dstepanov-yadro/frostfs-node
1
0
Fork 0
forked from TrueCloudLab/frostfs-node
Code Issues Pull requests Projects Releases Packages Wiki Activity
frostfs-node/pkg/services/object/acl/acl_test.go
Leonard Lyubich 7a13053fab [#818] object/acl: Fit sticky bit specification 
In previous implementation sticky bit could disrupt access of container
nodes to replication. According to NeoFS specification sticky bit should not
affect the requests sent by nodes from SYSTEM group.

Add role check to `stickyBitCheck`.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-09-10 15:14:59 +03:00

53 lines
1.5 KiB
Go
Raw Blame History

package acl
import (
"testing"
"github.com/nspcc-dev/neofs-api-go/pkg/acl/eacl"
ownertest "github.com/nspcc-dev/neofs-api-go/pkg/owner/test"
"github.com/nspcc-dev/neofs-api-go/v2/acl"
acltest "github.com/nspcc-dev/neofs-api-go/v2/acl/test"
"github.com/nspcc-dev/neofs-api-go/v2/session"
sessiontest "github.com/nspcc-dev/neofs-api-go/v2/session/test"
"github.com/stretchr/testify/require"
)
func TestOriginalTokens(t *testing.T) {
sToken := sessiontest.GenerateSessionToken(false)
bToken := acltest.GenerateBearerToken(false)
for i := 0; i < 10; i++ {
metaHeaders := testGenerateMetaHeader(uint32(i), bToken, sToken)
require.Equal(t, sToken, originalSessionToken(metaHeaders), i)
require.Equal(t, bToken, originalBearerToken(metaHeaders), i)
}
}
func testGenerateMetaHeader(depth uint32, b *acl.BearerToken, s *session.SessionToken) *session.RequestMetaHeader {
metaHeader := new(session.RequestMetaHeader)
metaHeader.SetBearerToken(b)
metaHeader.SetSessionToken(s)
for i := uint32(0); i < depth; i++ {
link := metaHeader
metaHeader = new(session.RequestMetaHeader)
metaHeader.SetOrigin(link)
}
return metaHeader
}
func TestStickyCheck(t *testing.T) {
t.Run("system role", func(t *testing.T) {
var info requestInfo
info.senderKey = make([]byte, 33) // any non-empty key
info.requestRole = eacl.RoleSystem
info.basicACL.SetSticky()
require.True(t, stickyBitCheck(info, ownertest.Generate()))
info.basicACL.ResetSticky()
require.True(t, stickyBitCheck(info, ownertest.Generate()))
})
}
Reference in a new issue View git blame Copy permalink