Add replication test with deny eACL (#133)

* Add replication test with deny eACL
This commit is contained in:
Anatoly Bogatyrev 2021-10-07 14:28:31 +03:00 committed by GitHub
parent 36107fcc4c
commit 1fe540fce9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 81 additions and 5 deletions

View file

@ -0,0 +1,16 @@
*** Settings ***
Variables ../../variables/common.py
Library Process
*** Keywords ***
Drop object
[Arguments] ${NODE} ${WIF_STORAGE} ${CID} ${OID}
${DROP_SIMPLE} = Run Process neofs-cli control drop-objects -r ${NODE} --wif ${WIF_STORAGE} -o ${CID}/${OID} shell=True
Log Many stdout: ${DROP_SIMPLE.stdout} stderr: ${DROP_SIMPLE.stderr}
Should Be Equal As Integers ${DROP_SIMPLE.rc} 0

View file

@ -0,0 +1,63 @@
*** Settings ***
Variables ../../../variables/common.py
Library Collections
Library neofs.py
Library acl.py
Library payment_neogo.py
Library contract_keywords.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot
Resource payment_operations.robot
Resource setup_teardown.robot
Resource storage.robot
*** Variables ***
${FULL_PLACEMENT_RULE} = REP 4 IN X CBF 1 SELECT 4 FROM * AS X
${EXPECTED_COPIES} = ${4}
*** Test cases ***
eACL Deny Replication Operations
[Documentation] Testcase to validate NeoFS replication with eACL deny rules.
[Tags] ACL NeoFS_CLI Replication
[Timeout] 20 min
[Setup] Setup
${NODE_NUM} ${NODE} ${WIF_STORAGE} = Get control endpoint with wif
${WALLET} ${ADDR} ${WIF_USER} = Prepare Wallet And Deposit
Prepare eACL Role rules
Log Check Replication with eACL deny - object should be replicated
# https://github.com/nspcc-dev/neofs-node/issues/881
${FILE} = Generate file of bytes ${SIMPLE_OBJ_SIZE}
${CID} = Create container ${WIF_USER} 0x0FFFFFFF ${FULL_PLACEMENT_RULE}
Wait Until Keyword Succeeds ${MORPH_BLOCK_TIME} ${CONTAINER_WAIT_INTERVAL}
... Container Existing ${WIF_USER} ${CID}
${OID} = Put object ${WIF_USER} ${FILE} ${CID} ${EMPTY} ${FILE_USR_HEADER}
Validate storage policy for object ${WIF_USER} ${EXPECTED_COPIES} ${CID} ${OID}
Set eACL ${WIF_USER} ${CID} ${EACL_DENY_ALL_USER}
Run Keyword And Expect Error *
... Put object ${WIF_USER} ${FILE} ${CID} ${EMPTY} ${FILE_USR_HEADER}
# Drop object to check replication
Drop object ${NODE} ${WIF_STORAGE} ${CID} ${OID}
Tick Epoch
# We assume that during one epoch object should be replicated
Wait Until Keyword Succeeds ${NEOFS_EPOCH_TIMEOUT} 1m
... Validate storage policy for object ${WIF_STORAGE} ${EXPECTED_COPIES} ${CID} ${OID}
[Teardown] Teardown acl_deny_replication

View file

@ -2,9 +2,6 @@
Variables ../../../variables/common.py
Variables ../../../variables/acl.py
*** Variables ***
${CONTAINER_WAIT_INTERVAL} = 1 min
*** Keywords ***
Create Private Container

View file

@ -6,7 +6,6 @@ Variables ../../../variables/acl.py
${FILE_USR_HEADER} = key1=1,key2=abc
${FILE_USR_HEADER_DEL} = key1=del,key2=del
${FILE_OTH_HEADER} = key1=oth,key2=oth
${CONTAINER_WAIT_INTERVAL} = 1 min
*** Keywords ***
Create Container Public

View file

@ -7,7 +7,6 @@ Library acl.py
${FILE_USR_HEADER} = key1=1,key2=abc
${FILE_USR_HEADER_DEL} = key1=del,key2=del
${FILE_OTH_HEADER} = key1=oth,key2=oth
${CONTAINER_WAIT_INTERVAL} = 1 min
*** Keywords ***

View file

@ -8,6 +8,8 @@ CERT="%s/../../ca" % ROOT
# Common NeoFS variables can be declared from neofs-dev-env env variables.
# High priority is accepted for those envs.
CONTAINER_WAIT_INTERVAL = "1m"
NEOFS_EPOCH_TIMEOUT = (os.getenv("NEOFS_EPOCH_TIMEOUT") if os.getenv("NEOFS_EPOCH_TIMEOUT")
else os.getenv("NEOFS_IR_TIMERS_EPOCH", "300s"))