Update session token tests related to expiration rules

Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
This commit is contained in:
Andrey Berezin 2023-03-13 17:05:24 +03:00
parent ef5e142015
commit cff0e0f23e
2 changed files with 105 additions and 86 deletions

View file

@ -49,17 +49,11 @@ As we use frostfs-dev-env, you'll also need to install
6. Prepare virtualenv 6. Prepare virtualenv
```shell ```shell
$ make venv.local-pytest $ make venv
$ . venv.local-pytest/bin/activate $ source venv.frostfs-testcases-3.10/bin/activate
``` ```
7. Setup pre-commit hooks to run code formatters on staged files before you run a `git commit` command: 7. Optionally you might want to integrate code formatters with your code editor to apply formatters to code files as you go:
```shell
$ pre-commit install
```
Optionally you might want to integrate code formatters with your code editor to apply formatters to code files as you go:
* isort is supported by [PyCharm](https://plugins.jetbrains.com/plugin/15434-isortconnect), [VS Code](https://cereblanco.medium.com/setup-black-and-isort-in-vscode-514804590bf9). Plugins exist for other IDEs/editors as well. * isort is supported by [PyCharm](https://plugins.jetbrains.com/plugin/15434-isortconnect), [VS Code](https://cereblanco.medium.com/setup-black-and-isort-in-vscode-514804590bf9). Plugins exist for other IDEs/editors as well.
* black can be integrated with multiple editors, please, instructions are available [here](https://black.readthedocs.io/en/stable/integrations/editors.html). * black can be integrated with multiple editors, please, instructions are available [here](https://black.readthedocs.io/en/stable/integrations/editors.html).

