rgw: add X-Amz-Expires test cases

Test X-Amz-Expires under AWS4 auth.

Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com>
This commit is contained in:
Javier M. Mellid 2016-01-27 02:19:20 +00:00
parent a13f6441ae
commit 11bb947a0b

View file

@ -86,6 +86,17 @@ def check_grants(got, want):
eq(g.type, w.pop('type'))
eq(w, {})
def check_aws4_support():
if 'S3_USE_SIGV4' not in os.environ:
raise SkipTest
def tag(*tags):
def wrap(func):
for tag in tags:
setattr(func, tag, True)
return func
return wrap
@attr(resource='bucket')
@attr(method='get')
@attr(operation='list')
@ -2714,6 +2725,61 @@ def test_object_raw_authenticated_object_gone():
eq(res.reason, 'Not Found')
@tag('auth_aws4')
@attr(resource='object')
@attr(method='get')
@attr(operation='x-amz-expires check not expired')
@attr(assertion='succeeds')
def test_object_raw_get_x_amz_expires_not_expired():
check_aws4_support()
(bucket, key) = _setup_request('public-read', 'public-read')
res = _make_request('GET', bucket, key, authenticated=True, expires_in=100000)
eq(res.status, 200)
@tag('auth_aws4')
@attr(resource='object')
@attr(method='get')
@attr(operation='check x-amz-expires value out of range zero')
@attr(assertion='fails 403')
def test_object_raw_get_x_amz_expires_out_range_zero():
check_aws4_support()
(bucket, key) = _setup_request('public-read', 'public-read')
res = _make_request('GET', bucket, key, authenticated=True, expires_in=0)
eq(res.status, 403)
eq(res.reason, 'Forbidden')
@tag('auth_aws4')
@attr(resource='object')
@attr(method='get')
@attr(operation='check x-amz-expires value out of max range')
@attr(assertion='fails 403')
def test_object_raw_get_x_amz_expires_out_max_range():
check_aws4_support()
(bucket, key) = _setup_request('public-read', 'public-read')
res = _make_request('GET', bucket, key, authenticated=True, expires_in=604801)
eq(res.status, 403)
eq(res.reason, 'Forbidden')
@tag('auth_aws4')
@attr(resource='object')
@attr(method='get')
@attr(operation='check x-amz-expires value out of positive range')
@attr(assertion='succeeds')
def test_object_raw_get_x_amz_expires_out_positive_range():
check_aws4_support()
(bucket, key) = _setup_request('public-read', 'public-read')
res = _make_request('GET', bucket, key, authenticated=True, expires_in=-7)
eq(res.status, 403)
eq(res.reason, 'Forbidden')
@attr(resource='object')
@attr(method='put')
@attr(operation='unauthenticated, no object acls')