test_headers: add custom marks for auth_common/aws2/aws4

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 7993dd02a5)
This commit is contained in:
Casey Bodley 2023-01-25 17:04:04 -05:00 committed by Ali Maredia
parent 8a51654721
commit acec6abe78
3 changed files with 106 additions and 117 deletions

View file

@ -2,6 +2,9 @@
markers = markers =
abac_test abac_test
appendobject appendobject
auth_aws2
auth_aws4
auth_common
bucket_policy bucket_policy
bucket_encryption bucket_encryption
cloud_transition cloud_transition

View file

@ -168,18 +168,11 @@ def _setup_bad_object(headers=None, remove=None):
_add_custom_headers(headers=headers, remove=remove) _add_custom_headers(headers=headers, remove=remove)
return bucket.new_key('foo') return bucket.new_key('foo')
def tag(*tags):
def wrap(func):
for tag in tags:
setattr(func, tag, True)
return func
return wrap
# #
# common tests # common tests
# #
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_create_bad_contentlength_none(): def test_object_create_bad_contentlength_none():
key = _setup_bad_object(remove=('Content-Length',)) key = _setup_bad_object(remove=('Content-Length',))
@ -190,7 +183,7 @@ def test_object_create_bad_contentlength_none():
assert e.error_code == 'MissingContentLength' assert e.error_code == 'MissingContentLength'
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_bad_contentlength_mismatch_above(): def test_object_create_bad_contentlength_mismatch_above():
content = 'bar' content = 'bar'
@ -209,7 +202,7 @@ def test_object_create_bad_contentlength_mismatch_above():
assert e.error_code == 'RequestTimeout' assert e.error_code == 'RequestTimeout'
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_create_bad_authorization_empty(): def test_object_create_bad_authorization_empty():
key = _setup_bad_object({'Authorization': ''}) key = _setup_bad_object({'Authorization': ''})
@ -219,14 +212,14 @@ def test_object_create_bad_authorization_empty():
assert e.reason == 'Forbidden' assert e.reason == 'Forbidden'
assert e.error_code == 'AccessDenied' assert e.error_code == 'AccessDenied'
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_create_date_and_amz_date(): def test_object_create_date_and_amz_date():
date = formatdate(usegmt=True) date = formatdate(usegmt=True)
key = _setup_bad_object({'Date': date, 'X-Amz-Date': date}) key = _setup_bad_object({'Date': date, 'X-Amz-Date': date})
key.set_contents_from_string('bar') key.set_contents_from_string('bar')
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_create_amz_date_and_no_date(): def test_object_create_amz_date_and_no_date():
date = formatdate(usegmt=True) date = formatdate(usegmt=True)
@ -235,7 +228,7 @@ def test_object_create_amz_date_and_no_date():
# the teardown is really messed up here. check it out # the teardown is really messed up here. check it out
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_create_bad_authorization_none(): def test_object_create_bad_authorization_none():
key = _setup_bad_object(remove=('Authorization',)) key = _setup_bad_object(remove=('Authorization',))
@ -246,14 +239,14 @@ def test_object_create_bad_authorization_none():
assert e.error_code == 'AccessDenied' assert e.error_code == 'AccessDenied'
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_bucket_create_contentlength_none(): def test_bucket_create_contentlength_none():
_add_custom_headers(remove=('Content-Length',)) _add_custom_headers(remove=('Content-Length',))
get_new_bucket() get_new_bucket()
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_acl_create_contentlength_none(): def test_object_acl_create_contentlength_none():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -277,7 +270,7 @@ def _create_new_connection():
) )
return TargetConnection(targets.main.default.conf, conn) return TargetConnection(targets.main.default.conf, conn)
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_bucket_create_bad_contentlength_empty(): def test_bucket_create_bad_contentlength_empty():
conn = _create_new_connection() conn = _create_new_connection()
@ -287,14 +280,14 @@ def test_bucket_create_bad_contentlength_empty():
assert e.reason.lower() == 'bad request' # some proxies vary the case assert e.reason.lower() == 'bad request' # some proxies vary the case
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_bucket_create_bad_contentlength_none(): def test_bucket_create_bad_contentlength_none():
_add_custom_headers(remove=('Content-Length',)) _add_custom_headers(remove=('Content-Length',))
bucket = get_new_bucket() bucket = get_new_bucket()
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_bucket_create_bad_authorization_empty(): def test_bucket_create_bad_authorization_empty():
_add_custom_headers({'Authorization': ''}) _add_custom_headers({'Authorization': ''})
@ -305,7 +298,7 @@ def test_bucket_create_bad_authorization_empty():
# the teardown is really messed up here. check it out # the teardown is really messed up here. check it out
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_bucket_create_bad_authorization_none(): def test_bucket_create_bad_authorization_none():
_add_custom_headers(remove=('Authorization',)) _add_custom_headers(remove=('Authorization',))
@ -318,7 +311,7 @@ def test_bucket_create_bad_authorization_none():
# AWS2 specific tests # AWS2 specific tests
# #
@tag('auth_aws2') @pytest.mark.auth_aws2
