From 4cb4121d60fc5779d2d3fde630be015b7e951855 Mon Sep 17 00:00:00 2001 From: anatoly-bogatyrev <45566606+anatoly-bogatyrev@users.noreply.github.com> Date: Mon, 8 Feb 2021 08:05:17 +0300 Subject: [PATCH] Feature/code clearness (#27) * replication testcase has been remade #19 * Split large complex test cases into multiple test cases #18 * Add the steps to check the viewing of previous epochs during GET operations #23 * Updating all test cases according to NeoFS updates * Code improvements and bug fixes --- Makefile | 2 +- README.md | 49 +- requirements.txt | 2 +- robot/resources/lib/neofs.py | 107 ++- .../acl/acl_basic_private_container.robot | 95 +++ .../acl/acl_basic_public_container.robot | 92 +++ .../acl/acl_basic_readonly_container.robot | 90 +++ .../integration/acl/acl_bearer_allow.robot | 87 +++ .../integration/acl/acl_bearer_compound.robot | 128 +++ .../acl/acl_bearer_filter_oid_equal.robot | 96 +++ .../acl/acl_bearer_filter_oid_not_equal.robot | 124 +++ .../acl_bearer_filter_userheader_equal.robot | 130 ++++ ...l_bearer_filter_userheader_not_equal.robot | 113 +++ .../acl/acl_bearer_inaccessible.robot | 67 ++ ...l_bearer_request_filter_xheader_deny.robot | 84 ++ ..._bearer_request_filter_xheader_equal.robot | 87 +++ ...rer_request_filter_xheader_not_equal.robot | 86 +++ .../acl/acl_extended_actions.robot | 251 ++++++ .../acl/acl_extended_compound.robot | 117 +++ .../acl/acl_extended_filters.robot | 213 +++++ .../acl/common_steps_acl_basic.robot | 76 ++ .../acl/common_steps_acl_bearer.robot | 92 +++ .../acl/common_steps_acl_extended.robot | 204 +++++ robot/testsuites/integration/acl_basic.robot | 285 ------- robot/testsuites/integration/acl_bearer.robot | 730 ------------------ .../testsuites/integration/acl_extended.robot | 701 ----------------- .../{ => network}/netmap_simple.robot | 15 +- .../{ => network}/replication.robot | 27 +- .../{ => object}/object_complex.robot | 21 +- .../{ => object}/object_simple.robot | 16 +- .../integration/{ => payment}/withdraw.robot | 6 +- .../{ => services}/http_gate.robot | 16 +- .../integration/{ => services}/s3_gate.robot | 14 +- 33 files changed, 2411 insertions(+), 1812 deletions(-) create mode 100644 robot/testsuites/integration/acl/acl_basic_private_container.robot create mode 100644 robot/testsuites/integration/acl/acl_basic_public_container.robot create mode 100644 robot/testsuites/integration/acl/acl_basic_readonly_container.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_allow.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_compound.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_filter_oid_equal.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_filter_oid_not_equal.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_filter_userheader_equal.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_filter_userheader_not_equal.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_inaccessible.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_deny.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_equal.robot create mode 100644 robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_not_equal.robot create mode 100644 robot/testsuites/integration/acl/acl_extended_actions.robot create mode 100644 robot/testsuites/integration/acl/acl_extended_compound.robot create mode 100644 robot/testsuites/integration/acl/acl_extended_filters.robot create mode 100644 robot/testsuites/integration/acl/common_steps_acl_basic.robot create mode 100644 robot/testsuites/integration/acl/common_steps_acl_bearer.robot create mode 100644 robot/testsuites/integration/acl/common_steps_acl_extended.robot delete mode 100644 robot/testsuites/integration/acl_basic.robot delete mode 100644 robot/testsuites/integration/acl_bearer.robot delete mode 100644 robot/testsuites/integration/acl_extended.robot rename robot/testsuites/integration/{ => network}/netmap_simple.robot (92%) rename robot/testsuites/integration/{ => network}/replication.robot (78%) rename robot/testsuites/integration/{ => object}/object_complex.robot (91%) rename robot/testsuites/integration/{ => object}/object_simple.robot (95%) rename robot/testsuites/integration/{ => payment}/withdraw.robot (95%) rename robot/testsuites/integration/{ => services}/http_gate.robot (91%) rename robot/testsuites/integration/{ => services}/s3_gate.robot (92%) diff --git a/Makefile b/Makefile index a5ed8e56..4cca0479 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ run: @echo "⇒ Test Run" - @robot --timestampoutputs --outputdir artifacts/ robot/testsuites/integration/*.robot + @robot --timestampoutputs --outputdir artifacts/ robot/testsuites/integration/ help: @echo "⇒ run Run testcases ${R}" diff --git a/README.md b/README.md index 359a14f5..3dd6f53b 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,7 @@ 3. Install neo-go - `git clone git@github.com:nspcc-dev/neo-go.git` - `cd neo-go` + - `git checkout v0.92.0` (or the current version in the neofs-dev-env) - `make` - `sudo cp bin/neo-go /usr/local/bin/neo-go`, add alias path to bin/neo-go or run `export NEOGO_CLI_EXEC=` @@ -28,7 +29,7 @@ (replace pip3 with the appropriate python package manager on the system). -In this case, dev-env should be running with the tested environment. +Test cases are designed to run on Python 3.7+ ### Run @@ -39,22 +40,40 @@ In this case, dev-env should be running with the tested environment. ### Running an arbitrary test case -To run an arbitrary testcase, you need to run the command: -`robot --outputdir artifacts/ robot/testsuites/integration/.robot ` +To run an arbitrary UserScenario or testcase, you need to run the command: +`robot --outputdir artifacts/ robot/testsuites/integration/` or `robot --outputdir artifacts/ robot/testsuites/integration//.robot` -The following scripts are available for execution: - - * acl_basic.robot - * acl_extended.robot - * acl_baearer.robot - * object_complex.robot - * object_simple.robot - * withdraw.robot - * netmap_simple.robot - * replication.robot - * http_gate.robot - * s3_gate.robot +The following UserScenarios and testcases are available for execution: + * acl + * acl_basic_private_container.robot + * acl_basic_public_container.robot + * acl_basic_readonly_container.robot + * acl_bearer compound.robot + * acl_bearer_allow.robot + * acl_bearer_filter_oid_equal.robot + * acl_bearer_filter_oid_not_equal.robot + * acl_bearer_filter_userheader_equal.robot + * acl_bearer_filter_userheader_not_equal.robot + * acl_bearer_inaccessible.robot + * acl_bearer_request_filter_xheader_deny.robot + * acl_bearer_request_filter_xheader_equal.robot + * acl_bearer_request_filter_xheader_not_equal.robot + * acl_extended_actions.robot + * acl_extended_compound.robot + * acl_extended_filters.robot + * network + * netmap_simple.robot + * replication.robot + * object + * object_complex.robot + * object_simple.robot + * payment + * withdraw.robot + * services + * http_gate.robot + * s3_gate.robot + ## Smoke test execution diff --git a/requirements.txt b/requirements.txt index e73accc7..42a31a50 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,6 @@ robotframework==3.2.1 requests==2.25.1 -pexpect==4.2.1 +pexpect==4.8.0 boto3==1.16.33 docker==4.4.0 botocore==1.19.33 diff --git a/robot/resources/lib/neofs.py b/robot/resources/lib/neofs.py index ea9d57c1..6f39c732 100644 --- a/robot/resources/lib/neofs.py +++ b/robot/resources/lib/neofs.py @@ -15,6 +15,10 @@ import docker import json import tarfile +import time +from datetime import datetime + + if os.getenv('ROBOT_PROFILE') == 'selectel_smoke': from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT, NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, NEOFS_NETMAP) @@ -93,7 +97,7 @@ def start_nodes(*nodes_list): @keyword('Get nodes with object') def get_nodes_with_object(private_key: str, cid: str, oid: str): - storage_nodes = _get_storage_nodes(private_key) + storage_nodes = _get_storage_nodes() copies = 0 nodes_list = [] @@ -110,7 +114,7 @@ def get_nodes_with_object(private_key: str, cid: str, oid: str): @keyword('Get nodes without object') def get_nodes_without_object(private_key: str, cid: str, oid: str): - storage_nodes = _get_storage_nodes(private_key) + storage_nodes = _get_storage_nodes() copies = 0 nodes_list = [] @@ -129,7 +133,7 @@ def get_nodes_without_object(private_key: str, cid: str, oid: str): @keyword('Validate storage policy for object') def validate_storage_policy_for_object(private_key: str, expected_copies: int, cid, oid, *expected_node_list): - storage_nodes = _get_storage_nodes(private_key) + storage_nodes = _get_storage_nodes() copies = 0 found_nodes = [] @@ -412,7 +416,7 @@ def verify_split_chain(private_key: str, cid: str, oid: str): # Get Latest object logger.info("Collect Split objects information and verify chain of the objects.") - nodes = _get_storage_nodes(private_key) + nodes = _get_storage_nodes() for node in nodes: header_virtual = head_object(private_key, cid, oid, '', '', '--raw --ttl 1', node, True) parsed_header_virtual = parse_object_virtual_raw_header(header_virtual) @@ -522,6 +526,7 @@ def _verify_child_link(private_key: str, cid: str, oid: str, header_last_parsed: @keyword('Get Docker Logs') def get_container_logs(testcase_name: str): #client = docker.APIClient() + client = docker.from_env() tar_name = "artifacts/dockerlogs("+testcase_name+").tar.gz" @@ -535,9 +540,9 @@ def get_container_logs(testcase_name: str): tar.add(file_name) os.remove(file_name) - + tar.close() - + return 1 @keyword('Verify Head Tombstone') @@ -797,7 +802,8 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers: logger.info("Going to put the object") if not endpoint: - endpoint = random.sample(_get_storage_nodes(private_key), 1)[0] + endpoint = random.sample(_get_storage_nodes(), 1)[0] + if user_headers: user_headers = f"--attributes {user_headers}" if bearer: @@ -817,6 +823,69 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers: except subprocess.CalledProcessError as e: raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output)) + +@keyword('Get Nodes Log Latest Timestamp') +def get_logs_latest_timestamp(): + """ + Keyword return: + nodes_logs_time -- structure (dict) of nodes container name (key) and latest logs timestamp (value) + """ + nodes = _get_storage_nodes() + client_api = docker.APIClient() + + nodes_logs_time = dict() + + for node in nodes: + container = node.split('.')[0] + log_line = client_api.logs(container, tail=1) + + m = re.search(r'(\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d+Z)', str(log_line)) + if m != None: + timestamp = m.group(1) + + timestamp_date = datetime.fromisoformat(timestamp[:-1]) + + nodes_logs_time[container] = timestamp_date + + logger.info("Latest logs timestamp list: %s" % nodes_logs_time) + + return nodes_logs_time + + +@keyword('Find in Nodes Log') +def find_in_nodes_Log(line: str, nodes_logs_time: dict): + + client_api = docker.APIClient() + container_names = list() + + for docker_container in client_api.containers(): + container_names.append(docker_container['Names'][0][1:]) + + global_count = 0 + + for container in nodes_logs_time.keys(): + # check if container exists + if container in container_names: + # Get log since timestamp + timestamp_date = nodes_logs_time[container] + log_lines = client_api.logs(container, since=timestamp_date) + logger.info("Timestamp since: %s " % timestamp_date) + found_count = len(re.findall(line, log_lines.decode("utf-8") )) + logger.info("Node %s log - found counter: %s" % (container, found_count)) + global_count += found_count + + else: + logger.info("Container %s has not been found." % container) + + if global_count > 0: + logger.info("Expected line '%s' has been found in the logs." % line) + else: + raise Exception("Expected line '%s' has not been found in the logs." % line) + + return 1 + + + @keyword('Get Range Hash') def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, range_cut: str, options: str=""): @@ -842,7 +911,9 @@ def get_object(private_key: str, cid: str, oid: str, bearer_token: str, logger.info("Going to put the object") if not endpoint: - endpoint = random.sample(_get_storage_nodes(private_key), 1)[0] + endpoint = random.sample(_get_storage_nodes(), 1)[0] + + if bearer_token: bearer_token = f"--bearer {bearer_token}" @@ -920,28 +991,12 @@ def _parse_cid(output: str): cid = m.group(1) return cid -def _get_storage_nodes(private_key: bytes): - #storage_nodes = ['s01.neofs.devenv:8080', 's02.neofs.devenv:8080','s03.neofs.devenv:8080','s04.neofs.devenv:8080'] - #NetmapCmd = f'{NEOFS_CLI_EXEC} --host {NEOFS_ENDPOINT} --key {binascii.hexlify(private_key).decode()} status netmap' - #complProc = subprocess.run(NetmapCmd, check=True, universal_newlines=True, - # stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=15, shell=True) - #output = complProc.stdout - #logger.info("Netmap: %s" % output) - #for m in re.finditer(r'"address":"/ip4/(\d+\.\d+\.\d+\.\d+)/tcp/(\d+)"', output): - # storage_nodes.append(m.group(1)+":"+m.group(2)) - - #if not storage_nodes: - # raise Exception("Storage nodes was not found.") - - - # Will be fixed when netmap will be added to cli - - #storage_nodes.append() +def _get_storage_nodes(): + # TODO: fix to get netmap from neofs-cli logger.info("Storage nodes: %s" % NEOFS_NETMAP) return NEOFS_NETMAP def _search_object(node:str, private_key: str, cid:str, oid: str): - # --filters objectID={oid} if oid: oid_cmd = "--oid %s" % oid Cmd = ( diff --git a/robot/testsuites/integration/acl/acl_basic_private_container.robot b/robot/testsuites/integration/acl/acl_basic_private_container.robot new file mode 100644 index 00000000..d786ad3a --- /dev/null +++ b/robot/testsuites/integration/acl/acl_basic_private_container.robot @@ -0,0 +1,95 @@ +*** Settings *** +Variables ../../../variables/common.py + +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Resource common_steps_acl_basic.robot + + +*** Test cases *** +Basic ACL Operations for Private Container + [Documentation] Testcase to validate NeoFS operations with ACL for Private Container. + [Tags] ACL NeoFS NeoCLI + [Timeout] 20 min + + Generate Keys + + Create Containers + Generate file 1024 + Check Private Container + + Create Containers + Generate file 70e+6 + Check Private Container + + [Teardown] Cleanup + + + + +*** Keywords *** + +Check Private Container + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} + Run Keyword And Expect Error * + ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} + Run Keyword And Expect Error * + ... Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} + ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} + + + # Get + Get object from NeoFS ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read + Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read + Get object from NeoFS ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read + + # Get Range + Get Range ${USER_KEY} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get Range ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get Range ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get Range ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + + # Get Range Hash + Get Range Hash ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get Range Hash ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256 + + # Search + @{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN} + Search object ${USER_KEY} ${PRIV_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} + Run Keyword And Expect Error * + ... Search object ${OTHER_KEY} ${PRIV_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} + Search object ${SYSTEM_KEY_IR} ${PRIV_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} + Search object ${SYSTEM_KEY_SN} ${PRIV_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} + + + # Head + Head object ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Run Keyword And Expect Error * + ... Head object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + + + # Delete + Run Keyword And Expect Error * + ... Delete object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} + Delete object ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_basic \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_basic_public_container.robot b/robot/testsuites/integration/acl/acl_basic_public_container.robot new file mode 100644 index 00000000..9e9620bb --- /dev/null +++ b/robot/testsuites/integration/acl/acl_basic_public_container.robot @@ -0,0 +1,92 @@ +*** Settings *** +Variables ../../../variables/common.py + +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Resource common_steps_acl_basic.robot + + +*** Test cases *** +Basic ACL Operations for Public Container + [Documentation] Testcase to validate NeoFS operations with ACL for Public Container. + [Tags] ACL NeoFS NeoCLI + [Timeout] 20 min + + Generate Keys + + Create Containers + Generate file 1024 + Check Public Container + + Create Containers + Generate file 70e+6 + Check Public Container + + [Teardown] Cleanup + + +*** Keywords *** + +Check Public Container + + # Put + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} + ${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} + ${S_OID_SYS_IR} = Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} + ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} + + # Get + Get object from NeoFS ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read + Get object from NeoFS ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read + Get object from NeoFS ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read + Get object from NeoFS ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read + + # Get Range + Get Range ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + + + # Get Range Hash + Get Range Hash ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256 + + # Search + @{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} ${S_OID_SYS_IR} + Search object ${USER_KEY} ${PUBLIC_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} + Search object ${OTHER_KEY} ${PUBLIC_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} + Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} + Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} + + # Head + Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + + Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY} + Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY} + + Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY} + Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY} + + + # Delete + Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_IR} ${EMPTY} + Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} + Delete object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} + Delete object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_basic \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_basic_readonly_container.robot b/robot/testsuites/integration/acl/acl_basic_readonly_container.robot new file mode 100644 index 00000000..d4ee8331 --- /dev/null +++ b/robot/testsuites/integration/acl/acl_basic_readonly_container.robot @@ -0,0 +1,90 @@ +*** Settings *** +Variables ../../../variables/common.py + +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Resource common_steps_acl_basic.robot + + +*** Test cases *** +Basic ACL Operations for Read-Only Container + [Documentation] Testcase to validate NeoFS operations with ACL for Read-Only Container. + [Tags] ACL NeoFS NeoCLI + [Timeout] 20 min + + Generate Keys + + Create Containers + Generate file 1024 + Check Read-Only Container + + Create Containers + Generate file 70e+6 + Check Read-Only Container + + [Teardown] Cleanup + + +*** Keywords *** + + +Check Read-Only Container + # Check Read Only container: + + # Put + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY} + Run Keyword And Expect Error * + ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY} + Run Keyword And Expect Error * + ... Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY} + ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY} + + # Get + Get object from NeoFS ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read + Get object from NeoFS ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read + Get object from NeoFS ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read + Get object from NeoFS ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read + + # Get Range + Get Range ${USER_KEY} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + + + # Get Range Hash + Get Range Hash ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256 + + # Search + @{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN} + Search object ${USER_KEY} ${READONLY_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_RO} + Search object ${OTHER_KEY} ${READONLY_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_RO} + Search object ${SYSTEM_KEY_IR} ${READONLY_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_RO} + Search object ${SYSTEM_KEY_SN} ${READONLY_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_RO} + + + # Head + Head object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Head object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Head object ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + + # Delete + Run Keyword And Expect Error * + ... Delete object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} + Delete object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} + + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_basic \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_allow.robot b/robot/testsuites/integration/acl/acl_bearer_allow.robot new file mode 100644 index 00000000..5cbe0b98 --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_allow.robot @@ -0,0 +1,87 @@ +*** Settings *** +Variables ../../../variables/common.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Library Collections +Resource common_steps_acl_bearer.robot + + +*** Test cases *** +BearerToken Operations + [Documentation] Testcase to validate NeoFS operations with BearerToken. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check eACL Deny and Allow All Bearer + + Log Check Bearer token with complex object + Cleanup Files ${FILE_S} + Generate file 70e+6 + Check eACL Deny and Allow All Bearer + + [Teardown] Cleanup + + + +*** Keywords *** + +Check eACL Deny and Allow All Bearer + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await + + + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER + + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + + Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl + Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 + Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range + ... bearer_allow_all_user gen_eacl_deny_all_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_compound.robot b/robot/testsuites/integration/acl/acl_bearer_compound.robot new file mode 100644 index 00000000..961b973a --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_compound.robot @@ -0,0 +1,128 @@ +*** Settings *** +Variables ../../../variables/common.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Library Collections +Resource common_steps_acl_bearer.robot + +*** Test cases *** +BearerToken Operations for Сompound Operations + [Documentation] Testcase to validate NeoFS operations with BearerToken for Сompound Operations. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check Сompound Operations + + Log Check Bearer token with complex object + Cleanup Files ${FILE_S} + Generate file 70e+6 + Check Сompound Operations + + [Teardown] Cleanup + + +*** Keywords *** + +Check Сompound Operations + Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS} + Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER} + Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM} + + Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS} + Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER} + Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM} + + Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS} + Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER} + Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM} + + +Check Bearer Сompound Get + [Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL} + + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + @{S_OBJ_H} = Create List ${S_OID_USER} + + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await + + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP} + ${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP} + ${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP} + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} + Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow + + Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl + Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256 + Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256 + + +Check Bearer Сompound Delete + [Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL} + + ${CID} = Create Container Public + + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} + Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await + + ${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP} + ${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP} + ${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP} + ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} + Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow + Run Keyword And Expect Error * + ... Put object to NeoFS ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER} + + Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow + + + +Check Bearer Сompound Get Range Hash + [Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL} + + ${CID} = Create Container Public + + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + + Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await + + ${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP} + ${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP} + ${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP} + ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} + Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256 + Run Keyword And Expect Error * + ... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl + + Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256 + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range + ... gen_eacl_deny_all_USER bearer_allow + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_filter_oid_equal.robot b/robot/testsuites/integration/acl/acl_bearer_filter_oid_equal.robot new file mode 100644 index 00000000..5dec30de --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_filter_oid_equal.robot @@ -0,0 +1,96 @@ +*** Settings *** +Variables ../../../variables/common.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Library Collections +Resource common_steps_acl_bearer.robot + + +*** Test cases *** +BearerToken Operations with Filter OID Equal + [Documentation] Testcase to validate NeoFS operations with BearerToken with Filter OID Equal. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check eACL Deny and Allow All Bearer Filter OID Equal + + Log Check Bearer token with complex object + Cleanup Files ${FILE_S} + Generate file 70e+6 + Check eACL Deny and Allow All Bearer Filter OID Equal + + [Teardown] Cleanup + + + +*** Keywords *** + +Check eACL Deny and Allow All Bearer Filter OID Equal + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await + + ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER} + + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} + + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + + Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl + + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 + + Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range + ... bearer_allow_all_user gen_eacl_deny_all_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_filter_oid_not_equal.robot b/robot/testsuites/integration/acl/acl_bearer_filter_oid_not_equal.robot new file mode 100644 index 00000000..e128929b --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_filter_oid_not_equal.robot @@ -0,0 +1,124 @@ +*** Settings *** +Variables ../../../variables/common.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Library Collections +Resource common_steps_acl_bearer.robot + + +*** Test cases *** +BearerToken Operations with Filter OID NotEqual + [Documentation] Testcase to validate NeoFS operations with BearerToken with Filter OID NotEqual. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check eACL Deny and Allow All Bearer Filter OID NotEqual + + Log Check Bearer token with complex object + Cleanup Files ${FILE_S} + Generate file 70e+6 + Check eACL Deny and Allow All Bearer Filter OID NotEqual + + [Teardown] Cleanup + + + +*** Keywords *** + + +Prepare eACL Role rules + Log Set eACL for different Role cases + + # eACL rules for all operations and similar permissions + @{Roles} = Create List OTHERS USER SYSTEM + FOR ${role} IN @{Roles} + ${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role} + ${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role} + ${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role} + ${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role} + ${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role} + ${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role} + ${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role} + + ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen} + Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role} + END + +Check eACL Deny and Allow All Bearer Filter OID NotEqual + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await + + ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2} + + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} + + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + + Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} + + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl + + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER_2} s_get_range bearer_allow_all_user 0:256 + + Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user + + Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${D_OID_USER_2} bearer_allow_all_user + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range + ... bearer_allow_all_user gen_eacl_deny_all_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_filter_userheader_equal.robot b/robot/testsuites/integration/acl/acl_bearer_filter_userheader_equal.robot new file mode 100644 index 00000000..43f54942 --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_filter_userheader_equal.robot @@ -0,0 +1,130 @@ +*** Settings *** +Variables ../../../variables/common.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Library Collections +Resource common_steps_acl_bearer.robot + + + +*** Test cases *** +BearerToken Operations with Filter UserHeader Equal + [Documentation] Testcase to validate NeoFS operations with BearerToken with Filter UserHeader Equal. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check eACL Deny and Allow All Bearer Filter UserHeader Equal + + Cleanup Files ${FILE_S} + Log Check Bearer token with complex object + Generate file 70e+6 + Check eACL Deny and Allow All Bearer Filter UserHeader Equal + + [Teardown] Cleanup + + + +*** Keywords *** + +Prepare eACL Role rules + Log Set eACL for different Role cases + + # eACL rules for all operations and similar permissions + @{Roles} = Create List OTHERS USER SYSTEM + FOR ${role} IN @{Roles} + ${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role} + ${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role} + ${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role} + ${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role} + ${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role} + ${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role} + ${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role} + + ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen} + Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role} + END + + +Check eACL Deny and Allow All Bearer Filter UserHeader Equal + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await + + + ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc + + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} + + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + + Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} + + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl + + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 + + Run Keyword And Expect Error * + ... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 + + Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user + + # Delete can not be filtered by UserHeader. + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range + ... bearer_allow_all_user gen_eacl_deny_all_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_filter_userheader_not_equal.robot b/robot/testsuites/integration/acl/acl_bearer_filter_userheader_not_equal.robot new file mode 100644 index 00000000..d196d358 --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_filter_userheader_not_equal.robot @@ -0,0 +1,113 @@ +*** Settings *** +Variables ../../../variables/common.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Library Collections +Resource common_steps_acl_bearer.robot + + +*** Test cases *** +BearerToken Operations Filter UserHeader NotEqual + [Documentation] Testcase to validate NeoFS operations with BearerToken Filter UserHeader NotEqual. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual + + Log Check Bearer token with complex object + Cleanup Files ${FILE_S} + Generate file 70e+6 + Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual + + [Teardown] Cleanup + + + +*** Keywords *** + +Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER_2} + + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await + + + ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc + + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} + + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7} + + Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + + # Search can not use filter by headers + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} + + # Different behaviour for big and small objects! + # Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY} + + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl + + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 + + Run Keyword And Expect Error * + ... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 + + Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user + + # Delete can not be filtered by UserHeader. + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range + ... bearer_allow_all_user gen_eacl_deny_all_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_inaccessible.robot b/robot/testsuites/integration/acl/acl_bearer_inaccessible.robot new file mode 100644 index 00000000..bc1cc005 --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_inaccessible.robot @@ -0,0 +1,67 @@ +*** Settings *** + +Variables ../../../variables/common.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Library Collections +Resource common_steps_acl_bearer.robot + +*** Test cases *** +BearerToken Operations for Inaccessible Container + [Documentation] Testcase to validate NeoFS operations with BearerToken for Inaccessible Container. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check Container Inaccessible and Allow All Bearer + + Log Check Bearer token with complex object + Cleanup Files ${FILE_S} + Generate file 70e+6 + Check Container Inaccessible and Allow All Bearer + + [Teardown] Cleanup + + + +*** Keywords *** + +Check Container Inaccessible and Allow All Bearer + ${CID} = Create Container Inaccessible + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + + ${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER + ${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER + + ${eACL_gen}= Create List ${rule1} ${rule2} + + Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} + ... bearer_allow_all_user gen_eacl_deny_all_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_deny.robot b/robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_deny.robot new file mode 100644 index 00000000..ecb09e97 --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_deny.robot @@ -0,0 +1,84 @@ +*** Settings *** +Variables ../../../variables/common.py + +Library Collections + +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Resource common_steps_acl_bearer.robot + + + +*** Test cases *** +BearerToken Operations + [Documentation] Testcase to validate NeoFS operations with BearerToken. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check eACL Allow All Bearer Filter Requst Equal Deny + + Log Check Bearer token with complex object + Cleanup Files ${FILE_S} + Generate file 70e+6 + Check eACL Allow All Bearer Filter Requst Equal Deny + + [Teardown] Cleanup + + + +*** Keywords *** + +Check eACL Allow All Bearer Filter Requst Equal Deny + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + + ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256 + ${rule1}= Create Dictionary Operation=GET Access=DENY Role=USER Filters=${filters} + ${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=USER Filters=${filters} + ${rule3}= Create Dictionary Operation=PUT Access=DENY Role=USER Filters=${filters} + ${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=USER Filters=${filters} + ${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=USER Filters=${filters} + ${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters} + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2 + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2 + Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2 + Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2 + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2 + Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2 + Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256 + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256 + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256 + Run Keyword And Expect Error * + ... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256 + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256 + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range + ... bearer_allow_all_user gen_eacl_deny_all_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_equal.robot b/robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_equal.robot new file mode 100644 index 00000000..40dbf782 --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_equal.robot @@ -0,0 +1,87 @@ +*** Settings *** +Variables ../../../variables/common.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Library Collections +Resource common_steps_acl_bearer.robot + + +*** Test cases *** +BearerToken Operations with Filter Requst Equal + [Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst Equal. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check eACL Deny and Allow All Bearer Filter Requst Equal + + Log Check Bearer token with complex object + Cleanup Files ${FILE_S} + Generate file 70e+6 + Check eACL Deny and Allow All Bearer Filter Requst Equal + + [Teardown] Cleanup + + + +*** Keywords *** + +Check eACL Deny and Allow All Bearer Filter Requst Equal + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await + + ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256 + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256 + Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 + Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256 + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256 + Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256 + Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256 + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range + ... bearer_allow_all_user gen_eacl_deny_all_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_not_equal.robot b/robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_not_equal.robot new file mode 100644 index 00000000..41c3d2c7 --- /dev/null +++ b/robot/testsuites/integration/acl/acl_bearer_request_filter_xheader_not_equal.robot @@ -0,0 +1,86 @@ +*** Settings *** +Variables ../../../variables/common.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Library Collections +Resource common_steps_acl_bearer.robot + + +*** Test cases *** +BearerToken Operations with Filter Requst NotEqual + [Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst NotEqual. + [Tags] ACL NeoFS NeoCLI BearerToken + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check Bearer token with simple object + Generate file 1024 + Check eACL Deny and Allow All Bearer Filter Requst NotEqual + + Log Check Bearer token with complex object + Cleanup Files ${FILE_S} + Generate file 70e+6 + Check eACL Deny and Allow All Bearer Filter Requst NotEqual + + [Teardown] Cleanup + + +*** Keywords *** + +Check eACL Deny and Allow All Bearer Filter Requst NotEqual + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await + + ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256 + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + #Run Keyword And Expect Error * + #... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + + Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 + Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2 + Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 + Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2 + Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2 + Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2 + Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2 + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range + ... bearer_allow_all_user gen_eacl_deny_all_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl/acl_extended_actions.robot b/robot/testsuites/integration/acl/acl_extended_actions.robot new file mode 100644 index 00000000..c3d3885d --- /dev/null +++ b/robot/testsuites/integration/acl/acl_extended_actions.robot @@ -0,0 +1,251 @@ +*** Settings *** +Variables ../../../variables/common.py +Library Collections +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Resource common_steps_acl_extended.robot + +*** Test cases *** +Extended ACL Operations + [Documentation] Testcase to validate NeoFS operations with extended ACL. + [Tags] ACL eACL NeoFS NeoCLI + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check extended ACL with simple object + + Generate files 1024 + Check Actions + + Cleanup Files ${FILE_S} ${FILE_S_2} + + Log Check extended ACL with complex object + Generate files 70e+6 + Check Actions + + + [Teardown] Cleanup + + +*** Keywords *** + +Check Actions + Check eACL Deny and Allow All Other + Check eACL Deny and Allow All User + Check eACL Deny and Allow All System + Check eACL Deny All Other and Allow All Pubkey + + + +Check eACL Deny and Allow All User + Check eACL Deny and Allow All ${USER_KEY} ${EACL_DENY_ALL_USER} ${EACL_ALLOW_ALL_USER} + + +Check eACL Deny and Allow All Other + Check eACL Deny and Allow All ${OTHER_KEY} ${EACL_DENY_ALL_OTHER} ${EACL_ALLOW_ALL_OTHER} + + +Check eACL Deny and Allow All System + ${CID} = Create Container Public + + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + ${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + + @{S_OBJ_H} = Create List ${S_OID_USER} + + Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + + Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + + Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} + + Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + + Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + + Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY} + Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM} --await + + Run Keyword And Expect Error * + ... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Run Keyword And Expect Error * + ... Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + + Run Keyword And Expect Error * + ... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + Run Keyword And Expect Error * + ... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + + + Run Keyword And Expect Error * + ... Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} + + Run Keyword And Expect Error * + ... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + + + Run Keyword And Expect Error * + ... Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + + + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} + + + Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM} --await + + + ${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + ${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + + + Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + + Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + + Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} + + Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + + Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + + Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY} + Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY} + + + +Check eACL Deny All Other and Allow All Pubkey + + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Delete object ${EACL_KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_Pubkey} --await + Get eACL ${USER_KEY} ${CID} + + Run Keyword And Expect Error * + ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + + Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Delete object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} + + +Check eACL Deny and Allow All + [Arguments] ${KEY} ${DENY_EACL} ${ALLOW_EACL} + + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} + @{S_OBJ_H} = Create List ${S_OID_USER} + + Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + + Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} + + Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await + + Run Keyword And Expect Error * + ... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Run Keyword And Expect Error * + ... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Run Keyword And Expect Error * + ... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Run Keyword And Expect Error * + ... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL} --await + + + Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} + Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} + Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} + + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl s_get_range + ... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER + ... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS + ... gen_eacl_deny_all_OTHERS + ... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS + ... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER + ... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_extended diff --git a/robot/testsuites/integration/acl/acl_extended_compound.robot b/robot/testsuites/integration/acl/acl_extended_compound.robot new file mode 100644 index 00000000..c8182c4a --- /dev/null +++ b/robot/testsuites/integration/acl/acl_extended_compound.robot @@ -0,0 +1,117 @@ +*** Settings *** +Variables ../../../variables/common.py +Library Collections +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Resource common_steps_acl_extended.robot + + +*** Test cases *** +Extended ACL Operations + [Documentation] Testcase to validate NeoFS operations with extended ACL. + [Tags] ACL eACL NeoFS NeoCLI + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check extended ACL with simple object + Generate files 1024 + Check Сompound Operations + + Cleanup Files ${FILE_S} ${FILE_S_2} + + Log Check extended ACL with complex object + Generate files 70e+6 + Check Сompound Operations + + [Teardown] Cleanup + + +*** Keywords *** + + + +Check Сompound Operations + Check eACL Сompound Get ${OTHER_KEY} ${EACL_COMPOUND_GET_OTHERS} + Check eACL Сompound Get ${USER_KEY} ${EACL_COMPOUND_GET_USER} + Check eACL Сompound Get ${SYSTEM_KEY} ${EACL_COMPOUND_GET_SYSTEM} + + Check eACL Сompound Delete ${OTHER_KEY} ${EACL_COMPOUND_DELETE_OTHERS} + Check eACL Сompound Delete ${USER_KEY} ${EACL_COMPOUND_DELETE_USER} + Check eACL Сompound Delete ${SYSTEM_KEY} ${EACL_COMPOUND_DELETE_SYSTEM} + + Check eACL Сompound Get Range Hash ${OTHER_KEY} ${EACL_COMPOUND_GET_HASH_OTHERS} + Check eACL Сompound Get Range Hash ${USER_KEY} ${EACL_COMPOUND_GET_HASH_USER} + Check eACL Сompound Get Range Hash ${SYSTEM_KEY} ${EACL_COMPOUND_GET_HASH_SYSTEM} + +Check eACL Сompound Get + [Arguments] ${KEY} ${DENY_EACL} + + ${CID} = Create Container Public + + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await + + Run Keyword And Expect Error * + ... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} + + Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + + +Check eACL Сompound Delete + [Arguments] ${KEY} ${DENY_EACL} + + ${CID} = Create Container Public + + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} + Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY} + + Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await + + Run Keyword And Expect Error * + ... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} + Run Keyword And Expect Error * + ... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + + Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} + + + +Check eACL Сompound Get Range Hash + [Arguments] ${KEY} ${DENY_EACL} + + ${CID} = Create Container Public + + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + + Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await + + Run Keyword And Expect Error * + ... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl s_get_range + ... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER + ... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS + ... gen_eacl_deny_all_OTHERS + ... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS + ... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER + ... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_extended diff --git a/robot/testsuites/integration/acl/acl_extended_filters.robot b/robot/testsuites/integration/acl/acl_extended_filters.robot new file mode 100644 index 00000000..ead95d12 --- /dev/null +++ b/robot/testsuites/integration/acl/acl_extended_filters.robot @@ -0,0 +1,213 @@ +*** Settings *** +Variables ../../../variables/common.py +Library Collections +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py + +Resource common_steps_acl_extended.robot + +*** Test cases *** +Extended ACL Operations + [Documentation] Testcase to validate NeoFS operations with extended ACL. + [Tags] ACL eACL NeoFS NeoCLI + [Timeout] 20 min + + Generate Keys + Prepare eACL Role rules + + Log Check extended ACL with simple object + Generate files 1024 + Check Filters + + Cleanup Files ${FILE_S} ${FILE_S_2} + + Log Check extended ACL with complex object + Generate files 70e+6 + Check Filters + + [Teardown] Cleanup + + +*** Keywords *** + + +Check Filters + Check eACL MatchType String Equal Object + Check eACL MatchType String Not Equal Object + Check eACL MatchType String Equal Request Deny + Check eACL MatchType String Equal Request Allow + + +Check eACL MatchType String Equal Request Deny + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + + ${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + &{HEADER_DICT} = Parse Object System Header ${HEADER} + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + + ${ID_value} = Get From Dictionary ${HEADER_DICT} ID + + Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_DENY_ALL} --await + + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2 + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=256 + + Run Keyword And Expect Error * + ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2 + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2 + Run Keyword And Expect Error * + ... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 + Run Keyword And Expect Error * + ... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2 + Run Keyword And Expect Error * + ... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2" + Run Keyword And Expect Error * + ... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2 + Run Keyword And Expect Error * + ... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2 + + Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=256 + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=* + Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a= + Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=.* + Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2 2" + Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=256 + Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=22 + + + +Check eACL MatchType String Equal Request Allow + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + + ${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + &{HEADER_DICT} = Parse Object System Header ${HEADER} + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + + ${ID_value} = Get From Dictionary ${HEADER_DICT} ID + + Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_ALLOW_ALL} --await + Get eACL ${USER_KEY} ${CID} + + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} + Run Keyword And Expect Error * + ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} + Run Keyword And Expect Error * + ... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} + Run Keyword And Expect Error * + ... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} + Run Keyword And Expect Error * + ... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 + Run Keyword And Expect Error * + ... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + + Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2 + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2 + Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 + Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2 + Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a=2 + Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2 + Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2 + + +Check eACL MatchType String Equal Object + ${CID} = Create Container Public + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + + ${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + &{HEADER_DICT} = Parse Object System Header ${HEADER} + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + + Log Set eACL for Deny GET operation with StringEqual Object ID + ${ID_value} = Get From Dictionary ${HEADER_DICT} ID + + ${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${ID_value} + ${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} + ${eACL_gen} = Create List ${rule1} + ${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen} + + Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + + Log Set eACL for Deny GET operation with StringEqual Object Extended User Header + ${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + + ${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key1 value=1 + ${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} + ${eACL_gen} = Create List ${rule1} + ${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen} + + + Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl + + + +Check eACL MatchType String Not Equal Object + ${CID} = Create Container Public + + ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} + ${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S_2} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + + ${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} + Head object ${USER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} + + &{HEADER_DICT} = Parse Object System Header ${HEADER} + + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl + + Log Set eACL for Deny GET operation with StringNotEqual Object ID + ${ID_value} = Get From Dictionary ${HEADER_DICT} ID + + ${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${ID_value} + ${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} + ${eACL_gen} = Create List ${rule1} + ${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen} + + Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + + Log Set eACL for Deny GET operation with StringEqual Object Extended User Header + ${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} + + ${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key1 value=1 + ${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} + ${eACL_gen} = Create List ${rule1} + ${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen} + + Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await + Run Keyword And Expect Error * + ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl + Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl + + + +Cleanup + @{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl eacl_custom s_get_range + ... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER + ... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS + ... gen_eacl_deny_all_OTHERS + ... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS + ... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER + ... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER + Cleanup Files @{CLEANUP_FILES} + Get Docker Logs acl_extended diff --git a/robot/testsuites/integration/acl/common_steps_acl_basic.robot b/robot/testsuites/integration/acl/common_steps_acl_basic.robot new file mode 100644 index 00000000..ed1ec499 --- /dev/null +++ b/robot/testsuites/integration/acl/common_steps_acl_basic.robot @@ -0,0 +1,76 @@ +*** Variables *** +${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X + + +*** Keywords *** + +Generate Keys + ${WALLET} = Init wallet + Generate wallet ${WALLET} + ${ADDR} = Dump Address ${WALLET} + ${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR} + + ${WALLET_OTH} = Init wallet + Generate wallet ${WALLET_OTH} + ${ADDR_OTH} = Dump Address ${WALLET_OTH} + ${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH} + + ${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21 + ${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2 + + Set Global Variable ${USER_KEY} ${USER_KEY_GEN} + Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN} + Set Global Variable ${SYSTEM_KEY_IR} ${SYSTEM_KEY_GEN} + Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN} + + Payment Operations ${WALLET} ${ADDR} ${USER_KEY} + Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY} + + # Basic ACL manual page: https://neospcc.atlassian.net/wiki/spaces/NEOF/pages/362348545/NeoFS+ACL + # TODO: X - Sticky bit validation on public container + + +Payment Operations + [Arguments] ${WALLET} ${ADDR} ${KEY} + + ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 3 + Wait Until Keyword Succeeds 1 min 15 sec + ... Transaction accepted in block ${TX} + Get Transaction ${TX} + Expexted Mainnet Balance ${ADDR} 3 + + ${SCRIPT_HASH} = Get ScripHash ${KEY} + + ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 2 + Wait Until Keyword Succeeds 1 min 15 sec + ... Transaction accepted in block ${TX_DEPOSIT} + Get Transaction ${TX_DEPOSIT} + + +Create Containers + # Create containers: + + Log Create Private Container + ${PRIV_CID_GEN} = Create container ${USER_KEY} 0x18888888 ${RULE_FOR_ALL} + Container Existing ${USER_KEY} ${PRIV_CID_GEN} + + Log Create Public Container + ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x1FFFFFFF ${RULE_FOR_ALL} + Container Existing ${USER_KEY} ${PUBLIC_CID_GEN} + + Log Create Read-Only Container + ${READONLY_CID_GEN} = Create container ${USER_KEY} 0x1FFF88FF ${RULE_FOR_ALL} + Container Existing ${USER_KEY} ${READONLY_CID_GEN} + + Set Global Variable ${PRIV_CID} ${PRIV_CID_GEN} + Set Global Variable ${PUBLIC_CID} ${PUBLIC_CID_GEN} + Set Global Variable ${READONLY_CID} ${READONLY_CID_GEN} + + +Generate file + [Arguments] ${SIZE} + ${FILE_S_GEN} = Generate file of bytes ${SIZE} + ${FILE_S_HASH_GEN} = Get file hash ${FILE_S_GEN} + + Set Global Variable ${FILE_S} ${FILE_S_GEN} + Set Global Variable ${FILE_S_HASH} ${FILE_S_HASH_GEN} diff --git a/robot/testsuites/integration/acl/common_steps_acl_bearer.robot b/robot/testsuites/integration/acl/common_steps_acl_bearer.robot new file mode 100644 index 00000000..3ec7e7ac --- /dev/null +++ b/robot/testsuites/integration/acl/common_steps_acl_bearer.robot @@ -0,0 +1,92 @@ +*** Variables *** + +${FILE_USR_HEADER} = key1=1,key2=abc +${FILE_USR_HEADER_DEL} = key1=del,key2=del +${FILE_OTH_HEADER} = key1=oth,key2=oth +${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X + + +*** Keywords *** + +Generate Keys + # Generate new wallets + ${WALLET} = Init wallet + Generate wallet ${WALLET} + ${ADDR} = Dump Address ${WALLET} + ${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR} + + ${WALLET_OTH} = Init wallet + Generate wallet ${WALLET_OTH} + ${ADDR_OTH} = Dump Address ${WALLET_OTH} + ${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH} + + # Get pre-defined keys + ${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de + ${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21 + ${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2 + + # Set global variables for keys for each role + Set Global Variable ${USER_KEY} ${USER_KEY_GEN} + Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN} + Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN} + Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN} + Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN} + + Payment Operations ${WALLET} ${ADDR} ${USER_KEY} + Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY} + + +Payment Operations + [Arguments] ${WALLET} ${ADDR} ${KEY} + + ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 3 + Wait Until Keyword Succeeds 1 min 15 sec + ... Transaction accepted in block ${TX} + Get Transaction ${TX} + Expexted Mainnet Balance ${ADDR} 3 + + ${SCRIPT_HASH} = Get ScripHash ${KEY} + + ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 2 + Wait Until Keyword Succeeds 1 min 15 sec + ... Transaction accepted in block ${TX_DEPOSIT} + Get Transaction ${TX_DEPOSIT} + + +Create Container Public + Log Create Public Container + ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF + [Return] ${PUBLIC_CID_GEN} + + +Create Container Inaccessible + Log Create Inaccessible Container + ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x40000000 + [Return] ${PUBLIC_CID_GEN} + + +Generate file + [Arguments] ${SIZE} + + ${FILE_S_GEN} = Generate file of bytes ${SIZE} + Set Global Variable ${FILE_S} ${FILE_S_GEN} + + +Prepare eACL Role rules + Log Set eACL for different Role cases + + # eACL rules for all operations and similar permissions + @{Roles} = Create List OTHERS USER SYSTEM + FOR ${role} IN @{Roles} + ${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role} + ${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role} + ${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role} + ${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role} + ${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role} + ${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role} + ${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role} + + ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen} + Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role} + END \ No newline at end of file diff --git a/robot/testsuites/integration/acl/common_steps_acl_extended.robot b/robot/testsuites/integration/acl/common_steps_acl_extended.robot new file mode 100644 index 00000000..92c74d41 --- /dev/null +++ b/robot/testsuites/integration/acl/common_steps_acl_extended.robot @@ -0,0 +1,204 @@ +*** Variables *** +${FILE_USR_HEADER} = key1=1,key2=abc +${FILE_USR_HEADER_DEL} = key1=del,key2=del +${FILE_OTH_HEADER} = key1=oth,key2=oth +${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X + + +*** Keywords *** +Generate Keys + ${WALLET} = Init wallet + Generate wallet ${WALLET} + ${ADDR} = Dump Address ${WALLET} + ${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR} + + ${WALLET_OTH} = Init wallet + Generate wallet ${WALLET_OTH} + ${ADDR_OTH} = Dump Address ${WALLET_OTH} + ${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH} + + + ${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de + ${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21 + ${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2 + + Set Global Variable ${USER_KEY} ${USER_KEY_GEN} + Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN} + Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN} + Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN} + Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN} + + Payment Operations ${WALLET} ${ADDR} ${USER_KEY} + Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY} + + +Payment Operations + [Arguments] ${WALLET} ${ADDR} ${KEY} + + ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 3 + + Wait Until Keyword Succeeds 1 min 15 sec + ... Transaction accepted in block ${TX} + Get Transaction ${TX} + Expexted Mainnet Balance ${ADDR} 3 + + ${SCRIPT_HASH} = Get ScripHash ${KEY} + + ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 2 + Wait Until Keyword Succeeds 1 min 15 sec + ... Transaction accepted in block ${TX_DEPOSIT} + Get Transaction ${TX_DEPOSIT} + + +Create Container Public + Log Create Public Container + ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x4FFFFFFF ${RULE_FOR_ALL} + [Return] ${PUBLIC_CID_GEN} + + +Generate files + [Arguments] ${SIZE} + ${FILE_S_GEN_1} = Generate file of bytes ${SIZE} + ${FILE_S_GEN_2} = Generate file of bytes ${SIZE} + Set Global Variable ${FILE_S} ${FILE_S_GEN_1} + Set Global Variable ${FILE_S_2} ${FILE_S_GEN_2} + + +Prepare eACL Role rules + Log Set eACL for different Role cases + + # eACL rules for all operations and similar permissions + @{Roles} = Create List OTHERS USER SYSTEM + FOR ${role} IN @{Roles} + ${rule1}= Create Dictionary Operation=GET Access=DENY Role=${role} + ${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=${role} + ${rule3}= Create Dictionary Operation=PUT Access=DENY Role=${role} + ${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=${role} + ${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=${role} + ${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role} + + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen} + END + + + FOR ${role} IN @{Roles} + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role} + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=${role} + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=${role} + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role} + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=${role} + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role} + + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + Form eACL json common file gen_eacl_allow_all_${role} ${eACL_gen} + END + + + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA + ${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS + ${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS + ${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS + ${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS + ${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS + ${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS + ${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS + + + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + ... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14} + Form eACL json common file gen_eacl_allow_pubkey_deny_OTHERS ${eACL_gen} + + Set Global Variable ${EACL_DENY_ALL_OTHER} gen_eacl_deny_all_OTHERS + Set Global Variable ${EACL_ALLOW_ALL_OTHER} gen_eacl_allow_all_OTHERS + + Set Global Variable ${EACL_DENY_ALL_USER} gen_eacl_deny_all_USER + Set Global Variable ${EACL_ALLOW_ALL_USER} gen_eacl_allow_all_USER + + Set Global Variable ${EACL_DENY_ALL_SYSTEM} gen_eacl_deny_all_SYSTEM + Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} gen_eacl_allow_all_SYSTEM + + Set Global Variable ${EACL_ALLOW_ALL_Pubkey} gen_eacl_allow_pubkey_deny_OTHERS + + + # eACL rules for Compound operations: GET/GetRange/GetRangeHash + @{Roles} = Create List OTHERS USER SYSTEM + FOR ${role} IN @{Roles} + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role} + ${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role} + ${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role} + ${rule4}= Create Dictionary Operation=HEAD Access=DENY Role=${role} + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} + Form eACL json common file gen_eacl_compound_get_${role} ${eACL_gen} + Set Global Variable ${EACL_COMPOUND_GET_${role}} gen_eacl_compound_get_${role} + END + + # eACL rules for Compound operations: DELETE + @{Roles} = Create List OTHERS USER SYSTEM + FOR ${role} IN @{Roles} + ${rule1}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role} + ${rule2}= Create Dictionary Operation=PUT Access=DENY Role=${role} + ${rule3}= Create Dictionary Operation=HEAD Access=DENY Role=${role} + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} + Form eACL json common file gen_eacl_compound_del_${role} ${eACL_gen} + Set Global Variable ${EACL_COMPOUND_DELETE_${role}} gen_eacl_compound_del_${role} + END + + # eACL rules for Compound operations: GETRANGEHASH + @{Roles} = Create List OTHERS USER SYSTEM + FOR ${role} IN @{Roles} + ${rule1}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role} + ${rule2}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role} + ${rule3}= Create Dictionary Operation=GET Access=DENY Role=${role} + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} + Form eACL json common file gen_eacl_compound_get_hash_${role} ${eACL_gen} + Set Global Variable ${EACL_COMPOUND_GET_HASH_${role}} gen_eacl_compound_get_hash_${role} + END + + + + # eACL for X-Header Other DENY and ALLOW for all + ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2 + + ${rule1}= Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} + ${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS Filters=${filters} + ${rule3}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS Filters=${filters} + ${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS Filters=${filters} + ${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS Filters=${filters} + ${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS Filters=${filters} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS Filters=${filters} + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + Form eACL json common file gen_eacl_xheader_deny_all ${eACL_gen} + Set Global Variable ${EACL_XHEADER_DENY_ALL} gen_eacl_xheader_deny_all + + + + # eACL for X-Header Other ALLOW and DENY for all + ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2 + + ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=OTHERS Filters=${filters} + ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=OTHERS Filters=${filters} + ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=OTHERS Filters=${filters} + ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=OTHERS Filters=${filters} + ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=OTHERS Filters=${filters} + ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=OTHERS Filters=${filters} + ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=OTHERS Filters=${filters} + ${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS + ${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS + ${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS + ${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS + ${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS + ${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS + ${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS + ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} + ... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14} + Form eACL json common file gen_eacl_xheader_allow_all ${eACL_gen} + Set Global Variable ${EACL_XHEADER_ALLOW_ALL} gen_eacl_xheader_allow_all diff --git a/robot/testsuites/integration/acl_basic.robot b/robot/testsuites/integration/acl_basic.robot deleted file mode 100644 index 3a202f41..00000000 --- a/robot/testsuites/integration/acl_basic.robot +++ /dev/null @@ -1,285 +0,0 @@ -*** Settings *** -Variables ../../variables/common.py - -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py - - -*** Variables *** -${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X - - -*** Test cases *** -Basic ACL Operations - [Documentation] Testcase to validate NeoFS operations with ACL. - [Tags] ACL NeoFS NeoCLI - [Timeout] 20 min - - Generate Keys - Create Containers - - Generate file - Check Private Container - Check Public Container - Check Read-Only Container - - [Teardown] Cleanup - - - - -*** Keywords *** - -Generate Keys - ${WALLET} = Init wallet - Generate wallet ${WALLET} - ${ADDR} = Dump Address ${WALLET} - ${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR} - - ${WALLET_OTH} = Init wallet - Generate wallet ${WALLET_OTH} - ${ADDR_OTH} = Dump Address ${WALLET_OTH} - ${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH} - - ${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21 - ${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2 - - Set Global Variable ${USER_KEY} ${USER_KEY_GEN} - Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN} - Set Global Variable ${SYSTEM_KEY_IR} ${SYSTEM_KEY_GEN} - Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN} - - Payment Operations ${WALLET} ${ADDR} ${USER_KEY} - Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY} - - # Basic ACL manual page: https://neospcc.atlassian.net/wiki/spaces/NEOF/pages/362348545/NeoFS+ACL - # TODO: X - Sticky bit validation on public container - - -Payment Operations - [Arguments] ${WALLET} ${ADDR} ${KEY} - - ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55 - Wait Until Keyword Succeeds 1 min 15 sec - ... Transaction accepted in block ${TX} - Get Transaction ${TX} - Expexted Mainnet Balance ${ADDR} 55 - - ${SCRIPT_HASH} = Get ScripHash ${KEY} - - ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 - Wait Until Keyword Succeeds 1 min 15 sec - ... Transaction accepted in block ${TX_DEPOSIT} - Get Transaction ${TX_DEPOSIT} - - - - -Create Containers - # Create containers: - - - - Log Create Private Container - ${PRIV_CID_GEN} = Create container ${USER_KEY} 0x18888888 ${RULE_FOR_ALL} - Container Existing ${USER_KEY} ${PRIV_CID_GEN} - - Log Create Public Container - ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x1FFFFFFF ${RULE_FOR_ALL} - Container Existing ${USER_KEY} ${PUBLIC_CID_GEN} - - Log Create Read-Only Container - ${READONLY_CID_GEN} = Create container ${USER_KEY} 0x1FFF88FF ${RULE_FOR_ALL} - Container Existing ${USER_KEY} ${READONLY_CID_GEN} - - Set Global Variable ${PRIV_CID} ${PRIV_CID_GEN} - Set Global Variable ${PUBLIC_CID} ${PUBLIC_CID_GEN} - Set Global Variable ${READONLY_CID} ${READONLY_CID_GEN} - - -Generate file - # Generate small file - ${FILE_S_GEN} = Generate file of bytes 1024 - ${FILE_S_HASH_GEN} = Get file hash ${FILE_S_GEN} - - Set Global Variable ${FILE_S} ${FILE_S_GEN} - Set Global Variable ${FILE_S_HASH} ${FILE_S_HASH_GEN} - -Check Private Container - # Check Private: - # Put - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} - Run Keyword And Expect Error * - ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} - Run Keyword And Expect Error * - ... Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} - ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY} - - - # Get - Get object from NeoFS ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read - Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read - Get object from NeoFS ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read - - # Get Range - Get Range ${USER_KEY} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get Range ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get Range ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get Range ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - - # Get Range Hash - Get Range Hash ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get Range Hash ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256 - - # Search - @{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN} - Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} - Run Keyword And Expect Error * - ... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} - Search object ${SYSTEM_KEY_IR} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} - Search object ${SYSTEM_KEY_SN} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} - - - # Head - Head object ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Run Keyword And Expect Error * - ... Head object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - - - # Delete - Run Keyword And Expect Error * - ... Delete object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Delete object ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Delete object ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} - Delete object ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} - - -Check Public Container - - # Put - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} - ${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} - ${S_OID_SYS_IR} = Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} - ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY} - - # Get - Get object from NeoFS ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read - Get object from NeoFS ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read - Get object from NeoFS ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read - Get object from NeoFS ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read - - # Get Range - Get Range ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - - - # Get Range Hash - Get Range Hash ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256 - - # Search - @{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} ${S_OID_SYS_IR} - Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} - Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} - Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} - Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV} - - # Head - Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - - Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY} - Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY} - - Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY} - Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY} - - - # Delete - Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_IR} ${EMPTY} - Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} - Delete object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} - Delete object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} - - -Check Read-Only Container - # Check Read Only container: - - # Put - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY} - Run Keyword And Expect Error * - ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY} - Run Keyword And Expect Error * - ... Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY} - ${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY} - - # Get - Get object from NeoFS ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read - Get object from NeoFS ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read - Get object from NeoFS ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read - Get object from NeoFS ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read - - # Get Range - Get Range ${USER_KEY} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - - - # Get Range Hash - Get Range Hash ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256 - - # Search - @{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN} - Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO} - Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO} - Search object ${SYSTEM_KEY_IR} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO} - Search object ${SYSTEM_KEY_SN} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO} - - - # Head - Head object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Head object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Head object ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - - # Delete - Run Keyword And Expect Error * - ... Delete object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Delete object ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Delete object ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} - Delete object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} - - - -Cleanup - @{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range - Cleanup Files @{CLEANUP_FILES} - Get Docker Logs acl_basic \ No newline at end of file diff --git a/robot/testsuites/integration/acl_bearer.robot b/robot/testsuites/integration/acl_bearer.robot deleted file mode 100644 index e73e7fa4..00000000 --- a/robot/testsuites/integration/acl_bearer.robot +++ /dev/null @@ -1,730 +0,0 @@ -*** Settings *** -Variables ../../variables/common.py - -Library Collections - -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py - -*** Variables *** -${FILE_USR_HEADER} = key1=1,key2=abc -${FILE_USR_HEADER_DEL} = key1=del,key2=del -${FILE_OTH_HEADER} = key1=oth,key2=oth -${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X - -*** Test cases *** -BearerToken Operations - [Documentation] Testcase to validate NeoFS operations with BearerToken. - [Tags] ACL NeoFS NeoCLI BearerToken - [Timeout] 20 min - - Generate Keys - Prepare eACL Role rules - - Log Check Bearer token with simple object - Generate file 1024 - Check Container Inaccessible and Allow All Bearer - Check eACL Deny and Allow All Bearer - Check eACL Deny and Allow All Bearer Filter OID Equal - Check eACL Deny and Allow All Bearer Filter OID NotEqual - Check eACL Deny and Allow All Bearer Filter UserHeader Equal - Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual - Check eACL Allow All Bearer Filter Requst Equal Deny - Check eACL Deny and Allow All Bearer Filter Requst Equal - Check eACL Deny and Allow All Bearer Filter Requst NotEqual - Check Сompound Operations - - # TODO: - - Log Check Bearer token with complex object - Cleanup Files ${FILE_S} - Generate file 10e+6 - Check Container Inaccessible and Allow All Bearer - Check eACL Deny and Allow All Bearer - Check eACL Deny and Allow All Bearer Filter OID Equal - Check eACL Deny and Allow All Bearer Filter OID NotEqual - Check eACL Deny and Allow All Bearer Filter UserHeader Equal - Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual - Check eACL Deny and Allow All Bearer Filter Requst Equal - Check eACL Deny and Allow All Bearer Filter Requst NotEqual - Check Сompound Operations - - [Teardown] Cleanup - - - -*** Keywords *** - -Generate Keys - ${WALLET} = Init wallet - Generate wallet ${WALLET} - ${ADDR} = Dump Address ${WALLET} - ${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR} - - ${WALLET_OTH} = Init wallet - Generate wallet ${WALLET_OTH} - ${ADDR_OTH} = Dump Address ${WALLET_OTH} - ${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH} - - - ${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de - ${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21 - ${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2 - - Set Global Variable ${USER_KEY} ${USER_KEY_GEN} - Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN} - Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN} - Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN} - Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN} - - Payment Operations ${WALLET} ${ADDR} ${USER_KEY} - Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY} - - -Payment Operations - [Arguments] ${WALLET} ${ADDR} ${KEY} - - ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55 - Wait Until Keyword Succeeds 1 min 15 sec - ... Transaction accepted in block ${TX} - Get Transaction ${TX} - Expexted Mainnet Balance ${ADDR} 55 - - ${SCRIPT_HASH} = Get ScripHash ${KEY} - - ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 - Wait Until Keyword Succeeds 1 min 15 sec - ... Transaction accepted in block ${TX_DEPOSIT} - Get Transaction ${TX_DEPOSIT} - - -Create Container Public - Log Create Public Container - ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF - [Return] ${PUBLIC_CID_GEN} - - -Create Container Inaccessible - Log Create Inaccessible Container - ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x40000000 - [Return] ${PUBLIC_CID_GEN} - - -Generate file - [Arguments] ${SIZE} - - ${FILE_S_GEN} = Generate file of bytes ${SIZE} - Set Global Variable ${FILE_S} ${FILE_S_GEN} - - -Prepare eACL Role rules - Log Set eACL for different Role cases - - # eACL rules for all operations and similar permissions - @{Roles} = Create List OTHERS USER SYSTEM - FOR ${role} IN @{Roles} - ${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role} - ${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role} - ${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role} - ${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role} - ${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role} - ${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role} - ${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role} - - ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen} - Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role} - END - - -Check Container Inaccessible and Allow All Bearer - ${CID} = Create Container Inaccessible - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - - ${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER - ${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER - - ${eACL_gen}= Create List ${rule1} ${rule2} - - Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} - - -Check eACL Deny and Allow All Bearer - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER} - - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await - - - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER - - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - - Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl - Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 - Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - - -Check eACL Deny and Allow All Bearer Filter OID Equal - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER} - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await - - ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER} - - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} - - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - - Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl - - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 - - Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user - - - -Check eACL Deny and Allow All Bearer Filter OID NotEqual - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER} - - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await - - ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2} - - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} - - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - - Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} - - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl - - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER_2} s_get_range bearer_allow_all_user 0:256 - - Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user - - Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${D_OID_USER_2} bearer_allow_all_user - - - - -Check eACL Allow All Bearer Filter Requst Equal Deny - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER} - - - ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256 - ${rule1}= Create Dictionary Operation=GET Access=DENY Role=USER Filters=${filters} - ${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=USER Filters=${filters} - ${rule3}= Create Dictionary Operation=PUT Access=DENY Role=USER Filters=${filters} - ${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=USER Filters=${filters} - ${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=USER Filters=${filters} - ${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters} - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2 - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2 - Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2 - Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2 - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2 - Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2 - Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256 - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256 - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256 - Run Keyword And Expect Error * - ... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256 - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256 - - -Check eACL Deny and Allow All Bearer Filter Requst NotEqual - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER} - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await - - ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256 - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - #Run Keyword And Expect Error * - #... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2 - Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 - Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2 - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2 - Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2 - Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2 - - -Check eACL Deny and Allow All Bearer Filter Requst Equal - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER} - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await - - ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256 - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256 - Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 - Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256 - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256 - Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256 - Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256 - - -Check eACL Deny and Allow All Bearer Filter UserHeader Equal - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER} - - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await - - - ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc - - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} - - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - - Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} - - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl - - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 - - Run Keyword And Expect Error * - ... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 - - Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user - - # Delete can not be filtered by UserHeader. - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user - - - -Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - ${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER_2} - - - Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await - - - ${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc - - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters} - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters} - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters} - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters} - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters} - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} - - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7} - - Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - - # Search can not use filter by headers - Run Keyword And Expect Error * - ... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} - - # Different behaviour for big and small objects! - # Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} - Run Keyword And Expect Error * - ... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY} - - Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl - Run Keyword And Expect Error * - ... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl - - Run Keyword And Expect Error * - ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 - - Run Keyword And Expect Error * - ... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 - - Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - Run Keyword And Expect Error * - ... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user - - # Delete can not be filtered by UserHeader. - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user - Run Keyword And Expect Error * - ... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user - - -Check Сompound Operations - Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS} - Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER} - Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM} - - Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS} - Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER} - Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM} - - Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS} - Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER} - Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM} - - -Check Bearer Сompound Get - [Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL} - - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - @{S_OBJ_H} = Create List ${S_OID_USER} - - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await - - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP} - ${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP} - ${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP} - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} - Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow - - Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl - Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256 - Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256 - - -Check Bearer Сompound Delete - [Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL} - - ${CID} = Create Container Public - - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} - Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await - - ${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP} - ${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP} - ${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP} - ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} - Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow - Run Keyword And Expect Error * - ... Put object to NeoFS ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER} - - Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow - - - -Check Bearer Сompound Get Range Hash - [Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL} - - ${CID} = Create Container Public - - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - - Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await - - ${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP} - ${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP} - ${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP} - ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} - Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500 - - Run Keyword And Expect Error * - ... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256 - Run Keyword And Expect Error * - ... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl - - Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256 - - -Cleanup - @{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range - ... bearer_allow_all_user gen_eacl_deny_all_USER bearer_allow - Cleanup Files @{CLEANUP_FILES} - Get Docker Logs acl_bearer \ No newline at end of file diff --git a/robot/testsuites/integration/acl_extended.robot b/robot/testsuites/integration/acl_extended.robot deleted file mode 100644 index 17aaa675..00000000 --- a/robot/testsuites/integration/acl_extended.robot +++ /dev/null @@ -1,701 +0,0 @@ -*** Settings *** -Variables ../../variables/common.py -Library Collections -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py - -*** Variables *** -${FILE_USR_HEADER} = key1=1,key2=abc -${FILE_USR_HEADER_DEL} = key1=del,key2=del -${FILE_OTH_HEADER} = key1=oth,key2=oth -${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X - -*** Test cases *** -Extended ACL Operations - [Documentation] Testcase to validate NeoFS operations with extended ACL. - [Tags] ACL eACL NeoFS NeoCLI - [Timeout] 20 min - - Generate Keys - Prepare eACL Role rules - - Log Check extended ACL with simple object - - Generate files 1024 - - Check Actions - Check Filters - Check Сompound Operations - - Cleanup Files ${FILE_S} ${FILE_S_2} - - Log Check extended ACL with complex object - Generate files 10e+6 - Check Actions - Check Filters - Check Сompound Operations - - #[Teardown] Cleanup - - -*** Keywords *** - -Check Actions - Check eACL Deny and Allow All Other - Check eACL Deny and Allow All User - Check eACL Deny and Allow All System - Check eACL Deny All Other and Allow All Pubkey - - -Check Filters - Check eACL MatchType String Equal Object - Check eACL MatchType String Not Equal Object - Check eACL MatchType String Equal Request Deny - Check eACL MatchType String Equal Request Allow - -Check Сompound Operations - Check eACL Сompound Get ${OTHER_KEY} ${EACL_COMPOUND_GET_OTHERS} - Check eACL Сompound Get ${USER_KEY} ${EACL_COMPOUND_GET_USER} - Check eACL Сompound Get ${SYSTEM_KEY} ${EACL_COMPOUND_GET_SYSTEM} - - Check eACL Сompound Delete ${OTHER_KEY} ${EACL_COMPOUND_DELETE_OTHERS} - Check eACL Сompound Delete ${USER_KEY} ${EACL_COMPOUND_DELETE_USER} - Check eACL Сompound Delete ${SYSTEM_KEY} ${EACL_COMPOUND_DELETE_SYSTEM} - - Check eACL Сompound Get Range Hash ${OTHER_KEY} ${EACL_COMPOUND_GET_HASH_OTHERS} - Check eACL Сompound Get Range Hash ${USER_KEY} ${EACL_COMPOUND_GET_HASH_USER} - Check eACL Сompound Get Range Hash ${SYSTEM_KEY} ${EACL_COMPOUND_GET_HASH_SYSTEM} - -Check eACL Сompound Get - [Arguments] ${KEY} ${DENY_EACL} - - ${CID} = Create Container Public - - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await - - Run Keyword And Expect Error * - ... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} - - Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - - -Check eACL Сompound Delete - [Arguments] ${KEY} ${DENY_EACL} - - ${CID} = Create Container Public - - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY} - Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await - - Run Keyword And Expect Error * - ... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - - Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} - - - -Check eACL Сompound Get Range Hash - [Arguments] ${KEY} ${DENY_EACL} - - ${CID} = Create Container Public - - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - - Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await - - Run Keyword And Expect Error * - ... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - - - -Check eACL MatchType String Equal Request Deny - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - - ${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - &{HEADER_DICT} = Parse Object System Header ${HEADER} - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - - ${ID_value} = Get From Dictionary ${HEADER_DICT} ID - - Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_DENY_ALL} --await - - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2 - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=256 - - Run Keyword And Expect Error * - ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2 - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2 - Run Keyword And Expect Error * - ... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 - Run Keyword And Expect Error * - ... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2 - Run Keyword And Expect Error * - ... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2" - Run Keyword And Expect Error * - ... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2 - Run Keyword And Expect Error * - ... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2 - - Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=256 - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=* - Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a= - Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=.* - Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2 2" - Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=256 - Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=22 - - - -Check eACL MatchType String Equal Request Allow - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - - ${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - &{HEADER_DICT} = Parse Object System Header ${HEADER} - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - - ${ID_value} = Get From Dictionary ${HEADER_DICT} ID - - Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_ALLOW_ALL} --await - Get eACL ${USER_KEY} ${CID} - - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} - Run Keyword And Expect Error * - ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} - Run Keyword And Expect Error * - ... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} - Run Keyword And Expect Error * - ... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - - Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2 - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2 - Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 - Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2 - Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a=2 - Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2 - Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2 - - - - -Check eACL MatchType String Equal Object - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - - ${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - &{HEADER_DICT} = Parse Object System Header ${HEADER} - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - - Log Set eACL for Deny GET operation with StringEqual Object ID - ${ID_value} = Get From Dictionary ${HEADER_DICT} ID - - ${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${ID_value} - ${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} - ${eACL_gen} = Create List ${rule1} - ${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen} - - Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - - Log Set eACL for Deny GET operation with StringEqual Object Extended User Header - ${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - - ${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key1 value=1 - ${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} - ${eACL_gen} = Create List ${rule1} - ${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen} - - - Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl - - - -Check eACL MatchType String Not Equal Object - ${CID} = Create Container Public - - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S_2} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - - ${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Head object ${USER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} - - &{HEADER_DICT} = Parse Object System Header ${HEADER} - - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl - - Log Set eACL for Deny GET operation with StringNotEqual Object ID - ${ID_value} = Get From Dictionary ${HEADER_DICT} ID - - ${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${ID_value} - ${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} - ${eACL_gen} = Create List ${rule1} - ${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen} - - Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - - Log Set eACL for Deny GET operation with StringEqual Object Extended User Header - ${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - - ${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key1 value=1 - ${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} - ${eACL_gen} = Create List ${rule1} - ${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen} - - Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl - Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - - - -Generate Keys - ${WALLET} = Init wallet - Generate wallet ${WALLET} - ${ADDR} = Dump Address ${WALLET} - ${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR} - - ${WALLET_OTH} = Init wallet - Generate wallet ${WALLET_OTH} - ${ADDR_OTH} = Dump Address ${WALLET_OTH} - ${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH} - - - ${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de - ${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21 - ${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2 - - Set Global Variable ${USER_KEY} ${USER_KEY_GEN} - Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN} - Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN} - Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN} - Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN} - - Payment Operations ${WALLET} ${ADDR} ${USER_KEY} - Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY} - - -Payment Operations - [Arguments] ${WALLET} ${ADDR} ${KEY} - - ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55 - - Wait Until Keyword Succeeds 1 min 15 sec - ... Transaction accepted in block ${TX} - Get Transaction ${TX} - Expexted Mainnet Balance ${ADDR} 55 - - ${SCRIPT_HASH} = Get ScripHash ${KEY} - - ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 - Wait Until Keyword Succeeds 1 min 15 sec - ... Transaction accepted in block ${TX_DEPOSIT} - Get Transaction ${TX_DEPOSIT} - - -Create Container Public - Log Create Public Container - ${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x4FFFFFFF ${RULE_FOR_ALL} - [Return] ${PUBLIC_CID_GEN} - - -Generate files - [Arguments] ${SIZE} - ${FILE_S_GEN_1} = Generate file of bytes ${SIZE} - ${FILE_S_GEN_2} = Generate file of bytes ${SIZE} - Set Global Variable ${FILE_S} ${FILE_S_GEN_1} - Set Global Variable ${FILE_S_2} ${FILE_S_GEN_2} - - -Prepare eACL Role rules - Log Set eACL for different Role cases - - # eACL rules for all operations and similar permissions - @{Roles} = Create List OTHERS USER SYSTEM - FOR ${role} IN @{Roles} - ${rule1}= Create Dictionary Operation=GET Access=DENY Role=${role} - ${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=${role} - ${rule3}= Create Dictionary Operation=PUT Access=DENY Role=${role} - ${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=${role} - ${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=${role} - ${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role} - - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen} - END - - - FOR ${role} IN @{Roles} - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role} - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=${role} - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=${role} - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role} - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=${role} - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role} - - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - Form eACL json common file gen_eacl_allow_all_${role} ${eACL_gen} - END - - - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA - ${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS - ${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS - ${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS - ${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS - ${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS - ${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS - ${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS - - - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - ... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14} - Form eACL json common file gen_eacl_allow_pubkey_deny_OTHERS ${eACL_gen} - - Set Global Variable ${EACL_DENY_ALL_OTHER} gen_eacl_deny_all_OTHERS - Set Global Variable ${EACL_ALLOW_ALL_OTHER} gen_eacl_allow_all_OTHERS - - Set Global Variable ${EACL_DENY_ALL_USER} gen_eacl_deny_all_USER - Set Global Variable ${EACL_ALLOW_ALL_USER} gen_eacl_allow_all_USER - - Set Global Variable ${EACL_DENY_ALL_SYSTEM} gen_eacl_deny_all_SYSTEM - Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} gen_eacl_allow_all_SYSTEM - - Set Global Variable ${EACL_ALLOW_ALL_Pubkey} gen_eacl_allow_pubkey_deny_OTHERS - - - # eACL rules for Compound operations: GET/GetRange/GetRangeHash - @{Roles} = Create List OTHERS USER SYSTEM - FOR ${role} IN @{Roles} - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role} - ${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role} - ${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role} - ${rule4}= Create Dictionary Operation=HEAD Access=DENY Role=${role} - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} - Form eACL json common file gen_eacl_compound_get_${role} ${eACL_gen} - Set Global Variable ${EACL_COMPOUND_GET_${role}} gen_eacl_compound_get_${role} - END - - # eACL rules for Compound operations: DELETE - @{Roles} = Create List OTHERS USER SYSTEM - FOR ${role} IN @{Roles} - ${rule1}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role} - ${rule2}= Create Dictionary Operation=PUT Access=DENY Role=${role} - ${rule3}= Create Dictionary Operation=HEAD Access=DENY Role=${role} - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} - Form eACL json common file gen_eacl_compound_del_${role} ${eACL_gen} - Set Global Variable ${EACL_COMPOUND_DELETE_${role}} gen_eacl_compound_del_${role} - END - - # eACL rules for Compound operations: GETRANGEHASH - @{Roles} = Create List OTHERS USER SYSTEM - FOR ${role} IN @{Roles} - ${rule1}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role} - ${rule2}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role} - ${rule3}= Create Dictionary Operation=GET Access=DENY Role=${role} - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} - Form eACL json common file gen_eacl_compound_get_hash_${role} ${eACL_gen} - Set Global Variable ${EACL_COMPOUND_GET_HASH_${role}} gen_eacl_compound_get_hash_${role} - END - - - - # eACL for X-Header Other DENY and ALLOW for all - ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2 - - ${rule1}= Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters} - ${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS Filters=${filters} - ${rule3}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS Filters=${filters} - ${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS Filters=${filters} - ${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS Filters=${filters} - ${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS Filters=${filters} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS Filters=${filters} - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - Form eACL json common file gen_eacl_xheader_deny_all ${eACL_gen} - Set Global Variable ${EACL_XHEADER_DENY_ALL} gen_eacl_xheader_deny_all - - - - # eACL for X-Header Other ALLOW and DENY for all - ${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2 - - ${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=OTHERS Filters=${filters} - ${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=OTHERS Filters=${filters} - ${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=OTHERS Filters=${filters} - ${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=OTHERS Filters=${filters} - ${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=OTHERS Filters=${filters} - ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=OTHERS Filters=${filters} - ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=OTHERS Filters=${filters} - ${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS - ${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS - ${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS - ${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS - ${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS - ${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS - ${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS - ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} - ... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14} - Form eACL json common file gen_eacl_xheader_allow_all ${eACL_gen} - Set Global Variable ${EACL_XHEADER_ALLOW_ALL} gen_eacl_xheader_allow_all - - - - - -Check eACL Deny and Allow All User - Check eACL Deny and Allow All ${USER_KEY} ${EACL_DENY_ALL_USER} ${EACL_ALLOW_ALL_USER} - - -Check eACL Deny and Allow All Other - Check eACL Deny and Allow All ${OTHER_KEY} ${EACL_DENY_ALL_OTHER} ${EACL_ALLOW_ALL_OTHER} - - -Check eACL Deny and Allow All System - ${CID} = Create Container Public - - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - ${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - - @{S_OBJ_H} = Create List ${S_OID_USER} - - Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - - Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - - Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} - - Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - - Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - - Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY} - Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM} --await - - Run Keyword And Expect Error * - ... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Run Keyword And Expect Error * - ... Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - - Run Keyword And Expect Error * - ... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - Run Keyword And Expect Error * - ... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - - - Run Keyword And Expect Error * - ... Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} - - Run Keyword And Expect Error * - ... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - - - Run Keyword And Expect Error * - ... Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - - - Run Keyword And Expect Error * - ... Delete object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} - - - Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM} --await - - - ${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - ${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - - - Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - - Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - - Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - - Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} - - Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - - Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - - Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY} - Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY} - - - -Check eACL Deny All Other and Allow All Pubkey - - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER} - - Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Delete object ${EACL_KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_Pubkey} --await - Get eACL ${USER_KEY} ${CID} - - Run Keyword And Expect Error * - ... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} - - Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Delete object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} - - -Check eACL Deny and Allow All - [Arguments] ${KEY} ${DENY_EACL} ${ALLOW_EACL} - - ${CID} = Create Container Public - ${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - ${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} - @{S_OBJ_H} = Create List ${S_OID_USER} - - Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - - Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} - - Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await - - Run Keyword And Expect Error * - ... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} - Run Keyword And Expect Error * - ... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Run Keyword And Expect Error * - ... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Run Keyword And Expect Error * - ... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} - Run Keyword And Expect Error * - ... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Run Keyword And Expect Error * - ... Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} - - Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL} --await - - - Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} - Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl - Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} - Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} - Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 - Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 - Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} - -Cleanup - @{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl eacl_custom s_get_range - ... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER - ... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS - ... gen_eacl_deny_all_OTHERS - ... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS - ... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER - ... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER - Cleanup Files @{CLEANUP_FILES} - Get Docker Logs acl_extended diff --git a/robot/testsuites/integration/netmap_simple.robot b/robot/testsuites/integration/network/netmap_simple.robot similarity index 92% rename from robot/testsuites/integration/netmap_simple.robot rename to robot/testsuites/integration/network/netmap_simple.robot index 5e930518..d8258491 100644 --- a/robot/testsuites/integration/netmap_simple.robot +++ b/robot/testsuites/integration/network/netmap_simple.robot @@ -1,8 +1,8 @@ *** Settings *** -Variables ../../variables/common.py +Variables ../../../variables/common.py -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py *** Test cases *** @@ -83,15 +83,15 @@ Generate Key and Pre-payment Payment Operations [Arguments] ${WALLET} ${ADDR} ${KEY} - ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55 + ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 11 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX} Get Transaction ${TX} - Expexted Mainnet Balance ${ADDR} 55 + Expexted Mainnet Balance ${ADDR} 11 ${SCRIPT_HASH} = Get ScripHash ${KEY} - ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 + ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 10 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX_DEPOSIT} Get Transaction ${TX_DEPOSIT} @@ -105,9 +105,10 @@ Validate Policy Container Existing ${PRIV_KEY} ${CID} ${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY} Validate storage policy for object ${PRIV_KEY} ${EXPECTED_VAL} ${CID} ${S_OID} @{EXPECTED_LIST} + Get object from NeoFS ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} s_file_read Cleanup [Arguments] ${FILE} - Cleanup Files ${FILE} + Cleanup Files ${FILE} s_file_read Get Docker Logs netmap_simple \ No newline at end of file diff --git a/robot/testsuites/integration/replication.robot b/robot/testsuites/integration/network/replication.robot similarity index 78% rename from robot/testsuites/integration/replication.robot rename to robot/testsuites/integration/network/replication.robot index b0cd2ebb..92564b58 100644 --- a/robot/testsuites/integration/replication.robot +++ b/robot/testsuites/integration/network/replication.robot @@ -1,29 +1,29 @@ *** Settings *** -Variables ../../variables/common.py +Variables ../../../variables/common.py -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py *** Test cases *** NeoFS Object Replication [Documentation] Testcase to validate NeoFS object replication. [Tags] Migration Replication NeoFS NeoCLI - [Timeout] 10 min + [Timeout] 15 min ${WALLET} = Init wallet Generate wallet ${WALLET} ${ADDR} = Dump Address ${WALLET} ${PRIV_KEY} = Dump PrivKey ${WALLET} ${ADDR} - ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55 + ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 11 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX} Get Transaction ${TX} - Expexted Mainnet Balance ${ADDR} 55 + Expexted Mainnet Balance ${ADDR} 11 ${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY} - ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 + ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 10 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX_DEPOSIT} Get Transaction ${TX_DEPOSIT} @@ -39,10 +39,19 @@ NeoFS Object Replication Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID} @{NODES_OBJ} = Get nodes with object ${PRIV_KEY} ${CID} ${S_OID} + + ${NODES_LOG_TIME} = Get Nodes Log Latest Timestamp + @{NODES_OBJ_STOPPED} = Stop nodes 1 @{NODES_OBJ} - Wait Until Keyword Succeeds 10 min 1 min - ... Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID} + ${state} ${output}= Run Keyword And Ignore Error + ... Wait Until Keyword Succeeds 10 min 2 min + ... Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID} + + Run Keyword If '${state}'!='PASS' Log Warning: Keyword failed: Validate storage policy for object ${S_OID} {\n}${output} WARN + + Find in Nodes Log object successfully replicated ${NODES_LOG_TIME} + Start nodes @{NODES_OBJ_STOPPED} [Teardown] Cleanup ${FILE} @{NODES_OBJ_STOPPED} diff --git a/robot/testsuites/integration/object_complex.robot b/robot/testsuites/integration/object/object_complex.robot similarity index 91% rename from robot/testsuites/integration/object_complex.robot rename to robot/testsuites/integration/object/object_complex.robot index 50ab3146..6fc7aa46 100644 --- a/robot/testsuites/integration/object_complex.robot +++ b/robot/testsuites/integration/object/object_complex.robot @@ -1,8 +1,8 @@ *** Settings *** -Variables ../../variables/common.py +Variables ../../../variables/common.py -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py *** Variables *** ${FILE_USR_HEADER} = key1=1,key2=abc @@ -19,29 +19,29 @@ NeoFS Complex Object Operations Generate wallet ${WALLET} ${ADDR} = Dump Address ${WALLET} ${PRIV_KEY} = Dump PrivKey ${WALLET} ${ADDR} - ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55 + ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 15 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX} Get Transaction ${TX} - Expexted Mainnet Balance ${ADDR} 55 + Expexted Mainnet Balance ${ADDR} 15 ${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY} - ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 + ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 10 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX_DEPOSIT} Get Transaction ${TX_DEPOSIT} ${BALANCE} = Wait Until Keyword Succeeds 5 min 1 min - ... Expected Balance ${PRIV_KEY} 0 50 + ... Expected Balance ${PRIV_KEY} 0 10 ${CID} = Create container ${PRIV_KEY} Container Existing ${PRIV_KEY} ${CID} Wait Until Keyword Succeeds 2 min 30 sec - ... Expected Balance ${PRIV_KEY} 50 -7e-08 + ... Expected Balance ${PRIV_KEY} 10 -7e-08 - ${FILE} = Generate file of bytes 10e+6 + ${FILE} = Generate file of bytes 70e+6 ${FILE_HASH} = Get file hash ${FILE} ${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY} @@ -58,8 +58,7 @@ NeoFS Complex Object Operations @{S_OBJ_H} = Create List ${H_OID} @{S_OBJ_H_OTH} = Create List ${H_OID_OTH} - Run Keyword And Expect Error * - ... Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_ALL} + Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_ALL} Get object from NeoFS ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} s_file_read Get object from NeoFS ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} h_file_read diff --git a/robot/testsuites/integration/object_simple.robot b/robot/testsuites/integration/object/object_simple.robot similarity index 95% rename from robot/testsuites/integration/object_simple.robot rename to robot/testsuites/integration/object/object_simple.robot index 0e9d7d7b..b54bb575 100644 --- a/robot/testsuites/integration/object_simple.robot +++ b/robot/testsuites/integration/object/object_simple.robot @@ -1,8 +1,8 @@ *** Settings *** -Variables ../../variables/common.py +Variables ../../../variables/common.py -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py *** Variables *** ${FILE_USR_HEADER} = key1=1,key2=abc @@ -18,27 +18,27 @@ NeoFS Simple Object Operations Generate wallet ${WALLET} ${ADDR} = Dump Address ${WALLET} ${PRIV_KEY} = Dump PrivKey ${WALLET} ${ADDR} - ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55 + ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 15 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX} Get Transaction ${TX} - Expexted Mainnet Balance ${ADDR} 55 + Expexted Mainnet Balance ${ADDR} 15 ${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY} - ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 + ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 10 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX_DEPOSIT} Get Transaction ${TX_DEPOSIT} ${BALANCE} = Wait Until Keyword Succeeds 5 min 1 min - ... Expected Balance ${PRIV_KEY} 0 50 + ... Expected Balance ${PRIV_KEY} 0 10 ${CID} = Create container ${PRIV_KEY} Container Existing ${PRIV_KEY} ${CID} Wait Until Keyword Succeeds 2 min 30 sec - ... Expected Balance ${PRIV_KEY} 50 -7e-08 + ... Expected Balance ${PRIV_KEY} 10 -7e-08 ${FILE} = Generate file of bytes 1024 ${FILE_HASH} = Get file hash ${FILE} diff --git a/robot/testsuites/integration/withdraw.robot b/robot/testsuites/integration/payment/withdraw.robot similarity index 95% rename from robot/testsuites/integration/withdraw.robot rename to robot/testsuites/integration/payment/withdraw.robot index 67c5bd4d..f2bfd396 100644 --- a/robot/testsuites/integration/withdraw.robot +++ b/robot/testsuites/integration/payment/withdraw.robot @@ -1,8 +1,8 @@ *** Settings *** -Variables ../../variables/common.py +Variables ../../../variables/common.py -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py *** Test cases *** NeoFS Deposit and Withdraw diff --git a/robot/testsuites/integration/http_gate.robot b/robot/testsuites/integration/services/http_gate.robot similarity index 91% rename from robot/testsuites/integration/http_gate.robot rename to robot/testsuites/integration/services/http_gate.robot index 00c8e717..1ec2ab54 100644 --- a/robot/testsuites/integration/http_gate.robot +++ b/robot/testsuites/integration/services/http_gate.robot @@ -1,10 +1,10 @@ *** Settings *** -Variables ../../variables/common.py +Variables ../../../variables/common.py -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py -Library ${RESOURCES}/gates.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py +Library ../${RESOURCES}/gates.py *** Test cases *** @@ -17,16 +17,16 @@ NeoFS HTTP Gateway Generate wallet ${WALLET} ${ADDR} = Dump Address ${WALLET} ${PRIV_KEY} = Dump PrivKey ${WALLET} ${ADDR} - ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55 + ${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 6 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX} Get Transaction ${TX} - Expexted Mainnet Balance ${ADDR} 55 + Expexted Mainnet Balance ${ADDR} 6 ${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY} - ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 + ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 5 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX_DEPOSIT} Get Transaction ${TX_DEPOSIT} @@ -36,7 +36,7 @@ NeoFS HTTP Gateway ... Container Existing ${PRIV_KEY} ${CID} ${FILE} = Generate file of bytes 1024 - ${FILE_L} = Generate file of bytes 10e+6 + ${FILE_L} = Generate file of bytes 70e+6 ${FILE_HASH} = Get file hash ${FILE} ${FILE_L_HASH} = Get file hash ${FILE_L} diff --git a/robot/testsuites/integration/s3_gate.robot b/robot/testsuites/integration/services/s3_gate.robot similarity index 92% rename from robot/testsuites/integration/s3_gate.robot rename to robot/testsuites/integration/services/s3_gate.robot index d7306e32..1a912116 100644 --- a/robot/testsuites/integration/s3_gate.robot +++ b/robot/testsuites/integration/services/s3_gate.robot @@ -1,9 +1,9 @@ *** Settings *** -Variables ../../variables/common.py +Variables ../../../variables/common.py Library Collections -Library ${RESOURCES}/neofs.py -Library ${RESOURCES}/payment_neogo.py -Library ${RESOURCES}/gates.py +Library ../${RESOURCES}/neofs.py +Library ../${RESOURCES}/payment_neogo.py +Library ../${RESOURCES}/gates.py *** Test cases *** @@ -20,16 +20,16 @@ NeoFS S3 Gateway Dump PrivKey ${WALLET} ${ADDR} ${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY} - ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50 + ${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 5 Wait Until Keyword Succeeds 1 min 15 sec ... Transaction accepted in block ${TX_DEPOSIT} Get Transaction ${TX_DEPOSIT} - ${FILE_S3} = Generate file of bytes 10e+6 + ${FILE_S3} = Generate file of bytes 70e+6 ${FILE_S3_HASH} = Get file hash ${FILE_S3} ${FILE_S3_NAME} = Get file name ${FILE_S3} - ${FILE_FS} = Generate file of bytes 10e+6 + ${FILE_FS} = Generate file of bytes 70e+6 ${FILE_FS_HASH} = Get file hash ${FILE_FS} ${FILE_FS_NAME} = Get file name ${FILE_FS}