From 4395a8029ef037a65bb01f42a8a69a79010dc853 Mon Sep 17 00:00:00 2001 From: Dmitrii Stepanov Date: Tue, 21 Mar 2023 15:39:33 +0300 Subject: [PATCH] [#155] search-service: Add search with ST test In case of session token (ST) with object IDs search should return only objects allowed in static session Signed-off-by: Dmitrii Stepanov --- pkg/services/object/search/search_test.go | 130 ++++++++++++++++++++++ 1 file changed, 130 insertions(+) diff --git a/pkg/services/object/search/search_test.go b/pkg/services/object/search/search_test.go index bb3d422b3..aacfb9509 100644 --- a/pkg/services/object/search/search_test.go +++ b/pkg/services/object/search/search_test.go @@ -9,6 +9,7 @@ import ( "strconv" "testing" + "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session" clientcore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/client" netmapcore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/netmap" "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network" @@ -18,8 +19,12 @@ import ( "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container" cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id" cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test" + frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap" oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id" + sessionsdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session" + "github.com/google/uuid" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/stretchr/testify/require" ) @@ -425,3 +430,128 @@ func TestGetFromPastEpoch(t *testing.T) { require.NoError(t, err) assertContains(ids11, ids12, ids21, ids22) } + +func TestGetWithSessionToken(t *testing.T) { + ctx := context.Background() + + placementDim := []int{2} + + rs := make([]netmap.ReplicaDescriptor, len(placementDim)) + for i := range placementDim { + rs[i].SetNumberOfObjects(uint32(placementDim[i])) + } + + var pp netmap.PlacementPolicy + pp.AddReplicas(rs...) + + var cnr container.Container + cnr.SetPlacementPolicy(pp) + + var id cid.ID + container.CalculateID(&id, cnr) + + var addr oid.Address + addr.SetContainer(id) + + ns, as := testNodeMatrix(t, placementDim) + + builder := &testPlacementBuilder{ + vectors: map[string][][]netmap.NodeInfo{ + addr.EncodeToString(): ns, + }, + } + + localStorage := newTestStorage() + localIDs := generateIDs(10) + localStorage.addResult(id, localIDs, nil) + + c1 := newTestStorage() + ids1 := generateIDs(10) + c1.addResult(id, ids1, nil) + + c2 := newTestStorage() + ids2 := generateIDs(10) + c2.addResult(id, ids2, nil) + + w := new(simpleIDWriter) + + svc := &Service{cfg: new(cfg)} + svc.log = test.NewLogger(false) + svc.localStorage = localStorage + + const curEpoch = 13 + + svc.traverserGenerator = &testTraverserGenerator{ + c: cnr, + b: map[uint64]placement.Builder{ + curEpoch: builder, + }, + } + svc.clientConstructor = &testClientCache{ + clients: map[string]*testStorage{ + as[0][0]: c1, + as[0][1]: c2, + }, + } + + svc.currentEpochReceiver = testEpochReceiver(curEpoch) + + metaStub := &metaStub{ + TTL: 5, + LimitByObjectIDs: append(append(localIDs[:5], ids1[:5]...), ids2[:5]...), + T: t, + Exp: 20, + ContainerID: id, + } + + p := Prm{} + p.WithContainerID(id) + p.SetWriter(w) + var err error + p.common, err = util.CommonPrmFromV2(metaStub) + require.NoError(t, err) + + err = svc.Search(ctx, p) + require.NoError(t, err) + require.Len(t, w.ids, 15) + + for _, id := range metaStub.LimitByObjectIDs { + require.Contains(t, w.ids, id) + } +} + +type metaStub struct { + TTL uint32 + Exp uint64 + LimitByObjectIDs []oid.ID + T *testing.T + ContainerID cid.ID +} + +func (m *metaStub) GetMetaHeader() *session.RequestMetaHeader { + var result session.RequestMetaHeader + result.SetTTL(m.TTL) + + tokenObj := new(sessionsdk.Object) + tokenObj.ForVerb(sessionsdk.VerbObjectSearch) + tokenObj.LimitByObjects(m.LimitByObjectIDs...) + tokenObj.SetID(uuid.New()) + tokenObj.SetExp(m.Exp) + tokenObj.BindContainer(m.ContainerID) + + pubKey := &frostfsecdsa.PublicKey{} + + tokenObj.SetAuthKey(pubKey) + + priv, err := keys.NewPrivateKey() + require.NoError(m.T, err) + + require.NoError(m.T, tokenObj.Sign(priv.PrivateKey)) + + var token session.Token + tokenObj.WriteToV2(&token) + + result.SetSessionToken(&token) + + return &result +}