_role + """" json.dump(eacl_result, f, ensure_ascii=False, indent=4)
}
] logger.info(eacl_result)
},
{
"operation": "HEAD",
"action": \"""" + action + """",
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "DELETE",
"action": \"""" + action + """",
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "SEARCH",
"action": \"""" + action + """",
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "GETRANGE",
"action": \"""" + action + """",
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "GETRANGEHASH",
"action": \"""" + action + """",
"targets": [
{
"role": \"""" + target_role + """"
}
]
}""" + input_records + """
]
},
"lifetime": {
"exp": \"""" + lifetime_exp + """",
"nbf": "1",
"iat": "0"
}
}
}
"""
with open(file_name,'w') as out:
out.write(myjson)
logger.info("Output: %s" % myjson)
# Sign bearer token # Sign bearer token
Cmd = f'neofs-cli util sign bearer-token --from {file_name} --to {file_name} --key {private_key} --json' Cmd = f'neofs-cli util sign bearer-token --from {file_name} --to {file_name} --key {private_key} --json'
@ -299,214 +240,44 @@ def form_bearertoken_file_for_all_ops(file_name: str, private_key: str, cid: str
@keyword('Form BearerToken file filter for all ops') @keyword('Form eACL json common file')
def form_bearertoken_file_filter_for_all_ops(file_name: str, private_key: str, cid: str, action: str, target_role: str, lifetime_exp: str, matchType: str, key: str, value: str): def form_eacl_json_common_file(file_name, eacl_oper_list ):
# Input role can be Role (USER, SYSTEM, OTHERS) or public key.
# SEARCH should be allowed without filters to use GET, HEAD, DELETE, and SEARCH? Need to clarify. eacl = {"records":[]}
eacl = get_eacl(private_key, cid) logger.info(eacl_oper_list)
cid_base58_b = base58.b58decode(cid) if eacl_oper_list:
cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8") for record in eacl_oper_list:
op_data = dict()
input_records = "" if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
if eacl: op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
res_json = re.split(r'[\s\n]+\][\s\n]+\}[\s\n]+Signature:', eacl) else:
records = re.split(r'"records": \[', res_json[0]) op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
input_records = ",\n" + records[1]
myjson = """ if 'Filters' in record.keys():
{ op_data["filters"].append(record['Filters'])
"body": {
"eaclTable": {
"containerID": {
"value": \"""" + str(cid_base64) + """"
},
"records": [
{
"operation": "GET",
"action": \"""" + action + """",
"filters": [
{
"headerType": "OBJECT",
"matchType": \"""" + matchType + """",
"key": \"""" + key + """",
"value": \"""" + value + """"
}
],
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "PUT",
"action": \"""" + action + """",
"filters": [
{
"headerType": "OBJECT",
"matchType": \"""" + matchType + """",
"key": \"""" + key + """",
"value": \"""" + value + """"
}
],
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "HEAD",
"action": \"""" + action + """",
"filters": [
{
"headerType": "OBJECT",
"matchType": \"""" + matchType + """",
"key": \"""" + key + """",
"value": \"""" + value + """"
}
],
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "DELETE",
"action": \"""" + action + """",
"filters": [
{
"headerType": "OBJECT",
"matchType": \"""" + matchType + """",
"key": \"""" + key + """",
"value": \"""" + value + """"
}
],
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "SEARCH",
"action": \"""" + action + """",
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "GETRANGE",
"action": \"""" + action + """",
"filters": [
{
"headerType": "OBJECT",
"matchType": \"""" + matchType + """",
"key": \"""" + key + """",
"value": \"""" + value + """"
}
],
"targets": [
{
"role": \"""" + target_role + """"
}
]
},
{
"operation": "GETRANGEHASH",
"action": \"""" + action + """",
"filters": [
{
"headerType": "OBJECT",
"matchType": \"""" + matchType + """",
"key": \"""" + key + """",
"value": \"""" + value + """"
}
],
"targets": [
{
"role": \"""" + target_role + """"
}
]
}""" + input_records + """
]
},
"lifetime": {
"exp": \"""" + lifetime_exp + """",
"nbf": "1",
"iat": "0"
}
}
}
"""
with open(file_name,'w') as out:
out.write(myjson)
logger.info("Output: %s" % myjson)
# Sign bearer token eacl["records"].append(op_data)
Cmd = f'neofs-cli util sign bearer-token --from {file_name} --to {file_name} --key {private_key} --json'
logger.info("Cmd: %s" % Cmd)
try: logger.info(eacl)
complProc = subprocess.run(Cmd, check=True, universal_newlines=True,
stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=15, shell=True) with open(file_name, 'w', encoding='utf-8') as f:
output = complProc.stdout json.dump(eacl, f, ensure_ascii=False, indent=4)
logger.info("Output: %s" % str(output))
except subprocess.CalledProcessError as e:
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
return file_name return file_name
@keyword('Form eACL json file')
def form_eacl_json_file(file_name: str, operation: str, action: str, matchType: str, key: str, value: str, target_role: str):
myjson = """
{
"records": [
{
"operation": \"""" + operation + """",
"action": \"""" + action + """",
"filters": [
{
"headerType": "OBJECT",
"matchType": \"""" + matchType + """",
"key": \"""" + key + """",
"value": \"""" + value + """"
}
],
"targets": [
{
"role": \"""" + target_role + """"
}
]
}
]
}
"""
with open(file_name,'w') as out:
out.write(myjson)
logger.info("Output: %s" % myjson)
return file_name
@keyword('Get Range') @keyword('Get Range')
def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str, range_cut: str): def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str, range_cut: str, options:str=""):
bearer_token = "" bearer_token = ""
if bearer: if bearer:
bearer_token = f"--bearer {bearer}" bearer_token = f"--bearer {bearer}"
Cmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object range --cid {cid} --oid {oid} {bearer_token} --range {range_cut} --file {range_file} ' Cmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object range --cid {cid} --oid {oid} {bearer_token} --range {range_cut} --file {range_file} {options}'
logger.info("Cmd: %s" % Cmd) logger.info("Cmd: %s" % Cmd)
try: try:
@ -582,7 +353,7 @@ def generate_file_of_bytes(size):
@keyword('Search object') @keyword('Search object')
def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: str, *expected_objects_list ): def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: str, expected_objects_list=[], options:str=""):
