Feature/code clearness (#27)
* replication testcase has been remade #19 * Split large complex test cases into multiple test cases #18 * Add the steps to check the viewing of previous epochs during GET operations #23 * Updating all test cases according to NeoFS updates * Code improvements and bug fixes
This commit is contained in:
parent
1e1c1e70a4
commit
4cb4121d60
33 changed files with 2411 additions and 1812 deletions
2
Makefile
2
Makefile
|
@ -2,7 +2,7 @@
|
|||
|
||||
run:
|
||||
@echo "⇒ Test Run"
|
||||
@robot --timestampoutputs --outputdir artifacts/ robot/testsuites/integration/*.robot
|
||||
@robot --timestampoutputs --outputdir artifacts/ robot/testsuites/integration/
|
||||
|
||||
help:
|
||||
@echo "⇒ run Run testcases ${R}"
|
||||
|
|
39
README.md
39
README.md
|
@ -19,6 +19,7 @@
|
|||
3. Install neo-go
|
||||
- `git clone git@github.com:nspcc-dev/neo-go.git`
|
||||
- `cd neo-go`
|
||||
- `git checkout v0.92.0` (or the current version in the neofs-dev-env)
|
||||
- `make`
|
||||
- `sudo cp bin/neo-go /usr/local/bin/neo-go`, add alias path to bin/neo-go
|
||||
or run `export NEOGO_CLI_EXEC=<path_to_binary>`
|
||||
|
@ -28,7 +29,7 @@
|
|||
|
||||
(replace pip3 with the appropriate python package manager on the system).
|
||||
|
||||
In this case, dev-env should be running with the tested environment.
|
||||
Test cases are designed to run on Python 3.7+
|
||||
|
||||
### Run
|
||||
|
||||
|
@ -39,19 +40,37 @@ In this case, dev-env should be running with the tested environment.
|
|||
|
||||
### Running an arbitrary test case
|
||||
|
||||
To run an arbitrary testcase, you need to run the command:
|
||||
`robot --outputdir artifacts/ robot/testsuites/integration/<testsuite name>.robot `
|
||||
To run an arbitrary UserScenario or testcase, you need to run the command:
|
||||
`robot --outputdir artifacts/ robot/testsuites/integration/<UserScenario>` or `robot --outputdir artifacts/ robot/testsuites/integration/<UserScenario>/<testcase>.robot`
|
||||
|
||||
The following scripts are available for execution:
|
||||
The following UserScenarios and testcases are available for execution:
|
||||
|
||||
* acl_basic.robot
|
||||
* acl_extended.robot
|
||||
* acl_baearer.robot
|
||||
* object_complex.robot
|
||||
* object_simple.robot
|
||||
* withdraw.robot
|
||||
* acl
|
||||
* acl_basic_private_container.robot
|
||||
* acl_basic_public_container.robot
|
||||
* acl_basic_readonly_container.robot
|
||||
* acl_bearer compound.robot
|
||||
* acl_bearer_allow.robot
|
||||
* acl_bearer_filter_oid_equal.robot
|
||||
* acl_bearer_filter_oid_not_equal.robot
|
||||
* acl_bearer_filter_userheader_equal.robot
|
||||
* acl_bearer_filter_userheader_not_equal.robot
|
||||
* acl_bearer_inaccessible.robot
|
||||
* acl_bearer_request_filter_xheader_deny.robot
|
||||
* acl_bearer_request_filter_xheader_equal.robot
|
||||
* acl_bearer_request_filter_xheader_not_equal.robot
|
||||
* acl_extended_actions.robot
|
||||
* acl_extended_compound.robot
|
||||
* acl_extended_filters.robot
|
||||
* network
|
||||
* netmap_simple.robot
|
||||
* replication.robot
|
||||
* object
|
||||
* object_complex.robot
|
||||
* object_simple.robot
|
||||
* payment
|
||||
* withdraw.robot
|
||||
* services
|
||||
* http_gate.robot
|
||||
* s3_gate.robot
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
robotframework==3.2.1
|
||||
requests==2.25.1
|
||||
pexpect==4.2.1
|
||||
pexpect==4.8.0
|
||||
boto3==1.16.33
|
||||
docker==4.4.0
|
||||
botocore==1.19.33
|
||||
|
|
|
@ -15,6 +15,10 @@ import docker
|
|||
import json
|
||||
import tarfile
|
||||
|
||||
import time
|
||||
from datetime import datetime
|
||||
|
||||
|
||||
if os.getenv('ROBOT_PROFILE') == 'selectel_smoke':
|
||||
from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
||||
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, NEOFS_NETMAP)
|
||||
|
@ -93,7 +97,7 @@ def start_nodes(*nodes_list):
|
|||
|
||||
@keyword('Get nodes with object')
|
||||
def get_nodes_with_object(private_key: str, cid: str, oid: str):
|
||||
storage_nodes = _get_storage_nodes(private_key)
|
||||
