From 84291d122630d32fd73ee61649d785f2a73bde96 Mon Sep 17 00:00:00 2001 From: Ekaterina Chernitsyna Date: Fri, 22 Nov 2024 19:12:41 +0300 Subject: [PATCH] [#329] add allow morph tests ape --- pytest_tests/testsuites/ape/test_ape.py | 271 ++++++++++++++++++++++-- 1 file changed, 258 insertions(+), 13 deletions(-) diff --git a/pytest_tests/testsuites/ape/test_ape.py b/pytest_tests/testsuites/ape/test_ape.py index 5d79d4c4..76223f81 100644 --- a/pytest_tests/testsuites/ape/test_ape.py +++ b/pytest_tests/testsuites/ape/test_ape.py @@ -88,7 +88,6 @@ def pre_create_container_object_adm( frostfs_cli.container.create( rpc_endpoint=cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 4", - name="dcl1", await_mode=True, ) .stdout.split(" ")[1] @@ -136,7 +135,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 4", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -198,7 +196,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 4", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -208,7 +205,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[1].get_rpc_endpoint(), policy="REP 4", - name="dcl2", await_mode=True, basic_acl="public-read-write", ) @@ -249,7 +245,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 4", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -311,7 +306,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 4", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -357,7 +351,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 4", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -412,7 +405,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 2 CBF 1", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -463,7 +455,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 4", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -516,7 +507,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 2", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -567,7 +557,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 2", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -622,7 +611,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 2", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -676,7 +664,6 @@ class TestApeMorphRuleChain(ClusterTestBase): frostfs_cli.container.create( rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), policy="REP 2", - name="dcl1", await_mode=True, basic_acl="public-read-write", ) @@ -730,3 +717,261 @@ class TestApeMorphRuleChain(ClusterTestBase): with reporter.step("Check delete object in container on the first node"): with expect_not_raises(): delete_object(default_user.wallet, cid, oid_1, self.shell, self.cluster.storage_nodes[0].get_rpc_endpoint()) + + @allure.title("MorphRuleChain: Allow to GetObject in root tenant") + def test_morph_rule_chain_allow_to_get_object_root( + self, + default_user: User, + remote_frostfs_adm_first_node: FrostfsAdm, + frostfs_cli: FrostfsCli, + simple_object_size: ObjectSize, + ): + cid, oids = pre_create_container_object_adm( + default_user, remote_frostfs_adm_first_node, frostfs_cli, simple_object_size, self.shell, self.cluster + ) + + with reporter.step("Create a container rule for the first node"): + remote_frostfs_adm_first_node.morph.add_rule( + target_type="container", + target_name=f"{cid}", + chain_id="allowGetObject", + rule=f"allow Object.Get *", + ) + + with reporter.step("Check get object from container on the first node"): + with expect_not_raises(): + get_object(default_user.wallet, cid, oids[0], self.shell, self.cluster.storage_nodes[0].get_rpc_endpoint()) + + with reporter.step("Check get object from container on the second node"): + with expect_not_raises(): + get_object(default_user.wallet, cid, oids[0], self.shell, self.cluster.storage_nodes[1].get_rpc_endpoint()) + + with reporter.step("Delete a rule"): + remote_frostfs_adm_first_node.morph.remove_rule( + target_type="namespace", + target_name=f"kapusta", + chain_id="allowGetObject", + ) + + @allure.title("MorphRuleChain: allow to