[#206] Overhaul credentials work
Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
This commit is contained in:
parent
6af5ad9de5
commit
b61dd7b39c
27 changed files with 384 additions and 494 deletions
|
@ -3,6 +3,7 @@ from typing import List, Optional
|
|||
from frostfs_testlib.shell import Shell
|
||||
from frostfs_testlib.storage.cluster import Cluster
|
||||
from frostfs_testlib.storage.dataclasses.acl import EACLOperation
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
|
||||
from pytest_tests.helpers.object_access import (
|
||||
can_delete_object,
|
||||
|
@ -16,57 +17,47 @@ from pytest_tests.helpers.object_access import (
|
|||
|
||||
|
||||
def check_full_access_to_container(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
oid: str,
|
||||
file_name: str,
|
||||
shell: Shell,
|
||||
cluster: Cluster,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
):
|
||||
endpoint = cluster.default_rpc_endpoint
|
||||
assert can_put_object(wallet, cid, file_name, shell, cluster, bearer, wallet_config, xhdr)
|
||||
assert can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr)
|
||||
assert can_get_range_of_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr)
|
||||
assert can_get_range_hash_of_object(
|
||||
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
|
||||
)
|
||||
assert can_search_object(wallet, cid, shell, endpoint, oid, bearer, wallet_config, xhdr)
|
||||
assert can_get_object(wallet, cid, oid, file_name, shell, cluster, bearer, wallet_config, xhdr)
|
||||
assert can_delete_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr)
|
||||
assert can_put_object(wallet, cid, file_name, shell, cluster, bearer, xhdr)
|
||||
assert can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
assert can_get_range_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
assert can_get_range_hash_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
assert can_search_object(wallet, cid, shell, endpoint, oid, bearer, xhdr)
|
||||
assert can_get_object(wallet, cid, oid, file_name, shell, cluster, bearer, xhdr)
|
||||
assert can_delete_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
|
||||
|
||||
def check_no_access_to_container(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
oid: str,
|
||||
file_name: str,
|
||||
shell: Shell,
|
||||
cluster: Cluster,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
):
|
||||
endpoint = cluster.default_rpc_endpoint
|
||||
assert not can_put_object(wallet, cid, file_name, shell, cluster, bearer, wallet_config, xhdr)
|
||||
assert not can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr)
|
||||
assert not can_get_range_of_object(
|
||||
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
|
||||
)
|
||||
assert not can_get_range_hash_of_object(
|
||||
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
|
||||
)
|
||||
assert not can_search_object(wallet, cid, shell, endpoint, oid, bearer, wallet_config, xhdr)
|
||||
assert not can_get_object(
|
||||
wallet, cid, oid, file_name, shell, cluster, bearer, wallet_config, xhdr
|
||||
)
|
||||
assert not can_delete_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr)
|
||||
assert not can_put_object(wallet, cid, file_name, shell, cluster, bearer, xhdr)
|
||||
assert not can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
assert not can_get_range_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
assert not can_get_range_hash_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
assert not can_search_object(wallet, cid, shell, endpoint, oid, bearer, xhdr)
|
||||
assert not can_get_object(wallet, cid, oid, file_name, shell, cluster, bearer, xhdr)
|
||||
assert not can_delete_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
|
||||
|
||||
def check_custom_access_to_container(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
oid: str,
|
||||
file_name: str,
|
||||
|
@ -75,7 +66,6 @@ def check_custom_access_to_container(
|
|||
deny_operations: Optional[List[EACLOperation]] = None,
|
||||
ignore_operations: Optional[List[EACLOperation]] = None,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
):
|
||||
endpoint = cluster.default_rpc_endpoint
|
||||
|
@ -83,56 +73,39 @@ def check_custom_access_to_container(
|
|||
ignore_operations = [op.value for op in ignore_operations or []]
|
||||
checks: dict = {}
|
||||
if EACLOperation.PUT.value not in ignore_operations:
|
||||
checks[EACLOperation.PUT.value] = can_put_object(
|
||||
wallet, cid, file_name, shell, cluster, bearer, wallet_config, xhdr
|
||||
)
|
||||
checks[EACLOperation.PUT.value] = can_put_object(wallet, cid, file_name, shell, cluster, bearer, xhdr)
|
||||
if EACLOperation.HEAD.value not in ignore_operations:
|
||||
checks[EACLOperation.HEAD.value] = can_get_head_object(
|
||||
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
|
||||
)
|
||||
checks[EACLOperation.HEAD.value] = can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
if EACLOperation.GET_RANGE.value not in ignore_operations:
|
||||
checks[EACLOperation.GET_RANGE.value] = can_get_range_of_object(
|
||||
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
|
||||
)
|
||||
checks[EACLOperation.GET_RANGE.value] = can_get_range_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
if EACLOperation.GET_RANGE_HASH.value not in ignore_operations:
|
||||
checks[EACLOperation.GET_RANGE_HASH.value] = can_get_range_hash_of_object(
|
||||
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
|
||||
wallet, cid, oid, shell, endpoint, bearer, xhdr
|
||||
)
|
||||
if EACLOperation.SEARCH.value not in ignore_operations:
|
||||
checks[EACLOperation.SEARCH.value] = can_search_object(
|
||||
wallet, cid, shell, endpoint, oid, bearer, wallet_config, xhdr
|
||||
)
|
||||
checks[EACLOperation.SEARCH.value] = can_search_object(wallet, cid, shell, endpoint, oid, bearer, xhdr)
|
||||
if EACLOperation.GET.value not in ignore_operations:
|
||||
checks[EACLOperation.GET.value] = can_get_object(
|
||||
wallet, cid, oid, file_name, shell, cluster, bearer, wallet_config, xhdr
|
||||
)
|
||||
checks[EACLOperation.GET.value] = can_get_object(wallet, cid, oid, file_name, shell, cluster, bearer, xhdr)
|
||||
if EACLOperation.DELETE.value not in ignore_operations:
|
||||
checks[EACLOperation.DELETE.value] = can_delete_object(
|
||||
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
|
||||
)
|
||||
checks[EACLOperation.DELETE.value] = can_delete_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
|
||||
|
||||
failed_checks = [
|
||||
f"allowed {action} failed"
|
||||
for action, success in checks.items()
|
||||
if not success and action not in deny_operations
|
||||
] + [
|
||||
f"denied {action} succeeded"
|
||||
for action, success in checks.items()
|
||||
if success and action in deny_operations
|
||||
]
|
||||
] + [f"denied {action} succeeded" for action, success in checks.items() if success and action in deny_operations]
|
||||
|
||||
assert not failed_checks, ", ".join(failed_checks)
|
||||
|
||||
|
||||
def check_read_only_container(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
oid: str,
|
||||
file_name: str,
|
||||
shell: Shell,
|
||||
cluster: Cluster,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
):
|
||||
return check_custom_access_to_container(
|
||||
|
@ -142,7 +115,6 @@ def check_read_only_container(
|
|||
file_name,
|
||||
deny_operations=[EACLOperation.PUT, EACLOperation.DELETE],
|
||||
bearer=bearer,
|
||||
wallet_config=wallet_config,
|
||||
xhdr=xhdr,
|
||||
shell=shell,
|
||||
cluster=cluster,
|
||||
|
|
|
@ -14,6 +14,7 @@ from frostfs_testlib.steps.cli.object import (
|
|||
search_object,
|
||||
)
|
||||
from frostfs_testlib.storage.cluster import Cluster
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.utils import string_utils
|
||||
from frostfs_testlib.utils.file_utils import get_file_hash
|
||||
|
||||
|
@ -21,14 +22,13 @@ OPERATION_ERROR_TYPE = RuntimeError
|
|||
|
||||
|
||||
def can_get_object(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
oid: str,
|
||||
file_name: str,
|
||||
shell: Shell,
|
||||
cluster: Cluster,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
) -> bool:
|
||||
with reporter.step("Try get object from container"):
|
||||
|
@ -38,7 +38,6 @@ def can_get_object(
|
|||
cid,
|
||||
oid,
|
||||
bearer=bearer,
|
||||
wallet_config=wallet_config,
|
||||
xhdr=xhdr,
|
||||
shell=shell,
|
||||
cluster=cluster,
|
||||
|
@ -53,13 +52,12 @@ def can_get_object(
|
|||
|
||||
|
||||
def can_put_object(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
file_name: str,
|
||||
shell: Shell,
|
||||
cluster: Cluster,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
attributes: Optional[dict] = None,
|
||||
) -> bool:
|
||||
|
@ -70,7 +68,6 @@ def can_put_object(
|
|||
file_name,
|
||||
cid,
|
||||
bearer=bearer,
|
||||
wallet_config=wallet_config,
|
||||
xhdr=xhdr,
|
||||
attributes=attributes,
|
||||
shell=shell,
|
||||
|
@ -85,13 +82,12 @@ def can_put_object(
|
|||
|
||||
|
||||
def can_delete_object(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
oid: str,
|
||||
shell: Shell,
|
||||
endpoint: str,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
) -> bool:
|
||||
with reporter.step("Try delete object from container"):
|
||||
|
@ -101,7 +97,6 @@ def can_delete_object(
|
|||
cid,
|
||||
oid,
|
||||
bearer=bearer,
|
||||
wallet_config=wallet_config,
|
||||
xhdr=xhdr,
|
||||
shell=shell,
|
||||
endpoint=endpoint,
|
||||
|
@ -115,13 +110,12 @@ def can_delete_object(
|
|||
|
||||
|
||||
def can_get_head_object(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
oid: str,
|
||||
shell: Shell,
|
||||
endpoint: str,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
timeout: Optional[str] = CLI_DEFAULT_TIMEOUT,
|
||||
) -> bool:
|
||||
|
@ -132,7 +126,6 @@ def can_get_head_object(
|
|||
cid,
|
||||
oid,
|
||||
bearer=bearer,
|
||||
wallet_config=wallet_config,
|
||||
xhdr=xhdr,
|
||||
shell=shell,
|
||||
endpoint=endpoint,
|
||||
|
@ -147,13 +140,12 @@ def can_get_head_object(
|
|||
|
||||
|
||||
def can_get_range_of_object(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
oid: str,
|
||||
shell: Shell,
|
||||
endpoint: str,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
timeout: Optional[str] = CLI_DEFAULT_TIMEOUT,
|
||||
) -> bool:
|
||||
|
@ -165,7 +157,6 @@ def can_get_range_of_object(
|
|||
oid,
|
||||
bearer=bearer,
|
||||
range_cut="0:10",
|
||||
wallet_config=wallet_config,
|
||||
xhdr=xhdr,
|
||||
shell=shell,
|
||||
endpoint=endpoint,
|
||||
|
@ -180,13 +171,12 @@ def can_get_range_of_object(
|
|||
|
||||
|
||||
def can_get_range_hash_of_object(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
oid: str,
|
||||
shell: Shell,
|
||||
endpoint: str,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
timeout: Optional[str] = CLI_DEFAULT_TIMEOUT,
|
||||
) -> bool:
|
||||
|
@ -198,7 +188,6 @@ def can_get_range_hash_of_object(
|
|||
oid,
|
||||
bearer=bearer,
|
||||
range_cut="0:10",
|
||||
wallet_config=wallet_config,
|
||||
xhdr=xhdr,
|
||||
shell=shell,
|
||||
endpoint=endpoint,
|
||||
|
@ -213,13 +202,12 @@ def can_get_range_hash_of_object(
|
|||
|
||||
|
||||
def can_search_object(
|
||||
wallet: str,
|
||||
wallet: WalletInfo,
|
||||
cid: str,
|
||||
shell: Shell,
|
||||
endpoint: str,
|
||||
oid: Optional[str] = None,
|
||||
bearer: Optional[str] = None,
|
||||
wallet_config: Optional[str] = None,
|
||||
xhdr: Optional[dict] = None,
|
||||
timeout: Optional[str] = CLI_DEFAULT_TIMEOUT,
|
||||
) -> bool:
|
||||
|
@ -229,7 +217,6 @@ def can_search_object(
|
|||
wallet,
|
||||
cid,
|
||||
bearer=bearer,
|
||||
wallet_config=wallet_config,
|
||||
xhdr=xhdr,
|
||||
shell=shell,
|
||||
endpoint=endpoint,
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
import os
|
||||
import uuid
|
||||
from dataclasses import dataclass
|
||||
from typing import Optional
|
||||
from datetime import datetime
|
||||
|
||||
import pytest
|
||||
from frostfs_testlib import reporter
|
||||
from frostfs_testlib.resources.common import DEFAULT_WALLET_CONFIG, DEFAULT_WALLET_PASS
|
||||
from frostfs_testlib.credentials.interfaces import CredentialsProvider, User
|
||||
from frostfs_testlib.resources.wellknown_acl import PUBLIC_ACL
|
||||
from frostfs_testlib.shell import Shell
|
||||
from frostfs_testlib.steps.cli.container import create_container
|
||||
|
@ -14,54 +13,40 @@ from frostfs_testlib.storage.cluster import Cluster
|
|||
from frostfs_testlib.storage.dataclasses.acl import EACLRole
|
||||
from frostfs_testlib.storage.dataclasses.frostfs_services import InnerRing, StorageNode
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.utils import wallet_utils
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.utils.file_utils import generate_file
|
||||
|
||||
OBJECT_COUNT = 5
|
||||
|
||||
|
||||
@dataclass
|
||||
class Wallet:
|
||||
wallet_path: Optional[str] = None
|
||||
config_path: Optional[str] = None
|
||||
|
||||
|
||||
@dataclass
|
||||
class Wallets:
|
||||
wallets: dict[EACLRole, list[Wallet]]
|
||||
wallets: dict[EACLRole, list[WalletInfo]]
|
||||
|
||||
