Add replication test with deny eACL (#133)
* Add replication test with deny eACL
This commit is contained in:
parent
36107fcc4c
commit
1fe540fce9
6 changed files with 81 additions and 5 deletions
16
robot/resources/lib/storage.robot
Normal file
16
robot/resources/lib/storage.robot
Normal file
|
@ -0,0 +1,16 @@
|
|||
|
||||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
|
||||
Library Process
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Drop object
|
||||
[Arguments] ${NODE} ${WIF_STORAGE} ${CID} ${OID}
|
||||
|
||||
${DROP_SIMPLE} = Run Process neofs-cli control drop-objects -r ${NODE} --wif ${WIF_STORAGE} -o ${CID}/${OID} shell=True
|
||||
Log Many stdout: ${DROP_SIMPLE.stdout} stderr: ${DROP_SIMPLE.stderr}
|
||||
Should Be Equal As Integers ${DROP_SIMPLE.rc} 0
|
||||
|
||||
|
|
@ -0,0 +1,63 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library Collections
|
||||
Library neofs.py
|
||||
Library acl.py
|
||||
Library payment_neogo.py
|
||||
|
||||
Library contract_keywords.py
|
||||
|
||||
Resource ../../../variables/eacl_tables.robot
|
||||
Resource common_steps_acl_bearer.robot
|
||||
Resource payment_operations.robot
|
||||
Resource setup_teardown.robot
|
||||
Resource storage.robot
|
||||
|
||||
*** Variables ***
|
||||
${FULL_PLACEMENT_RULE} = REP 4 IN X CBF 1 SELECT 4 FROM * AS X
|
||||
${EXPECTED_COPIES} = ${4}
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
eACL Deny Replication Operations
|
||||
[Documentation] Testcase to validate NeoFS replication with eACL deny rules.
|
||||
[Tags] ACL NeoFS_CLI Replication
|
||||
[Timeout] 20 min
|
||||
|
||||
[Setup] Setup
|
||||
|
||||
${NODE_NUM} ${NODE} ${WIF_STORAGE} = Get control endpoint with wif
|
||||
${WALLET} ${ADDR} ${WIF_USER} = Prepare Wallet And Deposit
|
||||
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Replication with eACL deny - object should be replicated
|
||||
# https://github.com/nspcc-dev/neofs-node/issues/881
|
||||
|
||||
${FILE} = Generate file of bytes ${SIMPLE_OBJ_SIZE}
|
||||
|
||||
${CID} = Create container ${WIF_USER} 0x0FFFFFFF ${FULL_PLACEMENT_RULE}
|
||||
Wait Until Keyword Succeeds ${MORPH_BLOCK_TIME} ${CONTAINER_WAIT_INTERVAL}
|
||||
... Container Existing ${WIF_USER} ${CID}
|
||||
|
||||
${OID} = Put object ${WIF_USER} ${FILE} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
Validate storage policy for object ${WIF_USER} ${EXPECTED_COPIES} ${CID} ${OID}
|
||||
|
||||
Set eACL ${WIF_USER} ${CID} ${EACL_DENY_ALL_USER}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object ${WIF_USER} ${FILE} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
# Drop object to check replication
|
||||
Drop object ${NODE} ${WIF_STORAGE} ${CID} ${OID}
|
||||
|
||||
Tick Epoch
|
||||
|
||||
# We assume that during one epoch object should be replicated
|
||||
Wait Until Keyword Succeeds ${NEOFS_EPOCH_TIMEOUT} 1m
|
||||
... Validate storage policy for object ${WIF_STORAGE} ${EXPECTED_COPIES} ${CID} ${OID}
|
||||
|
||||
[Teardown] Teardown acl_deny_replication
|
||||
|
|
@ -2,9 +2,6 @@
|
|||
Variables ../../../variables/common.py
|
||||
Variables ../../../variables/acl.py
|
||||
|
||||
*** Variables ***
|
||||
${CONTAINER_WAIT_INTERVAL} = 1 min
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Create Private Container
|
||||
|
|
|
@ -6,7 +6,6 @@ Variables ../../../variables/acl.py
|
|||
${FILE_USR_HEADER} = key1=1,key2=abc
|
||||
${FILE_USR_HEADER_DEL} = key1=del,key2=del
|
||||
${FILE_OTH_HEADER} = key1=oth,key2=oth
|
||||
${CONTAINER_WAIT_INTERVAL} = 1 min
|
||||
|
||||
*** Keywords ***
|
||||
Create Container Public
|
||||
|
|
|
@ -7,7 +7,6 @@ Library acl.py
|
|||
${FILE_USR_HEADER} = key1=1,key2=abc
|
||||
${FILE_USR_HEADER_DEL} = key1=del,key2=del
|
||||
${FILE_OTH_HEADER} = key1=oth,key2=oth
|
||||
${CONTAINER_WAIT_INTERVAL} = 1 min
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
|
|
|
@ -8,6 +8,8 @@ CERT="%s/../../ca" % ROOT
|
|||
# Common NeoFS variables can be declared from neofs-dev-env env variables.
|
||||
# High priority is accepted for those envs.
|
||||
|
||||
CONTAINER_WAIT_INTERVAL = "1m"
|
||||
|
||||
NEOFS_EPOCH_TIMEOUT = (os.getenv("NEOFS_EPOCH_TIMEOUT") if os.getenv("NEOFS_EPOCH_TIMEOUT")
|
||||
else os.getenv("NEOFS_IR_TIMERS_EPOCH", "300s"))
|
||||
|
||||
|
|
Loading…
Reference in a new issue