forked from TrueCloudLab/frostfs-testcases
TrueCloudLab/frostfs-node#1297 update error pattern
Signed-off-by: a.berezin <a.berezin@yadro.com>
This commit is contained in:
parent
f6576d4f6f
commit
d10e5975e7
2 changed files with 16 additions and 20 deletions
|
@ -2,7 +2,7 @@ from typing import Optional
|
||||||
|
|
||||||
from frostfs_testlib import reporter
|
from frostfs_testlib import reporter
|
||||||
from frostfs_testlib.resources.cli import CLI_DEFAULT_TIMEOUT
|
from frostfs_testlib.resources.cli import CLI_DEFAULT_TIMEOUT
|
||||||
from frostfs_testlib.resources.error_patterns import OBJECT_ACCESS_DENIED, OBJECT_NOT_FOUND
|
from frostfs_testlib.resources.error_patterns import OBJECT_ACCESS_DENIED
|
||||||
from frostfs_testlib.shell import Shell
|
from frostfs_testlib.shell import Shell
|
||||||
from frostfs_testlib.steps.cli.object import (
|
from frostfs_testlib.steps.cli.object import (
|
||||||
delete_object,
|
delete_object,
|
||||||
|
@ -20,10 +20,6 @@ from frostfs_testlib.utils.file_utils import get_file_hash
|
||||||
|
|
||||||
OPERATION_ERROR_TYPE = RuntimeError
|
OPERATION_ERROR_TYPE = RuntimeError
|
||||||
|
|
||||||
# TODO: Revert to just OBJECT_ACCESS_DENIED when the issue is fixed
|
|
||||||
# https://git.frostfs.info/TrueCloudLab/frostfs-node/issues/1297
|
|
||||||
OBJECT_NO_ACCESS = rf"(?:{OBJECT_NOT_FOUND}|{OBJECT_ACCESS_DENIED})"
|
|
||||||
|
|
||||||
|
|
||||||
def can_get_object(
|
def can_get_object(
|
||||||
wallet: WalletInfo,
|
wallet: WalletInfo,
|
||||||
|
@ -47,7 +43,7 @@ def can_get_object(
|
||||||
cluster=cluster,
|
cluster=cluster,
|
||||||
)
|
)
|
||||||
except OPERATION_ERROR_TYPE as err:
|
except OPERATION_ERROR_TYPE as err:
|
||||||
assert string_utils.is_str_match_pattern(err, OBJECT_NO_ACCESS), f"Expected {err} to match {OBJECT_NO_ACCESS}"
|
assert string_utils.is_str_match_pattern(err, OBJECT_ACCESS_DENIED), f"Expected {err} to match {OBJECT_ACCESS_DENIED}"
|
||||||
return False
|
return False
|
||||||
assert get_file_hash(file_name) == get_file_hash(got_file_path)
|
assert get_file_hash(file_name) == get_file_hash(got_file_path)
|
||||||
return True
|
return True
|
||||||
|
@ -102,7 +98,7 @@ def can_delete_object(
|
||||||
endpoint=endpoint,
|
endpoint=endpoint,
|
||||||
)
|
)
|
||||||
except OPERATION_ERROR_TYPE as err:
|
except OPERATION_ERROR_TYPE as err:
|
||||||
assert string_utils.is_str_match_pattern(err, OBJECT_NO_ACCESS), f"Expected {err} to match {OBJECT_NO_ACCESS}"
|
assert string_utils.is_str_match_pattern(err, OBJECT_ACCESS_DENIED), f"Expected {err} to match {OBJECT_ACCESS_DENIED}"
|
||||||
return False
|
return False
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
@ -130,7 +126,7 @@ def can_get_head_object(
|
||||||
timeout=timeout,
|
timeout=timeout,
|
||||||
)
|
)
|
||||||
except OPERATION_ERROR_TYPE as err:
|
except OPERATION_ERROR_TYPE as err:
|
||||||
assert string_utils.is_str_match_pattern(err, OBJECT_NO_ACCESS), f"Expected {err} to match {OBJECT_NO_ACCESS}"
|
assert string_utils.is_str_match_pattern(err, OBJECT_ACCESS_DENIED), f"Expected {err} to match {OBJECT_ACCESS_DENIED}"
|
||||||
return False
|
return False
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
@ -159,7 +155,7 @@ def can_get_range_of_object(
|
||||||
timeout=timeout,
|
timeout=timeout,
|
||||||
)
|
)
|
||||||
except OPERATION_ERROR_TYPE as err:
|
except OPERATION_ERROR_TYPE as err:
|
||||||
assert string_utils.is_str_match_pattern(err, OBJECT_NO_ACCESS), f"Expected {err} to match {OBJECT_NO_ACCESS}"
|
assert string_utils.is_str_match_pattern(err, OBJECT_ACCESS_DENIED), f"Expected {err} to match {OBJECT_ACCESS_DENIED}"