def get_wallet(self, role: EACLRole = EACLRole.USER) -> Wallet:
|
||||
def get_wallet(self, role: EACLRole = EACLRole.USER) -> WalletInfo:
|
||||
return self.wallets[role][0]
|
||||
|
||||
def get_wallets_list(self, role: EACLRole = EACLRole.USER) -> list[Wallet]:
|
||||
def get_wallets_list(self, role: EACLRole = EACLRole.USER) -> list[WalletInfo]:
|
||||
return self.wallets[role]
|
||||
|
||||
|
||||
@pytest.fixture(scope="module")
|
||||
def wallets(default_wallet: str, temp_directory: str, cluster: Cluster) -> Wallets:
|
||||
other_wallets_paths = [os.path.join(temp_directory, f"{str(uuid.uuid4())}.json") for _ in range(2)]
|
||||
for other_wallet_path in other_wallets_paths:
|
||||
wallet_utils.init_wallet(other_wallet_path, DEFAULT_WALLET_PASS)
|
||||
def wallets(default_wallet: WalletInfo, credentials_provider: CredentialsProvider, cluster: Cluster) -> Wallets:
|
||||
other_wallets: list = []
|
||||
for _ in range(2):
|
||||
user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
|
||||
other_wallets.append(credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0]))
|
||||
|
||||
ir_node: InnerRing = cluster.ir_nodes[0]
|
||||
storage_node: StorageNode = cluster.storage_nodes[0]
|
||||
|
||||
ir_wallet_path = ir_node.get_wallet_path()
|
||||
ir_wallet_config = ir_node.get_wallet_config_path()
|
||||
|
||||
storage_wallet_path = storage_node.get_wallet_path()
|
||||
storage_wallet_config = storage_node.get_wallet_config_path()
|
||||
|
||||
wallets_collection = Wallets(
|
||||
wallets={
|
||||
EACLRole.USER: [Wallet(wallet_path=default_wallet, config_path=DEFAULT_WALLET_CONFIG)],
|
||||
EACLRole.OTHERS: [
|
||||
Wallet(wallet_path=other_wallet_path, config_path=DEFAULT_WALLET_CONFIG)
|
||||
for other_wallet_path in other_wallets_paths
|
||||
],
|
||||
EACLRole.USER: [default_wallet],
|
||||
EACLRole.OTHERS: other_wallets,
|
||||
EACLRole.SYSTEM: [
|
||||
Wallet(wallet_path=ir_wallet_path, config_path=ir_wallet_config),
|
||||
Wallet(wallet_path=storage_wallet_path, config_path=storage_wallet_config),
|
||||
WalletInfo.from_node(ir_node),
|
||||
WalletInfo.from_node(storage_node),
|
||||
],
|
||||
}
|
||||
)
|
||||
|
@ -70,7 +55,7 @@ def wallets(default_wallet: str, temp_directory: str, cluster: Cluster) -> Walle
|
|||
if role == EACLRole.SYSTEM:
|
||||
continue
|
||||
for wallet in wallets:
|
||||
reporter.attach(wallet.wallet_path, os.path.basename(wallet.wallet_path))
|
||||
reporter.attach(wallet.path, os.path.basename(wallet.path))
|
||||
|
||||
return wallets_collection
|
||||
|
||||
|
@ -87,7 +72,7 @@ def eacl_container_with_objects(
|
|||
user_wallet = wallets.get_wallet()
|
||||
with reporter.step("Create eACL public container"):
|
||||
cid = create_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
basic_acl=PUBLIC_ACL,
|
||||
shell=client_shell,
|
||||
endpoint=cluster.default_rpc_endpoint,
|
||||
|
@ -96,7 +81,7 @@ def eacl_container_with_objects(
|
|||
with reporter.step("Add test objects to container"):
|
||||
objects_oids = [
|
||||
put_object_to_random_node(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
file_path,
|
||||
cid,
|
||||
attributes={"key1": "val1", "key": val, "key2": "abc"},
|
||||
|
|
|
@ -22,11 +22,11 @@ from pytest_tests.testsuites.acl.conftest import Wallets
|
|||
@pytest.mark.acl_basic
|
||||
class TestACLBasic(ClusterTestBase):
|
||||
@pytest.fixture(scope="function")
|
||||
def public_container(self, wallets):
|
||||
def public_container(self, wallets: Wallets):
|
||||
user_wallet = wallets.get_wallet()
|
||||
with reporter.step("Create public container"):
|
||||
cid_public = create_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
basic_acl=PUBLIC_ACL_F,
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
|
@ -35,14 +35,14 @@ class TestACLBasic(ClusterTestBase):
|
|||
yield cid_public
|
||||
|
||||
# with reporter.step('Delete public container'):
|
||||
# delete_container(user_wallet.wallet_path, cid_public)
|
||||
# delete_container(user_wallet, cid_public)
|
||||
|
||||
@pytest.fixture(scope="function")
|
||||
def private_container(self, wallets: Wallets):
|
||||
user_wallet = wallets.get_wallet()
|
||||
with reporter.step("Create private container"):
|
||||
cid_private = create_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
basic_acl=PRIVATE_ACL_F,
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
|
@ -51,14 +51,14 @@ class TestACLBasic(ClusterTestBase):
|
|||
yield cid_private
|
||||
|
||||
# with reporter.step('Delete private container'):
|
||||
# delete_container(user_wallet.wallet_path, cid_private)
|
||||
# delete_container(user_wallet, cid_private)
|
||||
|
||||
@pytest.fixture(scope="function")
|
||||
def read_only_container(self, wallets: Wallets):
|
||||
user_wallet = wallets.get_wallet()
|
||||
with reporter.step("Create public readonly container"):
|
||||
cid_read_only = create_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
basic_acl=READONLY_ACL_F,
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
|
@ -67,7 +67,7 @@ class TestACLBasic(ClusterTestBase):
|
|||
yield cid_read_only
|
||||
|
||||
# with reporter.step('Delete public readonly container'):
|
||||
# delete_container(user_wallet.wallet_path, cid_read_only)
|
||||
# delete_container(user_wallet, cid_read_only)
|
||||
|
||||
@allure.title("Operations with basic ACL on public container (obj_size={object_size})")
|
||||
def test_basic_acl_public(self, wallets: Wallets, public_container: str, file_path: str):
|
||||
|
@ -82,7 +82,7 @@ class TestACLBasic(ClusterTestBase):
|
|||
# We create new objects for each wallet because check_full_access_to_container
|
||||
# deletes the object
|
||||
owner_object_oid = put_object_to_random_node(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
file_path,
|
||||
cid,
|
||||
shell=self.shell,
|
||||
|
@ -90,7 +90,7 @@ class TestACLBasic(ClusterTestBase):
|
|||
attributes={"created": "owner"},
|
||||
)
|
||||
other_object_oid = put_object_to_random_node(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
file_path,
|
||||
cid,
|
||||
shell=self.shell,
|
||||
|
@ -99,7 +99,7 @@ class TestACLBasic(ClusterTestBase):
|
|||
)
|
||||
with reporter.step(f"Check {desc} has full access to public container"):
|
||||
check_full_access_to_container(
|
||||
wallet.wallet_path,
|
||||
wallet,
|
||||
cid,
|
||||
owner_object_oid,
|
||||
file_path,
|
||||
|
@ -107,7 +107,7 @@ class TestACLBasic(ClusterTestBase):
|
|||
cluster=self.cluster,
|
||||
)
|
||||
check_full_access_to_container(
|
||||
wallet.wallet_path,
|
||||
wallet,
|
||||
cid,
|
||||
other_object_oid,
|
||||
file_path,
|
||||
|
@ -125,13 +125,13 @@ class TestACLBasic(ClusterTestBase):
|
|||
cid = private_container
|
||||
with reporter.step("Add test objects to container"):
|
||||
owner_object_oid = put_object_to_random_node(
|
||||
user_wallet.wallet_path, file_path, cid, shell=self.shell, cluster=self.cluster
|
||||
user_wallet, file_path, cid, shell=self.shell, cluster=self.cluster
|
||||
)
|
||||
|
||||
with reporter.step("Check only owner has full access to private container"):
|
||||
with reporter.step("Check no one except owner has access to operations with container"):
|
||||
check_no_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
owner_object_oid,
|
||||
file_path,
|
||||
|
@ -141,7 +141,7 @@ class TestACLBasic(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check owner has full access to private container"):
|
||||
check_full_access_to_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
owner_object_oid,
|
||||
file_path,
|
||||
|
@ -160,12 +160,12 @@ class TestACLBasic(ClusterTestBase):
|
|||
|
||||
with reporter.step("Add test objects to container"):
|
||||
object_oid = put_object_to_random_node(
|
||||
user_wallet.wallet_path, file_path, cid, shell=client_shell, cluster=self.cluster
|
||||
user_wallet, file_path, cid, shell=client_shell, cluster=self.cluster
|
||||
)
|
||||
|
||||
with reporter.step("Check other has read-only access to operations with container"):
|
||||
check_read_only_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
object_oid,
|
||||
file_path,
|
||||
|
@ -175,7 +175,7 @@ class TestACLBasic(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check owner has full access to public container"):
|
||||
check_full_access_to_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
object_oid,
|
||||
file_path,
|
||||
|
|
|
@ -32,11 +32,10 @@ class TestACLBearer(ClusterTestBase):
|
|||
|
||||
with reporter.step(f"Check {role.value} has full access to container without bearer token"):
|
||||
check_full_access_to_container(
|
||||
deny_wallet.wallet_path,
|
||||
deny_wallet,
|
||||
cid,
|
||||
objects_oids.pop(),
|
||||
file_path,
|
||||
wallet_config=deny_wallet.config_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
)
|
||||
|
@ -44,12 +43,12 @@ class TestACLBearer(ClusterTestBase):
|
|||
with reporter.step(f"Set deny all operations for {role.value} via eACL"):
|
||||
eacl = [EACLRule(access=EACLAccess.DENY, role=role, operation=op) for op in EACLOperation]
|
||||
eacl_file = create_eacl(cid, eacl, shell=self.shell)
|
||||
set_eacl(user_wallet.wallet_path, cid, eacl_file, shell=self.shell, endpoint=endpoint)
|
||||
set_eacl(user_wallet, cid, eacl_file, shell=self.shell, endpoint=endpoint)
|
||||
wait_for_cache_expired()
|
||||
|
||||
with reporter.step(f"Create bearer token for {role.value} with all operations allowed"):
|
||||
bearer = form_bearertoken_file(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
[EACLRule(operation=op, access=EACLAccess.ALLOW, role=role) for op in EACLOperation],
|
||||
shell=self.shell,
|
||||
|
@ -58,23 +57,21 @@ class TestACLBearer(ClusterTestBase):
|
|||
|
||||
with reporter.step(f"Check {role.value} without token has no access to all operations with container"):
|
||||
check_no_access_to_container(
|
||||
deny_wallet.wallet_path,
|
||||
deny_wallet,
|
||||
cid,
|
||||
objects_oids.pop(),
|
||||
file_path,
|
||||
wallet_config=deny_wallet.config_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
)
|
||||
|
||||
with reporter.step(f"Check {role.value} with token has access to all operations with container"):
|
||||
check_full_access_to_container(
|
||||
deny_wallet.wallet_path,
|
||||
deny_wallet,
|
||||
cid,
|
||||
objects_oids.pop(),
|
||||
file_path,
|
||||
bearer=bearer,
|
||||
wallet_config=deny_wallet.config_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
)
|
||||
|
@ -82,22 +79,21 @@ class TestACLBearer(ClusterTestBase):
|
|||
with reporter.step(f"Set allow all operations for {role.value} via eACL"):
|
||||
eacl = [EACLRule(access=EACLAccess.ALLOW, role=role, operation=op) for op in EACLOperation]
|
||||
eacl_file = create_eacl(cid, eacl, shell=self.shell)
|
||||
set_eacl(user_wallet.wallet_path, cid, eacl_file, shell=self.shell, endpoint=endpoint)
|
||||
set_eacl(user_wallet, cid, eacl_file, shell=self.shell, endpoint=endpoint)
|
||||
wait_for_cache_expired()
|
||||
|
||||
with reporter.step(f"Check {role.value} without token has access to all operations with container"):
|
||||
check_full_access_to_container(
|
||||
deny_wallet.wallet_path,
|
||||
deny_wallet,
|
||||
cid,
|
||||
objects_oids.pop(),
|
||||
file_path,
|
||||
wallet_config=deny_wallet.config_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
)
|
||||
|
||||
@allure.title("BearerToken for compound operations (obj_size={object_size})")
|
||||
def test_bearer_token_compound_operations(self, wallets, eacl_container_with_objects):
|
||||
def test_bearer_token_compound_operations(self, wallets: Wallets, eacl_container_with_objects):
|
||||
endpoint = self.cluster.default_rpc_endpoint
|
||||
cid, objects_oids, file_path = eacl_container_with_objects
|
||||
user_wallet = wallets.get_wallet()
|
||||
|
@ -136,7 +132,7 @@ class TestACLBearer(ClusterTestBase):
|
|||
for role, operations in deny_map.items():
|
||||
eacl_deny += [EACLRule(access=EACLAccess.DENY, role=role, operation=op) for op in operations]
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
eacl_table_path=create_eacl(cid, eacl_deny, shell=self.shell),
|
||||
shell=self.shell,
|
||||
|
@ -146,29 +142,27 @@ class TestACLBearer(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check rule consistency without bearer"):
|
||||
check_custom_access_to_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
objects_oids.pop(),
|
||||
file_path,
|
||||
deny_operations=deny_map[EACLRole.USER],
|
||||
wallet_config=user_wallet.config_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
)
|
||||
check_custom_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
objects_oids.pop(),
|
||||
file_path,
|
||||
deny_operations=deny_map[EACLRole.OTHERS],
|
||||
wallet_config=other_wallet.config_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
)
|
||||
|
||||
with reporter.step("Check rule consistency using bearer token"):
|
||||
bearer_user = form_bearertoken_file(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
[
|
||||
EACLRule(operation=op, access=EACLAccess.ALLOW, role=EACLRole.USER)
|
||||
|
@ -179,7 +173,7 @@ class TestACLBearer(ClusterTestBase):
