frostfs-node/pkg/services/container/morph/executor_test.go

package container_test

import (
	"context"
	"testing"

	"github.com/nspcc-dev/neofs-api-go/v2/container"
	"github.com/nspcc-dev/neofs-api-go/v2/refs"
	"github.com/nspcc-dev/neofs-api-go/v2/session"
	containerCore "github.com/nspcc-dev/neofs-node/pkg/core/container"
	containerSvc "github.com/nspcc-dev/neofs-node/pkg/services/container"
	containerSvcMorph "github.com/nspcc-dev/neofs-node/pkg/services/container/morph"
	containerSDK "github.com/nspcc-dev/neofs-sdk-go/container"
	cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
	cidtest "github.com/nspcc-dev/neofs-sdk-go/container/id/test"
	"github.com/nspcc-dev/neofs-sdk-go/eacl"
	"github.com/nspcc-dev/neofs-sdk-go/owner"
	"github.com/stretchr/testify/require"
)

type mock struct{}

func (m mock) Put(_ *containerSDK.Container) (*cid.ID, error) {
	return new(cid.ID), nil
}

func (m mock) Delete(_ containerCore.RemovalWitness) error {
	return nil
}

func (m mock) PutEACL(_ *eacl.Table) error {
	return nil
}

func (m mock) Get(_ *cid.ID) (*containerSDK.Container, error) {
	panic("implement me")
}

func (m mock) GetEACL(_ *cid.ID) (*eacl.Table, error) {
	panic("implement me")
}

func (m mock) List(_ *owner.ID) ([]*cid.ID, error) {
	panic("implement me")
}

func TestInvalidToken(t *testing.T) {
	m := mock{}
	e := containerSvcMorph.NewExecutor(m, m)

	cnr := cidtest.ID()

	var cnrV2 refs.ContainerID
	cnr.WriteToV2(&cnrV2)

	tests := []struct {
		name string
		op   func(e containerSvc.ServiceExecutor, ctx containerSvc.ContextWithToken) error
	}{
		{
			name: "put",
			op: func(e containerSvc.ServiceExecutor, ctx containerSvc.ContextWithToken) (err error) {
				var reqBody container.PutRequestBody
				reqBody.SetSignature(new(refs.Signature))

				_, err = e.Put(ctx, &reqBody)
				return
			},
		},
		{
			name: "delete",
			op: func(e containerSvc.ServiceExecutor, ctx containerSvc.ContextWithToken) (err error) {
				var reqBody container.DeleteRequestBody
				reqBody.SetContainerID(&cnrV2)

				_, err = e.Delete(ctx, &reqBody)
				return
			},
		},
		{
			name: "setEACL",
			op: func(e containerSvc.ServiceExecutor, ctx containerSvc.ContextWithToken) (err error) {
				var reqBody container.SetExtendedACLRequestBody
				reqBody.SetSignature(new(refs.Signature))

				_, err = e.SetExtendedACL(ctx, &reqBody)
				return
			},
		},
	}

	for _, test := range tests {
		t.Run(test.name, func(t *testing.T) {
			ctx := containerSvc.ContextWithToken{
				Context:      context.Background(),
				SessionToken: generateToken(new(session.ObjectSessionContext)),
			}
			require.Error(t, test.op(e, ctx), containerSvcMorph.ErrInvalidContext)

			ctx.SessionToken = generateToken(new(session.ContainerSessionContext))
			require.NoError(t, test.op(e, ctx))

			ctx.SessionToken = nil
			require.NoError(t, test.op(e, ctx))
		})
	}
}

func generateToken(ctx session.TokenContext) *session.Token {
	body := new(session.TokenBody)
	body.SetContext(ctx)

	tok := new(session.Token)
	tok.SetBody(body)

	return tok
}
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`package container_test`

			`import (`
			`"context"`
			`"testing"`

			`"github.com/nspcc-dev/neofs-api-go/v2/container"`
[#1377] oid, cid: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-12 16:37:46 +00:00			`"github.com/nspcc-dev/neofs-api-go/v2/refs"`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`"github.com/nspcc-dev/neofs-api-go/v2/session"`
			`containerCore "github.com/nspcc-dev/neofs-node/pkg/core/container"`
			`containerSvc "github.com/nspcc-dev/neofs-node/pkg/services/container"`
			`containerSvcMorph "github.com/nspcc-dev/neofs-node/pkg/services/container/morph"`
			`containerSDK "github.com/nspcc-dev/neofs-sdk-go/container"`
			`cid "github.com/nspcc-dev/neofs-sdk-go/container/id"`
[#1377] oid, cid: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-12 16:37:46 +00:00			`cidtest "github.com/nspcc-dev/neofs-sdk-go/container/id/test"`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`"github.com/nspcc-dev/neofs-sdk-go/eacl"`
			`"github.com/nspcc-dev/neofs-sdk-go/owner"`
			`"github.com/stretchr/testify/require"`
			`)`