bearer_token = "" bearer_token = ""
if bearer: if bearer:
@ -591,7 +362,7 @@ def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: s
if filters: if filters:
filters = f"--filters {filters}" filters = f"--filters {filters}"
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object search {keys} --cid {cid} {bearer_token} {filters}' ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object search {keys} --cid {cid} {bearer_token} {filters} {options}'
logger.info("Cmd: %s" % ObjectCmd) logger.info("Cmd: %s" % ObjectCmd)
try: try:
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True, complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
@ -733,6 +504,26 @@ def _verify_child_link(private_key: str, cid: str, oid: str, header_last_parsed:
return final_verif_data return final_verif_data
@keyword('Get Docker Logs')
def get_container_logs(testcase_name: str):
#client = docker.APIClient()
client = docker.from_env()
tar_name = "artifacts/dockerlogs("+testcase_name+").tar.gz"
tar = tarfile.open(tar_name, "w:gz")
for container in client.containers.list():
file_name = "artifacts/docker_log_" + container.name
with open(file_name,'wb') as out:
out.write(container.logs())
logger.info(container.name)
tar.add(file_name)
os.remove(file_name)
tar.close()
return 1
@keyword('Verify Head Tombstone') @keyword('Verify Head Tombstone')
def verify_head_tombstone(private_key: str, cid: str, oid_ts: str, oid: str, addr: str): def verify_head_tombstone(private_key: str, cid: str, oid_ts: str, oid: str, addr: str):
@ -793,8 +584,7 @@ def _json_cli_decode(data: str):
return base58.b58encode(base64.b64decode(data)).decode("utf-8") return base58.b58encode(base64.b64decode(data)).decode("utf-8")
@keyword('Head object') @keyword('Head object')
def head_object(private_key: str, cid: str, oid: str, bearer_token: str="", user_headers:str="", keys:str="", endpoint: str="", ignore_failure: bool = False): def head_object(private_key: str, cid: str, oid: str, bearer_token: str="", user_headers:str="", options:str="", endpoint: str="", ignore_failure: bool = False):
options = ""
if bearer_token: if bearer_token:
bearer_token = f"--bearer {bearer_token}" bearer_token = f"--bearer {bearer_token}"
@ -802,7 +592,7 @@ def head_object(private_key: str, cid: str, oid: str, bearer_token: str="", user
if endpoint == "": if endpoint == "":
endpoint = NEOFS_ENDPOINT endpoint = NEOFS_ENDPOINT
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object head --cid {cid} --oid {oid} {bearer_token} {keys}' ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object head --cid {cid} --oid {oid} {bearer_token} {options}'
logger.info("Cmd: %s" % ObjectCmd) logger.info("Cmd: %s" % ObjectCmd)
try: try:
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True, complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
@ -941,13 +731,13 @@ def parse_object_system_header(header: str):
@keyword('Delete object') @keyword('Delete object')
def delete_object(private_key: str, cid: str, oid: str, bearer: str): def delete_object(private_key: str, cid: str, oid: str, bearer: str, options: str=""):
bearer_token = "" bearer_token = ""
if bearer: if bearer:
bearer_token = f"--bearer {bearer}" bearer_token = f"--bearer {bearer}"
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object delete --cid {cid} --oid {oid} {bearer_token}' ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object delete --cid {cid} --oid {oid} {bearer_token} {options}'
logger.info("Cmd: %s" % ObjectCmd) logger.info("Cmd: %s" % ObjectCmd)
try: try:
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True, complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
@ -997,7 +787,7 @@ def cleanup_file(*filename_list):
@keyword('Put object to NeoFS') @keyword('Put object to NeoFS')
def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers: str, endpoint: str="" ): def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers: str, endpoint: str="", options: str="" ):
logger.info("Going to put the object") logger.info("Going to put the object")
if not endpoint: if not endpoint:
@ -1009,7 +799,7 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
if bearer: if bearer:
bearer = f"--bearer {bearer}" bearer = f"--bearer {bearer}"
putObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object put --file {path} --cid {cid} {bearer} {user_headers}' putObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object put --file {path} --cid {cid} {bearer} {user_headers} {options}'
logger.info("Cmd: %s" % putObjectCmd) logger.info("Cmd: %s" % putObjectCmd)
try: try:
@ -1024,12 +814,12 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
@keyword('Get Range Hash') @keyword('Get Range Hash')
def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, range_cut: str): def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, range_cut: str, options: str=""):
if bearer_token: if bearer_token:
bearer_token = f"--bearer {bearer}" bearer_token = f"--bearer {bearer_token}"
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object hash --cid {cid} --oid {oid} --range {range_cut} {bearer_token}' ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object hash --cid {cid} --oid {oid} --range {range_cut} {bearer_token} {options}'
logger.info("Cmd: %s" % ObjectCmd) logger.info("Cmd: %s" % ObjectCmd)
try: try:
@ -1041,8 +831,7 @@ def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, rang
@keyword('Get object from NeoFS') @keyword('Get object from NeoFS')
def get_object(private_key: str, cid: str, oid: str, bearer_token: str, read_object: str, endpoint: str="" ): def get_object(private_key: str, cid: str, oid: str, bearer_token: str, write_object: str, endpoint: str="", options: str="" ):
# TODO: add object return instead of read_object (uuid)
logger.info("Going to put the object") logger.info("Going to put the object")
@ -1053,7 +842,7 @@ def get_object(private_key: str, cid: str, oid: str, bearer_token: str, read_obj
if bearer_token: if bearer_token:
bearer_token = f"--bearer {bearer_token}" bearer_token = f"--bearer {bearer_token}"
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object get --cid {cid} --oid {oid} --file {read_object} {bearer_token}' ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object get --cid {cid} --oid {oid} --file {write_object} {bearer_token} {options}'
logger.info("Cmd: %s" % ObjectCmd) logger.info("Cmd: %s" % ObjectCmd)
try: try:

