ape: Fix EC chunk test #1478
1 changed files with 33 additions and 23 deletions
|
@ -652,7 +652,7 @@ func (s *testContainerSource) DeletionInfo(cid.ID) (*container.DelInfo, error) {
|
|||
return nil, nil
|
||||
}
|
||||
|
||||
func TestPutECChunk(t *testing.T) {
|
||||
func TestGetECChunk(t *testing.T) {
|
||||
headerProvider := newHeaderProviderMock()
|
||||
frostfsidProvider := newFrostfsIDProviderMock(t)
|
||||
|
||||
|
@ -666,11 +666,10 @@ func TestPutECChunk(t *testing.T) {
|
|||
Rules: []chain.Rule{
|
||||
{
|
||||
Status: chain.AccessDenied,
|
||||
Actions: chain.Actions{Names: methodsOptionalOID},
|
||||
Actions: chain.Actions{Names: methodsRequiredOID},
|
||||
Resources: chain.Resources{
|
||||
Names: []string{fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, containerID)},
|
||||
},
|
||||
Any: true,
|
||||
Condition: []chain.Condition{
|
||||
{
|
||||
Op: chain.CondStringEquals,
|
||||
|
@ -680,17 +679,27 @@ func TestPutECChunk(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Status: chain.Allow,
|
||||
Actions: chain.Actions{Names: methodsRequiredOID},
|
||||
Resources: chain.Resources{
|
||||
Names: []string{fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, containerID)},
|
||||
},
|
||||
},
|
||||
},
|
||||
MatchType: chain.MatchTypeFirstMatch,
|
||||
})
|
||||
|
||||
node1Key, err := keys.NewPrivateKey()
|
||||
require.NoError(t, err)
|
||||
node1 := netmapSDK.NodeInfo{}
|
||||
node1.SetPublicKey(node1Key.PublicKey().Bytes())
|
||||
node2Key, err := keys.NewPrivateKey()
|
||||
require.NoError(t, err)
|
||||
node2 := netmapSDK.NodeInfo{}
|
||||
node2.SetPublicKey(node1Key.PublicKey().Bytes())
|
||||
netmap := &netmapSDK.NetMap{}
|
||||
netmap.SetEpoch(100)
|
||||
netmap.SetNodes([]netmapSDK.NodeInfo{node1})
|
||||
netmap.SetNodes([]netmapSDK.NodeInfo{node1, node2})
|
||||
|
||||
nm := &netmapStub{
|
||||
currentEpoch: 100,
|
||||
|
@ -703,7 +712,7 @@ func TestPutECChunk(t *testing.T) {
|
|||
cont := containerSDK.Container{}
|
||||
cont.Init()
|
||||
pp := netmapSDK.PlacementPolicy{}
|
||||
require.NoError(t, pp.DecodeString("REP 1"))
|
||||
require.NoError(t, pp.DecodeString("EC 1.1"))
|
||||
cont.SetPlacementPolicy(pp)
|
||||
cs := &testContainerSource{
|
||||
containers: map[cid.ID]*container.Container{
|
||||
|
@ -719,7 +728,7 @@ func TestPutECChunk(t *testing.T) {
|
|||
chunkHeader := newHeaderObjectSDK(cnr, obj, nil).ToV2().GetHeader()
|
||||
ecHeader := object.ECHeader{
|
||||
Index: 1,
|
||||
Total: 5,
|
||||
Total: 2,
|
||||
Parent: &refs.ObjectID{},
|
||||
}
|
||||
chunkHeader.SetEC(&ecHeader)
|
||||
|
@ -738,32 +747,33 @@ func TestPutECChunk(t *testing.T) {
|
|||
})
|
||||
headerProvider.addHeader(cnr, ecParentID, parentHeader)
|
||||
|
||||
t.Run("access denied for container node", func(t *testing.T) {
|
||||
// container node requests EC parent headers, so container node denies access by matching attribute key/value
|
||||
t.Run("access denied on container node", func(t *testing.T) {
|
||||
prm := Prm{
|
||||
Method: nativeschema.MethodPutObject,
|
||||
Method: nativeschema.MethodGetObject,
|
||||
Container: cnr,
|
||||
Object: obj,
|
||||
Role: role,
|
||||
SenderKey: senderKey,
|
||||
SenderKey: hex.EncodeToString(node2Key.PublicKey().Bytes()),
|
||||
Header: chunkHeader,
|
||||
SoftAPECheck: true,
|
||||
}
|
||||
|
||||
err = checker.CheckAPE(context.Background(), prm)
|
||||
require.Error(t, err)
|
||||
})
|
||||
t.Run("access allowed for non container node", func(t *testing.T) {
|
||||
|
||||
// non container node has no access rights to collect EC parent header, so it uses EC chunk headers
|
||||
t.Run("access allowed on non container node", func(t *testing.T) {
|
||||
otherKey, err := keys.NewPrivateKey()
|
||||
require.NoError(t, err)
|
||||
checker = NewChecker(ls, ms, headerProvider, frostfsidProvider, nm, &stMock{}, cs, otherKey.PublicKey().Bytes())
|
||||
prm := Prm{
|
||||
Method: nativeschema.MethodPutObject,
|
||||
Method: nativeschema.MethodGetObject,
|
||||
Container: cnr,
|
||||
Object: obj,
|
||||
Role: nativeschema.PropertyValueContainerRoleOthers,
|
||||
SenderKey: senderKey,
|
||||
Header: chunkHeader,
|
||||
SoftAPECheck: true,
|
||||
}
|
||||
|
||||
err = checker.CheckAPE(context.Background(), prm)
|
||||
|
|
Loading…
Reference in a new issue