|
||||||
return False
|
return False
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
@ -188,7 +184,7 @@ def can_get_range_hash_of_object(
|
||||||
timeout=timeout,
|
timeout=timeout,
|
||||||
)
|
)
|
||||||
except OPERATION_ERROR_TYPE as err:
|
except OPERATION_ERROR_TYPE as err:
|
||||||
assert string_utils.is_str_match_pattern(err, OBJECT_NO_ACCESS), f"Expected {err} to match {OBJECT_NO_ACCESS}"
|
assert string_utils.is_str_match_pattern(err, OBJECT_ACCESS_DENIED), f"Expected {err} to match {OBJECT_ACCESS_DENIED}"
|
||||||
return False
|
return False
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
@ -215,7 +211,7 @@ def can_search_object(
|
||||||
timeout=timeout,
|
timeout=timeout,
|
||||||
)
|
)
|
||||||
except OPERATION_ERROR_TYPE as err:
|
except OPERATION_ERROR_TYPE as err:
|
||||||
assert string_utils.is_str_match_pattern(err, OBJECT_NO_ACCESS), f"Expected {err} to match {OBJECT_NO_ACCESS}"
|
assert string_utils.is_str_match_pattern(err, OBJECT_ACCESS_DENIED), f"Expected {err} to match {OBJECT_ACCESS_DENIED}"
|
||||||
return False
|
return False
|
||||||
if oid:
|
if oid:
|
||||||
return oid in oids
|
return oid in oids
|
||||||
|
|
|
@ -18,7 +18,7 @@ from pytest_tests.helpers.container_access import (
|
||||||
assert_full_access_to_container,
|
assert_full_access_to_container,
|
||||||
assert_no_access_to_container,
|
assert_no_access_to_container,
|
||||||
)
|
)
|
||||||
from pytest_tests.helpers.object_access import OBJECT_NO_ACCESS
|
from pytest_tests.helpers.object_access import OBJECT_ACCESS_DENIED
|
||||||
|
|
||||||
from ....helpers.container_spec import ContainerSpec
|
from ....helpers.container_spec import ContainerSpec
|
||||||
|
|
||||||
|
@ -216,10 +216,10 @@ class TestApeFilters(ClusterTestBase):
|
||||||
)
|
)
|
||||||
|
|
||||||
with reporter.step("Check others have no access to objects with deny attribute"):
|
with reporter.step("Check others have no access to objects with deny attribute"):
|
||||||
with pytest.raises(Exception, match=OBJECT_NO_ACCESS):
|
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||||
head_object(other_wallet, container, deny_objects[0], self.shell, rpc_endpoint, xhdr=xhdr)
|
head_object(other_wallet, container, deny_objects[0], self.shell, rpc_endpoint, xhdr=xhdr)
|
||||||
|
|
||||||
with pytest.raises(Exception, match=OBJECT_NO_ACCESS):
|
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||||
get_object_from_random_node(other_wallet, container, deny_objects[0], self.shell, self.cluster, xhdr=xhdr)
|
get_object_from_random_node(other_wallet, container, deny_objects[0], self.shell, self.cluster, xhdr=xhdr)
|
||||||
|
|
||||||
with reporter.step("Check others have access to objects with deny attribute and using bearer token"):
|
with reporter.step("Check others have access to objects with deny attribute and using bearer token"):
|
||||||
|
@ -261,7 +261,7 @@ class TestApeFilters(ClusterTestBase):
|
||||||
deny_objects = objects_with_other_attributes
|
deny_objects = objects_with_other_attributes
|
||||||
allow_attribute = self.HEADER
|
allow_attribute = self.HEADER
|
||||||
deny_attribute = self.OTHER_HEADER
|
deny_attribute = self.OTHER_HEADER
|
||||||
no_attributes_match_context = pytest.raises(Exception, match=OBJECT_NO_ACCESS)
|
no_attributes_match_context = pytest.raises(Exception, match=OBJECT_ACCESS_DENIED)
|
||||||
else:
|
else:
|
||||||
allow_objects = objects_with_other_attributes
|
allow_objects = objects_with_other_attributes
|
||||||
deny_objects = objects_with_attributes
|
deny_objects = objects_with_attributes
|
||||||
|