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_create_bad_contentlength_mismatch_below_aws2(): def test_object_create_bad_contentlength_mismatch_below_aws2():
check_aws2_support() check_aws2_support()
@ -331,7 +324,7 @@ def test_object_create_bad_contentlength_mismatch_below_aws2():
assert e.error_code == 'BadDigest' assert e.error_code == 'BadDigest'
@tag('auth_aws2') @pytest.mark.auth_aws2
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_create_bad_authorization_incorrect_aws2(): def test_object_create_bad_authorization_incorrect_aws2():
check_aws2_support() check_aws2_support()
@ -342,7 +335,7 @@ def test_object_create_bad_authorization_incorrect_aws2():
assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch', 'InvalidAccessKeyId') assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch', 'InvalidAccessKeyId')
@tag('auth_aws2') @pytest.mark.auth_aws2
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_create_bad_authorization_invalid_aws2(): def test_object_create_bad_authorization_invalid_aws2():
check_aws2_support() check_aws2_support()
@ -352,7 +345,7 @@ def test_object_create_bad_authorization_invalid_aws2():
assert e.reason.lower() == 'bad request' # some proxies vary the case assert e.reason.lower() == 'bad request' # some proxies vary the case
assert e.error_code == 'InvalidArgument' assert e.error_code == 'InvalidArgument'
@tag('auth_aws2') @pytest.mark.auth_aws2
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_object_create_bad_date_none_aws2(): def test_object_create_bad_date_none_aws2():
check_aws2_support() check_aws2_support()
@ -363,7 +356,7 @@ def test_object_create_bad_date_none_aws2():
assert e.error_code == 'AccessDenied' assert e.error_code == 'AccessDenied'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_bucket_create_bad_authorization_invalid_aws2(): def test_bucket_create_bad_authorization_invalid_aws2():
check_aws2_support() check_aws2_support()
_add_custom_headers({'Authorization': 'AWS HAHAHA'}) _add_custom_headers({'Authorization': 'AWS HAHAHA'})
@ -372,7 +365,7 @@ def test_bucket_create_bad_authorization_invalid_aws2():
assert e.reason.lower() == 'bad request' # some proxies vary the case assert e.reason.lower() == 'bad request' # some proxies vary the case
assert e.error_code == 'InvalidArgument' assert e.error_code == 'InvalidArgument'
@tag('auth_aws2') @pytest.mark.auth_aws2
@pytest.mark.fails_on_dbstore @pytest.mark.fails_on_dbstore
def test_bucket_create_bad_date_none_aws2(): def test_bucket_create_bad_date_none_aws2():
check_aws2_support() check_aws2_support()
@ -395,7 +388,7 @@ def check_aws2_support():
pytest.skip('sigv2 tests disabled by S3_USE_SIGV4') pytest.skip('sigv2 tests disabled by S3_USE_SIGV4')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_md5_invalid_garbage_aws4(): def test_object_create_bad_md5_invalid_garbage_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'Content-MD5':'AWS4 HAHAHA'}) key = _setup_bad_object({'Content-MD5':'AWS4 HAHAHA'})
@ -406,7 +399,7 @@ def test_object_create_bad_md5_invalid_garbage_aws4():
assert e.error_code == 'InvalidDigest' assert e.error_code == 'InvalidDigest'
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_contentlength_mismatch_below_aws4(): def test_object_create_bad_contentlength_mismatch_below_aws4():
check_aws4_support() check_aws4_support()
content = 'bar' content = 'bar'
@ -419,7 +412,7 @@ def test_object_create_bad_contentlength_mismatch_below_aws4():
assert e.error_code == 'XAmzContentSHA256Mismatch' assert e.error_code == 'XAmzContentSHA256Mismatch'
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_authorization_incorrect_aws4(): def test_object_create_bad_authorization_incorrect_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'Authorization': 'AWS4-HMAC-SHA256 Credential=AKIAIGR7ZNNBHC5BKSUB/20150930/us-east-1/s3/aws4_request,SignedHeaders=host;user-agent,Signature=FWeDfwojDSdS2Ztmpfeubhd9isU='}) key = _setup_bad_object({'Authorization': 'AWS4-HMAC-SHA256 Credential=AKIAIGR7ZNNBHC5BKSUB/20150930/us-east-1/s3/aws4_request,SignedHeaders=host;user-agent,Signature=FWeDfwojDSdS2Ztmpfeubhd9isU='})
@ -430,7 +423,7 @@ def test_object_create_bad_authorization_incorrect_aws4():
assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch', 'InvalidAccessKeyId') assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch', 'InvalidAccessKeyId')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_authorization_invalid_aws4(): def test_object_create_bad_authorization_invalid_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'Authorization': 'AWS4-HMAC-SHA256 Credential=HAHAHA'}) key = _setup_bad_object({'Authorization': 'AWS4-HMAC-SHA256 Credential=HAHAHA'})
@ -441,7 +434,7 @@ def test_object_create_bad_authorization_invalid_aws4():
assert e.error_code in ('AuthorizationHeaderMalformed', 'InvalidArgument') assert e.error_code in ('AuthorizationHeaderMalformed', 'InvalidArgument')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_ua_empty_aws4(): def test_object_create_bad_ua_empty_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'User-Agent': ''}) key = _setup_bad_object({'User-Agent': ''})
@ -452,7 +445,7 @@ def test_object_create_bad_ua_empty_aws4():
assert e.error_code == 'SignatureDoesNotMatch' assert e.error_code == 'SignatureDoesNotMatch'
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_ua_none_aws4(): def test_object_create_bad_ua_none_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object(remove=('User-Agent',)) key = _setup_bad_object(remove=('User-Agent',))
