frostfs-node/pkg/services/container/morph/executor_test.go

133 lines
3.4 KiB
Go
Raw Permalink Normal View History

package container_test
import (
"context"
"testing"
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container"
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session"
containerCore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/container"
containerSvc "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/container"
containerSvcMorph "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/container/morph"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test"
containertest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/test"
frostfscrypto "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto"
frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
sessiontest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session/test"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/stretchr/testify/require"
)
type mock struct {
containerSvcMorph.Reader
}
func (m mock) Put(_ containerCore.Container) (*cid.ID, error) {
return new(cid.ID), nil
}
func (m mock) Delete(_ containerCore.RemovalWitness) error {
return nil
}
func (m mock) PutEACL(_ containerCore.EACL) error {
return nil
}
func TestInvalidToken(t *testing.T) {
m := mock{}
e := containerSvcMorph.NewExecutor(m, m)
cnr := cidtest.ID()
var cnrV2 refs.ContainerID
cnr.WriteToV2(&cnrV2)
priv, err := keys.NewPrivateKey()
require.NoError(t, err)
sign := func(reqBody interface {
StableMarshal([]byte) []byte
SetSignature(signature *refs.Signature)
},
) {
signer := frostfsecdsa.Signer(priv.PrivateKey)
var sig frostfscrypto.Signature
require.NoError(t, sig.Calculate(signer, reqBody.StableMarshal(nil)))
var sigV2 refs.Signature
sig.WriteToV2(&sigV2)
reqBody.SetSignature(&sigV2)
}
var tokV2 session.Token
sessiontest.ContainerSigned().WriteToV2(&tokV2)
tests := []struct {
name string
op func(e containerSvc.ServiceExecutor, tokV2 *session.Token) error
}{
{
name: "put",
op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) {
var reqBody container.PutRequestBody
cnr := containertest.Container()
var cnrV2 container.Container
cnr.WriteToV2(&cnrV2)
reqBody.SetContainer(&cnrV2)
sign(&reqBody)
_, err = e.Put(context.TODO(), tokV2, &reqBody)
return
},
},
{
name: "delete",
op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) {
var reqBody container.DeleteRequestBody
reqBody.SetContainerID(&cnrV2)
_, err = e.Delete(context.TODO(), tokV2, &reqBody)
return
},
},
{
name: "setEACL",
op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) {
var reqBody container.SetExtendedACLRequestBody
reqBody.SetSignature(new(refs.Signature))
sign(&reqBody)
_, err = e.SetExtendedACL(context.TODO(), tokV2, &reqBody)
return
},
},
}
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
tok := generateToken(new(session.ObjectSessionContext))
require.Error(t, test.op(e, tok))
require.NoError(t, test.op(e, &tokV2))
require.NoError(t, test.op(e, nil))
})
}
}
func generateToken(ctx session.TokenContext) *session.Token {
body := new(session.TokenBody)
body.SetContext(ctx)
tok := new(session.Token)
tok.SetBody(body)
return tok
}