storage_nodes = _get_storage_nodes()
|
||||
copies = 0
|
||||
|
||||
nodes_list = []
|
||||
|
@ -110,7 +114,7 @@ def get_nodes_with_object(private_key: str, cid: str, oid: str):
|
|||
|
||||
@keyword('Get nodes without object')
|
||||
def get_nodes_without_object(private_key: str, cid: str, oid: str):
|
||||
storage_nodes = _get_storage_nodes(private_key)
|
||||
storage_nodes = _get_storage_nodes()
|
||||
copies = 0
|
||||
|
||||
nodes_list = []
|
||||
|
@ -129,7 +133,7 @@ def get_nodes_without_object(private_key: str, cid: str, oid: str):
|
|||
|
||||
@keyword('Validate storage policy for object')
|
||||
def validate_storage_policy_for_object(private_key: str, expected_copies: int, cid, oid, *expected_node_list):
|
||||
storage_nodes = _get_storage_nodes(private_key)
|
||||
storage_nodes = _get_storage_nodes()
|
||||
copies = 0
|
||||
found_nodes = []
|
||||
|
||||
|
@ -412,7 +416,7 @@ def verify_split_chain(private_key: str, cid: str, oid: str):
|
|||
|
||||
# Get Latest object
|
||||
logger.info("Collect Split objects information and verify chain of the objects.")
|
||||
nodes = _get_storage_nodes(private_key)
|
||||
nodes = _get_storage_nodes()
|
||||
for node in nodes:
|
||||
header_virtual = head_object(private_key, cid, oid, '', '', '--raw --ttl 1', node, True)
|
||||
parsed_header_virtual = parse_object_virtual_raw_header(header_virtual)
|
||||
|
@ -522,6 +526,7 @@ def _verify_child_link(private_key: str, cid: str, oid: str, header_last_parsed:
|
|||
@keyword('Get Docker Logs')
|
||||
def get_container_logs(testcase_name: str):
|
||||
#client = docker.APIClient()
|
||||
|
||||
client = docker.from_env()
|
||||
|
||||
tar_name = "artifacts/dockerlogs("+testcase_name+").tar.gz"
|
||||
|
@ -797,7 +802,8 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
|
|||
logger.info("Going to put the object")
|
||||
|
||||
if not endpoint:
|
||||
endpoint = random.sample(_get_storage_nodes(private_key), 1)[0]
|
||||
endpoint = random.sample(_get_storage_nodes(), 1)[0]
|
||||
|
||||
if user_headers:
|
||||
user_headers = f"--attributes {user_headers}"
|
||||
if bearer:
|
||||
|
@ -817,6 +823,69 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
|
|||
except subprocess.CalledProcessError as e:
|
||||
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
||||
|
||||
|
||||
@keyword('Get Nodes Log Latest Timestamp')
|
||||
def get_logs_latest_timestamp():
|
||||
"""
|
||||
Keyword return:
|
||||
nodes_logs_time -- structure (dict) of nodes container name (key) and latest logs timestamp (value)
|
||||
"""
|
||||
nodes = _get_storage_nodes()
|
||||
client_api = docker.APIClient()
|
||||
|
||||
nodes_logs_time = dict()
|
||||
|
||||
for node in nodes:
|
||||
container = node.split('.')[0]
|
||||
log_line = client_api.logs(container, tail=1)
|
||||
|
||||
m = re.search(r'(\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d+Z)', str(log_line))
|
||||
if m != None:
|
||||
timestamp = m.group(1)
|
||||
|
||||
timestamp_date = datetime.fromisoformat(timestamp[:-1])
|
||||
|
||||
nodes_logs_time[container] = timestamp_date
|
||||
|
||||
logger.info("Latest logs timestamp list: %s" % nodes_logs_time)
|
||||
|
||||
return nodes_logs_time
|
||||
|
||||
|
||||
@keyword('Find in Nodes Log')
|
||||
def find_in_nodes_Log(line: str, nodes_logs_time: dict):
|
||||
|
||||
client_api = docker.APIClient()
|
||||
container_names = list()
|
||||
|
||||
for docker_container in client_api.containers():
|
||||
container_names.append(docker_container['Names'][0][1:])
|
||||
|
||||
global_count = 0
|
||||
|
||||
for container in nodes_logs_time.keys():
|
||||
# check if container exists
|
||||
if container in container_names:
|
||||
# Get log since timestamp
|
||||
timestamp_date = nodes_logs_time[container]
|
||||
log_lines = client_api.logs(container, since=timestamp_date)
|
||||
logger.info("Timestamp since: %s " % timestamp_date)
|
||||
found_count = len(re.findall(line, log_lines.decode("utf-8") ))
|
||||
logger.info("Node %s log - found counter: %s" % (container, found_count))
|
||||
global_count += found_count
|
||||
|
||||
else:
|
||||
logger.info("Container %s has not been found." % container)
|
||||
|
||||
if global_count > 0:
|
||||
logger.info("Expected line '%s' has been found in the logs." % line)
|
||||
else:
|
||||
raise Exception("Expected line '%s' has not been found in the logs." % line)
|
||||
|
||||
return 1
|
||||
|
||||
|
||||
|
||||
@keyword('Get Range Hash')
|
||||
def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str,
|
||||
range_cut: str, options: str=""):
|
||||
|
@ -842,7 +911,9 @@ def get_object(private_key: str, cid: str, oid: str, bearer_token: str,
|
|||
|
||||
logger.info("Going to put the object")
|
||||
if not endpoint:
|
||||
endpoint = random.sample(_get_storage_nodes(private_key), 1)[0]
|
||||
endpoint = random.sample(_get_storage_nodes(), 1)[0]
|
||||
|
||||
|
||||
if bearer_token:
|
||||
bearer_token = f"--bearer {bearer_token}"
|
||||
|
||||
|
@ -920,28 +991,12 @@ def _parse_cid(output: str):
|
|||
cid = m.group(1)
|
||||
return cid
|
||||
|
||||
def _get_storage_nodes(private_key: bytes):
|
||||
#storage_nodes = ['s01.neofs.devenv:8080', 's02.neofs.devenv:8080','s03.neofs.devenv:8080','s04.neofs.devenv:8080']
|
||||
#NetmapCmd = f'{NEOFS_CLI_EXEC} --host {NEOFS_ENDPOINT} --key {binascii.hexlify(private_key).decode()} status netmap'
|
||||
#complProc = subprocess.run(NetmapCmd, check=True, universal_newlines=True,
|
||||
# stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=15, shell=True)
|
||||
#output = complProc.stdout
|
||||
#logger.info("Netmap: %s" % output)
|
||||
#for m in re.finditer(r'"address":"/ip4/(\d+\.\d+\.\d+\.\d+)/tcp/(\d+)"', output):
|
||||
# storage_nodes.append(m.group(1)+":"+m.group(2))
|
||||
|
||||
#if not storage_nodes:
|
||||
# raise Exception("Storage nodes was not found.")
|
||||
|
||||
|
||||
# Will be fixed when netmap will be added to cli
|
||||
|
||||
#storage_nodes.append()
|
||||
def _get_storage_nodes():
|
||||
# TODO: fix to get netmap from neofs-cli
|
||||
logger.info("Storage nodes: %s" % NEOFS_NETMAP)
|
||||
return NEOFS_NETMAP
|
||||
|
||||
def _search_object(node:str, private_key: str, cid:str, oid: str):
|
||||
# --filters objectID={oid}
|
||||
if oid:
|
||||
oid_cmd = "--oid %s" % oid
|
||||
Cmd = (
|
||||
|
|
|
@ -0,0 +1,95 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Resource common_steps_acl_basic.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
Basic ACL Operations for Private Container
|
||||
[Documentation] Testcase to validate NeoFS operations with ACL for Private Container.
|
||||
[Tags] ACL NeoFS NeoCLI
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
|
||||
Create Containers
|
||||
Generate file 1024
|
||||
Check Private Container
|
||||
|
||||
Create Containers
|
||||
Generate file 70e+6
|
||||
Check Private Container
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check Private Container
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
|
||||
|
||||
# Get
|
||||
Get object from NeoFS ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
|
||||
# Get Range
|
||||
Get Range ${USER_KEY} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
# Get Range Hash
|
||||
Get Range Hash ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
# Search
|
||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||
Search object ${USER_KEY} ${PRIV_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${PRIV_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_IR} ${PRIV_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_SN} ${PRIV_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
|
||||
|
||||
# Head
|
||||
Head object ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
|
||||
|
||||
# Delete
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY}
|
||||
Delete object ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_basic
|
|
@ -0,0 +1,92 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Resource common_steps_acl_basic.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
Basic ACL Operations for Public Container
|
||||
[Documentation] Testcase to validate NeoFS operations with ACL for Public Container.