View file

@ -10,4 +10,5 @@ HTTP_GATE = 'http://http.neofs.devenv'
S3_GATE = 'https://s3.neofs.devenv:8080' S3_GATE = 'https://s3.neofs.devenv:8080'
NEOFS_NETMAP = ['s01.neofs.devenv:8080', 's02.neofs.devenv:8080','s03.neofs.devenv:8080','s04.neofs.devenv:8080'] NEOFS_NETMAP = ['s01.neofs.devenv:8080', 's02.neofs.devenv:8080','s03.neofs.devenv:8080','s04.neofs.devenv:8080']
GAS_HASH = '0xb5df804bbadefea726afb5d3f4e8a6f6d32d2a20' GAS_HASH = '0xa6a6c15dcdc9b997dac448b6926522d22efeedfb'
NEOFS_CONTRACT = "e11db12b0df3b3c05e6ed5f85e5cf53236e9dbeb"

View file

@ -15,14 +15,14 @@ import robot.errors
from robot.libraries.BuiltIn import BuiltIn from robot.libraries.BuiltIn import BuiltIn
ROBOT_AUTO_KEYWORDS = False ROBOT_AUTO_KEYWORDS = False
NEOFS_CONTRACT = "ce96811ca25577c058484dab10dd8db2defc5eed"
if os.getenv('ROBOT_PROFILE') == 'selectel_smoke': if os.getenv('ROBOT_PROFILE') == 'selectel_smoke':
from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT, from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH) NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH, NEOFS_CONTRACT)
else: else:
from neofs_int_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT, from neofs_int_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH) NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH, NEOFS_CONTRACT)
@keyword('Init wallet') @keyword('Init wallet')
@ -141,8 +141,10 @@ def mainnet_balance(address: str):
status code: {response.status_code} {response.reason}""") status code: {response.status_code} {response.reason}""")
m = re.search(rf'"{GAS_HASH}","amount":"([\d\.]+)"', response.text) m = re.search(rf'"{GAS_HASH}","amount":"([\d\.]+)"', response.text)
if not m.start() != m.end(): if not m:
raise Exception("Can not get mainnet gas balance.") raise Exception("Can not get mainnet gas balance. Output: %s" % response.text )
else:
logger.info("Output: %s" % response.text)
amount = m.group(1) amount = m.group(1)

View file

@ -11,3 +11,4 @@ S3_GATE = 'https://92.53.71.51:28080'
NEOFS_NETMAP = ['92.53.71.51:18080', '92.53.71.52:18080','92.53.71.53:18080','92.53.71.54:18080', '92.53.71.55:18080'] NEOFS_NETMAP = ['92.53.71.51:18080', '92.53.71.52:18080','92.53.71.53:18080','92.53.71.54:18080', '92.53.71.55:18080']
GAS_HASH = '668e0c1f9d7b70a99dd9e06eadd4c784d641afbc' GAS_HASH = '668e0c1f9d7b70a99dd9e06eadd4c784d641afbc'
NEOFS_CONTRACT = "ce96811ca25577c058484dab10dd8db2defc5eed"

View file

@ -107,8 +107,6 @@ Generate file
Check Private Container Check Private Container
# Check Private: # Check Private:
# Expected: User - pass, Other - fail, System(IR) - pass (+ System(Container node) - pass, Non-container node - fail).
# Put # Put
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
Run Keyword And Expect Error * Run Keyword And Expect Error *
@ -118,14 +116,11 @@ Check Private Container
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
# Get # Get
Get object from NeoFS ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read Get object from NeoFS ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read ... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
Run Keyword And Expect Error * Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
... Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
Get object from NeoFS ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read Get object from NeoFS ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
# Get Range # Get Range
@ -146,11 +141,11 @@ Check Private Container
# Search # Search
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN} @{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV} Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV} ... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
Search object ${SYSTEM_KEY_IR} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV} Search object ${SYSTEM_KEY_IR} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
Search object ${SYSTEM_KEY_SN} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV} Search object ${SYSTEM_KEY_SN} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
# Head # Head
@ -176,7 +171,6 @@ Check Public Container
# Put # Put
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
# https://github.com/nspcc-dev/neofs-node/issues/178
${S_OID_SYS_IR} = Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${S_OID_SYS_IR} = Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
@ -201,10 +195,10 @@ Check Public Container
# Search # Search
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} ${S_OID_SYS_IR} @{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} ${S_OID_SYS_IR}
Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV} Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV} Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV} Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV} Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
# Head # Head
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
@ -224,7 +218,6 @@ Check Public Container
# Delete # Delete
# https://github.com/nspcc-dev/neofs-node/issues/178
Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_IR} ${EMPTY} Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_IR} ${EMPTY}
Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY}
Delete object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} Delete object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY}
@ -263,10 +256,10 @@ Check Read-Only Container
# Search # Search
@{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN} @{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO} Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO} Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
Search object ${SYSTEM_KEY_IR} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO} Search object ${SYSTEM_KEY_IR} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
Search object ${SYSTEM_KEY_SN} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO} Search object ${SYSTEM_KEY_SN} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
# Head # Head
@ -289,3 +282,4 @@ Check Read-Only Container
Cleanup Cleanup
@{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range @{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range
Cleanup Files @{CLEANUP_FILES} Cleanup Files @{CLEANUP_FILES}
Get Docker Logs acl_basic

