Add testing for presigned POST

Adds testing for presigned POST urls generated with
generate_presigned_post().

- This does not work when using Keystone EC2 auth
- This does not work when using a tenanted bucket

Signed-off-by: Tobias Urdin <tobias.urdin@binero.se>
This commit is contained in:
Tobias Urdin 2024-02-04 14:28:28 +00:00
parent da91ad8bbf
commit bee9a99c98
2 changed files with 45 additions and 0 deletions

View file

@ -14,6 +14,7 @@ markers =
fails_on_dho fails_on_dho
fails_on_mod_proxy_fcgi fails_on_mod_proxy_fcgi
fails_on_rgw fails_on_rgw
fails_on_rgw_keystone
fails_on_s3 fails_on_s3
fails_with_subdomain fails_with_subdomain
lifecycle lifecycle

View file

@ -3491,6 +3491,50 @@ def test_object_raw_get_x_amz_expires_out_positive_range():
res = requests.get(url, verify=get_config_ssl_verify()).__dict__ res = requests.get(url, verify=get_config_ssl_verify()).__dict__
assert res['status_code'] == 403 assert res['status_code'] == 403
def _test_presigned_post(client, fields=None):
if client is None:
client = get_client()
bucket_name = get_new_bucket_name()
client.create_bucket(Bucket=bucket_name)
key = 'foo'
if fields:
# If fields is {'acl': private'} conditions should be [{'acl': 'private'}]
conditions = [fields]
else:
conditions = None
r = client.generate_presigned_post(Bucket=bucket_name, Key=key,
Fields=fields, Conditions=conditions)
files = {'file': (key, b'hello world')}
res = requests.post(r['url'], data=r['fields'], files=files, verify=get_config_ssl_verify())
assert res.status_code == 204
params = {'Bucket': bucket_name, 'Key': key}
url = client.generate_presigned_url(ClientMethod='get_object', Params=params, HttpMethod='GET')
res = requests.get(url, verify=get_config_ssl_verify())
assert res.status_code == 200
assert res.text == 'hello world'
# TODO(tobias-urdin): Keystone auth does not work with this, using a tenanted user
# does not work either even when using LocalEngine.
@pytest.mark.fails_on_rgw_keystone
def test_presigned_post():
_test_presigned_post(
client=get_client(),
)
# TODO(tobias-urdin): Keystone auth does not work with this, using a tenanted user
# does not work either even when using LocalEngine.
@pytest.mark.fails_on_rgw_keystone
def test_presigned_post_with_acl():
_test_presigned_post(
client=get_client(),
fields={'acl': 'private'},
)
def test_object_anon_put(): def test_object_anon_put():
bucket_name = get_new_bucket() bucket_name = get_new_bucket()