|
||||
[Tags] ACL NeoFS NeoCLI
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
|
||||
Create Containers
|
||||
Generate file 1024
|
||||
Check Public Container
|
||||
|
||||
Create Containers
|
||||
Generate file 70e+6
|
||||
Check Public Container
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check Public Container
|
||||
|
||||
# Put
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_SYS_IR} = Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
|
||||
# Get
|
||||
Get object from NeoFS ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
|
||||
# Get Range
|
||||
Get Range ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
|
||||
# Get Range Hash
|
||||
Get Range Hash ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
# Search
|
||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} ${S_OID_SYS_IR}
|
||||
Search object ${USER_KEY} ${PUBLIC_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${OTHER_KEY} ${PUBLIC_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
|
||||
# Head
|
||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
|
||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY}
|
||||
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY}
|
||||
|
||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY}
|
||||
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY}
|
||||
|
||||
|
||||
# Delete
|
||||
Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_IR} ${EMPTY}
|
||||
Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY}
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_basic
|
|
@ -0,0 +1,90 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Resource common_steps_acl_basic.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
Basic ACL Operations for Read-Only Container
|
||||
[Documentation] Testcase to validate NeoFS operations with ACL for Read-Only Container.
|
||||
[Tags] ACL NeoFS NeoCLI
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
|
||||
Create Containers
|
||||
Generate file 1024
|
||||
Check Read-Only Container
|
||||
|
||||
Create Containers
|
||||
Generate file 70e+6
|
||||
Check Read-Only Container
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
|
||||
Check Read-Only Container
|
||||
# Check Read Only container:
|
||||
|
||||
# Put
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY}
|
||||
|
||||
# Get
|
||||
Get object from NeoFS ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
|
||||
# Get Range
|
||||
Get Range ${USER_KEY} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
|
||||
# Get Range Hash
|
||||
Get Range Hash ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
# Search
|
||||
@{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||
Search object ${USER_KEY} ${READONLY_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
Search object ${OTHER_KEY} ${READONLY_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
Search object ${SYSTEM_KEY_IR} ${READONLY_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
Search object ${SYSTEM_KEY_SN} ${READONLY_CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
|
||||
|
||||
# Head
|
||||
Head object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
|
||||
# Delete
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY}
|
||||
Delete object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_basic
|
87
robot/testsuites/integration/acl/acl_bearer_allow.robot
Normal file
87
robot/testsuites/integration/acl/acl_bearer_allow.robot
Normal file
|
@ -0,0 +1,87 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Library Collections
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check eACL Deny and Allow All Bearer
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 70e+6
|
||||
Check eACL Deny and Allow All Bearer
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check eACL Deny and Allow All Bearer
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
128
robot/testsuites/integration/acl/acl_bearer_compound.robot
Normal file
128
robot/testsuites/integration/acl/acl_bearer_compound.robot
Normal file
|
@ -0,0 +1,128 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Library Collections
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations for Сompound Operations
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken for Сompound Operations.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check Сompound Operations
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 70e+6
|
||||
Check Сompound Operations
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check Сompound Operations
|
||||
Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||
Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||
Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||
|
||||
Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||
Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||
Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||
|
||||
Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||
Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||
Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||
|
||||
|
||||
Check Bearer Сompound Get
|
||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
||||
|
||||
|
||||
Check Bearer Сompound Delete
|
||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
|
||||
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER}
|
||||
|
||||
Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||
|
||||
|
||||
|
||||
Check Bearer Сompound Get Range Hash
|
||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
|
||||
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
||||
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... gen_eacl_deny_all_USER bearer_allow
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
|
@ -0,0 +1,96 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Library Collections
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations with Filter OID Equal
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter OID Equal.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 70e+6
|
||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER}
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
|
@ -0,0 +1,124 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Library Collections
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations with Filter OID NotEqual
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter OID NotEqual.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 70e+6
|
||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
|
||||
Prepare eACL Role rules
|
||||
Log Set eACL for different Role cases
|
||||
|
||||
# eACL rules for all operations and similar permissions
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
|
||||
END
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2}
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER_2} s_get_range bearer_allow_all_user 0:256
|
||||
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${D_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
|
@ -0,0 +1,130 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Library Collections
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations with Filter UserHeader Equal
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter UserHeader Equal.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||
|
||||
Cleanup Files ${FILE_S}
|
||||
Log Check Bearer token with complex object
|
||||
Generate file 70e+6
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Prepare eACL Role rules
|
||||
Log Set eACL for different Role cases
|
||||
|
||||
# eACL rules for all operations and similar permissions
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
|
||||
END
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
||||
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
# Delete can not be filtered by UserHeader.
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
|
@ -0,0 +1,113 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Library Collections
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations Filter UserHeader NotEqual
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken Filter UserHeader NotEqual.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 70e+6
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER_2}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
