[#1477] ape: Fix EC chunk test
All checks were successful
Tests and linters / Run gofumpt (pull_request) Successful in 1m33s
DCO action / DCO (pull_request) Successful in 1m46s
Vulncheck / Vulncheck (pull_request) Successful in 2m16s
Pre-commit hooks / Pre-commit (pull_request) Successful in 2m35s
Build / Build Components (pull_request) Successful in 2m50s
Tests and linters / Staticcheck (pull_request) Successful in 3m1s
Tests and linters / gopls check (pull_request) Successful in 3m6s
Tests and linters / Lint (pull_request) Successful in 3m53s
Tests and linters / Tests (pull_request) Successful in 4m43s
Tests and linters / Tests with -race (pull_request) Successful in 6m18s
All checks were successful
Tests and linters / Run gofumpt (pull_request) Successful in 1m33s
DCO action / DCO (pull_request) Successful in 1m46s
Vulncheck / Vulncheck (pull_request) Successful in 2m16s
Pre-commit hooks / Pre-commit (pull_request) Successful in 2m35s
Build / Build Components (pull_request) Successful in 2m50s
Tests and linters / Staticcheck (pull_request) Successful in 3m1s
Tests and linters / gopls check (pull_request) Successful in 3m6s
Tests and linters / Lint (pull_request) Successful in 3m53s
Tests and linters / Tests (pull_request) Successful in 4m43s
Tests and linters / Tests with -race (pull_request) Successful in 6m18s
Initially, this test was a check that only the container node can assemble an EC object. But the implementation of this test was wrong. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
This commit is contained in:
parent
c8fb154151
commit
ef64930fef
GPG key ID:
237AF1A763293BC0
1 changed files with 33 additions and 23 deletions
|
|
@ -652,7 +652,7 @@ func (s *testContainerSource) DeletionInfo(cid.ID) (*container.DelInfo, error) {
|
|||
return nil, nil
|
||||
}
|
||||
|
||||
func TestPutECChunk(t *testing.T) {
|
||||
func TestGetECChunk(t *testing.T) {
|
||||
headerProvider := newHeaderProviderMock()
|
||||
frostfsidProvider := newFrostfsIDProviderMock(t)
|
||||
|
||||
|
|
@ -666,11 +666,10 @@ func TestPutECChunk(t *testing.T) {
|
|||
Rules: []chain.Rule{
|
||||
{
|
||||
Status: chain.AccessDenied,
|
||||
Actions: chain.Actions{Names: methodsOptionalOID},
|
||||
Actions: chain.Actions{Names: methodsRequiredOID},
|
||||
Resources: chain.Resources{
|
||||
Names: []string{fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, containerID)},
|
||||
},
|
||||
Any: true,
|
||||
Condition: []chain.Condition{
|
||||
{
|
||||
Op: chain.CondStringEquals,
|
||||
|
|
@ -680,17 +679,27 @@ func TestPutECChunk(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Status: chain.Allow,
|
||||
Actions: chain.Actions{Names: methodsRequiredOID},
|
||||
Resources: chain.Resources{
|
||||
Names: []string{fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, containerID)},
|
||||
},
|
||||
},
|
||||
},
|
||||
MatchType: chain.MatchTypeFirstMatch,
|
||||
})
|
||||
|
||||
node1Key, err := keys.NewPrivateKey()
|
||||
require.NoError(t, err)
|
||||
node1 := netmapSDK.NodeInfo{}
|
||||
node1.SetPublicKey(node1Key.PublicKey().Bytes())
|
||||
node2Key, err := keys.NewPrivateKey()
|
||||
require.NoError(t, err)
|
||||
node2 := netmapSDK.NodeInfo{}
|
||||
node2.SetPublicKey(node1Key.PublicKey().Bytes())
|
||||
netmap := &netmapSDK.NetMap{}
|
||||
netmap.SetEpoch(100)
|
||||
netmap.SetNodes([]netmapSDK.NodeInfo{node1})
|
||||
netmap.SetNodes([]netmapSDK.NodeInfo{node1, node2})
|
||||
|
||||
nm := &netmapStub{
|
||||
currentEpoch: 100,
|
||||
|
|
@ -703,7 +712,7 @@ func TestPutECChunk(t *testing.T) {
|
|||
cont := containerSDK.Container{}
|
||||
cont.Init()
|
||||
pp := netmapSDK.PlacementPolicy{}
|
||||
require.NoError(t, pp.DecodeString("REP 1"))
|
||||
require.NoError(t, pp.DecodeString("EC 1.1"))
|
||||
cont.SetPlacementPolicy(pp)
|
||||
cs := &testContainerSource{
|
||||
containers: map[cid.ID]*container.Container{
|
||||
|
|
@ -719,7 +728,7 @@ func TestPutECChunk(t *testing.T) {
|
|||
chunkHeader := newHeaderObjectSDK(cnr, obj, nil).ToV2().GetHeader()
|
||||
ecHeader := object.ECHeader{
|
||||
Index: 1,
|
||||
Total: 5,
|
||||
Total: 2,
|
||||
Parent: &refs.ObjectID{},
|
||||
}
|
||||
chunkHeader.SetEC(&ecHeader)
|
||||
|
|
@ -738,32 +747,33 @@ func TestPutECChunk(t *testing.T) {
|
|||
})
|
||||
headerProvider.addHeader(cnr, ecParentID, parentHeader)
|
||||
|
||||
t.Run("access denied for container node", func(t *testing.T) {
|
||||
// container node requests EC parent headers, so container node denies access by matching attribute key/value
|
||||
t.Run("access denied on container node", func(t *testing.T) {
|
||||
prm := Prm{
|
||||
Method: nativeschema.MethodPutObject,
|
||||
Container: cnr,
|
||||
Object: obj,
|
||||
Role: role,
|
||||
SenderKey: senderKey,
|
||||
Header: chunkHeader,
|
||||
SoftAPECheck: true,
|
||||
Method: nativeschema.MethodGetObject,
|
||||
Container: cnr,
|
||||
Object: obj,
|
||||
Role: role,
|
||||
SenderKey: hex.EncodeToString(node2Key.PublicKey().Bytes()),
|
||||
Header: chunkHeader,
|
||||
}
|
||||
|
||||
err = checker.CheckAPE(context.Background(), prm)
|
||||
require.Error(t, err)
|
||||
})
|
||||
t.Run("access allowed for non container node", func(t *testing.T) {
|
||||
|
||||
// non container node has no access rights to collect EC parent header, so it uses EC chunk headers
|
||||
t.Run("access allowed on non container node", func(t *testing.T) {
|
||||
otherKey, err := keys.NewPrivateKey()
|
||||
require.NoError(t, err)
|
||||
checker = NewChecker(ls, ms, headerProvider, frostfsidProvider, nm, &stMock{}, cs, otherKey.PublicKey().Bytes())
|
||||
prm := Prm{
|
||||
Method: nativeschema.MethodPutObject,
|
||||
Container: cnr,
|
||||
Object: obj,
|
||||
Role: nativeschema.PropertyValueContainerRoleOthers,
|
||||
SenderKey: senderKey,
|
||||
Header: chunkHeader,
|
||||
SoftAPECheck: true,
|
||||
Method: nativeschema.MethodGetObject,
|
||||
Container: cnr,
|
||||
Object: obj,
|
||||
Role: nativeschema.PropertyValueContainerRoleOthers,
|
||||
SenderKey: senderKey,
|
||||
Header: chunkHeader,
|
||||
}
|
||||
|
||||
err = checker.CheckAPE(context.Background(), prm)
|
||||
|
|
|
|||
Loading…
Reference in a new issue