PutObject in root tenant") + def test_morph_rule_chain_allow_to_put_object_root( + self, + default_user: User, + remote_frostfs_adm_first_node: FrostfsAdm, + frostfs_cli: FrostfsCli, + simple_object_size: ObjectSize, + ): + + test_file = generate_file(simple_object_size.value) + + with reporter.step("Create a container on the first node"): + cid = ( + frostfs_cli.container.create( + rpc_endpoint=self.cluster.storage_nodes[0].get_rpc_endpoint(), + policy="REP 1 IN MOW CBF 1 SELECT 1 FROM MSK AS MOW FILTER SubDivCode EQ MOW AS MSK", + name="dcl1", + await_mode=True, + basic_acl="0", + ) + .stdout.split(" ")[1] + .strip() + .split("\n")[0] + ) + + with reporter.step("Create a container rule for the first node"): + remote_frostfs_adm_first_node.morph.add_rule( + target_type="container", + target_name=f"{cid}", + chain_id="allowPutObject", + rule=f"allow Object.Put *", + ) + + with reporter.step("Check put object to container on the first node"): + with expect_not_raises(): + put_object(default_user.wallet, test_file, cid, self.shell, self.cluster.storage_nodes[0].get_rpc_endpoint()) + + with reporter.step("Check put object to container on the second node"): + with expect_not_raises(): + put_object(default_user.wallet, test_file, cid, self.shell, self.cluster.storage_nodes[1].get_rpc_endpoint()) + + with reporter.step("Delete a rule"): + remote_frostfs_adm_first_node.morph.remove_rule( + target_type="container", + target_name=f"{cid}", + chain_id="allowPutObject", + ) + + @allure.title("MorphRuleChain: Allow to HeadObject in root tenant") + def test_morph_rule_chain_allow_to_head_object_root( + self, + default_user: User, + remote_frostfs_adm_first_node: FrostfsAdm, + frostfs_cli: FrostfsCli, + simple_object_size: ObjectSize, + ): + cid, oids = pre_create_container_object_adm( + default_user, remote_frostfs_adm_first_node, frostfs_cli, simple_object_size, self.shell, self.cluster + ) + + with reporter.step("Create a container rule for the first node"): + remote_frostfs_adm_first_node.morph.add_rule( + target_type="container", + target_name=f"{cid}", + chain_id="allowHeadObject", + rule=f"allow Object.Head *", + ) + + with reporter.step("Check head object from container on the first node"): + with expect_not_raises(): + head_object(default_user.wallet, cid, oids[0], self.shell, self.cluster.storage_nodes[0].get_rpc_endpoint()) + + with reporter.step("Check head object from container on the second node"): + with expect_not_raises(): + head_object(default_user.wallet, cid, oids[0], self.shell, self.cluster.storage_nodes[1].get_rpc_endpoint()) + + with reporter.step("Delete a rule"): + remote_frostfs_adm_first_node.morph.remove_rule( + target_type="namespace", + target_name=f"kapusta", + chain_id="allowHeadObject", + ) + + @allure.title("MorphRuleChain: Allow to SearchObject in root tenant") + def test_morph_rule_chain_allow_to_search_object_root( + self, + default_user: User, + remote_frostfs_adm_first_node: FrostfsAdm, + frostfs_cli: FrostfsCli, + simple_object_size: ObjectSize, + ): + cid, oids = pre_create_container_object_adm( + default_user, remote_frostfs_adm_first_node, frostfs_cli, simple_object_size, self.shell, self.cluster + ) + + with reporter.step("Create a container rule for the first node"): + remote_frostfs_adm_first_node.morph.add_rule( + target_type="container", + target_name=f"{cid}", + chain_id="allowSearchObject", + rule=f"allow Object.Search *", + ) + + with reporter.step("Check search object from container on the first node"): + with expect_not_raises(): + search_object(default_user.wallet, cid, self.shell, self.cluster.storage_nodes[0].get_rpc_endpoint()) + + with reporter.step("Check search object from container on the second node"): + with expect_not_raises(): + search_object(default_user.wallet, cid, self.shell, self.cluster.storage_nodes[1].get_rpc_endpoint()) + + with reporter.step("Delete a