|
|||
)
|
||||
|
||||
bearer_other = form_bearertoken_file(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
[
|
||||
EACLRule(operation=op, access=EACLAccess.ALLOW, role=EACLRole.OTHERS)
|
||||
|
@ -190,24 +184,22 @@ class TestACLBearer(ClusterTestBase):
|
|||
)
|
||||
|
||||
check_custom_access_to_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
objects_oids.pop(),
|
||||
file_path,
|
||||
deny_operations=deny_map_with_bearer[EACLRole.USER],
|
||||
bearer=bearer_user,
|
||||
wallet_config=user_wallet.config_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
)
|
||||
check_custom_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
objects_oids.pop(),
|
||||
file_path,
|
||||
deny_operations=deny_map_with_bearer[EACLRole.OTHERS],
|
||||
bearer=bearer_other,
|
||||
wallet_config=other_wallet.config_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
)
|
||||
|
|
|
@ -27,14 +27,14 @@ from pytest_tests.testsuites.acl.conftest import Wallets
|
|||
@pytest.mark.acl_extended
|
||||
class TestEACLContainer(ClusterTestBase):
|
||||
@pytest.fixture(scope="function")
|
||||
def eacl_full_placement_container_with_object(self, wallets: Wallets, file_path: str) -> str:
|
||||
def eacl_full_placement_container_with_object(self, wallets: Wallets, file_path: str) -> tuple[str, str, str]:
|
||||
user_wallet = wallets.get_wallet()
|
||||
storage_nodes = self.cluster.storage_nodes
|
||||
node_count = len(storage_nodes)
|
||||
with reporter.step("Create eACL public container with full placement rule"):
|
||||
full_placement_rule = f"REP {node_count} IN X CBF 1 SELECT {node_count} FROM * AS X"
|
||||
cid = create_container(
|
||||
wallet=user_wallet.wallet_path,
|
||||
wallet=user_wallet,
|
||||
rule=full_placement_rule,
|
||||
basic_acl=PUBLIC_ACL,
|
||||
shell=self.shell,
|
||||
|
@ -42,9 +42,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
)
|
||||
|
||||
with reporter.step("Add test object to container"):
|
||||
oid = put_object_to_random_node(
|
||||
user_wallet.wallet_path, file_path, cid, shell=self.shell, cluster=self.cluster
|
||||
)
|
||||
oid = put_object_to_random_node(user_wallet, file_path, cid, shell=self.shell, cluster=self.cluster)
|
||||
wait_object_replication(
|
||||
cid,
|
||||
oid,
|
||||
|
@ -75,7 +73,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
with reporter.step(f"Deny all operations for {deny_role_str} via eACL"):
|
||||
eacl_deny = [EACLRule(access=EACLAccess.DENY, role=deny_role, operation=op) for op in EACLOperation]
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(cid, eacl_deny, shell=self.shell),
|
||||
shell=self.shell,
|
||||
|
@ -86,7 +84,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
with reporter.step(f"Check only {not_deny_role_str} has full access to container"):
|
||||
with reporter.step(f"Check {deny_role_str} has not access to any operations with container"):
|
||||
check_no_access_to_container(
|
||||
deny_role_wallet.wallet_path,
|
||||
deny_role_wallet,
|
||||
cid,
|
||||
object_oids[0],
|
||||
file_path,
|
||||
|
@ -96,7 +94,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
|
||||
with reporter.step(f"Check {not_deny_role_wallet} has full access to eACL public container"):
|
||||
check_full_access_to_container(
|
||||
not_deny_role_wallet.wallet_path,
|
||||
not_deny_role_wallet,
|
||||
cid,
|
||||
object_oids.pop(),
|
||||
file_path,
|
||||
|
@ -107,7 +105,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
with reporter.step(f"Allow all operations for {deny_role_str} via eACL"):
|
||||
eacl_deny = [EACLRule(access=EACLAccess.ALLOW, role=deny_role, operation=op) for op in EACLOperation]
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(cid, eacl_deny, shell=self.shell),
|
||||
shell=self.shell,
|
||||
|
@ -117,7 +115,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check all have full access to eACL public container"):
|
||||
check_full_access_to_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
object_oids.pop(),
|
||||
file_path,
|
||||
|
@ -125,7 +123,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
cluster=self.cluster,
|
||||
)
|
||||
check_full_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
object_oids.pop(),
|
||||
file_path,
|
||||
|
@ -145,14 +143,14 @@ class TestEACLContainer(ClusterTestBase):
|
|||
eacl = [
|
||||
EACLRule(
|
||||
access=EACLAccess.ALLOW,
|
||||
role=other_wallet_allow.wallet_path,
|
||||
role=other_wallet_allow,
|
||||
operation=op,
|
||||
)
|
||||
for op in EACLOperation
|
||||
]
|
||||
eacl += [EACLRule(access=EACLAccess.DENY, role=EACLRole.OTHERS, operation=op) for op in EACLOperation]
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(cid, eacl, shell=self.shell),
|
||||
shell=self.shell,
|
||||
|
@ -163,7 +161,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
with reporter.step("Check only owner and allowed other have full access to public container"):
|
||||
with reporter.step("Check other has not access to operations with container"):
|
||||
check_no_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
object_oids[0],
|
||||
file_path,
|
||||
|
@ -173,7 +171,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check owner has full access to public container"):
|
||||
check_full_access_to_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
object_oids.pop(),
|
||||
file_path,
|
||||
|
@ -183,7 +181,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check allowed other has full access to public container"):
|
||||
check_full_access_to_container(
|
||||
other_wallet_allow.wallet_path,
|
||||
other_wallet_allow,
|
||||
cid,
|
||||
object_oids.pop(),
|
||||
file_path,
|
||||
|
@ -206,7 +204,7 @@ class TestEACLContainer(ClusterTestBase):
|
|||
eacl_deny = [EACLRule(access=EACLAccess.DENY, role=EACLRole.USER, operation=op) for op in EACLOperation]
|
||||
eacl_deny += [EACLRule(access=EACLAccess.DENY, role=EACLRole.OTHERS, operation=op) for op in EACLOperation]
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(cid, eacl_deny, shell=self.shell),
|
||||
shell=self.shell,
|
||||
|
@ -237,134 +235,120 @@ class TestEACLContainer(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check IR and STORAGE rules compliance"):
|
||||
assert not can_put_object(
|
||||
ir_wallet.wallet_path,
|
||||
ir_wallet,
|
||||
cid,
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
assert can_put_object(
|
||||
storage_wallet.wallet_path,
|
||||
storage_wallet,
|
||||
cid,
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_get_object(
|
||||
ir_wallet.wallet_path,
|
||||
ir_wallet,
|
||||
cid,
|
||||
object_oids[0],
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
assert can_get_object(
|
||||
storage_wallet.wallet_path,
|
||||
storage_wallet,
|
||||
cid,
|
||||
object_oids[0],
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_get_head_object(
|
||||
ir_wallet.wallet_path,
|
||||
ir_wallet,
|
||||
cid,
|
||||
object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
assert can_get_head_object(
|
||||
storage_wallet.wallet_path,
|
||||
storage_wallet,
|
||||
cid,
|
||||
object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_search_object(
|
||||
ir_wallet.wallet_path,
|
||||
ir_wallet,
|
||||
cid,
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
oid=object_oids[0],
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
assert can_search_object(
|
||||
storage_wallet.wallet_path,
|
||||
storage_wallet,
|
||||
cid,
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
oid=object_oids[0],
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_range_of_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_range_of_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_get_range_hash_of_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_get_range_hash_of_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_delete_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_delete_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with reporter.step("Deny all operations for SYSTEM via eACL"):
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(
|
||||
cid=cid,
|
||||
|
@ -380,141 +364,127 @@ class TestEACLContainer(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check IR and STORAGE rules compliance with deny eACL"):
|
||||
assert not can_put_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
file_name=file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
assert not can_put_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
file_name=file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
file_name=file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
file_name=file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_head_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_head_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_search_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
oid=object_oids[0],
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_search_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
oid=object_oids[0],
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_range_of_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_range_of_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_range_hash_of_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_range_hash_of_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_delete_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_delete_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with reporter.step("Allow all operations for SYSTEM via eACL"):
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(
|
||||
cid=cid,
|
||||
|
@ -530,127 +500,113 @@ class TestEACLContainer(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check IR and STORAGE rules compliance with allow eACL"):
|
||||
assert not can_put_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
file_name=file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
assert can_put_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
file_name=file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_get_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
file_name=file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
assert can_get_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
file_name=file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_get_head_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
assert can_get_head_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_search_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
shell=self.shell,
|
||||
oid=object_oids[0],
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
assert can_search_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
shell=self.shell,
|
||||
oid=object_oids[0],
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_range_of_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_range_of_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_get_range_hash_of_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
|
||||
assert can_get_range_hash_of_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_delete_object(
|
||||
wallet=ir_wallet.wallet_path,
|
||||
wallet=ir_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=ir_wallet.config_path,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_delete_object(
|
||||
wallet=storage_wallet.wallet_path,
|
||||
wallet=storage_wallet,
|
||||
cid=cid,
|
||||
oid=object_oids[0],
|
||||
shell=self.shell,
|
||||
endpoint=endpoint,
|
||||
wallet_config=storage_wallet.config_path,
|
||||
)
|
||||
|
|
|
@ -64,7 +64,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
user_wallet = wallets.get_wallet()
|
||||
with reporter.step("Create eACL public container"):
|
||||
cid = create_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
basic_acl=PUBLIC_ACL,
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
|
@ -73,7 +73,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
with reporter.step("Add test objects to container"):
|
||||
objects_with_header = [
|
||||
put_object_to_random_node(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
file_path,
|
||||
cid,
|
||||
shell=self.shell,
|
||||
|
@ -85,7 +85,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
|
||||
objects_with_other_header = [
|
||||
put_object_to_random_node(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
file_path,
|
||||
cid,
|
||||
shell=self.shell,
|
||||
|
@ -97,7 +97,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
|
||||
objects_without_header = [
|
||||
put_object_to_random_node(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
file_path,
|
||||
cid,
|
||||
shell=self.shell,
|
||||
|
@ -110,7 +110,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
|
||||
with reporter.step("Delete eACL public container"):
|
||||
delete_container(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
|
@ -148,7 +148,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
for op in EACLOperation
|
||||
]
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(cid, eacl_deny, shell=self.shell),
|
||||
shell=self.shell,
|
||||
|
@ -171,7 +171,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