@ -463,14 +456,14 @@ def test_object_create_bad_ua_none_aws4():
assert e.error_code == 'SignatureDoesNotMatch' assert e.error_code == 'SignatureDoesNotMatch'
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_date_invalid_aws4(): def test_object_create_bad_date_invalid_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'Date': 'Bad Date'}) key = _setup_bad_object({'Date': 'Bad Date'})
key.set_contents_from_string('bar') key.set_contents_from_string('bar')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_amz_date_invalid_aws4(): def test_object_create_bad_amz_date_invalid_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'X-Amz-Date': 'Bad Date'}) key = _setup_bad_object({'X-Amz-Date': 'Bad Date'})
@ -481,14 +474,14 @@ def test_object_create_bad_amz_date_invalid_aws4():
assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch') assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_date_empty_aws4(): def test_object_create_bad_date_empty_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'Date': ''}) key = _setup_bad_object({'Date': ''})
key.set_contents_from_string('bar') key.set_contents_from_string('bar')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_amz_date_empty_aws4(): def test_object_create_bad_amz_date_empty_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'X-Amz-Date': ''}) key = _setup_bad_object({'X-Amz-Date': ''})
@ -499,14 +492,14 @@ def test_object_create_bad_amz_date_empty_aws4():
assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch') assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_date_none_aws4(): def test_object_create_bad_date_none_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object(remove=('Date',)) key = _setup_bad_object(remove=('Date',))
key.set_contents_from_string('bar') key.set_contents_from_string('bar')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_amz_date_none_aws4(): def test_object_create_bad_amz_date_none_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object(remove=('X-Amz-Date',)) key = _setup_bad_object(remove=('X-Amz-Date',))
@ -517,14 +510,14 @@ def test_object_create_bad_amz_date_none_aws4():
assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch') assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_date_before_today_aws4(): def test_object_create_bad_date_before_today_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'Date': 'Tue, 07 Jul 2010 21:53:04 GMT'}) key = _setup_bad_object({'Date': 'Tue, 07 Jul 2010 21:53:04 GMT'})
key.set_contents_from_string('bar') key.set_contents_from_string('bar')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_amz_date_before_today_aws4(): def test_object_create_bad_amz_date_before_today_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'X-Amz-Date': '20100707T215304Z'}) key = _setup_bad_object({'X-Amz-Date': '20100707T215304Z'})
@ -535,14 +528,14 @@ def test_object_create_bad_amz_date_before_today_aws4():
assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch') assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_date_after_today_aws4(): def test_object_create_bad_date_after_today_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'Date': 'Tue, 07 Jul 2030 21:53:04 GMT'}) key = _setup_bad_object({'Date': 'Tue, 07 Jul 2030 21:53:04 GMT'})
key.set_contents_from_string('bar') key.set_contents_from_string('bar')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_amz_date_after_today_aws4(): def test_object_create_bad_amz_date_after_today_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'X-Amz-Date': '20300707T215304Z'}) key = _setup_bad_object({'X-Amz-Date': '20300707T215304Z'})
@ -553,14 +546,14 @@ def test_object_create_bad_amz_date_after_today_aws4():
assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch') assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_date_before_epoch_aws4(): def test_object_create_bad_date_before_epoch_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'Date': 'Tue, 07 Jul 1950 21:53:04 GMT'}) key = _setup_bad_object({'Date': 'Tue, 07 Jul 1950 21:53:04 GMT'})
key.set_contents_from_string('bar') key.set_contents_from_string('bar')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_amz_date_before_epoch_aws4(): def test_object_create_bad_amz_date_before_epoch_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'X-Amz-Date': '19500707T215304Z'}) key = _setup_bad_object({'X-Amz-Date': '19500707T215304Z'})
@ -571,14 +564,14 @@ def test_object_create_bad_amz_date_before_epoch_aws4():
assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch') assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_date_after_end_aws4(): def test_object_create_bad_date_after_end_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'Date': 'Tue, 07 Jul 9999 21:53:04 GMT'}) key = _setup_bad_object({'Date': 'Tue, 07 Jul 9999 21:53:04 GMT'})
key.set_contents_from_string('bar') key.set_contents_from_string('bar')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_bad_amz_date_after_end_aws4(): def test_object_create_bad_amz_date_after_end_aws4():
check_aws4_support() check_aws4_support()
key = _setup_bad_object({'X-Amz-Date': '99990707T215304Z'}) key = _setup_bad_object({'X-Amz-Date': '99990707T215304Z'})
@ -589,7 +582,7 @@ def test_object_create_bad_amz_date_after_end_aws4():
assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch') assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_missing_signed_custom_header_aws4(): def test_object_create_missing_signed_custom_header_aws4():