View file

@ -21,7 +21,6 @@ BearerToken Operations
Generate Keys Generate Keys
Prepare eACL Role rules Prepare eACL Role rules
Log Check Bearer token with simple object Log Check Bearer token with simple object
Generate file 1024 Generate file 1024
Check Container Inaccessible and Allow All Bearer Check Container Inaccessible and Allow All Bearer
@ -29,16 +28,26 @@ BearerToken Operations
Check eACL Deny and Allow All Bearer Filter OID Equal Check eACL Deny and Allow All Bearer Filter OID Equal
Check eACL Deny and Allow All Bearer Filter OID NotEqual Check eACL Deny and Allow All Bearer Filter OID NotEqual
Check eACL Deny and Allow All Bearer Filter UserHeader Equal Check eACL Deny and Allow All Bearer Filter UserHeader Equal
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
Check eACL Allow All Bearer Filter Requst Equal Deny
Check eACL Deny and Allow All Bearer Filter Requst Equal
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
Check Сompound Operations
# TODO:
Log Check Bearer token with complex object Log Check Bearer token with complex object
Cleanup Files ${FILE_S} Cleanup Files ${FILE_S}
Generate file 20e+6 Generate file 10e+6
Check Container Inaccessible and Allow All Bearer Check Container Inaccessible and Allow All Bearer
Check eACL Deny and Allow All Bearer Check eACL Deny and Allow All Bearer
Check eACL Deny and Allow All Bearer Filter OID Equal Check eACL Deny and Allow All Bearer Filter OID Equal
Check eACL Deny and Allow All Bearer Filter OID NotEqual Check eACL Deny and Allow All Bearer Filter OID NotEqual
Check eACL Deny and Allow All Bearer Filter UserHeader Equal Check eACL Deny and Allow All Bearer Filter UserHeader Equal
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
Check eACL Deny and Allow All Bearer Filter Requst Equal
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
Check Сompound Operations
[Teardown] Cleanup [Teardown] Cleanup
@ -89,8 +98,6 @@ Payment Operations
Get Transaction ${TX_DEPOSIT} Get Transaction ${TX_DEPOSIT}
Create Container Public Create Container Public
Log Create Public Container Log Create Public Container
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF
@ -103,7 +110,6 @@ Create Container Inaccessible
[Return] ${PUBLIC_CID_GEN} [Return] ${PUBLIC_CID_GEN}
Generate file Generate file
[Arguments] ${SIZE} [Arguments] ${SIZE}
@ -113,17 +119,22 @@ Generate file
Prepare eACL Role rules Prepare eACL Role rules
Log Set eACL for different Role cases Log Set eACL for different Role cases
Set Global Variable ${EACL_DENY_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_deny_all
Set Global Variable ${EACL_ALLOW_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_allow_all
Set Global Variable ${EACL_DENY_ALL_USER} robot/resources/lib/eacl/eacl_encoded_deny_all_user # eACL rules for all operations and similar permissions
Set Global Variable ${EACL_ALLOW_ALL_USER} robot/resources/lib/eacl/eacl_encoded_allow_all_user @{Roles} = Create List OTHERS USER SYSTEM
FOR ${role} IN @{Roles}
Set Global Variable ${EACL_DENY_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_deny_all_sys ${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_allow_all_sys ${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} robot/resources/lib/eacl/eacl_encoded_allow_all_pubkey ${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
END
Check Container Inaccessible and Allow All Bearer Check Container Inaccessible and Allow All Bearer
@ -132,9 +143,22 @@ Check Container Inaccessible and Allow All Bearer
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Form BearerToken file for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 ${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
${eACL_gen}= Create List ${rule1} ${rule2}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER}
@ -142,7 +166,6 @@ Check Container Inaccessible and Allow All Bearer
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER}
Check eACL Deny and Allow All Bearer Check eACL Deny and Allow All Bearer
${CID} = Create Container Public ${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -152,21 +175,32 @@ Check eACL Deny and Allow All Bearer
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
Form BearerToken file for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error * Run Keyword And Expect Error *
@ -174,18 +208,14 @@ Check eACL Deny and Allow All Bearer
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
Check eACL Deny and Allow All Bearer Filter OID Equal Check eACL Deny and Allow All Bearer Filter OID Equal
${CID} = Create Container Public ${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -193,34 +223,43 @@ Check eACL Deny and Allow All Bearer Filter OID Equal
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
@{S_OBJ_H} = Create List ${S_OID_USER} @{S_OBJ_H} = Create List ${S_OID_USER}
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
Form BearerToken file filter for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 STRING_EQUAL $Object:objectID ${S_OID_USER} ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER}
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error *
# Search is allowed without filter condition. ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
@ -246,30 +285,41 @@ Check eACL Deny and Allow All Bearer Filter OID NotEqual
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
Form BearerToken file filter for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 STRING_NOT_EQUAL $Object:objectID ${S_OID_USER_2} ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2}
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error *
# Search is allowed without filter condition. ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
@ -292,6 +342,148 @@ Check eACL Deny and Allow All Bearer Filter OID NotEqual
Check eACL Allow All Bearer Filter Requst Equal Deny
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
@{S_OBJ_H} = Create List ${S_OID_USER}
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
${rule1}= Create Dictionary Operation=GET Access=DENY Role=USER Filters=${filters}
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=USER Filters=${filters}
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=USER Filters=${filters}
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=USER Filters=${filters}
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=USER Filters=${filters}
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2
Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
Run Keyword And Expect Error *
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
@{S_OBJ_H} = Create List ${S_OID_USER}
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
#Run Keyword And Expect Error *
#... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2
Check eACL Deny and Allow All Bearer Filter Requst Equal
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
@{S_OBJ_H} = Create List ${S_OID_USER}
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
Check eACL Deny and Allow All Bearer Filter UserHeader Equal Check eACL Deny and Allow All Bearer Filter UserHeader Equal
${CID} = Create Container Public ${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -302,30 +494,42 @@ Check eACL Deny and Allow All Bearer Filter UserHeader Equal
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
Form BearerToken file filter for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 STRING_EQUAL key2 abc
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error *
# Search is allowed without filter condition. ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
@ -351,9 +555,176 @@ Check eACL Deny and Allow All Bearer Filter UserHeader Equal
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user ... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
# Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
@{S_OBJ_H} = Create List ${S_OID_USER_2}
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
# Search can not use filter by headers
Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
# Different behaviour for big and small objects!
# Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
Run Keyword And Expect Error *
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY}
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
Run Keyword And Expect Error *
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
Run Keyword And Expect Error *
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
# Delete can not be filtered by UserHeader.
Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
Check Сompound Operations
Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER}
Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER}
Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER}
Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
Check Bearer Сompound Get
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@{S_OBJ_H} = Create List ${S_OID_USER}
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP}
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
Run Keyword And Expect Error *
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
Check Bearer Сompound Delete
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP}
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
Run Keyword And Expect Error *
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
Run Keyword And Expect Error *
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER}
Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow
Check Bearer Сompound Get Range Hash
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
Run Keyword And Expect Error *
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
Run Keyword And Expect Error *
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
Cleanup Cleanup
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range bearer_allow_all_user @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
... bearer_allow_all_user gen_eacl_deny_all_USER bearer_allow
Cleanup Files @{CLEANUP_FILES} Cleanup Files @{CLEANUP_FILES}
Get Docker Logs acl_bearer

