[#64] Create container_session_token.robot test

Signed-off-by: Elizaveta Chichindaeva <elizaveta@nspcc.ru>

robot/resources/lib/cli_helpers.py

@@ -6,6 +6,7 @@ and other CLIs.
 """
 
 import subprocess
+import pexpect
 
 from robot.api import logger
 
@@ -27,3 +28,11 @@ def _cmd_run(cmd):
     except subprocess.CalledProcessError as exc:
         raise RuntimeError(f"Error:\nreturn code: {exc.returncode} "
                 f"\nOutput: {exc.output}") from exc
+
+def _run_with_passwd(cmd):
+    p = pexpect.spawn(cmd)
+    p.expect(".*")
+    p.sendline('\r')
+    p.wait()
+    cmd = p.read()
+    return cmd.decode()

robot/resources/lib/gates.py

@@ -1,22 +1,18 @@
 #!/usr/bin/python3.8
 
-from logging import raiseExceptions
-import boto3
-import botocore
 import os
-import pexpect
 import re
-import requests
 import shutil
 import subprocess
 import uuid
-
+import requests
-from robot.api.deco import keyword
+import botocore
-from robot.api import logger
+import boto3
-import robot.errors
-from robot.libraries.BuiltIn import BuiltIn
 
 from common import *
+from robot.api.deco import keyword
+from robot.api import logger
+from cli_helpers import _run_with_passwd
 
 
 ROBOT_AUTO_KEYWORDS = False
@@ -61,15 +57,6 @@ def init_s3_credentials(wallet):
         raise Exception(f"Error: \nreturn code: {e.returncode}. \nOutput: {e.stderr}")
 
 
-def _run_with_passwd(cmd):
-    p = pexpect.spawn(cmd)
-    p.expect(".*")
-    p.sendline('\r')
-    p.wait()
-    cmd = p.read()
-    return cmd.decode()
-
-
 @keyword('Config S3 client')
 def config_s3_client(access_key_id, secret_access_key):
     try:

robot/resources/lib/neofs.py

@@ -1,23 +1,22 @@
 #!/usr/bin/python3.8
 
-import base58
 import base64
 import binascii
 from datetime import datetime
-import docker
 import hashlib
 import json
 import os
 import re
 import random
-import subprocess
+import uuid
+import docker
+import base58
 
 from neo3 import wallet
+from common import *
 from robot.api.deco import keyword
 from robot.api import logger
-
+from cli_helpers import _run_with_passwd, _cmd_run
-from common import *
-from cli_helpers import _cmd_run
 
 ROBOT_AUTO_KEYWORDS = False
 
@@ -137,7 +136,7 @@ def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str
 
 
 @keyword('Create container')
-def create_container(private_key: str, basic_acl:str, rule:str, user_headers: str=''):
+def create_container(private_key: str, basic_acl:str, rule:str, user_headers: str='', session: str=''):
     if rule == "":
         logger.error("Cannot create container with empty placement rule")
 
@@ -145,10 +144,12 @@ def create_container(private_key: str, basic_acl:str, rule:str, user_headers: st
         basic_acl = f"--basic-acl {basic_acl}"
     if user_headers:
         user_headers = f"--attributes {user_headers}"
+    if session:
+        session = f"--session {session}"
 
     createContainerCmd = (
         f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
-        f'container create --policy "{rule}" {basic_acl} {user_headers} --await'
+        f'container create --policy "{rule}" {basic_acl} {user_headers} {session} --await'
     )
     logger.info(f"Cmd: {createContainerCmd}")
     output = _cmd_run(createContainerCmd)
@@ -970,6 +971,55 @@ def delete_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str=
         raise Exception(f"no Tombstone ID was parsed from command output: \t{output}")
     return oid
 
+@keyword('Generate Session Token')
+def generate_session_token(owner: str, pub_key: str, cid: str = "", wildcard: bool = False) -> str:
+
+    file_path = f"{os.getcwd()}/{ASSETS_DIR}/{str(uuid.uuid4())}"
+
+    owner_64 = base64.b64encode(base58.b58decode(owner)).decode('utf-8')
+    cid_64 = base64.b64encode(cid.encode('utf-8')).decode('utf-8')
+    pub_key_64 = base64.b64encode(bytes.fromhex(pub_key)).decode('utf-8')
+    id_64 = base64.b64encode(uuid.uuid4().bytes).decode('utf-8')
+
+    session_token = {
+                    "body":{
+                        "id":f"{id_64}",
+                        "ownerID":{
+                            "value":f"{owner_64}"
+                        },
+                        "lifetime":{
+                            "exp":"100000000",
+                            "nbf":"0",
+                            "iat":"0"
+                        },
+                        "sessionKey":f"{pub_key_64}",
+                        "container":{
+                            "verb":"PUT",
+                            "wildcard": wildcard,
+                            **({ "containerID":{"value":f"{cid_64}"} } if not wildcard else {})
+                        }
+                    }
+                }
+
+    logger.info(f"Got this Session Token: {session_token}")
+
+    with open(file_path, 'w', encoding='utf-8') as session_token_file:
+        json.dump(session_token, session_token_file, ensure_ascii=False, indent=4)
+
+    return file_path
+
+
+@keyword ('Sign Session Token')
+def sign_session_token(session_token: str, wallet: str, to_file: str=''):
+    if to_file:
+        to_file = f'--to {to_file}' 
+    cmd = (
+        f'{NEOFS_CLI_EXEC} util sign session-token --from {session_token} '
+        f'-w {wallet} {to_file}'
+    )
+    logger.info(f"cmd: {cmd}")
+    _run_with_passwd(cmd)
+
 