check_aws4_support() check_aws4_support()
method='PUT' method='PUT'
@ -615,7 +608,7 @@ def test_object_create_missing_signed_custom_header_aws4():
assert res.reason == 'Forbidden' assert res.reason == 'Forbidden'
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_object_create_missing_signed_header_aws4(): def test_object_create_missing_signed_header_aws4():
check_aws4_support() check_aws4_support()
method='PUT' method='PUT'
@ -642,7 +635,7 @@ def test_object_create_missing_signed_header_aws4():
assert res.reason == 'Forbidden' assert res.reason == 'Forbidden'
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_authorization_invalid_aws4(): def test_bucket_create_bad_authorization_invalid_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'Authorization': 'AWS4 HAHAHA'}) _add_custom_headers({'Authorization': 'AWS4 HAHAHA'})
@ -653,7 +646,7 @@ def test_bucket_create_bad_authorization_invalid_aws4():
assert e.error_code == 'InvalidArgument' assert e.error_code == 'InvalidArgument'
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_ua_empty_aws4(): def test_bucket_create_bad_ua_empty_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'User-Agent': ''}) _add_custom_headers({'User-Agent': ''})
@ -663,7 +656,7 @@ def test_bucket_create_bad_ua_empty_aws4():
assert e.reason == 'Forbidden' assert e.reason == 'Forbidden'
assert e.error_code == 'SignatureDoesNotMatch' assert e.error_code == 'SignatureDoesNotMatch'
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_ua_none_aws4(): def test_bucket_create_bad_ua_none_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers(remove=('User-Agent',)) _add_custom_headers(remove=('User-Agent',))
@ -674,14 +667,14 @@ def test_bucket_create_bad_ua_none_aws4():
assert e.error_code == 'SignatureDoesNotMatch' assert e.error_code == 'SignatureDoesNotMatch'
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_date_invalid_aws4(): def test_bucket_create_bad_date_invalid_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'Date': 'Bad Date'}) _add_custom_headers({'Date': 'Bad Date'})
get_new_bucket() get_new_bucket()
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_amz_date_invalid_aws4(): def test_bucket_create_bad_amz_date_invalid_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'X-Amz-Date': 'Bad Date'}) _add_custom_headers({'X-Amz-Date': 'Bad Date'})
@ -692,14 +685,14 @@ def test_bucket_create_bad_amz_date_invalid_aws4():
assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch') assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_date_empty_aws4(): def test_bucket_create_bad_date_empty_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'Date': ''}) _add_custom_headers({'Date': ''})
get_new_bucket() get_new_bucket()
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_amz_date_empty_aws4(): def test_bucket_create_bad_amz_date_empty_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'X-Amz-Date': ''}) _add_custom_headers({'X-Amz-Date': ''})
@ -709,14 +702,14 @@ def test_bucket_create_bad_amz_date_empty_aws4():
assert e.reason == 'Forbidden' assert e.reason == 'Forbidden'
assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch') assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_date_none_aws4(): def test_bucket_create_bad_date_none_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers(remove=('Date',)) _add_custom_headers(remove=('Date',))
get_new_bucket() get_new_bucket()
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_amz_date_none_aws4(): def test_bucket_create_bad_amz_date_none_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers(remove=('X-Amz-Date',)) _add_custom_headers(remove=('X-Amz-Date',))
@ -727,14 +720,14 @@ def test_bucket_create_bad_amz_date_none_aws4():
assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch') assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_date_before_today_aws4(): def test_bucket_create_bad_date_before_today_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'Date': 'Tue, 07 Jul 2010 21:53:04 GMT'}) _add_custom_headers({'Date': 'Tue, 07 Jul 2010 21:53:04 GMT'})
get_new_bucket() get_new_bucket()
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_amz_date_before_today_aws4(): def test_bucket_create_bad_amz_date_before_today_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'X-Amz-Date': '20100707T215304Z'}) _add_custom_headers({'X-Amz-Date': '20100707T215304Z'})
@ -745,14 +738,14 @@ def test_bucket_create_bad_amz_date_before_today_aws4():
assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch') assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_date_after_today_aws4(): def test_bucket_create_bad_date_after_today_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'Date': 'Tue, 07 Jul 2030 21:53:04 GMT'}) _add_custom_headers({'Date': 'Tue, 07 Jul 2030 21:53:04 GMT'})
get_new_bucket() get_new_bucket()
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_amz_date_after_today_aws4(): def test_bucket_create_bad_amz_date_after_today_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'X-Amz-Date': '20300707T215304Z'}) _add_custom_headers({'X-Amz-Date': '20300707T215304Z'})
@ -763,14 +756,14 @@ def test_bucket_create_bad_amz_date_after_today_aws4():
assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch') assert e.error_code in ('RequestTimeTooSkewed', 'SignatureDoesNotMatch')