View file

@ -187,7 +187,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session with range operations") @allure.title("Validate static session with range operations")
@pytest.mark.static_session
@pytest.mark.parametrize( @pytest.mark.parametrize(
"method_under_test,verb", "method_under_test,verb",
[(get_range, ObjectVerb.RANGE), (get_range_hash, ObjectVerb.RANGEHASH)], [(get_range, ObjectVerb.RANGE), (get_range_hash, ObjectVerb.RANGEHASH)],
@ -227,7 +226,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session with search operation") @allure.title("Validate static session with search operation")
@pytest.mark.static_session
@pytest.mark.xfail @pytest.mark.xfail
# (see https://github.com/nspcc-dev/neofs-node/issues/2030) # (see https://github.com/nspcc-dev/neofs-node/issues/2030)
def test_static_session_search( def test_static_session_search(
@ -255,7 +253,6 @@ class TestObjectStaticSession(ClusterTestBase):
assert expected_object_ids == actual_object_ids assert expected_object_ids == actual_object_ids
@allure.title("Validate static session with object id not in session") @allure.title("Validate static session with object id not in session")
@pytest.mark.static_session
def test_static_session_unrelated_object( def test_static_session_unrelated_object(
self, self,
user_wallet: WalletFile, user_wallet: WalletFile,
@ -280,7 +277,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session with user id not in session") @allure.title("Validate static session with user id not in session")
@pytest.mark.static_session
def test_static_session_head_unrelated_user( def test_static_session_head_unrelated_user(
self, self,
stranger_wallet: WalletFile, stranger_wallet: WalletFile,
@ -307,7 +303,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session with wrong verb in session") @allure.title("Validate static session with wrong verb in session")
@pytest.mark.static_session
def test_static_session_head_wrong_verb( def test_static_session_head_wrong_verb(
self, self,
user_wallet: WalletFile, user_wallet: WalletFile,
@ -334,7 +329,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session with container id not in session") @allure.title("Validate static session with container id not in session")
@pytest.mark.static_session
def test_static_session_unrelated_container( def test_static_session_unrelated_container(
self, self,
user_wallet: WalletFile, user_wallet: WalletFile,
@ -362,7 +356,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session which signed by another wallet") @allure.title("Validate static session which signed by another wallet")
@pytest.mark.static_session
def test_static_session_signed_by_other( def test_static_session_signed_by_other(
self, self,
owner_wallet: WalletFile, owner_wallet: WalletFile,
@ -401,7 +394,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session which signed for another container") @allure.title("Validate static session which signed for another container")
@pytest.mark.static_session
def test_static_session_signed_for_other_container( def test_static_session_signed_for_other_container(
self, self,
owner_wallet: WalletFile, owner_wallet: WalletFile,
@ -440,7 +432,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session which wasn't signed") @allure.title("Validate static session which wasn't signed")
@pytest.mark.static_session
def test_static_session_without_sign( def test_static_session_without_sign(
self, self,
owner_wallet: WalletFile, owner_wallet: WalletFile,
@ -477,7 +468,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session which expires at next epoch") @allure.title("Validate static session which expires at next epoch")
@pytest.mark.static_session
def test_static_session_expiration_at_next( def test_static_session_expiration_at_next(
self, self,
owner_wallet: WalletFile, owner_wallet: WalletFile,
@ -499,40 +489,56 @@ class TestObjectStaticSession(ClusterTestBase):
object_id = storage_objects[0].oid object_id = storage_objects[0].oid
expiration = Lifetime(epoch + 1, epoch, epoch) expiration = Lifetime(epoch + 1, epoch, epoch)
token_expire_at_next_epoch = get_object_signed_token( with allure.step("Create session token"):
owner_wallet, token_expire_at_next_epoch = get_object_signed_token(
user_wallet, owner_wallet,
container, user_wallet,
storage_objects,
ObjectVerb.HEAD,
self.shell,
temp_directory,
expiration,
)
head_object(
user_wallet.path,
container,
object_id,
self.shell,
self.cluster.default_rpc_endpoint,
session=token_expire_at_next_epoch,
)
self.tick_epoch()
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN):
head_object(
user_wallet.path,
container, container,
object_id, storage_objects,
ObjectVerb.HEAD,
self.shell, self.shell,
self.cluster.default_rpc_endpoint, temp_directory,
session=token_expire_at_next_epoch, expiration,
) )
with allure.step("Object should be available with session token after token creation"):
with expect_not_raises():
head_object(
user_wallet.path,
container,
object_id,
self.shell,
self.cluster.default_rpc_endpoint,
session=token_expire_at_next_epoch,
)
with allure.step(
"Object should be available at last epoch before session token expiration"
):
self.tick_epoch()
with expect_not_raises():
head_object(
user_wallet.path,
container,
object_id,
self.shell,
self.cluster.default_rpc_endpoint,
session=token_expire_at_next_epoch,
)
with allure.step("Object should NOT be available after session token expiration epoch"):
self.tick_epoch()
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN):
head_object(
user_wallet.path,
container,
object_id,
self.shell,
self.cluster.default_rpc_endpoint,
session=token_expire_at_next_epoch,
)
@allure.title("Validate static session which is valid starting from next epoch") @allure.title("Validate static session which is valid starting from next epoch")
@pytest.mark.static_session
def test_static_session_start_at_next( def test_static_session_start_at_next(
self, self,
owner_wallet: WalletFile, owner_wallet: WalletFile,
@ -554,50 +560,70 @@ class TestObjectStaticSession(ClusterTestBase):
object_id = storage_objects[0].oid object_id = storage_objects[0].oid
expiration = Lifetime(epoch + 2, epoch + 1, epoch) expiration = Lifetime(epoch + 2, epoch + 1, epoch)
token_start_at_next_epoch = get_object_signed_token( with allure.step("Create session token"):
owner_wallet, token_start_at_next_epoch = get_object_signed_token(
user_wallet, owner_wallet,
container, user_wallet,
storage_objects,
ObjectVerb.HEAD,
self.shell,
temp_directory,
expiration,
)
with pytest.raises(Exception, match=MALFORMED_REQUEST):
head_object(
user_wallet.path,
container, container,
object_id, storage_objects,
ObjectVerb.HEAD,
self.shell, self.shell,
self.cluster.default_rpc_endpoint, temp_directory,
session=token_start_at_next_epoch, expiration,
) )
self.tick_epoch() with allure.step("Object should NOT be available with session token after token creation"):
head_object( with pytest.raises(Exception, match=MALFORMED_REQUEST):
user_wallet.path, head_object(
container, user_wallet.path,
object_id, container,
self.shell, object_id,
self.cluster.default_rpc_endpoint, self.shell,
session=token_start_at_next_epoch, self.cluster.default_rpc_endpoint,
) session=token_start_at_next_epoch,
)
self.tick_epoch() with allure.step(
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN): "Object should be available with session token starting from token nbf epoch"
head_object( ):
user_wallet.path, self.tick_epoch()
container, with expect_not_raises():
object_id, head_object(
self.shell, user_wallet.path,
self.cluster.default_rpc_endpoint, container,
session=token_start_at_next_epoch, object_id,
) self.shell,
self.cluster.default_rpc_endpoint,
session=token_start_at_next_epoch,
)
with allure.step(
"Object should be available at last epoch before session token expiration"
):
self.tick_epoch()
with expect_not_raises():
head_object(
user_wallet.path,
container,
object_id,
self.shell,
self.cluster.default_rpc_endpoint,
session=token_start_at_next_epoch,
)
with allure.step("Object should NOT be available after session token expiration epoch"):
self.tick_epoch()
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN):
head_object(
user_wallet.path,
container,
object_id,
self.shell,
self.cluster.default_rpc_endpoint,
session=token_start_at_next_epoch,
)
@allure.title("Validate static session which is already expired") @allure.title("Validate static session which is already expired")
@pytest.mark.static_session
def test_static_session_already_expired( def test_static_session_already_expired(
self, self,
owner_wallet: WalletFile, owner_wallet: WalletFile,
@ -691,7 +717,6 @@ class TestObjectStaticSession(ClusterTestBase):
) )
@allure.title("Validate static session which is issued in future epoch") @allure.title("Validate static session which is issued in future epoch")
@pytest.mark.static_session
def test_static_session_invalid_issued_epoch( def test_static_session_invalid_issued_epoch(
self, self,
owner_wallet: WalletFile, owner_wallet: WalletFile,