# Search can not use filter by headers
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
# Different behaviour for big and small objects!
|
||||
# Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY}
|
||||
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
||||
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
# Delete can not be filtered by UserHeader.
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
|
@ -0,0 +1,67 @@
|
|||
*** Settings ***
|
||||
|
||||
Variables ../../../variables/common.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Library Collections
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations for Inaccessible Container
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken for Inaccessible Container.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check Container Inaccessible and Allow All Bearer
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 70e+6
|
||||
Check Container Inaccessible and Allow All Bearer
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check Container Inaccessible and Allow All Bearer
|
||||
${CID} = Create Container Inaccessible
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||
${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER}
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S}
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
|
@ -0,0 +1,84 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library Collections
|
||||
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 70e+6
|
||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||
${rule1}= Create Dictionary Operation=GET Access=DENY Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
|
@ -0,0 +1,87 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Library Collections
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations with Filter Requst Equal
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst Equal.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 70e+6
|
||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
|
@ -0,0 +1,86 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Library Collections
|
||||
Resource common_steps_acl_bearer.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations with Filter Requst NotEqual
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst NotEqual.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 70e+6
|
||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
#Run Keyword And Expect Error *
|
||||
#... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
251
robot/testsuites/integration/acl/acl_extended_actions.robot
Normal file
251
robot/testsuites/integration/acl/acl_extended_actions.robot
Normal file
|
@ -0,0 +1,251 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library Collections
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Resource common_steps_acl_extended.robot
|
||||
|
||||
*** Test cases ***
|
||||
Extended ACL Operations
|
||||
[Documentation] Testcase to validate NeoFS operations with extended ACL.
|
||||
[Tags] ACL eACL NeoFS NeoCLI
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check extended ACL with simple object
|
||||
|
||||
Generate files 1024
|
||||
Check Actions
|
||||
|
||||
Cleanup Files ${FILE_S} ${FILE_S_2}
|
||||
|
||||
Log Check extended ACL with complex object
|
||||
Generate files 70e+6
|
||||
Check Actions
|
||||
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check Actions
|
||||
Check eACL Deny and Allow All Other
|
||||
Check eACL Deny and Allow All User
|
||||
Check eACL Deny and Allow All System
|
||||
Check eACL Deny All Other and Allow All Pubkey
|
||||
|
||||
|
||||
|
||||
Check eACL Deny and Allow All User
|
||||
Check eACL Deny and Allow All ${USER_KEY} ${EACL_DENY_ALL_USER} ${EACL_ALLOW_ALL_USER}
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Other
|
||||
Check eACL Deny and Allow All ${OTHER_KEY} ${EACL_DENY_ALL_OTHER} ${EACL_ALLOW_ALL_OTHER}
|
||||
|
||||
|
||||
Check eACL Deny and Allow All System
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM} --await
|
||||
|
||||
|
||||
${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
|
||||
|
||||
Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY}
|
||||
|
||||
|
||||
|
||||
Check eACL Deny All Other and Allow All Pubkey
|
||||
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Delete object ${EACL_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_Pubkey} --await
|
||||
Get eACL ${USER_KEY} ${CID}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Delete object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
Check eACL Deny and Allow All
|
||||
[Arguments] ${KEY} ${DENY_EACL} ${ALLOW_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL} --await
|
||||
|
||||
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl s_get_range
|
||||
... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER
|
||||
... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS
|
||||
... gen_eacl_deny_all_OTHERS
|
||||
... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS
|
||||
... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER
|
||||
... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_extended
|
117
robot/testsuites/integration/acl/acl_extended_compound.robot
Normal file
117
robot/testsuites/integration/acl/acl_extended_compound.robot
Normal file
|
@ -0,0 +1,117 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library Collections
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Resource common_steps_acl_extended.robot
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
Extended ACL Operations
|
||||
[Documentation] Testcase to validate NeoFS operations with extended ACL.
|
||||
[Tags] ACL eACL NeoFS NeoCLI
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check extended ACL with simple object
|
||||
Generate files 1024
|
||||
Check Сompound Operations
|
||||
|
||||
Cleanup Files ${FILE_S} ${FILE_S_2}
|
||||
|
||||
Log Check extended ACL with complex object
|
||||
Generate files 70e+6
|
||||
Check Сompound Operations
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
|
||||
|
||||
Check Сompound Operations
|
||||
Check eACL Сompound Get ${OTHER_KEY} ${EACL_COMPOUND_GET_OTHERS}
|
||||
Check eACL Сompound Get ${USER_KEY} ${EACL_COMPOUND_GET_USER}
|
||||
Check eACL Сompound Get ${SYSTEM_KEY} ${EACL_COMPOUND_GET_SYSTEM}
|
||||
|
||||
Check eACL Сompound Delete ${OTHER_KEY} ${EACL_COMPOUND_DELETE_OTHERS}
|
||||
Check eACL Сompound Delete ${USER_KEY} ${EACL_COMPOUND_DELETE_USER}
|
||||
Check eACL Сompound Delete ${SYSTEM_KEY} ${EACL_COMPOUND_DELETE_SYSTEM}
|
||||
|
||||
Check eACL Сompound Get Range Hash ${OTHER_KEY} ${EACL_COMPOUND_GET_HASH_OTHERS}
|
||||
Check eACL Сompound Get Range Hash ${USER_KEY} ${EACL_COMPOUND_GET_HASH_USER}
|
||||
Check eACL Сompound Get Range Hash ${SYSTEM_KEY} ${EACL_COMPOUND_GET_HASH_SYSTEM}
|
||||
|
||||
Check eACL Сompound Get
|
||||
[Arguments] ${KEY} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
|
||||
Check eACL Сompound Delete
|
||||
[Arguments] ${KEY} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
|
||||
Check eACL Сompound Get Range Hash
|
||||
[Arguments] ${KEY} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl s_get_range
|
||||
... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER
|
||||
... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS
|
||||
... gen_eacl_deny_all_OTHERS
|
||||
... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS
|
||||
... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER
|
||||
... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_extended
|
213
robot/testsuites/integration/acl/acl_extended_filters.robot
Normal file
213
robot/testsuites/integration/acl/acl_extended_filters.robot
Normal file
|
@ -0,0 +1,213 @@
|
|||
*** Settings ***
|
||||
Variables ../../../variables/common.py
|
||||
Library Collections
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
Resource common_steps_acl_extended.robot
|
||||
|
||||
*** Test cases ***
|
||||
Extended ACL Operations
|
||||
[Documentation] Testcase to validate NeoFS operations with extended ACL.