 def _get_file_hash(filename):
     blocksize = 65536

robot/testsuites/integration/acl/test_eacl.robot

@@ -0,0 +1,25 @@
+*** Settings ***
+Variables       ../../../variables/common.py
+Library         ../${RESOURCES}/neofs.py
+Library         ../${RESOURCES}/payment_neogo.py
+
+Resource        common_steps_acl_basic.robot
+Resource        ../${RESOURCES}/payment_operations.robot
+Resource        ../${RESOURCES}/setup_teardown.robot
+Resource    robot/testsuites/integration/acl/common_steps_acl_extended.robot
+
+
+*** Test cases ***
+Basic ACL Operations for Private Container
+    [Documentation]         Testcase to validate NeoFS operations with ACL for Private Container.
+    [Tags]                  ACL  NeoFS  NeoCLI
+    [Timeout]               20 min
+
+    [Setup]                 Setup
+
+    ${WALLET}   ${ADDR}     ${USER_KEY} =   Prepare Wallet And Deposit
+    ${WALLET_OTH}   ${ADDR_OTH}     ${OTHER_KEY} =   Prepare Wallet And Deposit
+
+    ${CID} =    Create Container Public    ${USER_KEY}
+    ${S_OID_USER} =         Put object    ${USER_KEY}    ./test.txt    ${CID}    ${EMPTY}    ${EMPTY}
+    

robot/testsuites/integration/container/container_session_token.robot

@@ -0,0 +1,50 @@
+*** Settings ***
+Variables    ../../../variables/common.py
+Variables   ../../../variables/acl.py
+
+Resource    setup_teardown.robot
+Resource    payment_operations.robot
+
+Library    Process
+Library    neofs.py
+Library    String
+Library    OperatingSystem
+
+*** Variables ***
+${SIGNED_FILE} =    ${ASSETS_DIR}/signed_token.json
+
+*** Test Cases ***
+
+Session Token for Container
+    [Documentation]    Testcase to check container session token
+    [Tags]             Container    SessionToken
+    [Timeout]          5 min
+
+    [Setup]            Setup
+
+    ${WALLET}    ${OWNER}    ${OWNER_KEY} =   Prepare Wallet And Deposit
+    ${GEN_WALLET}    ${GEN}    ${GEN_KEY} =    Init Wallet with Address    ${ASSETS_DIR}
+
+    ${UTIL} =    Run Process    ${NEOGO_EXECUTABLE} wallet dump-keys -w ${GEN_WALLET}     shell=True
+    ${PUB_PART} =    Get Line    ${UTIL.stdout}    1
+
+    ${SESSION_TOKEN} =    Generate Session Token    ${OWNER}    ${PUB_PART}    wildcard=True
+
+    Sign Session token    ${SESSION_TOKEN}    ${WALLET}    ${SIGNED_FILE}
+    
+    ${CID} =            Create Container    ${GEN_KEY}    ${PRIVATE_ACL}    ${COMMON_PLACEMENT_RULE}    ${EMPTY}    ${SIGNED_FILE}
+                        Wait Until Keyword Succeeds    ${MORPH_BLOCK_TIME}    ${CONTAINER_WAIT_INTERVAL}
+                        ...  Container Existing    ${OWNER_KEY}    ${CID}
+                        Run Keyword And Expect Error    *
+                        ...  Container Existing    ${GEN_KEY}    ${CID}  
+
+########################
+# Check container owner 
+########################
+
+    ${CONTAINER_INFO} =    Run Process    ${NEOFS_CLI_EXEC} container get --cid ${CID} --wif ${GEN_KEY} --rpc-endpoint ${NEOFS_ENDPOINT}    shell=True
+    ${CID_OWNER_ID_LINE} =    Get Line    ${CONTAINER_INFO.stdout}    2
+    @{CID_OWNER_ID} =    Split String    ${CID_OWNER_ID_LINE}
+    Should Be Equal As Strings    ${OWNER}    ${CID_OWNER_ID}[2]
+
+    [Teardown]        Teardown    container_session_token                   

robot/variables/common.py

@@ -66,3 +66,5 @@ NEOFS_NETMAP_DICT = {'s01': {'rpc': 's01.neofs.devenv:8080',
                         'UN-LOCODE': 'FI HEL'}
                     }
 NEOFS_NETMAP = [i['rpc'] for i in NEOFS_NETMAP_DICT.values()]
+NEOGO_EXECUTABLE = os.getenv('NEOGO_EXECUTABLE', 'neo-go')
+NEOFS_CLI_EXEC = os.getenv('NEOFS_CLI_EXEC', 'neofs-cli')

venv/localtest/requirements.txt

@@ -1,4 +1,4 @@
-robotframework==3.2.1
+robotframework==4.1.2
 requests==2.25.1
 pexpect==4.8.0
 boto3==1.16.33