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_date_before_epoch_aws4(): def test_bucket_create_bad_date_before_epoch_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'Date': 'Tue, 07 Jul 1950 21:53:04 GMT'}) _add_custom_headers({'Date': 'Tue, 07 Jul 1950 21:53:04 GMT'})
get_new_bucket() get_new_bucket()
@tag('auth_aws4') @pytest.mark.auth_aws4
def test_bucket_create_bad_amz_date_before_epoch_aws4(): def test_bucket_create_bad_amz_date_before_epoch_aws4():
check_aws4_support() check_aws4_support()
_add_custom_headers({'X-Amz-Date': '19500707T215304Z'}) _add_custom_headers({'X-Amz-Date': '19500707T215304Z'})

View file

@ -149,63 +149,56 @@ def _remove_header_create_bad_bucket(remove, client=None):
return e return e
def tag(*tags):
def wrap(func):
for tag in tags:
setattr(func, tag, True)
return func
return wrap
# #
# common tests # common tests
# #
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_md5_invalid_short(): def test_object_create_bad_md5_invalid_short():
e = _add_header_create_bad_object({'Content-MD5':'YWJyYWNhZGFicmE='}) e = _add_header_create_bad_object({'Content-MD5':'YWJyYWNhZGFicmE='})
status, error_code = _get_status_and_error_code(e.response) status, error_code = _get_status_and_error_code(e.response)
assert status == 400 assert status == 400
assert error_code == 'InvalidDigest' assert error_code == 'InvalidDigest'
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_md5_bad(): def test_object_create_bad_md5_bad():
e = _add_header_create_bad_object({'Content-MD5':'rL0Y20xC+Fzt72VPzMSk2A=='}) e = _add_header_create_bad_object({'Content-MD5':'rL0Y20xC+Fzt72VPzMSk2A=='})
status, error_code = _get_status_and_error_code(e.response) status, error_code = _get_status_and_error_code(e.response)
assert status == 400 assert status == 400
assert error_code == 'BadDigest' assert error_code == 'BadDigest'
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_md5_empty(): def test_object_create_bad_md5_empty():
e = _add_header_create_bad_object({'Content-MD5':''}) e = _add_header_create_bad_object({'Content-MD5':''})
status, error_code = _get_status_and_error_code(e.response) status, error_code = _get_status_and_error_code(e.response)
assert status == 400 assert status == 400
assert error_code == 'InvalidDigest' assert error_code == 'InvalidDigest'
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_md5_none(): def test_object_create_bad_md5_none():
bucket_name, key_name = _remove_header_create_object('Content-MD5') bucket_name, key_name = _remove_header_create_object('Content-MD5')
client = get_client() client = get_client()
client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_expect_mismatch(): def test_object_create_bad_expect_mismatch():
bucket_name, key_name = _add_header_create_object({'Expect': 200}) bucket_name, key_name = _add_header_create_object({'Expect': 200})
client = get_client() client = get_client()
client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_expect_empty(): def test_object_create_bad_expect_empty():
bucket_name, key_name = _add_header_create_object({'Expect': ''}) bucket_name, key_name = _add_header_create_object({'Expect': ''})
client = get_client() client = get_client()
client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_expect_none(): def test_object_create_bad_expect_none():
bucket_name, key_name = _remove_header_create_object('Expect') bucket_name, key_name = _remove_header_create_object('Expect')
client = get_client() client = get_client()
client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_bad_contentlength_empty(): def test_object_create_bad_contentlength_empty():
@ -213,7 +206,7 @@ def test_object_create_bad_contentlength_empty():
status, error_code = _get_status_and_error_code(e.response) status, error_code = _get_status_and_error_code(e.response)
assert status == 400 assert status == 400
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_mod_proxy_fcgi @pytest.mark.fails_on_mod_proxy_fcgi
def test_object_create_bad_contentlength_negative(): def test_object_create_bad_contentlength_negative():
client = get_client() client = get_client()
@ -223,7 +216,7 @@ def test_object_create_bad_contentlength_negative():
status = _get_status(e.response) status = _get_status(e.response)
assert status == 400 assert status == 400
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_bad_contentlength_none(): def test_object_create_bad_contentlength_none():
@ -233,20 +226,20 @@ def test_object_create_bad_contentlength_none():
assert status == 411 assert status == 411
assert error_code == 'MissingContentLength' assert error_code == 'MissingContentLength'
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_contenttype_invalid(): def test_object_create_bad_contenttype_invalid():
bucket_name, key_name = _add_header_create_object({'Content-Type': 'text/plain'}) bucket_name, key_name = _add_header_create_object({'Content-Type': 'text/plain'})
client = get_client() client = get_client()
client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_contenttype_empty(): def test_object_create_bad_contenttype_empty():
client = get_client() client = get_client()
key_name = 'foo' key_name = 'foo'
bucket_name = get_new_bucket() bucket_name = get_new_bucket()
client.put_object(Bucket=bucket_name, Key=key_name, Body='bar', ContentType='') client.put_object(Bucket=bucket_name, Key=key_name, Body='bar', ContentType='')
@tag('auth_common') @pytest.mark.auth_common
def test_object_create_bad_contenttype_none(): def test_object_create_bad_contenttype_none():