|
||||
[Tags] ACL eACL NeoFS NeoCLI
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check extended ACL with simple object
|
||||
Generate files 1024
|
||||
Check Filters
|
||||
|
||||
Cleanup Files ${FILE_S} ${FILE_S_2}
|
||||
|
||||
Log Check extended ACL with complex object
|
||||
Generate files 70e+6
|
||||
Check Filters
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
|
||||
Check Filters
|
||||
Check eACL MatchType String Equal Object
|
||||
Check eACL MatchType String Not Equal Object
|
||||
Check eACL MatchType String Equal Request Deny
|
||||
Check eACL MatchType String Equal Request Allow
|
||||
|
||||
|
||||
Check eACL MatchType String Equal Request Deny
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_DENY_ALL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=256
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2"
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
|
||||
|
||||
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=256
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=*
|
||||
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=
|
||||
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=.*
|
||||
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2 2"
|
||||
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=256
|
||||
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=22
|
||||
|
||||
|
||||
|
||||
Check eACL MatchType String Equal Request Allow
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_ALLOW_ALL} --await
|
||||
Get eACL ${USER_KEY} ${CID}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
|
||||
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a=2
|
||||
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
|
||||
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
|
||||
|
||||
|
||||
Check eACL MatchType String Equal Object
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
Log Set eACL for Deny GET operation with StringEqual Object ID
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${ID_value}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key1 value=1
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
|
||||
Check eACL MatchType String Not Equal Object
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S_2} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY}
|
||||
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
|
||||
|
||||
Log Set eACL for Deny GET operation with StringNotEqual Object ID
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${ID_value}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key1 value=1
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl eacl_custom s_get_range
|
||||
... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER
|
||||
... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS
|
||||
... gen_eacl_deny_all_OTHERS
|
||||
... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS
|
||||
... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER
|
||||
... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_extended
|
|
@ -0,0 +1,76 @@
|
|||
*** Variables ***
|
||||
${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Generate Keys
|
||||
${WALLET} = Init wallet
|
||||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
|
||||
${WALLET_OTH} = Init wallet
|
||||
Generate wallet ${WALLET_OTH}
|
||||
${ADDR_OTH} = Dump Address ${WALLET_OTH}
|
||||
${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH}
|
||||
|
||||
${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
||||
${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
||||
|
||||
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
||||
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY_IR} ${SYSTEM_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN}
|
||||
|
||||
Payment Operations ${WALLET} ${ADDR} ${USER_KEY}
|
||||
Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY}
|
||||
|
||||
# Basic ACL manual page: https://neospcc.atlassian.net/wiki/spaces/NEOF/pages/362348545/NeoFS+ACL
|
||||
# TODO: X - Sticky bit validation on public container
|
||||
|
||||
|
||||
Payment Operations
|
||||
[Arguments] ${WALLET} ${ADDR} ${KEY}
|
||||
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 3
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 3
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 2
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
|
||||
Create Containers
|
||||
# Create containers:
|
||||
|
||||
Log Create Private Container
|
||||
${PRIV_CID_GEN} = Create container ${USER_KEY} 0x18888888 ${RULE_FOR_ALL}
|
||||
Container Existing ${USER_KEY} ${PRIV_CID_GEN}
|
||||
|
||||
Log Create Public Container
|
||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x1FFFFFFF ${RULE_FOR_ALL}
|
||||
Container Existing ${USER_KEY} ${PUBLIC_CID_GEN}
|
||||
|
||||
Log Create Read-Only Container
|
||||
${READONLY_CID_GEN} = Create container ${USER_KEY} 0x1FFF88FF ${RULE_FOR_ALL}
|
||||
Container Existing ${USER_KEY} ${READONLY_CID_GEN}
|
||||
|
||||
Set Global Variable ${PRIV_CID} ${PRIV_CID_GEN}
|
||||
Set Global Variable ${PUBLIC_CID} ${PUBLIC_CID_GEN}
|
||||
Set Global Variable ${READONLY_CID} ${READONLY_CID_GEN}
