From cff0e0f23e74529fbea794c580257f04b7ec829c Mon Sep 17 00:00:00 2001 From: Andrey Berezin Date: Mon, 13 Mar 2023 17:05:24 +0300 Subject: [PATCH] Update session token tests related to expiration rules Signed-off-by: Andrey Berezin --- README.md | 12 +- .../test_static_object_session_token.py | 179 ++++++++++-------- 2 files changed, 105 insertions(+), 86 deletions(-) diff --git a/README.md b/README.md index 2a2e15e..b0d6273 100644 --- a/README.md +++ b/README.md @@ -49,17 +49,11 @@ As we use frostfs-dev-env, you'll also need to install 6. Prepare virtualenv ```shell -$ make venv.local-pytest -$ . venv.local-pytest/bin/activate +$ make venv +$ source venv.frostfs-testcases-3.10/bin/activate ``` -7. Setup pre-commit hooks to run code formatters on staged files before you run a `git commit` command: - -```shell -$ pre-commit install -``` - -Optionally you might want to integrate code formatters with your code editor to apply formatters to code files as you go: +7. Optionally you might want to integrate code formatters with your code editor to apply formatters to code files as you go: * isort is supported by [PyCharm](https://plugins.jetbrains.com/plugin/15434-isortconnect), [VS Code](https://cereblanco.medium.com/setup-black-and-isort-in-vscode-514804590bf9). Plugins exist for other IDEs/editors as well. * black can be integrated with multiple editors, please, instructions are available [here](https://black.readthedocs.io/en/stable/integrations/editors.html). diff --git a/pytest_tests/testsuites/session_token/test_static_object_session_token.py b/pytest_tests/testsuites/session_token/test_static_object_session_token.py index 840d71a..c51672f 100644 --- a/pytest_tests/testsuites/session_token/test_static_object_session_token.py +++ b/pytest_tests/testsuites/session_token/test_static_object_session_token.py @@ -187,7 +187,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session with range operations") - @pytest.mark.static_session @pytest.mark.parametrize( "method_under_test,verb", [(get_range, ObjectVerb.RANGE), (get_range_hash, ObjectVerb.RANGEHASH)], @@ -227,7 +226,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session with search operation") - @pytest.mark.static_session @pytest.mark.xfail # (see https://github.com/nspcc-dev/neofs-node/issues/2030) def test_static_session_search( @@ -255,7 +253,6 @@ class TestObjectStaticSession(ClusterTestBase): assert expected_object_ids == actual_object_ids @allure.title("Validate static session with object id not in session") - @pytest.mark.static_session def test_static_session_unrelated_object( self, user_wallet: WalletFile, @@ -280,7 +277,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session with user id not in session") - @pytest.mark.static_session def test_static_session_head_unrelated_user( self, stranger_wallet: WalletFile, @@ -307,7 +303,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session with wrong verb in session") - @pytest.mark.static_session def test_static_session_head_wrong_verb( self, user_wallet: WalletFile, @@ -334,7 +329,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session with container id not in session") - @pytest.mark.static_session def test_static_session_unrelated_container( self, user_wallet: WalletFile, @@ -362,7 +356,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session which signed by another wallet") - @pytest.mark.static_session def test_static_session_signed_by_other( self, owner_wallet: WalletFile, @@ -401,7 +394,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session which signed for another container") - @pytest.mark.static_session def test_static_session_signed_for_other_container( self, owner_wallet: WalletFile, @@ -440,7 +432,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session which wasn't signed") - @pytest.mark.static_session def test_static_session_without_sign( self, owner_wallet: WalletFile, @@ -477,7 +468,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session which expires at next epoch") - @pytest.mark.static_session def test_static_session_expiration_at_next( self, owner_wallet: WalletFile, @@ -499,40 +489,56 @@ class TestObjectStaticSession(ClusterTestBase): object_id = storage_objects[0].oid expiration = Lifetime(epoch + 1, epoch, epoch) - token_expire_at_next_epoch = get_object_signed_token( - owner_wallet, - user_wallet, - container, - storage_objects, - ObjectVerb.HEAD, - self.shell, - temp_directory, - expiration, - ) - - head_object( - user_wallet.path, - container, - object_id, - self.shell, - self.cluster.default_rpc_endpoint, - session=token_expire_at_next_epoch, - ) - - self.tick_epoch() - - with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN): - head_object( - user_wallet.path, + with allure.step("Create session token"): + token_expire_at_next_epoch = get_object_signed_token( + owner_wallet, + user_wallet, container, - object_id, + storage_objects, + ObjectVerb.HEAD, self.shell, - self.cluster.default_rpc_endpoint, - session=token_expire_at_next_epoch, + temp_directory, + expiration, ) + with allure.step("Object should be available with session token after token creation"): + with expect_not_raises(): + head_object( + user_wallet.path, + container, + object_id, + self.shell, + self.cluster.default_rpc_endpoint, + session=token_expire_at_next_epoch, + ) + + with allure.step( + "Object should be available at last epoch before session token expiration" + ): + self.tick_epoch() + with expect_not_raises(): + head_object( + user_wallet.path, + container, + object_id, + self.shell, + self.cluster.default_rpc_endpoint, + session=token_expire_at_next_epoch, + ) + + with allure.step("Object should NOT be available after session token expiration epoch"): + self.tick_epoch() + with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN): + head_object( + user_wallet.path, + container, + object_id, + self.shell, + self.cluster.default_rpc_endpoint, + session=token_expire_at_next_epoch, + ) + @allure.title("Validate static session which is valid starting from next epoch") - @pytest.mark.static_session def test_static_session_start_at_next( self, owner_wallet: WalletFile, @@ -554,50 +560,70 @@ class TestObjectStaticSession(ClusterTestBase): object_id = storage_objects[0].oid expiration = Lifetime(epoch + 2, epoch + 1, epoch) - token_start_at_next_epoch = get_object_signed_token( - owner_wallet, - user_wallet, - container, - storage_objects, - ObjectVerb.HEAD, - self.shell, - temp_directory, - expiration, - ) - - with pytest.raises(Exception, match=MALFORMED_REQUEST): - head_object( - user_wallet.path, + with allure.step("Create session token"): + token_start_at_next_epoch = get_object_signed_token( + owner_wallet, + user_wallet, container, - object_id, + storage_objects, + ObjectVerb.HEAD, self.shell, - self.cluster.default_rpc_endpoint, - session=token_start_at_next_epoch, + temp_directory, + expiration, ) - self.tick_epoch() - head_object( - user_wallet.path, - container, - object_id, - self.shell, - self.cluster.default_rpc_endpoint, - session=token_start_at_next_epoch, - ) + with allure.step("Object should NOT be available with session token after token creation"): + with pytest.raises(Exception, match=MALFORMED_REQUEST): + head_object( + user_wallet.path, + container, + object_id, + self.shell, + self.cluster.default_rpc_endpoint, + session=token_start_at_next_epoch, + ) - self.tick_epoch() - with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN): - head_object( - user_wallet.path, - container, - object_id, - self.shell, - self.cluster.default_rpc_endpoint, - session=token_start_at_next_epoch, - ) + with allure.step( + "Object should be available with session token starting from token nbf epoch" + ): + self.tick_epoch() + with expect_not_raises(): + head_object( + user_wallet.path, + container, + object_id, + self.shell, + self.cluster.default_rpc_endpoint, + session=token_start_at_next_epoch, + ) + + with allure.step( + "Object should be available at last epoch before session token expiration" + ): + self.tick_epoch() + with expect_not_raises(): + head_object( + user_wallet.path, + container, + object_id, + self.shell, + self.cluster.default_rpc_endpoint, + session=token_start_at_next_epoch, + ) + + with allure.step("Object should NOT be available after session token expiration epoch"): + self.tick_epoch() + with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN): + head_object( + user_wallet.path, + container, + object_id, + self.shell, + self.cluster.default_rpc_endpoint, + session=token_start_at_next_epoch, + ) @allure.title("Validate static session which is already expired") - @pytest.mark.static_session def test_static_session_already_expired( self, owner_wallet: WalletFile, @@ -691,7 +717,6 @@ class TestObjectStaticSession(ClusterTestBase): ) @allure.title("Validate static session which is issued in future epoch") - @pytest.mark.static_session def test_static_session_invalid_issued_epoch( self, owner_wallet: WalletFile,