):
|
||||
with reporter.step("Check other has full access when sending request without headers"):
|
||||
check_full_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid.pop(),
|
||||
file_path,
|
||||
|
@ -181,7 +181,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check other has full access when sending request with allowed headers"):
|
||||
check_full_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid.pop(),
|
||||
file_path,
|
||||
|
@ -192,7 +192,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check other has no access when sending request with denied headers"):
|
||||
check_no_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid.pop(),
|
||||
file_path,
|
||||
|
@ -205,14 +205,14 @@ class TestEACLFilters(ClusterTestBase):
|
|||
"Check other has full access when sending request " "with denied headers and using bearer token"
|
||||
):
|
||||
bearer_other = form_bearertoken_file(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
[EACLRule(operation=op, access=EACLAccess.ALLOW, role=EACLRole.OTHERS) for op in EACLOperation],
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
)
|
||||
check_full_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid.pop(),
|
||||
file_path,
|
||||
|
@ -253,7 +253,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
for op in self.OBJECT_ATTRIBUTES_FILTER_SUPPORTED_OPERATIONS
|
||||
]
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(cid, eacl_deny, shell=self.shell),
|
||||
shell=self.shell,
|
||||
|
@ -270,7 +270,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
for xhdr in (self.ATTRIBUTE, self.OTHER_ATTRIBUTE, None):
|
||||
with reporter.step("Check other have full access to objects without attributes"):
|
||||
check_full_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
objs_without_header.pop(),
|
||||
file_path,
|
||||
|
@ -281,7 +281,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check other have full access to objects without deny attribute"):
|
||||
check_full_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
allow_objects.pop(),
|
||||
file_path,
|
||||
|
@ -293,7 +293,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
with reporter.step("Check other have no access to objects with deny attribute"):
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_head_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
deny_objects[0],
|
||||
shell=self.shell,
|
||||
|
@ -302,7 +302,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
deny_objects[0],
|
||||
file_path,
|
||||
|
@ -313,7 +313,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check other have access to objects with deny attribute and using bearer token"):
|
||||
bearer_other = form_bearertoken_file(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
[
|
||||
EACLRule(
|
||||
|
@ -327,7 +327,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
)
|
||||
check_full_access_to_container(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
deny_objects.pop(),
|
||||
file_path,
|
||||
|
@ -340,20 +340,20 @@ class TestEACLFilters(ClusterTestBase):
|
|||
allow_attribute = self.OTHER_ATTRIBUTE if match_type == EACLMatchType.STRING_EQUAL else self.ATTRIBUTE
|
||||
with reporter.step("Check other can PUT objects without denied attribute"):
|
||||
assert can_put_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
cluster=self.cluster,
|
||||
attributes=allow_attribute,
|
||||
)
|
||||
assert can_put_object(other_wallet.wallet_path, cid, file_path, shell=self.shell, cluster=self.cluster)
|
||||
assert can_put_object(other_wallet, cid, file_path, shell=self.shell, cluster=self.cluster)
|
||||
|
||||
deny_attribute = self.ATTRIBUTE if match_type == EACLMatchType.STRING_EQUAL else self.OTHER_ATTRIBUTE
|
||||
with reporter.step("Check other can not PUT objects with denied attribute"):
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_put_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
|
@ -363,7 +363,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check other can PUT objects with denied attribute and using bearer token"):
|
||||
bearer_other_for_put = form_bearertoken_file(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
[
|
||||
EACLRule(
|
||||
|
@ -376,7 +376,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
)
|
||||
assert can_put_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
|
@ -419,7 +419,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
for op in self.OBJECT_ATTRIBUTES_FILTER_SUPPORTED_OPERATIONS
|
||||
]
|
||||
set_eacl(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(cid, eacl, shell=self.shell),
|
||||
shell=self.shell,
|
||||
|
@ -442,7 +442,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
oid = objects_without_header.pop()
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_head_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid,
|
||||
shell=self.shell,
|
||||
|
@ -450,7 +450,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid,
|
||||
file_path,
|
||||
|
@ -458,11 +458,11 @@ class TestEACLFilters(ClusterTestBase):
|
|||
cluster=self.cluster,
|
||||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_put_object(other_wallet.wallet_path, cid, file_path, shell=self.shell, cluster=self.cluster)
|
||||
assert can_put_object(other_wallet, cid, file_path, shell=self.shell, cluster=self.cluster)
|
||||
|
||||
with reporter.step("Check other can get and put objects without attributes and using bearer token"):
|
||||
bearer_other = form_bearertoken_file(
|
||||
user_wallet.wallet_path,
|
||||
user_wallet,
|
||||
cid,
|
||||
[
|
||||
EACLRule(
|
||||
|
@ -476,7 +476,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
)
|
||||
assert can_get_head_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
objects_without_header[0],
|
||||
shell=self.shell,
|
||||
|
@ -484,7 +484,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
bearer=bearer_other,
|
||||
)
|
||||
assert can_get_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
objects_without_header[0],
|
||||
file_path,
|
||||
|
@ -493,7 +493,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
bearer=bearer_other,
|
||||
)
|
||||
assert can_put_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
|
@ -504,14 +504,14 @@ class TestEACLFilters(ClusterTestBase):
|
|||
with reporter.step("Check other can get objects with attributes matching the filter"):
|
||||
oid = allow_objects.pop()
|
||||
assert can_get_head_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid,
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
)
|
||||
assert can_get_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid,
|
||||
file_path,
|
||||
|
@ -519,7 +519,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
cluster=self.cluster,
|
||||
)
|
||||
assert can_put_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
|
@ -530,7 +530,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
with reporter.step("Check other cannot get objects without attributes matching the filter"):
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_head_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
deny_objects[0],
|
||||
shell=self.shell,
|
||||
|
@ -538,7 +538,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_get_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
deny_objects[0],
|
||||
file_path,
|
||||
|
@ -547,7 +547,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
)
|
||||
with pytest.raises(AssertionError):
|
||||
assert can_put_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
file_path,
|
||||
attributes=deny_attribute,
|
||||
|
@ -560,7 +560,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
):
|
||||
oid = deny_objects.pop()
|
||||
assert can_get_head_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid,
|
||||
shell=self.shell,
|
||||
|
@ -568,7 +568,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
bearer=bearer_other,
|
||||
)
|
||||
assert can_get_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
oid,
|
||||
file_path,
|
||||
|
@ -577,7 +577,7 @@ class TestEACLFilters(ClusterTestBase):
|
|||
bearer=bearer_other,
|
||||
)
|
||||
assert can_put_object(
|
||||
other_wallet.wallet_path,
|
||||
other_wallet,
|
||||
cid,
|
||||
file_path,
|
||||
shell=self.shell,
|
||||
|
|
|
@ -11,7 +11,7 @@ import pytest
|
|||
import yaml
|
||||
from dateutil import parser
|
||||
from frostfs_testlib import plugins, reporter
|
||||
from frostfs_testlib.credentials.interfaces import CredentialsProvider
|
||||
from frostfs_testlib.credentials.interfaces import CredentialsProvider, User
|
||||
from frostfs_testlib.healthcheck.interfaces import Healthcheck
|
||||
from frostfs_testlib.hosting import Hosting
|
||||
from frostfs_testlib.reporter import AllureHandler, StepsLogger
|
||||
|
@ -19,7 +19,6 @@ from frostfs_testlib.resources.common import (
|
|||
ASSETS_DIR,
|
||||
COMPLEX_OBJECT_CHUNKS_COUNT,
|
||||
COMPLEX_OBJECT_TAIL_SIZE,
|
||||
DEFAULT_WALLET_PASS,
|
||||
SIMPLE_OBJECT_SIZE,
|
||||
)
|
||||
from frostfs_testlib.s3 import AwsCliClient, Boto3ClientWrapper, S3ClientWrapper, VersioningStatus
|
||||
|
@ -31,7 +30,7 @@ from frostfs_testlib.storage.cluster import Cluster, ClusterNode
|
|||
from frostfs_testlib.storage.controllers.cluster_state_controller import ClusterStateController
|
||||
from frostfs_testlib.storage.dataclasses.frostfs_services import StorageNode
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletFactory, WalletInfo
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.testing.parallel import parallel
|
||||
from frostfs_testlib.testing.test_control import wait_for_success
|
||||
|
@ -174,9 +173,9 @@ def require_multiple_interfaces(cluster: Cluster):
|
|||
@pytest.fixture(scope="session")
|
||||
def max_object_size(cluster: Cluster, client_shell: Shell) -> int:
|
||||
storage_node = cluster.storage_nodes[0]
|
||||
wallet = WalletInfo.from_node(storage_node)
|
||||
net_info = get_netmap_netinfo(
|
||||
wallet=storage_node.get_wallet_path(),
|
||||
wallet_config=storage_node.get_wallet_config_path(),
|
||||
wallet=wallet,
|
||||
endpoint=storage_node.get_rpc_endpoint(),
|
||||
shell=client_shell,
|
||||
)
|
||||
|
@ -210,11 +209,6 @@ def object_size(
|
|||
return complex_object_size
|
||||
|
||||
|
||||
@pytest.fixture(scope="session")
|
||||
def wallet_factory(temp_directory: str, client_shell: Shell, cluster: Cluster) -> WalletFactory:
|
||||
return WalletFactory(temp_directory, client_shell, cluster)
|
||||
|
||||
|
||||
@pytest.fixture(scope="session")
|
||||
def cluster(temp_directory: str, hosting: Hosting, client_shell: Shell) -> Cluster:
|
||||
cluster = Cluster(hosting)
|
||||
|
@ -253,6 +247,11 @@ def cluster_state_controller(client_shell: Shell, cluster: Cluster, healthcheck:
|
|||
yield controller
|
||||
|
||||
|
||||
@pytest.fixture(scope="session")
|
||||
def credentials_provider(cluster: Cluster) -> CredentialsProvider:
|
||||
return CredentialsProvider(cluster)
|
||||
|
||||
|
||||
@reporter.step("[Class]: Create S3 client")
|
||||
@pytest.fixture(
|
||||
scope="class",
|
||||
|
@ -262,25 +261,19 @@ def cluster_state_controller(client_shell: Shell, cluster: Cluster, healthcheck:
|
|||
],
|
||||
)
|
||||
def s3_client(
|
||||
default_wallet: str,
|
||||
client_shell: Shell,
|
||||
default_user: User,
|
||||
s3_policy: Optional[str],
|
||||
cluster: Cluster,
|
||||
request: pytest.FixtureRequest,
|
||||
credentials_provider: CredentialsProvider,
|
||||
) -> S3ClientWrapper:
|
||||
wallet = WalletInfo(path=default_wallet, password=DEFAULT_WALLET_PASS)
|
||||
node = cluster.cluster_nodes[0]
|
||||
|
||||
credentials_provider = CredentialsProvider(node.host.config.s3_creds_plugin_name)
|
||||
credentials_provider.stash["cluster"] = cluster
|
||||
credentials_provider.stash["wallet"] = wallet
|
||||
credentials_provider.stash["shell"] = client_shell
|
||||
credentials_provider.stash["location_constraints"] = s3_policy
|
||||
|
||||
access_key_id, secret_access_key = credentials_provider.S3.provide(node)
|
||||
credentials_provider.S3.provide(default_user, node, s3_policy)
|
||||
|
||||
s3_client_cls = request.param
|
||||
client = s3_client_cls(access_key_id, secret_access_key, cluster.default_s3_gate_endpoint)
|
||||
client = s3_client_cls(
|
||||
default_user.s3_credentials.access_key, default_user.s3_credentials.secret_key, cluster.default_s3_gate_endpoint
|
||||
)
|
||||
return client
|
||||
|
||||
|
||||
|
@ -405,12 +398,22 @@ def run_health_check(healthcheck: Healthcheck, cluster: Cluster, request: pytest
|
|||
parallel(healthcheck.storage_healthcheck, cluster.cluster_nodes)
|
||||
|
||||
|
||||
@reporter.step("Prepare wallet and deposit")
|
||||
@reporter.step("Prepare default user with wallet")
|
||||
@pytest.fixture(scope="session")
|
||||
def default_wallet(wallet_factory: WalletFactory) -> str:
|
||||
wallet = wallet_factory.create_wallet(password=DEFAULT_WALLET_PASS)
|
||||
reporter.attach(wallet.path, os.path.basename(wallet.path))
|
||||
return wallet.path
|
||||
def default_user(credentials_provider: CredentialsProvider, cluster: Cluster) -> User:
|
||||