rule"): + remote_frostfs_adm_first_node.morph.remove_rule( + target_type="namespace", + target_name=f"kapusta", + chain_id="allowSearchObject", + ) + + @allure.title("MorphRuleChain: Allow to RangehObject in root tenant") + def test_morph_rule_chain_allow_to_range_object_root( + self, + default_user: User, + remote_frostfs_adm_first_node: FrostfsAdm, + frostfs_cli: FrostfsCli, + simple_object_size: ObjectSize, + ): + cid, oids = pre_create_container_object_adm( + default_user, remote_frostfs_adm_first_node, frostfs_cli, simple_object_size, self.shell, self.cluster + ) + + with reporter.step("Create a container rule for the first node"): + remote_frostfs_adm_first_node.morph.add_rule( + target_type="container", + target_name=f"{cid}", + chain_id="allowRangeObject", + rule=f"allow Object.Range *", + ) + + with reporter.step("Check range object from container on the first node"): + with expect_not_raises(): + get_range(default_user.wallet, cid, oids[0], "0:10", self.shell, self.cluster.storage_nodes[0].get_rpc_endpoint()) + + with reporter.step("Check range object from container on the second node"): + with expect_not_raises(): + get_range(default_user.wallet, cid, oids[0], "0:10", self.shell, self.cluster.storage_nodes[1].get_rpc_endpoint()) + + with reporter.step("Delete a rule"): + remote_frostfs_adm_first_node.morph.remove_rule( + target_type="namespace", + target_name=f"kapusta", + chain_id="allowRangeObject", + ) + + @allure.title("MorphRuleChain: Allow to Hash Object in root tenant") + def test_morph_rule_chain_allow_to_hash_object_root( + self, + default_user: User, + remote_frostfs_adm_first_node: FrostfsAdm, + frostfs_cli: FrostfsCli, + simple_object_size: ObjectSize, + ): + cid, oids = pre_create_container_object_adm( + default_user, remote_frostfs_adm_first_node, frostfs_cli, simple_object_size, self.shell, self.cluster + ) + + with reporter.step("Create a container rule for the first node"): + remote_frostfs_adm_first_node.morph.add_rule( + target_type="container", + target_name=f"{cid}", + chain_id="allowHashObject", + rule=f"allow Object.Hash *", + ) + + with reporter.step("Check range hash object from container on the first node"): + with expect_not_raises(): + get_range_hash(default_user.wallet, cid, oids[0], "0:10", self.shell, self.cluster.storage_nodes[0].get_rpc_endpoint()) + + with reporter.step("Check range hash object from container on the second node"): + with expect_not_raises(): + get_range_hash(default_user.wallet, cid, oids[0], "0:10", self.shell, self.cluster.storage_nodes[1].get_rpc_endpoint()) + + with reporter.step("Delete a rule"): + remote_frostfs_adm_first_node.morph.remove_rule( + target_type="namespace", + target_name=f"kapusta", + chain_id="allowHashObject", + ) + + @allure.title("MorphRuleChain: Allow to Delete Object in root tenant") + def test_morph_rule_chain_allow_to_delete_object_root( + self, + default_user: User, + remote_frostfs_adm_first_node: FrostfsAdm, + frostfs_cli: FrostfsCli, + simple_object_size: ObjectSize, + ): + cid, oids = pre_create_container_object_adm( + default_user, remote_frostfs_adm_first_node, frostfs_cli, simple_object_size, self.shell, self.cluster + ) + + with reporter.step("Create a container rule for the first node"): + remote_frostfs_adm_first_node.morph.add_rule( + target_type="container", + target_name=f"{cid}", + chain_id="allowDeleteObject", + rule=f"allow Object.Head Object.Delete *", + ) + + with reporter.step("Check delete object from container on the first node"): + with expect_not_raises(): + delete_object(default_user.wallet, cid, oids[0], self.shell, self.cluster.storage_nodes[0].get_rpc_endpoint()) + + with reporter.step("Check delete object from container on the second node"): + with expect_not_raises(): + delete_object(default_user.wallet, cid, oids[1], self.shell, self.cluster.storage_nodes[1].get_rpc_endpoint()) + + with reporter.step("Delete a rule"): + remote_frostfs_adm_first_node.morph.remove_rule( + target_type="namespace", + target_name=f"kapusta", + chain_id="allowDeleteObject", + )