2022-09-23 11:09:41 +00:00
|
|
|
import allure
|
|
|
|
import pytest
|
2022-10-11 08:18:08 +00:00
|
|
|
from file_helper import generate_file
|
2023-02-14 08:09:37 +00:00
|
|
|
from s3_helper import assert_s3_acl, object_key_from_file_path
|
2022-09-23 11:09:41 +00:00
|
|
|
|
|
|
|
from steps import s3_gate_bucket, s3_gate_object
|
|
|
|
from steps.s3_gate_base import TestS3GateBase
|
|
|
|
|
|
|
|
|
|
|
|
def pytest_generate_tests(metafunc):
|
|
|
|
if "s3_client" in metafunc.fixturenames:
|
|
|
|
metafunc.parametrize("s3_client", ["aws cli", "boto3"], indirect=True)
|
|
|
|
|
|
|
|
|
2022-11-10 05:27:52 +00:00
|
|
|
@pytest.mark.sanity
|
|
|
|
@pytest.mark.acl
|
2022-09-23 11:09:41 +00:00
|
|
|
@pytest.mark.s3_gate
|
|
|
|
class TestS3GateACL(TestS3GateBase):
|
|
|
|
@allure.title("Test S3: Object ACL")
|
2022-12-07 12:38:56 +00:00
|
|
|
def test_s3_object_ACL(self, bucket, simple_object_size):
|
|
|
|
file_path = generate_file(simple_object_size)
|
2022-09-23 11:09:41 +00:00
|
|
|
file_name = object_key_from_file_path(file_path)
|
|
|
|
|
|
|
|
with allure.step("Put object into bucket, Check ACL is empty"):
|
|
|
|
s3_gate_object.put_object_s3(self.s3_client, bucket, file_path)
|
|
|
|
obj_acl = s3_gate_object.get_object_acl_s3(self.s3_client, bucket, file_name)
|
|
|
|
assert obj_acl == [], f"Expected ACL is empty, got {obj_acl}"
|
|
|
|
|
|
|
|
with allure.step("Put object ACL = public-read"):
|
|
|
|
s3_gate_object.put_object_acl_s3(self.s3_client, bucket, file_name, "public-read")
|
|
|
|
obj_acl = s3_gate_object.get_object_acl_s3(self.s3_client, bucket, file_name)
|
2023-02-14 08:09:37 +00:00
|
|
|
assert_s3_acl(acl_grants=obj_acl, permitted_users="AllUsers")
|
2022-09-23 11:09:41 +00:00
|
|
|
|
|
|
|
with allure.step("Put object ACL = private"):
|
|
|
|
s3_gate_object.put_object_acl_s3(self.s3_client, bucket, file_name, "private")
|
|
|
|
obj_acl = s3_gate_object.get_object_acl_s3(self.s3_client, bucket, file_name)
|
2023-02-14 08:09:37 +00:00
|
|
|
assert_s3_acl(acl_grants=obj_acl, permitted_users="CanonicalUser")
|
2022-09-23 11:09:41 +00:00
|
|
|
|
|
|
|
with allure.step(
|
|
|
|
"Put object with grant-read uri=http://acs.amazonaws.com/groups/global/AllUsers"
|
|
|
|
):
|
|
|
|
s3_gate_object.put_object_acl_s3(
|
|
|
|
self.s3_client,
|
|
|
|
bucket,
|
|
|
|
file_name,
|
|
|
|
grant_read="uri=http://acs.amazonaws.com/groups/global/AllUsers",
|
|
|
|
)
|
|
|
|
obj_acl = s3_gate_object.get_object_acl_s3(self.s3_client, bucket, file_name)
|
2023-02-14 08:09:37 +00:00
|
|
|
assert_s3_acl(acl_grants=obj_acl, permitted_users="AllUsers")
|
2022-09-23 11:09:41 +00:00
|
|
|
|
|
|
|
@allure.title("Test S3: Bucket ACL")
|
|
|
|
def test_s3_bucket_ACL(self):
|
|
|
|
with allure.step("Create bucket with ACL = public-read-write"):
|
|
|
|
bucket = s3_gate_bucket.create_bucket_s3(self.s3_client, True, acl="public-read-write")
|
|
|
|
bucket_acl = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket)
|
2023-02-14 08:09:37 +00:00
|
|
|
assert_s3_acl(acl_grants=bucket_acl, permitted_users="AllUsers")
|
2022-09-23 11:09:41 +00:00
|
|
|
|
|
|
|
with allure.step("Change bucket ACL to private"):
|
|
|
|
s3_gate_bucket.put_bucket_acl_s3(self.s3_client, bucket, acl="private")
|
|
|
|
bucket_acl = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket)
|
2023-02-14 08:09:37 +00:00
|
|
|
assert_s3_acl(acl_grants=bucket_acl, permitted_users="CanonicalUser")
|
2022-09-23 11:09:41 +00:00
|
|
|
|
|
|
|
with allure.step(
|
|
|
|
"Change bucket acl to --grant-write uri=http://acs.amazonaws.com/groups/global/AllUsers"
|
|
|
|
):
|
|
|
|
s3_gate_bucket.put_bucket_acl_s3(
|
|
|
|
self.s3_client,
|
|
|
|
bucket,
|
|
|
|
grant_write="uri=http://acs.amazonaws.com/groups/global/AllUsers",
|
|
|
|
)
|
|
|
|
bucket_acl = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket)
|
2023-02-14 08:09:37 +00:00
|
|
|
assert_s3_acl(acl_grants=bucket_acl, permitted_users="AllUsers")
|