# always unique username
|
||||
user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
|
||||
node = cluster.cluster_nodes[0]
|
||||
|
||||
credentials_provider.GRPC.provide(user, node)
|
||||
|
||||
return user
|
||||
|
||||
|
||||
@reporter.step("Get wallet for default user")
|
||||
@pytest.fixture(scope="session")
|
||||
def default_wallet(default_user: User) -> WalletInfo:
|
||||
return default_user.wallet
|
||||
|
||||
|
||||
@pytest.fixture()
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
import json
|
||||
|
||||
import allure
|
||||
import pytest
|
||||
from frostfs_testlib import reporter
|
||||
|
@ -12,6 +10,7 @@ from frostfs_testlib.steps.cli.container import (
|
|||
wait_for_container_creation,
|
||||
wait_for_container_deletion,
|
||||
)
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
|
||||
from pytest_tests.helpers.utility import placement_policy_from_container
|
||||
|
@ -22,13 +21,11 @@ from pytest_tests.helpers.utility import placement_policy_from_container
|
|||
class TestContainer(ClusterTestBase):
|
||||
@pytest.mark.parametrize("name", ["", "test-container"], ids=["No name", "Set particular name"])
|
||||
@pytest.mark.smoke
|
||||
def test_container_creation(self, default_wallet: str, name: str):
|
||||
def test_container_creation(self, default_wallet: WalletInfo, name: str):
|
||||
scenario_title = "with name" if name else "without name"
|
||||
allure.dynamic.title(f"Create container {scenario_title}")
|
||||
|
||||
wallet = default_wallet
|
||||
with open(wallet) as file:
|
||||
json_wallet = json.load(file)
|
||||
|
||||
placement_rule = "REP 2 IN X CBF 1 SELECT 2 FROM * AS X"
|
||||
cid = create_container(
|
||||
|
@ -53,7 +50,7 @@ class TestContainer(ClusterTestBase):
|
|||
|
||||
info_to_check = {
|
||||
f"basic ACL: {PRIVATE_ACL_F} (private)",
|
||||
f"owner ID: {json_wallet.get('accounts')[0].get('address')}",
|
||||
f"owner ID: {wallet.get_address_from_json(0)}",
|
||||
f"CID: {cid}",
|
||||
}
|
||||
if name:
|
||||
|
@ -82,7 +79,7 @@ class TestContainer(ClusterTestBase):
|
|||
wait_for_container_deletion(wallet, cid, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
|
||||
|
||||
@allure.title("Parallel container creation and deletion")
|
||||
def test_container_creation_deletion_parallel(self, default_wallet: str):
|
||||
def test_container_creation_deletion_parallel(self, default_wallet: WalletInfo):
|
||||
containers_count = 3
|
||||
wallet = default_wallet
|
||||
placement_rule = "REP 2 IN X CBF 1 SELECT 2 FROM * AS X"
|
||||
|
|
|
@ -21,6 +21,7 @@ from frostfs_testlib.storage.cluster import ClusterNode
|
|||
from frostfs_testlib.storage.controllers import ClusterStateController
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.storage_object_info import Interfaces, StorageObjectInfo
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.testing.parallel import parallel
|
||||
from frostfs_testlib.utils.failover_utils import wait_object_replication
|
||||
|
@ -74,7 +75,7 @@ class TestFailoverNetwork(ClusterTestBase):
|
|||
def storage_objects(
|
||||
self,
|
||||
simple_object_size: ObjectSize,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
) -> list[StorageObjectInfo]:
|
||||
|
||||
file_path = generate_file(simple_object_size.value)
|
||||
|
@ -105,7 +106,7 @@ class TestFailoverNetwork(ClusterTestBase):
|
|||
|
||||
storage_object = StorageObjectInfo(cid=cid, oid=oid)
|
||||
storage_object.size = simple_object_size.value
|
||||
storage_object.wallet_file_path = default_wallet
|
||||
storage_object.wallet = default_wallet
|
||||
storage_object.file_path = file_path
|
||||
storage_object.file_hash = file_hash
|
||||
storage_object.attributes = attribute
|
||||
|
@ -119,7 +120,7 @@ class TestFailoverNetwork(ClusterTestBase):
|
|||
@allure.title("Block Storage node traffic")
|
||||
def test_block_storage_node_traffic(
|
||||
self,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
require_multiple_hosts,
|
||||
simple_object_size: ObjectSize,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
|
@ -201,7 +202,7 @@ class TestFailoverNetwork(ClusterTestBase):
|
|||
def test_block_data_interface(
|
||||
self,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
restore_down_interfaces: None,
|
||||
delete_file_after_test: None,
|
||||
storage_objects: list[StorageObjectInfo],
|
||||
|
@ -258,7 +259,7 @@ class TestFailoverNetwork(ClusterTestBase):
|
|||
def test_block_internal_interface(
|
||||
self,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
restore_down_interfaces: None,
|
||||
delete_file_after_test: None,
|
||||
storage_objects: list[StorageObjectInfo],
|
||||
|
@ -342,7 +343,7 @@ class TestFailoverNetwork(ClusterTestBase):
|
|||
self,
|
||||
require_multiple_interfaces,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
simple_object_size: ObjectSize,
|
||||
delete_file_after_test: None,
|
||||
restore_down_interfaces: None,
|
||||
|
@ -398,7 +399,7 @@ class TestFailoverNetwork(ClusterTestBase):
|
|||
self,
|
||||
require_multiple_interfaces,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
simple_object_size: ObjectSize,
|
||||
delete_file_after_test: None,
|
||||
restore_down_interfaces: None,
|
||||
|
|
|
@ -41,7 +41,7 @@ class TestFailoverServer(ClusterTestBase):
|
|||
def containers(
|
||||
self,
|
||||
request: FixtureRequest,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
) -> list[StorageContainer]:
|
||||
|
||||
placement_rule = "REP 2 CBF 2 SELECT 2 FROM *"
|
||||
|
@ -66,7 +66,7 @@ class TestFailoverServer(ClusterTestBase):
|
|||
|
||||
@reporter.step("Creation container")
|
||||
@pytest.fixture()
|
||||
def container(self, default_wallet: str) -> StorageContainer:
|
||||
def container(self, default_wallet: WalletInfo) -> StorageContainer:
|
||||
select = len(self.cluster.cluster_nodes)
|
||||
placement_rule = f"REP {select - 1} CBF 1 SELECT {select} FROM *"
|
||||
cont_id = create_container(
|
||||
|
@ -120,7 +120,7 @@ class TestFailoverServer(ClusterTestBase):
|
|||
for storage_object in storage_objects:
|
||||
try:
|
||||
got_file_path = get_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
endpoint=node.get_rpc_endpoint(),
|
||||
|
@ -152,7 +152,7 @@ class TestFailoverServer(ClusterTestBase):
|
|||
|
||||
@pytest.fixture()
|
||||
def object_and_nodes(
|
||||
self, simple_object_size: ObjectSize, container: StorageContainer, default_wallet: str
|
||||
self, simple_object_size: ObjectSize, container: StorageContainer
|
||||
) -> tuple[StorageObjectInfo, list[ClusterNode]]:
|
||||
object_info = container.generate_object(simple_object_size.value)
|
||||
object_nodes = get_object_nodes(
|
||||
|
@ -240,7 +240,7 @@ class TestFailoverServer(ClusterTestBase):
|
|||
self,
|
||||
container: list[StorageContainer],
|
||||
object_and_nodes: tuple[StorageObjectInfo, list[ClusterNode]],
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
simple_file: str,
|
||||
up_stop_nodes: None,
|
||||
|
@ -283,7 +283,7 @@ class TestFailoverServer(ClusterTestBase):
|
|||
@allure.title("Not enough nodes in the container with policy - 'REP 2 CBF 2 SELECT 4 FROM *'")
|
||||
def test_not_enough_nodes_in_container_rep_2(
|
||||
self,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
simple_file: str,
|
||||
up_stop_nodes: None,
|
||||
|
|
|
@ -127,7 +127,7 @@ class TestFailoverStorage(ClusterTestBase):
|
|||
def test_unhealthy_tree(
|
||||
self,
|
||||
s3_client: S3ClientWrapper,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
simple_object_size: ObjectSize,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
after_run_return_all_stopped_services,
|
||||
|
@ -536,7 +536,7 @@ class TestStorageDataLoss(ClusterTestBase):
|
|||
simple_object_size: ObjectSize,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
shards_watcher: ShardsWatcher,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
test_start_time: datetime,
|
||||
after_run_return_all_stopped_services: str,
|
||||
):
|
||||
|
@ -585,7 +585,7 @@ class TestStorageDataLoss(ClusterTestBase):
|
|||
with reporter.step("Objects should be available"):
|
||||
for storage_object in storage_objects:
|
||||
get_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
container.get_id(),
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
|
|
@ -40,6 +40,7 @@ from frostfs_testlib.storage.cluster import ClusterNode, StorageNode
|
|||
from frostfs_testlib.storage.controllers import ClusterStateController
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.storage_object_info import ModeNode
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.utils import datetime_utils, string_utils
|
||||
from frostfs_testlib.utils.failover_utils import wait_object_replication
|
||||
|
@ -58,7 +59,7 @@ class TestNodeManagement(ClusterTestBase):
|
|||
@pytest.fixture
|
||||
@allure.title("Create container and pick the node with data")
|
||||
def create_container_and_pick_node(
|
||||
self, default_wallet: str, simple_object_size: ObjectSize
|
||||
self, default_wallet: WalletInfo, simple_object_size: ObjectSize
|
||||
) -> Tuple[str, StorageNode]:
|
||||
file_path = generate_file(simple_object_size.value)
|
||||
placement_rule = "REP 1 IN X CBF 1 SELECT 1 FROM * AS X"
|
||||
|
@ -133,7 +134,7 @@ class TestNodeManagement(ClusterTestBase):
|
|||
@pytest.mark.add_nodes
|
||||
def test_add_nodes(
|
||||
self,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
simple_object_size: ObjectSize,
|
||||
return_nodes_after_test_run,
|
||||
):
|
||||
|
@ -356,7 +357,7 @@ class TestMaintenanceMode(ClusterTestBase):
|
|||
return cli
|
||||
|
||||
@pytest.fixture()
|
||||
def restore_online_mode_node(self, cluster_state_controller: ClusterStateController, default_wallet: str):
|
||||
def restore_online_mode_node(self, cluster_state_controller: ClusterStateController, default_wallet: WalletInfo):
|
||||
yield
|
||||
cluster_state_controller.set_mode_node(cluster_node=self.change_node, wallet=default_wallet, status="online")
|
||||
self.tick_epoch(wait_block=2)
|
||||
|
@ -383,7 +384,7 @@ class TestMaintenanceMode(ClusterTestBase):
|
|||
@allure.title("Test of basic node operations in maintenance mode")
|
||||
def test_maintenance_mode(
|
||||
self,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
simple_object_size: ObjectSize,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
restore_online_mode_node: None,
|
||||
|
@ -444,7 +445,7 @@ class TestMaintenanceMode(ClusterTestBase):
|
|||
self,
|
||||
cluster_state_controller: ClusterStateController,
|
||||
node_under_test: ClusterNode,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
frostfs_cli: FrostfsCli,
|
||||
restore_online_mode_node: None,
|
||||
):
|
||||
|
@ -595,7 +596,7 @@ class TestMaintenanceMode(ClusterTestBase):
|
|||
node_under_test: ClusterNode,
|
||||
frostfs_cli_remote: FrostfsCli,
|
||||
frostfs_cli: FrostfsCli,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
restore_online_mode_node: None,
|
||||
):
|
||||
self.change_node = node_under_test
|
||||
|
|
|
@ -28,6 +28,7 @@ from frostfs_testlib.steps.storage_policy import get_complex_object_copies, get_
|
|||
from frostfs_testlib.storage.cluster import Cluster
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.storage_object_info import StorageObjectInfo
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.utils.file_utils import generate_file, get_file_content, get_file_hash
|
||||
|
||||
|
@ -92,7 +93,7 @@ def generate_ranges(
|
|||
scope="module"
|
||||
)
|
||||
def storage_objects(
|
||||
default_wallet: str, client_shell: Shell, cluster: Cluster, object_size: ObjectSize
|
||||
default_wallet: WalletInfo, client_shell: Shell, cluster: Cluster, object_size: ObjectSize
|
||||
) -> list[StorageObjectInfo]:
|
||||
wallet = default_wallet
|
||||
# Separate containers for complex/simple objects to avoid side-effects
|
||||
|
@ -117,7 +118,7 @@ def storage_objects(
|
|||
|
||||
storage_object = StorageObjectInfo(cid, storage_object_id)
|
||||
storage_object.size = object_size.value
|
||||
storage_object.wallet_file_path = wallet
|
||||
storage_object.wallet = wallet
|
||||
storage_object.file_path = file_path
|
||||
storage_object.file_hash = file_hash
|
||||
storage_object.attributes = attributes
|
||||
|
@ -147,7 +148,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
for storage_object in storage_objects:
|
||||
if storage_object.size == simple_object_size.value:
|
||||
copies = get_simple_object_copies(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
shell=self.shell,
|
||||
|
@ -155,7 +156,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
)
|
||||
else:
|
||||
copies = get_complex_object_copies(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
shell=self.shell,
|
||||
|
@ -172,7 +173,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
with reporter.step("Get objects and compare hashes"):
|
||||
for storage_object in storage_objects:
|
||||
file_path = get_object_from_random_node(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -192,14 +193,14 @@ class TestObjectApi(ClusterTestBase):
|
|||
|
||||
with reporter.step("Head object and validate"):
