From 1637a3edcea9a59f7fba3d9d0e970461e51daa2e Mon Sep 17 00:00:00 2001
From: Dmitrii Stepanov <d.stepanov@yadro.com>
Date: Tue, 21 Mar 2023 15:39:33 +0300
Subject: [PATCH] [#155] search-service: Add search with ST test

In case of session token (ST) with object IDs search should
return only objects allowed in static session

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
---
 pkg/services/object/search/search_test.go | 130 ++++++++++++++++++++++
 1 file changed, 130 insertions(+)

diff --git a/pkg/services/object/search/search_test.go b/pkg/services/object/search/search_test.go
index bb3d422b..aacfb950 100644
--- a/pkg/services/object/search/search_test.go
+++ b/pkg/services/object/search/search_test.go
@@ -9,6 +9,7 @@ import (
 	"strconv"
 	"testing"
 
+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session"
 	clientcore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/client"
 	netmapcore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/netmap"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network"
@@ -18,8 +19,12 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test"
+	frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
 	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	sessionsdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/google/uuid"
+	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/stretchr/testify/require"
 )
 
@@ -425,3 +430,128 @@ func TestGetFromPastEpoch(t *testing.T) {
 	require.NoError(t, err)
 	assertContains(ids11, ids12, ids21, ids22)
 }
+
+func TestGetWithSessionToken(t *testing.T) {
+	ctx := context.Background()
+
+	placementDim := []int{2}
+
+	rs := make([]netmap.ReplicaDescriptor, len(placementDim))
+	for i := range placementDim {
+		rs[i].SetNumberOfObjects(uint32(placementDim[i]))
+	}
+
+	var pp netmap.PlacementPolicy
+	pp.AddReplicas(rs...)
+
+	var cnr container.Container
+	cnr.SetPlacementPolicy(pp)
+
+	var id cid.ID
+	container.CalculateID(&id, cnr)
+
+	var addr oid.Address
+	addr.SetContainer(id)
+
+	ns, as := testNodeMatrix(t, placementDim)
+
+	builder := &testPlacementBuilder{
+		vectors: map[string][][]netmap.NodeInfo{
+			addr.EncodeToString(): ns,
+		},
+	}
+
+	localStorage := newTestStorage()
+	localIDs := generateIDs(10)
+	localStorage.addResult(id, localIDs, nil)
+
+	c1 := newTestStorage()
+	ids1 := generateIDs(10)
+	c1.addResult(id, ids1, nil)
+
+	c2 := newTestStorage()
+	ids2 := generateIDs(10)
+	c2.addResult(id, ids2, nil)
+
+	w := new(simpleIDWriter)
+
+	svc := &Service{cfg: new(cfg)}
+	svc.log = test.NewLogger(false)
+	svc.localStorage = localStorage
+
+	const curEpoch = 13
+
+	svc.traverserGenerator = &testTraverserGenerator{
+		c: cnr,
+		b: map[uint64]placement.Builder{
+			curEpoch: builder,
+		},
+	}
+	svc.clientConstructor = &testClientCache{
+		clients: map[string]*testStorage{
+			as[0][0]: c1,
+			as[0][1]: c2,
+		},
+	}
+
+	svc.currentEpochReceiver = testEpochReceiver(curEpoch)
+
+	metaStub := &metaStub{
+		TTL:              5,
+		LimitByObjectIDs: append(append(localIDs[:5], ids1[:5]...), ids2[:5]...),
+		T:                t,
+		Exp:              20,
+		ContainerID:      id,
+	}
+
+	p := Prm{}
+	p.WithContainerID(id)
+	p.SetWriter(w)
+	var err error
+	p.common, err = util.CommonPrmFromV2(metaStub)
+	require.NoError(t, err)
+
+	err = svc.Search(ctx, p)
+	require.NoError(t, err)
+	require.Len(t, w.ids, 15)
+
+	for _, id := range metaStub.LimitByObjectIDs {
+		require.Contains(t, w.ids, id)
+	}
+}
+
+type metaStub struct {
+	TTL              uint32
+	Exp              uint64
+	LimitByObjectIDs []oid.ID
+	T                *testing.T
+	ContainerID      cid.ID
+}
+
+func (m *metaStub) GetMetaHeader() *session.RequestMetaHeader {
+	var result session.RequestMetaHeader
+	result.SetTTL(m.TTL)
+
+	tokenObj := new(sessionsdk.Object)
+	tokenObj.ForVerb(sessionsdk.VerbObjectSearch)
+	tokenObj.LimitByObjects(m.LimitByObjectIDs...)
+	tokenObj.SetID(uuid.New())
+	tokenObj.SetExp(m.Exp)
+	tokenObj.BindContainer(m.ContainerID)
+
+	pubKey := &frostfsecdsa.PublicKey{}
+
+	tokenObj.SetAuthKey(pubKey)
+
+	priv, err := keys.NewPrivateKey()
+	require.NoError(m.T, err)
+
+	require.NoError(m.T, tokenObj.Sign(priv.PrivateKey))
+
+	var token session.Token
+	tokenObj.WriteToV2(&token)
+
+	result.SetSessionToken(&token)
+
+	return &result
+}