|
||||
|
||||
|
||||
Generate file
|
||||
[Arguments] ${SIZE}
|
||||
${FILE_S_GEN} = Generate file of bytes ${SIZE}
|
||||
${FILE_S_HASH_GEN} = Get file hash ${FILE_S_GEN}
|
||||
|
||||
Set Global Variable ${FILE_S} ${FILE_S_GEN}
|
||||
Set Global Variable ${FILE_S_HASH} ${FILE_S_HASH_GEN}
|
|
@ -0,0 +1,92 @@
|
|||
*** Variables ***
|
||||
|
||||
${FILE_USR_HEADER} = key1=1,key2=abc
|
||||
${FILE_USR_HEADER_DEL} = key1=del,key2=del
|
||||
${FILE_OTH_HEADER} = key1=oth,key2=oth
|
||||
${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Generate Keys
|
||||
# Generate new wallets
|
||||
${WALLET} = Init wallet
|
||||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
|
||||
${WALLET_OTH} = Init wallet
|
||||
Generate wallet ${WALLET_OTH}
|
||||
${ADDR_OTH} = Dump Address ${WALLET_OTH}
|
||||
${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH}
|
||||
|
||||
# Get pre-defined keys
|
||||
${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de
|
||||
${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
||||
${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
||||
|
||||
# Set global variables for keys for each role
|
||||
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
||||
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN}
|
||||
Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN}
|
||||
|
||||
Payment Operations ${WALLET} ${ADDR} ${USER_KEY}
|
||||
Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY}
|
||||
|
||||
|
||||
Payment Operations
|
||||
[Arguments] ${WALLET} ${ADDR} ${KEY}
|
||||
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 3
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 3
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 2
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
|
||||
Create Container Public
|
||||
Log Create Public Container
|
||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF
|
||||
[Return] ${PUBLIC_CID_GEN}
|
||||
|
||||
|
||||
Create Container Inaccessible
|
||||
Log Create Inaccessible Container
|
||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x40000000
|
||||
[Return] ${PUBLIC_CID_GEN}
|
||||
|
||||
|
||||
Generate file
|
||||
[Arguments] ${SIZE}
|
||||
|
||||
${FILE_S_GEN} = Generate file of bytes ${SIZE}
|
||||
Set Global Variable ${FILE_S} ${FILE_S_GEN}
|
||||
|
||||
|
||||
Prepare eACL Role rules
|
||||
Log Set eACL for different Role cases
|
||||
|
||||
# eACL rules for all operations and similar permissions
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
|
||||
END
|
204
robot/testsuites/integration/acl/common_steps_acl_extended.robot
Normal file
204
robot/testsuites/integration/acl/common_steps_acl_extended.robot
Normal file
|
@ -0,0 +1,204 @@
|
|||
*** Variables ***
|
||||
${FILE_USR_HEADER} = key1=1,key2=abc
|
||||
${FILE_USR_HEADER_DEL} = key1=del,key2=del
|
||||
${FILE_OTH_HEADER} = key1=oth,key2=oth
|
||||
${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
Generate Keys
|
||||
${WALLET} = Init wallet
|
||||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
|
||||
${WALLET_OTH} = Init wallet
|
||||
Generate wallet ${WALLET_OTH}
|
||||
${ADDR_OTH} = Dump Address ${WALLET_OTH}
|
||||
${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH}
|
||||
|
||||
|
||||
${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de
|
||||
${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
||||
${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
||||
|
||||
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
||||
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN}
|
||||
Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN}
|
||||
|
||||
Payment Operations ${WALLET} ${ADDR} ${USER_KEY}
|
||||
Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY}
|
||||
|
||||
|
||||
Payment Operations
|
||||
[Arguments] ${WALLET} ${ADDR} ${KEY}
|
||||
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 3
|
||||
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 3
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 2
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
|
||||
Create Container Public
|
||||
Log Create Public Container
|
||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x4FFFFFFF ${RULE_FOR_ALL}
|
||||
[Return] ${PUBLIC_CID_GEN}
|
||||
|
||||
|
||||
Generate files
|
||||
[Arguments] ${SIZE}
|
||||
${FILE_S_GEN_1} = Generate file of bytes ${SIZE}
|
||||
${FILE_S_GEN_2} = Generate file of bytes ${SIZE}
|
||||
Set Global Variable ${FILE_S} ${FILE_S_GEN_1}
|
||||
Set Global Variable ${FILE_S_2} ${FILE_S_GEN_2}
|
||||
|
||||
|
||||
Prepare eACL Role rules
|
||||
Log Set eACL for different Role cases
|
||||
|
||||
# eACL rules for all operations and similar permissions
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||
END
|
||||
|
||||
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=${role}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=${role}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=${role}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_allow_all_${role} ${eACL_gen}
|
||||
END
|
||||
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
|
||||
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
