Add replication test with deny eACL (#133)

* Add replication test with deny eACL
2021-10-07 14:28:31 +03:00 · 2021-10-07 14:28:31 +03:00 · 1fe540fce9
parent 36107fcc4c
commit 1fe540fce9
6 changed files with 81 additions and 5 deletions
--- a/robot/resources/lib/storage.robot
+++ b/robot/resources/lib/storage.robot
@ -0,0 +1,16 @@
+
+*** Settings ***
+Variables   ../../variables/common.py
+
+Library     Process
+
+*** Keywords ***
+
+Drop object
+    [Arguments]   ${NODE}    ${WIF_STORAGE}    ${CID}    ${OID}
+
+    ${DROP_SIMPLE} =        Run Process    neofs-cli control drop-objects -r ${NODE} --wif ${WIF_STORAGE} -o ${CID}/${OID}    shell=True
+                            Log Many    stdout: ${DROP_SIMPLE.stdout}    stderr: ${DROP_SIMPLE.stderr}
+                            Should Be Equal As Integers    ${DROP_SIMPLE.rc}    0
+                            
+
--- a/robot/testsuites/integration/acl/acl_extended_deny_replication.robot
+++ b/robot/testsuites/integration/acl/acl_extended_deny_replication.robot
@ -0,0 +1,63 @@
+*** Settings ***
+Variables   ../../../variables/common.py
+
+Library     Collections
+Library     neofs.py
+Library     acl.py
+Library     payment_neogo.py
+
+Library     contract_keywords.py
+
+Resource    ../../../variables/eacl_tables.robot
+Resource    common_steps_acl_bearer.robot
+Resource    payment_operations.robot
+Resource    setup_teardown.robot
+Resource    storage.robot
+
+*** Variables ***
+${FULL_PLACEMENT_RULE} =    REP 4 IN X CBF 1 SELECT 4 FROM * AS X
+${EXPECTED_COPIES} =        ${4}
+
+
+*** Test cases ***
+eACL Deny Replication Operations
+    [Documentation]         Testcase to validate NeoFS replication with eACL deny rules.
+    [Tags]                  ACL  NeoFS_CLI  Replication
+    [Timeout]               20 min
+
+    [Setup]                 Setup
+
+    ${NODE_NUM}    ${NODE}    ${WIF_STORAGE} =    Get control endpoint with wif
+    ${WALLET}   ${ADDR}    ${WIF_USER} =    Prepare Wallet And Deposit
+
+                            Prepare eACL Role rules
+
+                            Log    Check Replication with eACL deny - object should be replicated
+                            # https://github.com/nspcc-dev/neofs-node/issues/881
+                            
+    ${FILE} =               Generate file of bytes    ${SIMPLE_OBJ_SIZE}
+    
+    ${CID} =                Create container    ${WIF_USER}    0x0FFFFFFF    ${FULL_PLACEMENT_RULE}
+                            Wait Until Keyword Succeeds    ${MORPH_BLOCK_TIME}    ${CONTAINER_WAIT_INTERVAL}
+                            ...     Container Existing    ${WIF_USER}    ${CID}
+
+    ${OID} =                Put object    ${WIF_USER}    ${FILE}    ${CID}    ${EMPTY}    ${FILE_USR_HEADER}
+
+                            Validate storage policy for object    ${WIF_USER}    ${EXPECTED_COPIES}    ${CID}    ${OID}
+
+                            Set eACL    ${WIF_USER}    ${CID}    ${EACL_DENY_ALL_USER}
+
+                            Run Keyword And Expect Error    *
+                            ...  Put object    ${WIF_USER}    ${FILE}    ${CID}    ${EMPTY}    ${FILE_USR_HEADER}
+                            
+                            # Drop object to check replication
+                            Drop object    ${NODE}    ${WIF_STORAGE}    ${CID}    ${OID}
+
+                            Tick Epoch
+
+                            # We assume that during one epoch object should be replicated
+                            Wait Until Keyword Succeeds    ${NEOFS_EPOCH_TIMEOUT}    1m
+                            ...     Validate storage policy for object    ${WIF_STORAGE}    ${EXPECTED_COPIES}    ${CID}    ${OID}
+
+    [Teardown]              Teardown    acl_deny_replication
+
--- a/robot/testsuites/integration/acl/common_steps_acl_basic.robot
+++ b/robot/testsuites/integration/acl/common_steps_acl_basic.robot
@ -2,9 +2,6 @@
 Variables   ../../../variables/common.py
 Variables   ../../../variables/acl.py

-*** Variables ***
-${CONTAINER_WAIT_INTERVAL} =    1 min
-
 *** Keywords ***

 Create Private Container
--- a/robot/testsuites/integration/acl/common_steps_acl_bearer.robot
+++ b/robot/testsuites/integration/acl/common_steps_acl_bearer.robot
@ -6,7 +6,6 @@ Variables   ../../../variables/acl.py
 ${FILE_USR_HEADER} =        key1=1,key2=abc
 ${FILE_USR_HEADER_DEL} =    key1=del,key2=del
 ${FILE_OTH_HEADER} =        key1=oth,key2=oth
-${CONTAINER_WAIT_INTERVAL} =    1 min

 *** Keywords ***
 Create Container Public
--- a/robot/testsuites/integration/acl/common_steps_acl_extended.robot
+++ b/robot/testsuites/integration/acl/common_steps_acl_extended.robot
@ -7,7 +7,6 @@ Library     acl.py
 ${FILE_USR_HEADER} =        key1=1,key2=abc
 ${FILE_USR_HEADER_DEL} =    key1=del,key2=del
 ${FILE_OTH_HEADER} =        key1=oth,key2=oth
-${CONTAINER_WAIT_INTERVAL} =    1 min

 *** Keywords ***

--- a/robot/variables/common.py
+++ b/robot/variables/common.py
@ -8,6 +8,8 @@ CERT="%s/../../ca" % ROOT
 # Common NeoFS variables can be declared from neofs-dev-env env variables.
 # High priority is accepted for those envs.

+CONTAINER_WAIT_INTERVAL = "1m"
+
 NEOFS_EPOCH_TIMEOUT = (os.getenv("NEOFS_EPOCH_TIMEOUT") if os.getenv("NEOFS_EPOCH_TIMEOUT")
                  else os.getenv("NEOFS_IR_TIMERS_EPOCH", "300s"))