View file

@ -20,18 +20,22 @@ Extended ACL Operations
Prepare eACL Role rules Prepare eACL Role rules
Log Check extended ACL with simple object Log Check extended ACL with simple object
Generate files 1024 Generate files 1024
Check Actions Check Actions
Check Filters Check Filters
Check Сompound Operations
Cleanup Files ${FILE_S} ${FILE_S_2} Cleanup Files ${FILE_S} ${FILE_S_2}
Log Check extended ACL with complex object Log Check extended ACL with complex object
Generate files 20e+6 Generate files 10e+6
Check Actions Check Actions
Check Filters Check Filters
Check Сompound Operations
[Teardown] Cleanup #[Teardown] Cleanup
*** Keywords *** *** Keywords ***
@ -44,11 +48,168 @@ Check Actions
Check Filters Check Filters
Check eACL MatchType String Equal Check eACL MatchType String Equal Object
Check eACL MatchType String Not Equal Check eACL MatchType String Not Equal Object
Check eACL MatchType String Equal Request Deny
Check eACL MatchType String Equal Request Allow
Check Сompound Operations
Check eACL Сompound Get ${OTHER_KEY} ${EACL_COMPOUND_GET_OTHERS}
Check eACL Сompound Get ${USER_KEY} ${EACL_COMPOUND_GET_USER}
Check eACL Сompound Get ${SYSTEM_KEY} ${EACL_COMPOUND_GET_SYSTEM}
Check eACL Сompound Delete ${OTHER_KEY} ${EACL_COMPOUND_DELETE_OTHERS}
Check eACL Сompound Delete ${USER_KEY} ${EACL_COMPOUND_DELETE_USER}
Check eACL Сompound Delete ${SYSTEM_KEY} ${EACL_COMPOUND_DELETE_SYSTEM}
Check eACL Сompound Get Range Hash ${OTHER_KEY} ${EACL_COMPOUND_GET_HASH_OTHERS}
Check eACL Сompound Get Range Hash ${USER_KEY} ${EACL_COMPOUND_GET_HASH_USER}
Check eACL Сompound Get Range Hash ${SYSTEM_KEY} ${EACL_COMPOUND_GET_HASH_SYSTEM}
Check eACL Сompound Get
[Arguments] ${KEY} ${DENY_EACL}
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
Run Keyword And Expect Error *
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
Check eACL MatchType String Equal Check eACL Сompound Delete
[Arguments] ${KEY} ${DENY_EACL}
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
Run Keyword And Expect Error *
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error *
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
Check eACL Сompound Get Range Hash
[Arguments] ${KEY} ${DENY_EACL}
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
Run Keyword And Expect Error *
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error *
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
Check eACL MatchType String Equal Request Deny
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
&{HEADER_DICT} = Parse Object System Header ${HEADER}
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_DENY_ALL} --await
Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=256
Run Keyword And Expect Error *
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
Run Keyword And Expect Error *
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
Run Keyword And Expect Error *
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
Run Keyword And Expect Error *
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2"
Run Keyword And Expect Error *
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
Run Keyword And Expect Error *
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=256
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=*
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=.*
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2 2"
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=256
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=22
Check eACL MatchType String Equal Request Allow
${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
&{HEADER_DICT} = Parse Object System Header ${HEADER}
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_ALLOW_ALL} --await
Get eACL ${USER_KEY} ${CID}
Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
Run Keyword And Expect Error *
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY}
Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
Run Keyword And Expect Error *
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY}
Run Keyword And Expect Error *
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
Run Keyword And Expect Error *
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error *
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
Run Keyword And Expect Error *
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a=2
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
Check eACL MatchType String Equal Object
${CID} = Create Container Public ${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -59,7 +220,12 @@ Check eACL MatchType String Equal
Log Set eACL for Deny GET operation with StringEqual Object ID Log Set eACL for Deny GET operation with StringEqual Object ID
${ID_value} = Get From Dictionary ${HEADER_DICT} ID ${ID_value} = Get From Dictionary ${HEADER_DICT} ID
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_EQUAL $Object:objectID ${ID_value} OTHERS
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${ID_value}
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
${eACL_gen} = Create List ${rule1}
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
@ -67,7 +233,13 @@ Check eACL MatchType String Equal
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_EQUAL key1 1 OTHERS
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key1 value=1
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
${eACL_gen} = Create List ${rule1}
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
@ -75,7 +247,7 @@ Check eACL MatchType String Equal
Check eACL MatchType String Not Equal Check eACL MatchType String Not Equal Object
${CID} = Create Container Public ${CID} = Create Container Public
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -91,7 +263,12 @@ Check eACL MatchType String Not Equal
Log Set eACL for Deny GET operation with StringNotEqual Object ID Log Set eACL for Deny GET operation with StringNotEqual Object ID
${ID_value} = Get From Dictionary ${HEADER_DICT} ID ${ID_value} = Get From Dictionary ${HEADER_DICT} ID
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_NOT_EQUAL $Object:objectID ${ID_value} OTHERS
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${ID_value}
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
${eACL_gen} = Create List ${rule1}
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
@ -100,7 +277,12 @@ Check eACL MatchType String Not Equal
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_NOT_EQUAL key1 1 OTHERS
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key1 value=1
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
${eACL_gen} = Create List ${rule1}
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
@ -170,16 +352,144 @@ Generate files
Prepare eACL Role rules Prepare eACL Role rules
Log Set eACL for different Role cases Log Set eACL for different Role cases
Set Global Variable ${EACL_DENY_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_deny_all # eACL rules for all operations and similar permissions
Set Global Variable ${EACL_ALLOW_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_allow_all @{Roles} = Create List OTHERS USER SYSTEM
FOR ${role} IN @{Roles}
${rule1}= Create Dictionary Operation=GET Access=DENY Role=${role}
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=${role}
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=${role}