bucket_name = get_new_bucket() bucket_name = get_new_bucket()
key_name = 'foo' key_name = 'foo'
@ -255,7 +248,7 @@ def test_object_create_bad_contenttype_none():
client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the authorization header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the authorization header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_bad_authorization_empty(): def test_object_create_bad_authorization_empty():
@ -263,7 +256,7 @@ def test_object_create_bad_authorization_empty():
status, error_code = _get_status_and_error_code(e.response) status, error_code = _get_status_and_error_code(e.response)
assert status == 403 assert status == 403
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to pass both the 'Date' and 'X-Amz-Date' header during signing and not 'X-Amz-Date' before # TODO: remove 'fails_on_rgw' and once we have learned how to pass both the 'Date' and 'X-Amz-Date' header during signing and not 'X-Amz-Date' before
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_date_and_amz_date(): def test_object_create_date_and_amz_date():
@ -272,7 +265,7 @@ def test_object_create_date_and_amz_date():
client = get_client() client = get_client()
client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to pass both the 'Date' and 'X-Amz-Date' header during signing and not 'X-Amz-Date' before # TODO: remove 'fails_on_rgw' and once we have learned how to pass both the 'Date' and 'X-Amz-Date' header during signing and not 'X-Amz-Date' before
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_amz_date_and_no_date(): def test_object_create_amz_date_and_no_date():
@ -282,7 +275,7 @@ def test_object_create_amz_date_and_no_date():
client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
# the teardown is really messed up here. check it out # the teardown is really messed up here. check it out
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the authorization header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the authorization header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_bad_authorization_none(): def test_object_create_bad_authorization_none():
@ -290,14 +283,14 @@ def test_object_create_bad_authorization_none():
status, error_code = _get_status_and_error_code(e.response) status, error_code = _get_status_and_error_code(e.response)
assert status == 403 assert status == 403
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_bucket_create_contentlength_none(): def test_bucket_create_contentlength_none():
remove = 'Content-Length' remove = 'Content-Length'
_remove_header_create_bucket(remove) _remove_header_create_bucket(remove)
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_acl_create_contentlength_none(): def test_object_acl_create_contentlength_none():
@ -313,7 +306,7 @@ def test_object_acl_create_contentlength_none():
client.meta.events.register('before-call.s3.PutObjectAcl', remove_header) client.meta.events.register('before-call.s3.PutObjectAcl', remove_header)
client.put_object_acl(Bucket=bucket_name, Key='foo', ACL='public-read') client.put_object_acl(Bucket=bucket_name, Key='foo', ACL='public-read')
@tag('auth_common') @pytest.mark.auth_common
def test_bucket_put_bad_canned_acl(): def test_bucket_put_bad_canned_acl():
bucket_name = get_new_bucket() bucket_name = get_new_bucket()
client = get_client() client = get_client()
@ -326,7 +319,7 @@ def test_bucket_put_bad_canned_acl():
status = _get_status(e.response) status = _get_status(e.response)
assert status == 400 assert status == 400
@tag('auth_common') @pytest.mark.auth_common
def test_bucket_create_bad_expect_mismatch(): def test_bucket_create_bad_expect_mismatch():
bucket_name = get_new_bucket_name() bucket_name = get_new_bucket_name()
client = get_client() client = get_client()
@ -336,12 +329,12 @@ def test_bucket_create_bad_expect_mismatch():
client.meta.events.register('before-call.s3.CreateBucket', add_headers) client.meta.events.register('before-call.s3.CreateBucket', add_headers)
client.create_bucket(Bucket=bucket_name) client.create_bucket(Bucket=bucket_name)
@tag('auth_common') @pytest.mark.auth_common
def test_bucket_create_bad_expect_empty(): def test_bucket_create_bad_expect_empty():
headers = {'Expect': ''} headers = {'Expect': ''}
_add_header_create_bucket(headers) _add_header_create_bucket(headers)
@tag('auth_common') @pytest.mark.auth_common
# TODO: The request isn't even making it to the RGW past the frontend # TODO: The request isn't even making it to the RGW past the frontend
# This test had 'fails_on_rgw' before the move to boto3 # This test had 'fails_on_rgw' before the move to boto3
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
@ -351,7 +344,7 @@ def test_bucket_create_bad_contentlength_empty():
status, error_code = _get_status_and_error_code(e.response) status, error_code = _get_status_and_error_code(e.response)
assert status == 400 assert status == 400
@tag('auth_common') @pytest.mark.auth_common
@pytest.mark.fails_on_mod_proxy_fcgi @pytest.mark.fails_on_mod_proxy_fcgi
def test_bucket_create_bad_contentlength_negative(): def test_bucket_create_bad_contentlength_negative():
headers = {'Content-Length': '-1'} headers = {'Content-Length': '-1'}
@ -359,14 +352,14 @@ def test_bucket_create_bad_contentlength_negative():
status = _get_status(e.response) status = _get_status(e.response)
assert status == 400 assert status == 400