|
||||
head_object(
|
||||
storage_object_1.wallet_file_path,
|
||||
storage_object_1.wallet,
|
||||
storage_object_1.cid,
|
||||
storage_object_1.oid,
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
)
|
||||
head_info = head_object(
|
||||
storage_object_2.wallet_file_path,
|
||||
storage_object_2.wallet,
|
||||
storage_object_2.cid,
|
||||
storage_object_2.oid,
|
||||
shell=self.shell,
|
||||
|
@ -214,7 +215,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
"""
|
||||
|
||||
oids = [storage_object.oid for storage_object in storage_objects]
|
||||
wallet = storage_objects[0].wallet_file_path
|
||||
wallet = storage_objects[0].wallet
|
||||
cid = storage_objects[0].cid
|
||||
|
||||
test_table = [
|
||||
|
@ -249,7 +250,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
assert sorted(expected_oids) == sorted(result)
|
||||
|
||||
@allure.title("Search objects with removed items (obj_size={object_size})")
|
||||
def test_object_search_should_return_tombstone_items(self, default_wallet: str, object_size: ObjectSize):
|
||||
def test_object_search_should_return_tombstone_items(self, default_wallet: WalletInfo, object_size: ObjectSize):
|
||||
"""
|
||||
Validate object search with removed items
|
||||
"""
|
||||
|
@ -265,7 +266,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
cid=cid,
|
||||
oid=put_object_to_random_node(wallet, file_path, cid, self.shell, self.cluster),
|
||||
size=object_size.value,
|
||||
wallet_file_path=wallet,
|
||||
wallet=wallet,
|
||||
file_path=file_path,
|
||||
file_hash=file_hash,
|
||||
)
|
||||
|
@ -308,7 +309,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
Validate get_range_hash for object by native gRPC API
|
||||
"""
|
||||
|
||||
wallet = storage_objects[0].wallet_file_path
|
||||
wallet = storage_objects[0].wallet
|
||||
cid = storage_objects[0].cid
|
||||
oids = [storage_object.oid for storage_object in storage_objects[:2]]
|
||||
file_path = storage_objects[0].file_path
|
||||
|
@ -339,7 +340,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
Validate get_range for object by native gRPC API
|
||||
"""
|
||||
|
||||
wallet = storage_objects[0].wallet_file_path
|
||||
wallet = storage_objects[0].wallet
|
||||
cid = storage_objects[0].cid
|
||||
oids = [storage_object.oid for storage_object in storage_objects[:2]]
|
||||
file_path = storage_objects[0].file_path
|
||||
|
@ -374,7 +375,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
Validate get_range negative for object by native gRPC API
|
||||
"""
|
||||
|
||||
wallet = storage_objects[0].wallet_file_path
|
||||
wallet = storage_objects[0].wallet
|
||||
cid = storage_objects[0].cid
|
||||
oids = [storage_object.oid for storage_object in storage_objects[:2]]
|
||||
file_size = storage_objects[0].size
|
||||
|
@ -421,7 +422,7 @@ class TestObjectApi(ClusterTestBase):
|
|||
Validate get_range_hash negative for object by native gRPC API
|
||||
"""
|
||||
|
||||
wallet = storage_objects[0].wallet_file_path
|
||||
wallet = storage_objects[0].wallet
|
||||
cid = storage_objects[0].cid
|
||||
oids = [storage_object.oid for storage_object in storage_objects[:2]]
|
||||
file_size = storage_objects[0].size
|
||||
|
|
|
@ -25,7 +25,7 @@ from pytest import FixtureRequest
|
|||
|
||||
@pytest.fixture(scope="module")
|
||||
@allure.title("Create bearer token for OTHERS with all operations allowed for all containers")
|
||||
def bearer_token_file_all_allow(default_wallet: str, client_shell: Shell, cluster: Cluster) -> str:
|
||||
def bearer_token_file_all_allow(default_wallet: WalletInfo, client_shell: Shell, cluster: Cluster) -> str:
|
||||
bearer = form_bearertoken_file(
|
||||
default_wallet,
|
||||
"",
|
||||
|
@ -40,7 +40,7 @@ def bearer_token_file_all_allow(default_wallet: str, client_shell: Shell, cluste
|
|||
@pytest.fixture(scope="module")
|
||||
@allure.title("Create user container for bearer token usage")
|
||||
def user_container(
|
||||
default_wallet: str, client_shell: Shell, cluster: Cluster, request: FixtureRequest
|
||||
default_wallet: WalletInfo, client_shell: Shell, cluster: Cluster, request: FixtureRequest
|
||||
) -> StorageContainer:
|
||||
container_id = create_container(
|
||||
default_wallet,
|
||||
|
@ -94,18 +94,17 @@ class TestObjectApiWithBearerToken(ClusterTestBase):
|
|||
storage_objects: list[StorageObjectInfo],
|
||||
bearer_token_file_all_allow: str,
|
||||
):
|
||||
s3_gate_wallet = self.cluster.s3_gates[0]
|
||||
s3_gate_wallet = WalletInfo.from_node(self.cluster.s3_gates[0])
|
||||
with reporter.step("Try to delete each object from first storage node"):
|
||||
for storage_object in storage_objects:
|
||||
with expect_not_raises():
|
||||
delete_object(
|
||||
s3_gate_wallet.get_wallet_path(),
|
||||
s3_gate_wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
bearer=bearer_token_file_all_allow,
|
||||
wallet_config=s3_gate_wallet.get_wallet_config_path(),
|
||||
)
|
||||
|
||||
@allure.title("Object can be fetched from any node using s3gate wallet with bearer token (obj_size={object_size})")
|
||||
|
@ -120,7 +119,7 @@ class TestObjectApiWithBearerToken(ClusterTestBase):
|
|||
object_size: ObjectSize,
|
||||
bearer_token_file_all_allow: str,
|
||||
):
|
||||
s3_gate_wallet = self.cluster.s3_gates[0]
|
||||
s3_gate_wallet = WalletInfo.from_node(self.cluster.s3_gates[0])
|
||||
with reporter.step("Put one object to container"):
|
||||
epoch = self.get_epoch()
|
||||
storage_object = user_container.generate_object(
|
||||
|
@ -131,11 +130,10 @@ class TestObjectApiWithBearerToken(ClusterTestBase):
|
|||
for node in self.cluster.storage_nodes:
|
||||
with expect_not_raises():
|
||||
get_object(
|
||||
s3_gate_wallet.get_wallet_path(),
|
||||
s3_gate_wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
endpoint=node.get_rpc_endpoint(),
|
||||
bearer=bearer_token_file_all_allow,
|
||||
wallet_config=s3_gate_wallet.get_wallet_config_path(),
|
||||
)
|
||||
|
|
|
@ -8,6 +8,7 @@ from frostfs_testlib.steps.cli.container import create_container
|
|||
from frostfs_testlib.steps.cli.object import get_object_from_random_node, head_object, put_object_to_random_node
|
||||
from frostfs_testlib.steps.epoch import get_epoch
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.utils.file_utils import generate_file, get_file_hash
|
||||
|
||||
|
@ -20,7 +21,7 @@ logger = logging.getLogger("NeoLogger")
|
|||
@pytest.mark.grpc_api
|
||||
class TestObjectApiLifetime(ClusterTestBase):
|
||||
@allure.title("Object is removed when lifetime expired (obj_size={object_size})")
|
||||
def test_object_api_lifetime(self, default_wallet: str, object_size: ObjectSize):
|
||||
def test_object_api_lifetime(self, default_wallet: WalletInfo, object_size: ObjectSize):
|
||||
"""
|
||||
Test object deleted after expiration epoch.
|
||||
"""
|
||||
|
|
|
@ -1,9 +1,11 @@
|
|||
import logging
|
||||
import re
|
||||
from datetime import datetime
|
||||
|
||||
import allure
|
||||
import pytest
|
||||
from frostfs_testlib import reporter
|
||||
from frostfs_testlib.credentials.interfaces import CredentialsProvider, User
|
||||
from frostfs_testlib.resources.common import STORAGE_GC_TIME
|
||||
from frostfs_testlib.resources.error_patterns import (
|
||||
LIFETIME_REQUIRED,
|
||||
|
@ -25,7 +27,7 @@ from frostfs_testlib.steps.storage_policy import get_nodes_with_object
|
|||
from frostfs_testlib.storage.cluster import Cluster
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.storage_object_info import LockObjectInfo, StorageObjectInfo
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletFactory, WalletInfo
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.testing.test_control import expect_not_raises, wait_for_success
|
||||
from frostfs_testlib.utils import datetime_utils
|
||||
|
@ -38,26 +40,20 @@ FIXTURE_LOCK_LIFETIME = 5
|
|||
FIXTURE_OBJECT_LIFETIME = 10
|
||||
|
||||
|
||||
@pytest.fixture(
|
||||
scope="module",
|
||||
)
|
||||
def user_wallet(wallet_factory: WalletFactory):
|
||||
@pytest.fixture(scope="module")
|
||||
def user_wallet(credentials_provider: CredentialsProvider, cluster: Cluster) -> WalletInfo:
|
||||
with reporter.step("Create user wallet with container"):
|
||||
wallet_file = wallet_factory.create_wallet()
|
||||
return wallet_file
|
||||
user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
|
||||
return credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0])
|
||||
|
||||
|
||||
@pytest.fixture(
|
||||
scope="module",
|
||||
)
|
||||
@pytest.fixture(scope="module")
|
||||
def user_container(user_wallet: WalletInfo, client_shell: Shell, cluster: Cluster):
|
||||
container_id = create_container(user_wallet.path, shell=client_shell, endpoint=cluster.default_rpc_endpoint)
|
||||
container_id = create_container(user_wallet, shell=client_shell, endpoint=cluster.default_rpc_endpoint)
|
||||
return StorageContainer(StorageContainerInfo(container_id, user_wallet), client_shell, cluster)
|
||||
|
||||
|
||||
@pytest.fixture(
|
||||
scope="module",
|
||||
)
|
||||
@pytest.fixture(scope="module")
|
||||
def locked_storage_object(
|
||||
user_container: StorageContainer,
|
||||
client_shell: Shell,
|
||||
|
@ -75,7 +71,7 @@ def locked_storage_object(
|
|||
object_size.value, expire_at=current_epoch + FIXTURE_OBJECT_LIFETIME
|
||||
)
|
||||
lock_object_id = lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
client_shell,
|
||||
|
@ -98,7 +94,7 @@ def locked_storage_object(
|
|||
tick_epoch(client_shell, cluster)
|
||||
try:
|
||||
delete_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
client_shell,
|
||||
|
@ -113,10 +109,10 @@ def locked_storage_object(
|
|||
|
||||
|
||||
@wait_for_success(datetime_utils.parse_time(STORAGE_GC_TIME))
|
||||
def check_object_not_found(wallet_file_path: str, cid: str, oid: str, shell: Shell, rpc_endpoint: str):
|
||||
def check_object_not_found(wallet: WalletInfo, cid: str, oid: str, shell: Shell, rpc_endpoint: str):
|
||||
with pytest.raises(Exception, match=OBJECT_NOT_FOUND):
|
||||
head_object(
|
||||
wallet_file_path,
|
||||
wallet,
|
||||
cid,
|
||||
oid,
|
||||
shell,
|
||||
|
@ -124,10 +120,10 @@ def check_object_not_found(wallet_file_path: str, cid: str, oid: str, shell: She
|
|||
)
|
||||
|
||||
|
||||
def verify_object_available(wallet_file_path: str, cid: str, oid: str, shell: Shell, rpc_endpoint: str):
|
||||
def verify_object_available(wallet: WalletInfo, cid: str, oid: str, shell: Shell, rpc_endpoint: str):
|
||||
with expect_not_raises():
|
||||
head_object(
|
||||
wallet_file_path,
|
||||
wallet,
|
||||
cid,
|
||||
oid,
|
||||
shell,
|
||||
|
@ -150,7 +146,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
object_size.value, expire_at=current_epoch + FIXTURE_OBJECT_LIFETIME
|
||||
)
|
||||
lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -170,7 +166,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
"""
|
||||
with pytest.raises(Exception, match=OBJECT_IS_LOCKED):
|
||||
delete_object(
|
||||
locked_storage_object.wallet_file_path,
|
||||
locked_storage_object.wallet,
|
||||
locked_storage_object.cid,
|
||||
locked_storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -189,7 +185,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
"""
|
||||
|
||||
lock_object = locked_storage_object.locks[0]
|
||||
wallet_path = locked_storage_object.wallet_file_path
|
||||
wallet_path = locked_storage_object.wallet
|
||||
|
||||
with pytest.raises(Exception, match=LOCK_OBJECT_REMOVAL):
|
||||
delete_object(
|
||||
|
@ -212,7 +208,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
"""
|
||||
|
||||
lock_object_info = locked_storage_object.locks[0]
|
||||
wallet_path = locked_storage_object.wallet_file_path
|
||||
wallet_path = locked_storage_object.wallet
|
||||
|
||||
with pytest.raises(Exception, match=LOCK_NON_REGULAR_OBJECT):
|
||||
lock_object(
|
||||
|
@ -252,7 +248,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
"""
|
||||
|
||||
lock_object_info = locked_storage_object.locks[0]
|
||||
wallet_path = locked_storage_object.wallet_file_path
|
||||
wallet_path = locked_storage_object.wallet
|
||||
|
||||
with pytest.raises(Exception, match=expected_error):
|
||||
lock_object(
|
||||
|
@ -281,7 +277,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
|
||||
with reporter.step("Lock object for couple epochs"):
|
||||
lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -289,7 +285,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
lifetime=2,
|
||||
)
|
||||
lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -303,7 +299,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
wait_for_gc_pass_on_storage_nodes()
|
||||
with expect_not_raises():
|
||||
head_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -313,7 +309,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
with reporter.step("Wait for object to be deleted after third epoch"):
|
||||
self.tick_epoch()
|
||||
check_object_not_found(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -338,7 +334,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
storage_objects.append(user_container.generate_object(object_size.value, expire_at=current_epoch + 5))