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=${role}
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
END
FOR ${role} IN @{Roles}
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=${role}
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=${role}
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=${role}
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form eACL json common file gen_eacl_allow_all_${role} ${eACL_gen}
END
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
Form eACL json common file gen_eacl_allow_pubkey_deny_OTHERS ${eACL_gen}
Set Global Variable ${EACL_DENY_ALL_OTHER} gen_eacl_deny_all_OTHERS
Set Global Variable ${EACL_ALLOW_ALL_OTHER} gen_eacl_allow_all_OTHERS
Set Global Variable ${EACL_DENY_ALL_USER} gen_eacl_deny_all_USER
Set Global Variable ${EACL_ALLOW_ALL_USER} gen_eacl_allow_all_USER
Set Global Variable ${EACL_DENY_ALL_SYSTEM} gen_eacl_deny_all_SYSTEM
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} gen_eacl_allow_all_SYSTEM
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} gen_eacl_allow_pubkey_deny_OTHERS
# eACL rules for Compound operations: GET/GetRange/GetRangeHash
@{Roles} = Create List OTHERS USER SYSTEM
FOR ${role} IN @{Roles}
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
${rule4}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4}
Form eACL json common file gen_eacl_compound_get_${role} ${eACL_gen}
Set Global Variable ${EACL_COMPOUND_GET_${role}} gen_eacl_compound_get_${role}
END
# eACL rules for Compound operations: DELETE
@{Roles} = Create List OTHERS USER SYSTEM
FOR ${role} IN @{Roles}
${rule1}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
${rule2}= Create Dictionary Operation=PUT Access=DENY Role=${role}
${rule3}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
Form eACL json common file gen_eacl_compound_del_${role} ${eACL_gen}
Set Global Variable ${EACL_COMPOUND_DELETE_${role}} gen_eacl_compound_del_${role}
END
# eACL rules for Compound operations: GETRANGEHASH
@{Roles} = Create List OTHERS USER SYSTEM
FOR ${role} IN @{Roles}
${rule1}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
${rule2}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
${rule3}= Create Dictionary Operation=GET Access=DENY Role=${role}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
Form eACL json common file gen_eacl_compound_get_hash_${role} ${eACL_gen}
Set Global Variable ${EACL_COMPOUND_GET_HASH_${role}} gen_eacl_compound_get_hash_${role}
END
# eACL for X-Header Other DENY and ALLOW for all
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
${rule1}= Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS Filters=${filters}
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS Filters=${filters}
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS Filters=${filters}
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS Filters=${filters}
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form eACL json common file gen_eacl_xheader_deny_all ${eACL_gen}
Set Global Variable ${EACL_XHEADER_DENY_ALL} gen_eacl_xheader_deny_all
# eACL for X-Header Other ALLOW and DENY for all
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=OTHERS Filters=${filters}
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=OTHERS Filters=${filters}
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=OTHERS Filters=${filters}
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=OTHERS Filters=${filters}
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=OTHERS Filters=${filters}
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=OTHERS Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=OTHERS Filters=${filters}
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
Form eACL json common file gen_eacl_xheader_allow_all ${eACL_gen}
Set Global Variable ${EACL_XHEADER_ALLOW_ALL} gen_eacl_xheader_allow_all
Set Global Variable ${EACL_DENY_ALL_USER} robot/resources/lib/eacl/eacl_encoded_deny_all_user
Set Global Variable ${EACL_ALLOW_ALL_USER} robot/resources/lib/eacl/eacl_encoded_allow_all_user
Set Global Variable ${EACL_DENY_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_deny_all_sys
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_allow_all_sys
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} robot/resources/lib/eacl/eacl_encoded_allow_all_pubkey
Check eACL Deny and Allow All User Check eACL Deny and Allow All User
@ -205,8 +515,8 @@ Check eACL Deny and Allow All System
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
@ -220,11 +530,7 @@ Check eACL Deny and Allow All System
Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY} Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY}
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY} Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM} --await
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM}
Sleep ${MORPH_BLOCK_TIMEOUT}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
@ -237,9 +543,9 @@ Check eACL Deny and Allow All System
... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} ... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} ... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
@ -265,8 +571,8 @@ Check eACL Deny and Allow All System
... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM} Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM} --await
Sleep ${MORPH_BLOCK_TIMEOUT}
${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} ${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} ${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
@ -278,8 +584,8 @@ Check eACL Deny and Allow All System
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
@ -304,7 +610,7 @@ Check eACL Deny All Other and Allow All Pubkey
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
@ -318,7 +624,7 @@ Check eACL Deny All Other and Allow All Pubkey
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} ... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error * Run Keyword And Expect Error *
@ -330,7 +636,7 @@ Check eACL Deny All Other and Allow All Pubkey
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
@ -348,22 +654,21 @@ Check eACL Deny and Allow All
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY} Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
Sleep ${MORPH_BLOCK_TIMEOUT}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} ... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error * Run Keyword And Expect Error *
@ -373,12 +678,12 @@ Check eACL Deny and Allow All
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL} Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL} --await
Sleep ${MORPH_BLOCK_TIMEOUT}
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
@ -386,4 +691,11 @@ Check eACL Deny and Allow All
Cleanup Cleanup
@{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl eacl_custom s_get_range @{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl eacl_custom s_get_range
... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER
... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS
... gen_eacl_deny_all_OTHERS
... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS
... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER
... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER
Cleanup Files @{CLEANUP_FILES} Cleanup Files @{CLEANUP_FILES}
Get Docker Logs acl_extended