@ -321,13 +321,13 @@ class TestApeFilters(ClusterTestBase):
|
||||||
|
|
||||||
with reporter.step("Check others cannot get and put objects without attributes matching the filter"):
|
with reporter.step("Check others cannot get and put objects without attributes matching the filter"):
|
||||||
oid = deny_objects[0]
|
oid = deny_objects[0]
|
||||||
with pytest.raises(Exception, match=OBJECT_NO_ACCESS):
|
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||||
head_object(other_wallet, container, oid, self.shell, rpc_endpoint)
|
head_object(other_wallet, container, oid, self.shell, rpc_endpoint)
|
||||||
|
|
||||||
with pytest.raises(Exception, match=OBJECT_NO_ACCESS):
|
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||||
assert get_object_from_random_node(other_wallet, container, oid, self.shell, self.cluster)
|
assert get_object_from_random_node(other_wallet, container, oid, self.shell, self.cluster)
|
||||||
|
|
||||||
with pytest.raises(Exception, match=OBJECT_NO_ACCESS):
|
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||||
assert put_object_to_random_node(other_wallet, file_path, container, self.shell, self.cluster, attributes=deny_attribute)
|
assert put_object_to_random_node(other_wallet, file_path, container, self.shell, self.cluster, attributes=deny_attribute)
|
||||||
|
|
||||||
with reporter.step("Check others can get and put objects without attributes matching the filter with bearer token"):
|
with reporter.step("Check others can get and put objects without attributes matching the filter with bearer token"):
|
||||||
|
@ -366,7 +366,7 @@ class TestApeFilters(ClusterTestBase):
|
||||||
put_object_to_random_node(other_wallet, file_path, container, self.shell, self.cluster, bearer)
|
put_object_to_random_node(other_wallet, file_path, container, self.shell, self.cluster, bearer)
|
||||||
|
|
||||||
with reporter.step("Others should not be able to get object matching the filter"):
|
with reporter.step("Others should not be able to get object matching the filter"):
|
||||||
with pytest.raises(Exception, match=OBJECT_NO_ACCESS):
|
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||||
get_object_from_random_node(other_wallet, container, oid, self.shell, self.cluster, bearer)
|
get_object_from_random_node(other_wallet, container, oid, self.shell, self.cluster, bearer)
|
||||||
|
|
||||||
@allure.title("PUT and GET object using bearer with objectID in filter (obj_size={object_size}, match_type=EQUAL)")
|
@allure.title("PUT and GET object using bearer with objectID in filter (obj_size={object_size}, match_type=EQUAL)")
|
||||||
|
@ -390,7 +390,7 @@ class TestApeFilters(ClusterTestBase):
|
||||||
bearer = create_bearer_token(frostfs_cli, temp_directory, container, rule, self.cluster.default_rpc_endpoint)
|
bearer = create_bearer_token(frostfs_cli, temp_directory, container, rule, self.cluster.default_rpc_endpoint)
|
||||||
|
|
||||||
with reporter.step("Others should not be able to put object using bearer token"):
|
with reporter.step("Others should not be able to put object using bearer token"):
|
||||||
with pytest.raises(Exception, match=OBJECT_NO_ACCESS):
|
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
|
||||||
put_object_to_random_node(other_wallet, file_path, container, self.shell, self.cluster, bearer)
|
put_object_to_random_node(other_wallet, file_path, container, self.shell, self.cluster, bearer)
|
||||||
|
|
||||||
with reporter.step("Others should be able to get object matching the filter"):
|
with reporter.step("Others should be able to get object matching the filter"):
|
||||||
|
|
Loading…
Reference in a new issue