|
||||
|
||||
lock_object(
|
||||
storage_objects[0].wallet_file_path,
|
||||
storage_objects[0].wallet,
|
||||
storage_objects[0].cid,
|
||||
",".join([storage_object.oid for storage_object in storage_objects]),
|
||||
self.shell,
|
||||
|
@ -350,7 +346,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
with reporter.step(f"Try to delete object {storage_object.oid}"):
|
||||
with pytest.raises(Exception, match=OBJECT_IS_LOCKED):
|
||||
delete_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -384,7 +380,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
match=LOCK_OBJECT_EXPIRATION.format(expiration_epoch=expiration_epoch, current_epoch=current_epoch),
|
||||
):
|
||||
lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -408,7 +404,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
storage_object = user_container.generate_object(object_size.value, expire_at=current_epoch + 5)
|
||||
|
||||
lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -419,7 +415,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
self.tick_epochs(2)
|
||||
with expect_not_raises():
|
||||
delete_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -442,7 +438,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
storage_object = user_container.generate_object(object_size.value, expire_at=current_epoch + 5)
|
||||
|
||||
lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -454,7 +450,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
|
||||
with expect_not_raises():
|
||||
delete_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -481,7 +477,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
with reporter.step(f"Try to delete chunk object {chunk_object_id}"):
|
||||
with pytest.raises(Exception, match=OBJECT_IS_LOCKED):
|
||||
delete_object(
|
||||
locked_storage_object.wallet_file_path,
|
||||
locked_storage_object.wallet,
|
||||
locked_storage_object.cid,
|
||||
chunk_object_id,
|
||||
self.shell,
|
||||
|
@ -498,7 +494,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
)
|
||||
def test_link_object_of_locked_complex_object_can_be_dropped(self, new_locked_storage_object: StorageObjectInfo):
|
||||
link_object_id = get_link_object(
|
||||
new_locked_storage_object.wallet_file_path,
|
||||
new_locked_storage_object.wallet,
|
||||
new_locked_storage_object.cid,
|
||||
new_locked_storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -569,7 +565,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
"""
|
||||
|
||||
link_object_id = get_link_object(
|
||||
locked_storage_object.wallet_file_path,
|
||||
locked_storage_object.wallet,
|
||||
locked_storage_object.cid,
|
||||
locked_storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -579,7 +575,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
with reporter.step(f"Try to delete link object {link_object_id}"):
|
||||
with pytest.raises(Exception, match=OBJECT_IS_LOCKED):
|
||||
delete_object(
|
||||
locked_storage_object.wallet_file_path,
|
||||
locked_storage_object.wallet,
|
||||
locked_storage_object.cid,
|
||||
link_object_id,
|
||||
self.shell,
|
||||
|
@ -597,7 +593,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
|
||||
with reporter.step("Apply first lock to object for 3 epochs"):
|
||||
lock_object_id_0 = lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -609,7 +605,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
|
||||
with reporter.step("Check first lock is still available"):
|
||||
verify_object_available(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
lock_object_id_0,
|
||||
self.shell,
|
||||
|
@ -618,7 +614,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
|
||||
with reporter.step("Apply second lock to object for 3 more epochs"):
|
||||
lock_object_id_1 = lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -630,7 +626,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
|
||||
with reporter.step("Verify first lock is expired and removed"):
|
||||
check_object_not_found(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
lock_object_id_0,
|
||||
self.shell,
|
||||
|
@ -639,7 +635,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
|
||||
with reporter.step("Verify second lock is still available"):
|
||||
verify_object_available(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
lock_object_id_1,
|
||||
self.shell,
|
||||
|
@ -648,7 +644,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
|
||||
with reporter.step("Apply third lock to object for 3 more epochs"):
|
||||
lock_object(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -659,7 +655,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
with reporter.step("Verify object is deleted after all locks are expired"):
|
||||
self.tick_epochs(4)
|
||||
check_object_not_found(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -687,7 +683,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
|
||||
with reporter.step("Lock objects for 4 epochs"):
|
||||
lock_object(
|
||||
storage_objects[0].wallet_file_path,
|
||||
storage_objects[0].wallet,
|
||||
storage_objects[0].cid,
|
||||
",".join([storage_object.oid for storage_object in storage_objects]),
|
||||
self.shell,
|
||||
|
@ -701,7 +697,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
with reporter.step(f"Check objects at epoch {current_epoch + epoch_i + 2}"):
|
||||
for storage_object in storage_objects:
|
||||
verify_object_available(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -712,7 +708,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
|
|||
self.tick_epoch()
|
||||
for storage_object in storage_objects:
|
||||
check_object_not_found(
|
||||
storage_object.wallet_file_path,
|
||||
storage_object.wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
import logging
|
||||
import random
|
||||
from time import sleep
|
||||
|
||||
import allure
|
||||
import pytest
|
||||
|
@ -11,6 +10,7 @@ from frostfs_testlib.steps.cli.object import delete_object, head_object, put_obj
|
|||
from frostfs_testlib.storage.cluster import Cluster
|
||||
from frostfs_testlib.storage.controllers.cluster_state_controller import ClusterStateController
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.utils.failover_utils import wait_object_replication
|
||||
from frostfs_testlib.utils.file_utils import generate_file
|
||||
|
@ -33,7 +33,7 @@ class TestReplication(ClusterTestBase):
|
|||
@allure.title("Replication (obj_size={object_size})")
|
||||
def test_replication(
|
||||
self,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
client_shell: Shell,
|
||||
cluster: Cluster,
|
||||
object_size: ObjectSize,
|
||||
|
|
|
@ -70,7 +70,7 @@ class Test_http_bearer(ClusterTestBase):
|
|||
bearer_signed = f"{bearer}_signed"
|
||||
sign_bearer(
|
||||
shell=self.shell,
|
||||
wallet_path=self.wallet,
|
||||
wallet=self.wallet,
|
||||
eacl_rules_file_from=bearer,
|
||||
eacl_rules_file_to=bearer_signed,
|
||||
json=False,
|
||||
|
|
|
@ -70,7 +70,7 @@ class Test_http_headers(ClusterTestBase):
|
|||
)
|
||||
storage_object = StorageObjectInfo(cid, storage_object_id)
|
||||
storage_object.size = os.path.getsize(file_path)
|
||||
storage_object.wallet_file_path = wallet
|
||||
storage_object.wallet = wallet
|
||||
storage_object.file_path = file_path
|
||||
storage_object.attributes = attributes
|
||||
|
||||
|
|
|
@ -5,6 +5,7 @@ from frostfs_testlib.s3 import S3ClientWrapper, VersioningStatus
|
|||
from frostfs_testlib.steps.cli.container import list_objects, search_container_by_name
|
||||
from frostfs_testlib.steps.s3 import s3_helper
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.utils.file_utils import generate_file, get_file_hash, split_file
|
||||
|
||||
|
@ -54,7 +55,7 @@ class TestS3GateMultipart(ClusterTestBase):
|
|||
def test_s3_abort_multipart(
|
||||
self,
|
||||
s3_client: S3ClientWrapper,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
bucket: str,
|
||||
simple_object_size: ObjectSize,
|
||||
complex_object_size: ObjectSize,
|
||||
|
|
|
@ -8,6 +8,7 @@ from frostfs_testlib.steps.cli.container import search_container_by_name
|
|||
from frostfs_testlib.steps.s3 import s3_helper
|
||||
from frostfs_testlib.steps.storage_policy import get_simple_object_copies
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.testing.test_control import expect_not_raises
|
||||
from frostfs_testlib.utils.file_utils import generate_file
|
||||
|
@ -17,7 +18,9 @@ from frostfs_testlib.utils.file_utils import generate_file
|
|||
@pytest.mark.parametrize("s3_policy", ["pytest_tests/resources/files/policy.json"], indirect=True)
|
||||
class TestS3GatePolicy(ClusterTestBase):
|
||||
@allure.title("Bucket creation with retention policy applied (s3_client={s3_client})")
|
||||
def test_s3_bucket_location(self, default_wallet: str, s3_client: S3ClientWrapper, simple_object_size: ObjectSize):
|
||||
def test_s3_bucket_location(
|
||||
self, default_wallet: WalletInfo, s3_client: S3ClientWrapper, simple_object_size: ObjectSize
|
||||
):
|
||||
file_path_1 = generate_file(simple_object_size.value)
|
||||
file_name_1 = s3_helper.object_key_from_file_path(file_path_1)
|
||||
file_path_2 = generate_file(simple_object_size.value)
|
||||
|
|
|
@ -1,26 +1,28 @@
|
|||
from datetime import datetime
|
||||
|
||||
import pytest
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletFactory, WalletInfo
|
||||
from frostfs_testlib import reporter
|
||||
from frostfs_testlib.credentials.interfaces import CredentialsProvider, User
|
||||
from frostfs_testlib.storage.cluster import Cluster
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
|
||||
|
||||
@pytest.fixture(scope="module")
|
||||
def owner_wallet(wallet_factory: WalletFactory) -> WalletInfo:
|
||||
"""
|
||||
Returns wallet which owns containers and objects
|
||||
"""
|
||||
return wallet_factory.create_wallet()
|
||||
def owner_wallet(credentials_provider: CredentialsProvider, cluster: Cluster) -> WalletInfo:
|
||||
with reporter.step("Create user wallet which owns containers and objects"):
|
||||
user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
|
||||
return credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0])
|
||||
|
||||
|
||||
@pytest.fixture(scope="module")
|
||||
def user_wallet(wallet_factory: WalletFactory) -> WalletInfo:
|
||||
"""
|
||||
Returns wallet which will use objects from owner via static session
|
||||
"""
|
||||
return wallet_factory.create_wallet()
|
||||
def user_wallet(credentials_provider: CredentialsProvider, cluster: Cluster) -> WalletInfo:
|
||||
with reporter.step("Create user wallet which will use objects from owner via static session"):
|
||||
user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
|
||||
return credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0])
|
||||
|
||||
|
||||
@pytest.fixture(scope="module")
|
||||
def stranger_wallet(wallet_factory: WalletFactory) -> WalletInfo:
|
||||
"""
|
||||
Returns stranger wallet which should fail to obtain data
|
||||
"""
|
||||
return wallet_factory.create_wallet()
|
||||
def stranger_wallet(credentials_provider: CredentialsProvider, cluster: Cluster) -> WalletInfo:
|
||||
with reporter.step("Create stranger user wallet which should fail to obtain data"):
|
||||
user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
|
||||
return credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0])
|
||||
|
|
|
@ -3,12 +3,12 @@ import random
|
|||
import allure
|
||||
import pytest
|
||||
from frostfs_testlib import reporter
|
||||
from frostfs_testlib.resources.common import DEFAULT_WALLET_PASS
|
||||
from frostfs_testlib.resources.error_patterns import SESSION_NOT_FOUND
|
||||
from frostfs_testlib.steps.cli.container import create_container
|
||||
from frostfs_testlib.steps.cli.object import delete_object, put_object, put_object_to_random_node
|
||||
from frostfs_testlib.steps.session_token import create_session_token
|
||||
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.utils import wallet_utils
|
||||
from frostfs_testlib.utils.file_utils import generate_file
|
||||
|
@ -18,7 +18,7 @@ from frostfs_testlib.utils.file_utils import generate_file
|
|||
@pytest.mark.session_token
|
||||
class TestDynamicObjectSession(ClusterTestBase):
|
||||
@allure.title("Object Operations with Session Token (obj_size={object_size})")
|
||||
def test_object_session_token(self, default_wallet: str, object_size: ObjectSize):
|
||||
def test_object_session_token(self, default_wallet: WalletInfo, object_size: ObjectSize):
|
||||
"""
|
||||
Test how operations over objects are executed with a session token
|
||||
|
||||
|
@ -34,7 +34,6 @@ class TestDynamicObjectSession(ClusterTestBase):
|
|||
|
||||
with reporter.step("Init wallet"):
|
||||
wallet = default_wallet
|
||||
address = wallet_utils.get_last_address_from_wallet(wallet, "")
|
||||
|
||||
with reporter.step("Nodes Settlements"):
|
||||
session_token_node, container_node, non_container_node = random.sample(self.cluster.storage_nodes, 3)
|
||||
|
@ -42,9 +41,8 @@ class TestDynamicObjectSession(ClusterTestBase):
|
|||
with reporter.step("Create Session Token"):