			`type mock struct{}`

[#1195] Adopt recent changes in NeoFS SDK Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-02-25 09:20:49 +00:00			`func (m mock) Put(_ containerSDK.Container) (cid.ID, error) {`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`return new(cid.ID), nil`
			`}`

[#1195] Adopt recent changes in NeoFS SDK Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-02-25 09:20:49 +00:00			`func (m mock) Delete(_ containerCore.RemovalWitness) error {`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`return nil`
			`}`

[#1195] Adopt recent changes in NeoFS SDK Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-02-25 09:20:49 +00:00			`func (m mock) PutEACL(_ *eacl.Table) error {`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`return nil`
			`}`

[#1195] Adopt recent changes in NeoFS SDK Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-02-25 09:20:49 +00:00			`func (m mock) Get(_ cid.ID) (containerSDK.Container, error) {`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`panic("implement me")`
			`}`

[#1195] Adopt recent changes in NeoFS SDK Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-02-25 09:20:49 +00:00			`func (m mock) GetEACL(_ cid.ID) (eacl.Table, error) {`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`panic("implement me")`
			`}`

[#1195] Adopt recent changes in NeoFS SDK Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-02-25 09:20:49 +00:00			`func (m mock) List(_ owner.ID) ([]cid.ID, error) {`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`panic("implement me")`
			`}`

			`func TestInvalidToken(t *testing.T) {`
			`m := mock{}`
			`e := containerSvcMorph.NewExecutor(m, m)`

[#1377] oid, cid: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-12 16:37:46 +00:00			`cnr := cidtest.ID()`

			`var cnrV2 refs.ContainerID`
			`cnr.WriteToV2(&cnrV2)`

[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`tests := []struct {`
			`name string`
			`op func(e containerSvc.ServiceExecutor, ctx containerSvc.ContextWithToken) error`
			`}{`
			`{`
			`name: "put",`
			`op: func(e containerSvc.ServiceExecutor, ctx containerSvc.ContextWithToken) (err error) {`
[#1389] crypto: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-16 13:15:31 +00:00			`var reqBody container.PutRequestBody`
			`reqBody.SetSignature(new(refs.Signature))`

			`_, err = e.Put(ctx, &reqBody)`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`return`
			`},`
			`},`
			`{`
			`name: "delete",`
			`op: func(e containerSvc.ServiceExecutor, ctx containerSvc.ContextWithToken) (err error) {`
[#1377] oid, cid: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-12 16:37:46 +00:00			`var reqBody container.DeleteRequestBody`
			`reqBody.SetContainerID(&cnrV2)`

			`_, err = e.Delete(ctx, &reqBody)`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`return`
			`},`
			`},`
			`{`
			`name: "setEACL",`
			`op: func(e containerSvc.ServiceExecutor, ctx containerSvc.ContextWithToken) (err error) {`
[#1389] crypto: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-16 13:15:31 +00:00			`var reqBody container.SetExtendedACLRequestBody`
			`reqBody.SetSignature(new(refs.Signature))`

			`_, err = e.SetExtendedACL(ctx, &reqBody)`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`return`
			`},`
			`},`
			`}`

			`for _, test := range tests {`
			`t.Run(test.name, func(t *testing.T) {`
			`ctx := containerSvc.ContextWithToken{`
			`Context: context.Background(),`
			`SessionToken: generateToken(new(session.ObjectSessionContext)),`
			`}`
			`require.Error(t, test.op(e, ctx), containerSvcMorph.ErrInvalidContext)`

			`ctx.SessionToken = generateToken(new(session.ContainerSessionContext))`
			`require.NoError(t, test.op(e, ctx))`

			`ctx.SessionToken = nil`
			`require.NoError(t, test.op(e, ctx))`
			`})`
			`}`
			`}`

[#1195] Adopt recent changes in NeoFS SDK Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-02-25 09:20:49 +00:00			`func generateToken(ctx session.TokenContext) *session.Token {`
			`body := new(session.TokenBody)`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`body.SetContext(ctx)`

[#1195] Adopt recent changes in NeoFS SDK Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-02-25 09:20:49 +00:00			`tok := new(session.Token)`
[#1045] Provide sanity check of session token in container service Without sanity check, container service provides successful response, even though such request will never be approved by Alphabet nodes. Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-12-16 15:26:13 +00:00			`tok.SetBody(body)`

			`return tok`
			`}`