TrueCloudLab/s3-tests
7
0
Fork 1
mirror of https://github.com/ceph/s3-tests.git synced 2024-11-22 09:29:43 +00:00
Code Issues 1 Projects Releases Packages Wiki Activity

Merge pull request #19 from andrewgaul/query-string-authorization-expiration

Browse source 
Test query string authorization expiration
This commit is contained in:
Alfredo Deza 2014-12-04 09:43:25 -05:00
commit f07b5206a6
1 changed files with 17 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
s3tests/functional/test_s3.py
View file

@ -2077,14 +2077,14 @@ def _setup_bucket_request(bucket_acl=None):
return bucket return bucket
def _make_request(method, bucket, key, body=None, authenticated=False, response_headers=None): def _make_request(method, bucket, key, body=None, authenticated=False, response_headers=None, expires_in=100000):
""" """
issue a request for a specified method, on a specified <bucket,key>, issue a request for a specified method, on a specified <bucket,key>,
with a specified (optional) body (encrypted per the connection), and with a specified (optional) body (encrypted per the connection), and
return the response (status, reason) return the response (status, reason)
""" """
if authenticated: if authenticated:
url = key.generate_url(100000, method=method, response_headers=response_headers) url = key.generate_url(expires_in, method=method, response_headers=response_headers)
o = urlparse(url) o = urlparse(url)
path = o.path + '?' + o.query path = o.path + '?' + o.query
else: else:
@ -2102,14 +2102,14 @@ def _make_request(method, bucket, key, body=None, authenticated=False, response_
print res.status, res.reason print res.status, res.reason
return res return res
def _make_bucket_request(method, bucket, body=None, authenticated=False): def _make_bucket_request(method, bucket, body=None, authenticated=False, expires_in=100000):
""" """
issue a request for a specified method, on a specified <bucket,key>, issue a request for a specified method, on a specified <bucket,key>,
with a specified (optional) body (encrypted per the connection), and with a specified (optional) body (encrypted per the connection), and
return the response (status, reason) return the response (status, reason)
""" """
if authenticated: if authenticated:
url = bucket.generate_url(100000, method=method) url = bucket.generate_url(expires_in, method=method)
o = urlparse(url) o = urlparse(url)
path = o.path + '?' + o.query path = o.path + '?' + o.query
else: else:
@ -2380,6 +2380,19 @@ def test_object_raw_put_authenticated():
eq(res.reason, 'OK') eq(res.reason, 'OK')
@attr(resource='object')
@attr(method='put')
@attr(operation='authenticated, no object acls')
@attr(assertion='succeeds')
def test_object_raw_put_authenticated_expired():
bucket = get_new_bucket()
key = bucket.new_key('foo')
res = _make_request('PUT', bucket, key, body='foo', authenticated=True, expires_in=-1000)
eq(res.status, 403)
eq(res.reason, 'Forbidden')
def check_bad_bucket_name(name): def check_bad_bucket_name(name):
""" """
Attempt to create a bucket with a specified name, and confirm Attempt to create a bucket with a specified name, and confirm