View file

@ -36,9 +36,12 @@ NeoFS HTTP Gateway
... Container Existing ${PRIV_KEY} ${CID} ... Container Existing ${PRIV_KEY} ${CID}
${FILE} = Generate file of bytes 1024 ${FILE} = Generate file of bytes 1024
${FILE_L} = Generate file of bytes 10e+6
${FILE_HASH} = Get file hash ${FILE} ${FILE_HASH} = Get file hash ${FILE}
${FILE_L_HASH} = Get file hash ${FILE_L}
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY} ${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
${L_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE_L} ${CID} ${EMPTY} ${EMPTY}
# By request from Service team - try to GET object from the node without object # By request from Service team - try to GET object from the node without object
@ -51,4 +54,22 @@ NeoFS HTTP Gateway
Verify file hash s_file_read ${FILE_HASH} Verify file hash s_file_read ${FILE_HASH}
Verify file hash ${FILEPATH} ${FILE_HASH} Verify file hash ${FILEPATH} ${FILE_HASH}
[Teardown] Cleanup Files ${FILEPATH} ${FILE} s_file_read @{GET_NODE_LIST} = Get nodes without object ${PRIV_KEY} ${CID} ${L_OID}
${NODE} = Evaluate random.choice($GET_NODE_LIST) random
Get object from NeoFS ${PRIV_KEY} ${CID} ${L_OID} ${EMPTY} l_file_read ${NODE}
${FILEPATH} = Get via HTTP Gate ${CID} ${L_OID}
Verify file hash l_file_read ${FILE_L_HASH}
Verify file hash ${FILEPATH} ${FILE_L_HASH}
[Teardown] Cleanup ${FILEPATH} ${FILE}
*** Keywords ***
Cleanup
[Arguments] ${FILEPATH} ${FILE}
Cleanup Files ${FILEPATH} ${FILE} s_file_read l_file_read
Get Docker Logs http_gate

View file

@ -60,7 +60,7 @@ NeoFS Simple Netmap
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Validate Policy REP 2 IN X CBF 2 SELECT 6 FROM * AS X 2 @{EMPTY} ... Validate Policy REP 2 IN X CBF 2 SELECT 6 FROM * AS X 2 @{EMPTY}
[Teardown] Cleanup Files ${FILE} [Teardown] Cleanup ${FILE}
*** Keywords *** *** Keywords ***
@ -107,3 +107,7 @@ Validate Policy
Validate storage policy for object ${PRIV_KEY} ${EXPECTED_VAL} ${CID} ${S_OID} @{EXPECTED_LIST} Validate storage policy for object ${PRIV_KEY} ${EXPECTED_VAL} ${CID} ${S_OID} @{EXPECTED_LIST}
Cleanup
[Arguments] ${FILE}
Cleanup Files ${FILE}
Get Docker Logs netmap_simple

View file

@ -41,8 +41,7 @@ NeoFS Complex Object Operations
Wait Until Keyword Succeeds 2 min 30 sec Wait Until Keyword Succeeds 2 min 30 sec
... Expected Balance ${PRIV_KEY} 50 -7e-08 ... Expected Balance ${PRIV_KEY} 50 -7e-08
${SIZE} = Set Variable 20e+6 ${FILE} = Generate file of bytes 10e+6
${FILE} = Generate file of bytes ${SIZE}
${FILE_HASH} = Get file hash ${FILE} ${FILE_HASH} = Get file hash ${FILE}
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY} ${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
@ -60,7 +59,7 @@ NeoFS Complex Object Operations
@{S_OBJ_H_OTH} = Create List ${H_OID_OTH} @{S_OBJ_H_OTH} = Create List ${H_OID_OTH}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_ALL} ... Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
Get object from NeoFS ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} s_file_read Get object from NeoFS ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} s_file_read
Get object from NeoFS ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} h_file_read Get object from NeoFS ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} h_file_read
@ -74,9 +73,9 @@ NeoFS Complex Object Operations
Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10 Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10
Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10 Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${EMPTY} @{S_OBJ_ALL} Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER_OTH} @{S_OBJ_H_OTH} Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER_OTH} ${S_OBJ_H_OTH}
Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY}
Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER} Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER}
@ -105,9 +104,9 @@ NeoFS Complex Object Operations
Cleanup Cleanup
[Arguments] ${FILE} [Arguments] ${FILE}
@{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range @{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range
Cleanup Files @{CLEANUP_FILES} Cleanup Files @{CLEANUP_FILES}
Get Docker Logs object_complex