|
||||
session_token = create_session_token(
|
||||
shell=self.shell,
|
||||
owner=address,
|
||||
wallet_path=wallet,
|
||||
wallet_password=DEFAULT_WALLET_PASS,
|
||||
owner=default_wallet.get_address(),
|
||||
wallet=default_wallet,
|
||||
rpc_endpoint=session_token_node.get_rpc_endpoint(),
|
||||
)
|
||||
|
||||
|
|
|
@ -50,8 +50,8 @@ RANGE_OFFSET_FOR_COMPLEX_OBJECT = 200
|
|||
|
||||
@pytest.fixture(scope="module")
|
||||
def storage_containers(owner_wallet: WalletInfo, client_shell: Shell, cluster: Cluster) -> list[str]:
|
||||
cid = create_container(owner_wallet.path, shell=client_shell, endpoint=cluster.default_rpc_endpoint)
|
||||
other_cid = create_container(owner_wallet.path, shell=client_shell, endpoint=cluster.default_rpc_endpoint)
|
||||
cid = create_container(owner_wallet, shell=client_shell, endpoint=cluster.default_rpc_endpoint)
|
||||
other_cid = create_container(owner_wallet, shell=client_shell, endpoint=cluster.default_rpc_endpoint)
|
||||
yield [cid, other_cid]
|
||||
|
||||
|
||||
|
@ -74,7 +74,7 @@ def storage_objects(
|
|||
# upload couple objects
|
||||
for _ in range(3):
|
||||
storage_object_id = put_object_to_random_node(
|
||||
wallet=owner_wallet.path,
|
||||
wallet=owner_wallet,
|
||||
path=file_path,
|
||||
cid=storage_containers[0],
|
||||
shell=client_shell,
|
||||
|
@ -83,7 +83,7 @@ def storage_objects(
|
|||
|
||||
storage_object = StorageObjectInfo(storage_containers[0], storage_object_id)
|
||||
storage_object.size = object_size.value
|
||||
storage_object.wallet_file_path = owner_wallet.path
|
||||
storage_object.wallet = owner_wallet
|
||||
storage_object.file_path = file_path
|
||||
storage_objects.append(storage_object)
|
||||
|
||||
|
@ -163,7 +163,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
for node in self.cluster.storage_nodes:
|
||||
for storage_object in storage_objects[0:2]:
|
||||
method_under_test(
|
||||
wallet=user_wallet.path,
|
||||
wallet=user_wallet,
|
||||
cid=storage_object.cid,
|
||||
oid=storage_object.oid,
|
||||
shell=self.shell,
|
||||
|
@ -196,7 +196,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
with reporter.step(f"Check range {range_to_test}"):
|
||||
with expect_not_raises():
|
||||
method_under_test(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
shell=self.shell,
|
||||
|
@ -219,7 +219,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
cid = storage_objects[0].cid
|
||||
expected_object_ids = [storage_object.oid for storage_object in storage_objects[0:2]]
|
||||
actual_object_ids = search_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
cid,
|
||||
self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
|
@ -240,7 +240,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
"""
|
||||
with pytest.raises(Exception, match=UNRELATED_OBJECT):
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
storage_objects[2].cid,
|
||||
storage_objects[2].oid,
|
||||
self.shell,
|
||||
|
@ -262,7 +262,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
|
||||
with pytest.raises(Exception, match=UNRELATED_KEY):
|
||||
head_object(
|
||||
stranger_wallet.path,
|
||||
stranger_wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -284,7 +284,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
|
||||
with pytest.raises(Exception, match=WRONG_VERB):
|
||||
get_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -307,7 +307,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
|
||||
with pytest.raises(Exception, match=UNRELATED_CONTAINER):
|
||||
get_object_from_random_node(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
storage_containers[1],
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -341,7 +341,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
signed_token_file = sign_session_token(self.shell, session_token_file, stranger_wallet)
|
||||
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -375,7 +375,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
signed_token_file = sign_session_token(self.shell, session_token_file, owner_wallet)
|
||||
with pytest.raises(Exception, match=OBJECT_NOT_FOUND):
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -407,7 +407,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
)
|
||||
with pytest.raises(Exception, match=INVALID_SIGNATURE):
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -448,7 +448,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
with reporter.step("Object should be available with session token after token creation"):
|
||||
with expect_not_raises():
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
object_id,
|
||||
self.shell,
|
||||
|
@ -460,7 +460,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
self.tick_epoch()
|
||||
with expect_not_raises():
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
object_id,
|
||||
self.shell,
|
||||
|
@ -472,7 +472,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
self.tick_epoch()
|
||||
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN):
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
object_id,
|
||||
self.shell,
|
||||
|
@ -514,7 +514,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
with reporter.step("Object should NOT be available with session token after token creation"):
|
||||
with pytest.raises(Exception, match=MALFORMED_REQUEST):
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
object_id,
|
||||
self.shell,
|
||||
|
@ -526,7 +526,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
self.tick_epoch()
|
||||
with expect_not_raises():
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
object_id,
|
||||
self.shell,
|
||||
|
@ -538,7 +538,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
self.tick_epoch()
|
||||
with expect_not_raises():
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
object_id,
|
||||
self.shell,
|
||||
|
@ -550,7 +550,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
self.tick_epoch()
|
||||
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN):
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
object_id,
|
||||
self.shell,
|
||||
|
@ -589,7 +589,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
|
||||
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN):
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
object_id,
|
||||
self.shell,
|
||||
|
@ -610,7 +610,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
storage_object = storage_objects[0]
|
||||
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||
delete_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
storage_object.cid,
|
||||
storage_object.oid,
|
||||
self.shell,
|
||||
|
@ -632,7 +632,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
storage_object = storage_objects[0]
|
||||
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||
put_object_to_random_node(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
storage_object.file_path,
|
||||
storage_object.cid,
|
||||
self.shell,
|
||||
|
@ -671,7 +671,7 @@ class TestObjectStaticSession(ClusterTestBase):
|
|||
|
||||
with pytest.raises(Exception, match=MALFORMED_REQUEST):
|
||||
head_object(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
container,
|
||||
object_id,
|
||||
self.shell,
|
||||
|
|
|
@ -43,7 +43,7 @@ class TestSessionTokenContainer(ClusterTestBase):
|
|||
"""
|
||||
with reporter.step("Create container with static session token"):
|
||||
cid = create_container(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
session_token=static_sessions[ContainerVerb.CREATE],
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
|
@ -51,14 +51,12 @@ class TestSessionTokenContainer(ClusterTestBase):
|
|||
)
|
||||
|
||||
container_info: dict[str, str] = get_container(
|
||||
owner_wallet.path, cid, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint
|
||||
owner_wallet, cid, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint
|
||||
)
|
||||
assert container_info["ownerID"] == owner_wallet.get_address()
|
||||
|
||||
assert cid not in list_containers(
|
||||
user_wallet.path, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint
|
||||
)
|
||||
assert cid in list_containers(owner_wallet.path, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
|
||||
assert cid not in list_containers(user_wallet, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
|
||||
assert cid in list_containers(owner_wallet, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
|
||||
|
||||
def test_static_session_token_container_create_with_other_verb(
|
||||
self,
|
||||
|
@ -72,7 +70,7 @@ class TestSessionTokenContainer(ClusterTestBase):
|
|||
for verb in [verb for verb in ContainerVerb if verb != ContainerVerb.CREATE]:
|
||||
with pytest.raises(Exception):
|
||||
create_container(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
session_token=static_sessions[verb],
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
|
@ -90,7 +88,7 @@ class TestSessionTokenContainer(ClusterTestBase):
|
|||
with reporter.step("Try create container with static session token without PUT rule"):
|
||||
with pytest.raises(Exception):
|
||||
create_container(
|
||||
stranger_wallet.path,
|
||||
stranger_wallet,
|
||||
session_token=static_sessions[ContainerVerb.CREATE],
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
|
@ -108,14 +106,14 @@ class TestSessionTokenContainer(ClusterTestBase):
|
|||
"""
|
||||
with reporter.step("Create container"):
|
||||
cid = create_container(
|
||||
owner_wallet.path,
|
||||
owner_wallet,
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
wait_for_creation=False,
|
||||
)
|
||||
with reporter.step("Delete container with static session token"):
|
||||
delete_container(
|
||||
wallet=user_wallet.path,
|
||||
wallet=user_wallet,
|
||||
cid=cid,
|
||||
session_token=static_sessions[ContainerVerb.DELETE],
|
||||
shell=self.shell,
|
||||
|
@ -123,9 +121,7 @@ class TestSessionTokenContainer(ClusterTestBase):
|
|||
await_mode=True,
|
||||
)
|
||||
|
||||
assert cid not in list_containers(
|
||||
owner_wallet.path, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint
|
||||
)
|
||||
assert cid not in list_containers(owner_wallet, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
|
||||
|
||||
@pytest.mark.sanity
|
||||
def test_static_session_token_container_set_eacl(
|
||||
|
@ -141,18 +137,18 @@ class TestSessionTokenContainer(ClusterTestBase):
|
|||
"""
|
||||
with reporter.step("Create container"):
|
||||
cid = create_container(
|
||||
owner_wallet.path,
|
||||
owner_wallet,
|
||||
basic_acl=PUBLIC_ACL,
|
||||
shell=self.shell,
|
||||
endpoint=self.cluster.default_rpc_endpoint,
|
||||
)
|
||||
file_path = generate_file(simple_object_size.value)
|
||||
assert can_put_object(stranger_wallet.path, cid, file_path, self.shell, self.cluster)
|
||||
assert can_put_object(stranger_wallet, cid, file_path, self.shell, self.cluster)
|
||||
|
||||
with reporter.step("Deny all operations for other via eACL"):
|
||||
eacl_deny = [EACLRule(access=EACLAccess.DENY, role=EACLRole.OTHERS, operation=op) for op in EACLOperation]
|
||||
set_eacl(
|
||||
user_wallet.path,
|
||||
user_wallet,
|
||||
cid,
|
||||
create_eacl(cid, eacl_deny, shell=self.shell),
|
||||
shell=self.shell,
|
||||
|
@ -161,4 +157,4 @@ class TestSessionTokenContainer(ClusterTestBase):
|
|||
)
|
||||
wait_for_cache_expired()
|
||||
|
||||
assert not can_put_object(stranger_wallet.path, cid, file_path, self.shell, self.cluster)
|
||||
assert not can_put_object(stranger_wallet, cid, file_path, self.shell, self.cluster)
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
import json
|
||||
import pathlib
|
||||
|
||||
import allure
|
||||
import pytest
|
||||
|
@ -14,6 +13,7 @@ from frostfs_testlib.storage.cluster import Cluster, ClusterNode, StorageNode
|
|||
from frostfs_testlib.storage.controllers import ClusterStateController, ShardsWatcher
|
||||
from frostfs_testlib.storage.controllers.state_managers.config_state_manager import ConfigStateManager
|
||||
from frostfs_testlib.storage.dataclasses.shard import Shard
|
||||
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
|
||||
from frostfs_testlib.testing import parallel
|
||||
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
|
||||
from frostfs_testlib.utils.file_utils import generate_file
|
||||
|
@ -50,7 +50,7 @@ class TestControlShard(ClusterTestBase):
|
|||
parallel(self.set_shard_rw_mode, self.cluster.cluster_nodes)
|
||||
|
||||
@pytest.fixture()
|
||||
def oid_cid_node(self, default_wallet: str) -> tuple[str, str, ClusterNode]:
|
||||
def oid_cid_node(self, default_wallet: WalletInfo) -> tuple[str, str, ClusterNode]:
|
||||
with reporter.step("Create container, and put object"):
|
||||
cid = create_container(
|
||||
wallet=default_wallet,
|
||||
|
@ -114,7 +114,7 @@ class TestControlShard(ClusterTestBase):
|
|||
@pytest.mark.failover
|
||||
def test_shard_errors(
|
||||
self,
|
||||
default_wallet: str,
|
||||
default_wallet: WalletInfo,
|
||||
oid_cid_node: tuple[str, str, ClusterNode],
|
||||
change_config_storage: None,
|
||||
revert_all_shards_mode: None,
|
||||
|
|
Loading…
Reference in a new issue