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the content-length header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_bucket_create_bad_contentlength_none(): def test_bucket_create_bad_contentlength_none():
remove = 'Content-Length' remove = 'Content-Length'
_remove_header_create_bucket(remove) _remove_header_create_bucket(remove)
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the authorization header # TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the authorization header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_bucket_create_bad_authorization_empty(): def test_bucket_create_bad_authorization_empty():
@ -376,7 +369,7 @@ def test_bucket_create_bad_authorization_empty():
assert status == 403 assert status == 403
assert error_code == 'AccessDenied' assert error_code == 'AccessDenied'
@tag('auth_common') @pytest.mark.auth_common
# TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the authorization header # TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the authorization header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_bucket_create_bad_authorization_none(): def test_bucket_create_bad_authorization_none():
@ -385,7 +378,7 @@ def test_bucket_create_bad_authorization_none():
assert status == 403 assert status == 403
assert error_code == 'AccessDenied' assert error_code == 'AccessDenied'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_object_create_bad_md5_invalid_garbage_aws2(): def test_object_create_bad_md5_invalid_garbage_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'Content-MD5': 'AWS HAHAHA'} headers = {'Content-MD5': 'AWS HAHAHA'}
@ -394,7 +387,7 @@ def test_object_create_bad_md5_invalid_garbage_aws2():
assert status == 400 assert status == 400
assert error_code == 'InvalidDigest' assert error_code == 'InvalidDigest'
@tag('auth_aws2') @pytest.mark.auth_aws2
# TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the Content-Length header # TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the Content-Length header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_bad_contentlength_mismatch_below_aws2(): def test_object_create_bad_contentlength_mismatch_below_aws2():
@ -407,7 +400,7 @@ def test_object_create_bad_contentlength_mismatch_below_aws2():
assert status == 400 assert status == 400
assert error_code == 'BadDigest' assert error_code == 'BadDigest'
@tag('auth_aws2') @pytest.mark.auth_aws2
# TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the authorization header # TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the authorization header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_bad_authorization_incorrect_aws2(): def test_object_create_bad_authorization_incorrect_aws2():
@ -418,7 +411,7 @@ def test_object_create_bad_authorization_incorrect_aws2():
assert status == 403 assert status == 403
assert error_code == 'InvalidDigest' assert error_code == 'InvalidDigest'
@tag('auth_aws2') @pytest.mark.auth_aws2
# TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the authorization header # TODO: remove 'fails_on_rgw' and once we have learned how to manipulate the authorization header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_bad_authorization_invalid_aws2(): def test_object_create_bad_authorization_invalid_aws2():
@ -429,21 +422,21 @@ def test_object_create_bad_authorization_invalid_aws2():
assert status == 400 assert status == 400
assert error_code == 'InvalidArgument' assert error_code == 'InvalidArgument'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_object_create_bad_ua_empty_aws2(): def test_object_create_bad_ua_empty_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'User-Agent': ''} headers = {'User-Agent': ''}
bucket_name, key_name = _add_header_create_object(headers, v2_client) bucket_name, key_name = _add_header_create_object(headers, v2_client)
v2_client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') v2_client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_object_create_bad_ua_none_aws2(): def test_object_create_bad_ua_none_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
remove = 'User-Agent' remove = 'User-Agent'
bucket_name, key_name = _remove_header_create_object(remove, v2_client) bucket_name, key_name = _remove_header_create_object(remove, v2_client)
v2_client.put_object(Bucket=bucket_name, Key=key_name, Body='bar') v2_client.put_object(Bucket=bucket_name, Key=key_name, Body='bar')
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_object_create_bad_date_invalid_aws2(): def test_object_create_bad_date_invalid_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Bad Date'} headers = {'x-amz-date': 'Bad Date'}
@ -452,7 +445,7 @@ def test_object_create_bad_date_invalid_aws2():
assert status == 403 assert status == 403
assert error_code == 'AccessDenied' assert error_code == 'AccessDenied'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_object_create_bad_date_empty_aws2(): def test_object_create_bad_date_empty_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': ''} headers = {'x-amz-date': ''}
@ -461,7 +454,7 @@ def test_object_create_bad_date_empty_aws2():
assert status == 403 assert status == 403
assert error_code == 'AccessDenied' assert error_code == 'AccessDenied'
@tag('auth_aws2') @pytest.mark.auth_aws2
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the date header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the date header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_object_create_bad_date_none_aws2(): def test_object_create_bad_date_none_aws2():