View file

@ -68,9 +68,9 @@ NeoFS Simple Object Operations
Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10 Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10
Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10 Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_ALL} Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H} Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER_OTH} @{S_OBJ_H_OTH} Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER_OTH} ${S_OBJ_H_OTH}
Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY}
Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER} Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER}
@ -100,6 +100,7 @@ Cleanup
@{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range @{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range
Cleanup Files @{CLEANUP_FILES} Cleanup Files @{CLEANUP_FILES}
Get Docker Logs object_simple

View file

@ -41,9 +41,8 @@ NeoFS Object Replication
@{NODES_OBJ} = Get nodes with object ${PRIV_KEY} ${CID} ${S_OID} @{NODES_OBJ} = Get nodes with object ${PRIV_KEY} ${CID} ${S_OID}
@{NODES_OBJ_STOPPED} = Stop nodes 1 @{NODES_OBJ} @{NODES_OBJ_STOPPED} = Stop nodes 1 @{NODES_OBJ}
Sleep 1 min Wait Until Keyword Succeeds 10 min 1 min
... Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID}
Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID}
Start nodes @{NODES_OBJ_STOPPED} Start nodes @{NODES_OBJ_STOPPED}
[Teardown] Cleanup ${FILE} @{NODES_OBJ_STOPPED} [Teardown] Cleanup ${FILE} @{NODES_OBJ_STOPPED}
@ -55,5 +54,6 @@ Cleanup
[Arguments] ${FILE} @{NODES_OBJ_STOPPED} [Arguments] ${FILE} @{NODES_OBJ_STOPPED}
Start nodes @{NODES_OBJ_STOPPED} Start nodes @{NODES_OBJ_STOPPED}
Cleanup Files ${FILE} Cleanup Files ${FILE}
Get Docker Logs replication

View file

@ -25,11 +25,11 @@ NeoFS S3 Gateway
... Transaction accepted in block ${TX_DEPOSIT} ... Transaction accepted in block ${TX_DEPOSIT}
Get Transaction ${TX_DEPOSIT} Get Transaction ${TX_DEPOSIT}
${FILE_S3} = Generate file of bytes 20e+6 ${FILE_S3} = Generate file of bytes 10e+6
${FILE_S3_HASH} = Get file hash ${FILE_S3} ${FILE_S3_HASH} = Get file hash ${FILE_S3}
${FILE_S3_NAME} = Get file name ${FILE_S3} ${FILE_S3_NAME} = Get file name ${FILE_S3}
${FILE_FS} = Generate file of bytes 20e+6 ${FILE_FS} = Generate file of bytes 10e+6
${FILE_FS_HASH} = Get file hash ${FILE_FS} ${FILE_FS_HASH} = Get file hash ${FILE_FS}
${FILE_FS_NAME} = Get file name ${FILE_FS} ${FILE_FS_NAME} = Get file name ${FILE_FS}
@ -85,6 +85,12 @@ NeoFS S3 Gateway
${LIST_S3_OBJECTS} = List objects S3 ${S3_CLIENT} ${BUCKET} ${LIST_S3_OBJECTS} = List objects S3 ${S3_CLIENT} ${BUCKET}
List Should Not Contain Value ${LIST_S3_OBJECTS} FILE_S3_NAME List Should Not Contain Value ${LIST_S3_OBJECTS} FILE_S3_NAME
[Teardown] Cleanup Files s3_obj_get_fs fs_obj_get_fs s3_obj_get_s3 fs_obj_get_s3 [Teardown] Cleanup ${FILE_S3} ${FILE_FS}
... ${FILE_S3} ${FILE_FS}
*** Keywords ***
Cleanup
[Arguments] ${FILE_S3} ${FILE_FS}
Cleanup Files s3_obj_get_fs fs_obj_get_fs s3_obj_get_s3 fs_obj_get_s3
... ${FILE_S3} ${FILE_FS}
Get Docker Logs s3_gate

View file

@ -30,7 +30,7 @@ NeoFS Deposit and Withdraw
Sleep 1 min Sleep 1 min
Expexted Mainnet Balance ${ADDR} 4.84454920 Expexted Mainnet Balance ${ADDR} 4.85019610
${NEOFS_BALANCE} = Get Balance ${PRIV_KEY} ${NEOFS_BALANCE} = Get Balance ${PRIV_KEY}
${TX} = Withdraw Mainnet Gas ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 ${TX} = Withdraw Mainnet Gas ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
@ -40,5 +40,11 @@ NeoFS Deposit and Withdraw
Sleep 1 min Sleep 1 min
Get Balance ${PRIV_KEY} Get Balance ${PRIV_KEY}
Expected Balance ${PRIV_KEY} ${NEOFS_BALANCE} -50 Expected Balance ${PRIV_KEY} ${NEOFS_BALANCE} -50
Expexted Mainnet Balance ${ADDR} 54.80800160 Expexted Mainnet Balance ${ADDR} 54.81699450
[Teardown] Cleanup
*** Keywords ***
Cleanup
Get Docker Logs withdraw