test-helper/acl-migrate/prepare-ffs.sh

#!/bin/bash -x

source ./env

> $CHECKFILE # clear file

# private container with object inside
CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-private | head -1 | awk '{print $2}')
OID=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID || exit 1
echo $CID >> $CHECKFILE
echo $OID >> $CHECKFILE

# public read container with object inside
CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-public-read | head -1 | awk '{print $2}')
OID=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID || exit 1
echo $CID >> $CHECKFILE
echo $OID >> $CHECKFILE

# public read write container with object inside
CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-public-read-write | head -1 | awk '{print $2}')
OID=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID || exit 1
echo $CID >> $CHECKFILE
echo $OID >> $CHECKFILE

# allow get / put specific objects in private container
CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-public-read-write | head -1 | awk '{print $2}')
OID_S_ATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --attributes "Foo=Bar" --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_S_ATTR || exit 1
OID_C_ATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $COMPLEXFILE --attributes "Foo=Bar" --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_C_ATTR || exit 1
OID_S_NOATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_S_NOATTR || exit 1
OID_C_NOATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $COMPLEXFILE --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_C_NOATTR || exit 1
frostfs-cli --config $FFSCONF acl extended create --cid $CID -r 'allow get obj:Foo=Bar others' -r 'allow put obj:Foo=Bar others' -r 'deny get others' -r 'deny put others' -o acl.json || exit 1
frostfs-cli --config $FFSCONF container set-eacl --cid $CID --table acl.json --await || exit 1
echo $CID >> $CHECKFILE
echo $OID_S_ATTR >> $CHECKFILE
echo $OID_C_ATTR >> $CHECKFILE
echo $OID_S_NOATTR >> $CHECKFILE
echo $OID_C_NOATTR >> $CHECKFILE
rm acl.json

# deny get / put specific objects in private container
CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-public-read-write | head -1 | awk '{print $2}')
OID_S_ATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --attributes "Foo=Bar" --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_S_ATTR || exit 1
OID_C_ATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $COMPLEXFILE --attributes "Foo=Bar" --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_C_ATTR || exit 1
OID_S_NOATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_S_NOATTR || exit 1
OID_C_NOATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $COMPLEXFILE --no-progress | tail -2 | head -1 | awk '{print $2}')
frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_C_NOATTR || exit 1
frostfs-cli --config $FFSCONF acl extended create --cid $CID -r 'deny get obj:Foo=Bar others' -r 'deny put obj:Foo=Bar others' -r 'allow get others' -r 'allow put others' -o acl.json || exit 1
frostfs-cli --config $FFSCONF container set-eacl --cid $CID --table acl.json --await || exit 1
echo $CID >> $CHECKFILE
echo $OID_S_ATTR >> $CHECKFILE
echo $OID_C_ATTR >> $CHECKFILE
echo $OID_S_NOATTR >> $CHECKFILE
echo $OID_C_NOATTR >> $CHECKFILE
rm acl.json 

exit 0
Initial commit 2024-07-16 17:47:56 +00:00			`#!/bin/bash -x`

			`source ./env`

			`> $CHECKFILE # clear file`

			`# private container with object inside`
			`CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-private \| head -1 \| awk '{print $2}')`
			`OID=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID \|\| exit 1`
			`echo $CID >> $CHECKFILE`
			`echo $OID >> $CHECKFILE`

			`# public read container with object inside`
			`CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-public-read \| head -1 \| awk '{print $2}')`
			`OID=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID \|\| exit 1`
			`echo $CID >> $CHECKFILE`
			`echo $OID >> $CHECKFILE`

			`# public read write container with object inside`
			`CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-public-read-write \| head -1 \| awk '{print $2}')`
			`OID=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID \|\| exit 1`
			`echo $CID >> $CHECKFILE`
			`echo $OID >> $CHECKFILE`

			`# allow get / put specific objects in private container`
			`CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-public-read-write \| head -1 \| awk '{print $2}')`
			`OID_S_ATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --attributes "Foo=Bar" --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_S_ATTR \|\| exit 1`
			`OID_C_ATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $COMPLEXFILE --attributes "Foo=Bar" --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_C_ATTR \|\| exit 1`
			`OID_S_NOATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_S_NOATTR \|\| exit 1`
			`OID_C_NOATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $COMPLEXFILE --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_C_NOATTR \|\| exit 1`
			`frostfs-cli --config $FFSCONF acl extended create --cid $CID -r 'allow get obj:Foo=Bar others' -r 'allow put obj:Foo=Bar others' -r 'deny get others' -r 'deny put others' -o acl.json \|\| exit 1`
			`frostfs-cli --config $FFSCONF container set-eacl --cid $CID --table acl.json --await \|\| exit 1`
			`echo $CID >> $CHECKFILE`
			`echo $OID_S_ATTR >> $CHECKFILE`
			`echo $OID_C_ATTR >> $CHECKFILE`
			`echo $OID_S_NOATTR >> $CHECKFILE`
			`echo $OID_C_NOATTR >> $CHECKFILE`
			`rm acl.json`

			`# deny get / put specific objects in private container`
			`CID=$(frostfs-cli --config $FFSCONF container create -p "$PLACEMENT" --await --basic-acl eacl-public-read-write \| head -1 \| awk '{print $2}')`
			`OID_S_ATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --attributes "Foo=Bar" --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_S_ATTR \|\| exit 1`
			`OID_C_ATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $COMPLEXFILE --attributes "Foo=Bar" --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_C_ATTR \|\| exit 1`
			`OID_S_NOATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $FILE --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_S_NOATTR \|\| exit 1`
			`OID_C_NOATTR=$(frostfs-cli --config $FFSCONF object put --cid $CID --file $COMPLEXFILE --no-progress \| tail -2 \| head -1 \| awk '{print $2}')`
			`frostfs-cli --config $FFSCONF object head --cid $CID --oid $OID_C_NOATTR \|\| exit 1`
			`frostfs-cli --config $FFSCONF acl extended create --cid $CID -r 'deny get obj:Foo=Bar others' -r 'deny put obj:Foo=Bar others' -r 'allow get others' -r 'allow put others' -o acl.json \|\| exit 1`
			`frostfs-cli --config $FFSCONF container set-eacl --cid $CID --table acl.json --await \|\| exit 1`
			`echo $CID >> $CHECKFILE`
			`echo $OID_S_ATTR >> $CHECKFILE`
			`echo $OID_C_ATTR >> $CHECKFILE`
			`echo $OID_S_NOATTR >> $CHECKFILE`
			`echo $OID_C_NOATTR >> $CHECKFILE`
			`rm acl.json`

			`exit 0`