@ -472,7 +465,7 @@ def test_object_create_bad_date_none_aws2():
assert status == 403 assert status == 403
assert error_code == 'AccessDenied' assert error_code == 'AccessDenied'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_object_create_bad_date_before_today_aws2(): def test_object_create_bad_date_before_today_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Tue, 07 Jul 2010 21:53:04 GMT'} headers = {'x-amz-date': 'Tue, 07 Jul 2010 21:53:04 GMT'}
@ -481,7 +474,7 @@ def test_object_create_bad_date_before_today_aws2():
assert status == 403 assert status == 403
assert error_code == 'RequestTimeTooSkewed' assert error_code == 'RequestTimeTooSkewed'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_object_create_bad_date_before_epoch_aws2(): def test_object_create_bad_date_before_epoch_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Tue, 07 Jul 1950 21:53:04 GMT'} headers = {'x-amz-date': 'Tue, 07 Jul 1950 21:53:04 GMT'}
@ -490,7 +483,7 @@ def test_object_create_bad_date_before_epoch_aws2():
assert status == 403 assert status == 403
assert error_code == 'AccessDenied' assert error_code == 'AccessDenied'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_object_create_bad_date_after_end_aws2(): def test_object_create_bad_date_after_end_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Tue, 07 Jul 9999 21:53:04 GMT'} headers = {'x-amz-date': 'Tue, 07 Jul 9999 21:53:04 GMT'}
@ -499,7 +492,7 @@ def test_object_create_bad_date_after_end_aws2():
assert status == 403 assert status == 403
assert error_code == 'RequestTimeTooSkewed' assert error_code == 'RequestTimeTooSkewed'
@tag('auth_aws2') @pytest.mark.auth_aws2
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the date header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the date header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_bucket_create_bad_authorization_invalid_aws2(): def test_bucket_create_bad_authorization_invalid_aws2():
@ -510,19 +503,19 @@ def test_bucket_create_bad_authorization_invalid_aws2():
assert status == 400 assert status == 400
assert error_code == 'InvalidArgument' assert error_code == 'InvalidArgument'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_bucket_create_bad_ua_empty_aws2(): def test_bucket_create_bad_ua_empty_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'User-Agent': ''} headers = {'User-Agent': ''}
_add_header_create_bucket(headers, v2_client) _add_header_create_bucket(headers, v2_client)
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_bucket_create_bad_ua_none_aws2(): def test_bucket_create_bad_ua_none_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
remove = 'User-Agent' remove = 'User-Agent'
_remove_header_create_bucket(remove, v2_client) _remove_header_create_bucket(remove, v2_client)
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_bucket_create_bad_date_invalid_aws2(): def test_bucket_create_bad_date_invalid_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Bad Date'} headers = {'x-amz-date': 'Bad Date'}
@ -531,7 +524,7 @@ def test_bucket_create_bad_date_invalid_aws2():
assert status == 403 assert status == 403
assert error_code == 'AccessDenied' assert error_code == 'AccessDenied'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_bucket_create_bad_date_empty_aws2(): def test_bucket_create_bad_date_empty_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': ''} headers = {'x-amz-date': ''}
@ -540,7 +533,7 @@ def test_bucket_create_bad_date_empty_aws2():
assert status == 403 assert status == 403
assert error_code == 'AccessDenied' assert error_code == 'AccessDenied'
@tag('auth_aws2') @pytest.mark.auth_aws2
# TODO: remove 'fails_on_rgw' and once we have learned how to remove the date header # TODO: remove 'fails_on_rgw' and once we have learned how to remove the date header
@pytest.mark.fails_on_rgw @pytest.mark.fails_on_rgw
def test_bucket_create_bad_date_none_aws2(): def test_bucket_create_bad_date_none_aws2():
@ -551,7 +544,7 @@ def test_bucket_create_bad_date_none_aws2():
assert status == 403 assert status == 403
assert error_code == 'AccessDenied' assert error_code == 'AccessDenied'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_bucket_create_bad_date_before_today_aws2(): def test_bucket_create_bad_date_before_today_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Tue, 07 Jul 2010 21:53:04 GMT'} headers = {'x-amz-date': 'Tue, 07 Jul 2010 21:53:04 GMT'}
@ -560,7 +553,7 @@ def test_bucket_create_bad_date_before_today_aws2():
assert status == 403 assert status == 403
assert error_code == 'RequestTimeTooSkewed' assert error_code == 'RequestTimeTooSkewed'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_bucket_create_bad_date_after_today_aws2(): def test_bucket_create_bad_date_after_today_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Tue, 07 Jul 2030 21:53:04 GMT'} headers = {'x-amz-date': 'Tue, 07 Jul 2030 21:53:04 GMT'}
@ -569,7 +562,7 @@ def test_bucket_create_bad_date_after_today_aws2():
assert status == 403 assert status == 403
assert error_code == 'RequestTimeTooSkewed' assert error_code == 'RequestTimeTooSkewed'
@tag('auth_aws2') @pytest.mark.auth_aws2
def test_bucket_create_bad_date_before_epoch_aws2(): def test_bucket_create_bad_date_before_epoch_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Tue, 07 Jul 1950 21:53:04 GMT'} headers = {'x-amz-date': 'Tue, 07 Jul 1950 21:53:04 GMT'}