|
||||
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
|
||||
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
|
||||
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
|
||||
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
|
||||
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
|
||||
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
|
||||
Form eACL json common file gen_eacl_allow_pubkey_deny_OTHERS ${eACL_gen}
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_OTHER} gen_eacl_deny_all_OTHERS
|
||||
Set Global Variable ${EACL_ALLOW_ALL_OTHER} gen_eacl_allow_all_OTHERS
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_USER} gen_eacl_deny_all_USER
|
||||
Set Global Variable ${EACL_ALLOW_ALL_USER} gen_eacl_allow_all_USER
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_SYSTEM} gen_eacl_deny_all_SYSTEM
|
||||
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} gen_eacl_allow_all_SYSTEM
|
||||
|
||||
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} gen_eacl_allow_pubkey_deny_OTHERS
|
||||
|
||||
|
||||
# eACL rules for Compound operations: GET/GetRange/GetRangeHash
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
|
||||
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||
${rule4}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4}
|
||||
Form eACL json common file gen_eacl_compound_get_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_COMPOUND_GET_${role}} gen_eacl_compound_get_${role}
|
||||
END
|
||||
|
||||
# eACL rules for Compound operations: DELETE
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule3}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||
Form eACL json common file gen_eacl_compound_del_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_COMPOUND_DELETE_${role}} gen_eacl_compound_del_${role}
|
||||
END
|
||||
|
||||
# eACL rules for Compound operations: GETRANGEHASH
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule3}= Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||
Form eACL json common file gen_eacl_compound_get_hash_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_COMPOUND_GET_HASH_${role}} gen_eacl_compound_get_hash_${role}
|
||||
END
|
||||
|
||||
|
||||
|
||||
# eACL for X-Header Other DENY and ALLOW for all
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_xheader_deny_all ${eACL_gen}
|
||||
Set Global Variable ${EACL_XHEADER_DENY_ALL} gen_eacl_xheader_deny_all
|
||||
|
||||
|
||||
|
||||
# eACL for X-Header Other ALLOW and DENY for all
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
|
||||
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
|
||||
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
|
||||
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
|
||||
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
|
||||
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
|
||||
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
|
||||
Form eACL json common file gen_eacl_xheader_allow_all ${eACL_gen}
|
||||
Set Global Variable ${EACL_XHEADER_ALLOW_ALL} gen_eacl_xheader_allow_all
|
|
@ -1,285 +0,0 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
|
||||
|
||||
*** Variables ***
|
||||
${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
Basic ACL Operations
|
||||
[Documentation] Testcase to validate NeoFS operations with ACL.
|
||||
[Tags] ACL NeoFS NeoCLI
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Create Containers
|
||||
|
||||
Generate file
|
||||
Check Private Container
|
||||
Check Public Container
|
||||
Check Read-Only Container
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Generate Keys
|
||||
${WALLET} = Init wallet
|
||||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
|
||||
${WALLET_OTH} = Init wallet
|
||||
Generate wallet ${WALLET_OTH}
|
||||
${ADDR_OTH} = Dump Address ${WALLET_OTH}
|
||||
${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH}
|
||||
|
||||
${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
||||
${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
||||
|
||||
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
||||
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY_IR} ${SYSTEM_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN}
|
||||
|
||||
Payment Operations ${WALLET} ${ADDR} ${USER_KEY}
|
||||
Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY}
|
||||
|
||||
# Basic ACL manual page: https://neospcc.atlassian.net/wiki/spaces/NEOF/pages/362348545/NeoFS+ACL
|
||||
# TODO: X - Sticky bit validation on public container
|
||||
|
||||
|
||||
Payment Operations
|
||||
[Arguments] ${WALLET} ${ADDR} ${KEY}
|
||||
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 55
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
|
||||
|
||||
|
||||
Create Containers
|
||||
# Create containers:
|
||||
|
||||
|
||||
|
||||
Log Create Private Container
|
||||
${PRIV_CID_GEN} = Create container ${USER_KEY} 0x18888888 ${RULE_FOR_ALL}
|
||||
Container Existing ${USER_KEY} ${PRIV_CID_GEN}
|
||||
|
||||
Log Create Public Container
|
||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x1FFFFFFF ${RULE_FOR_ALL}
|
||||
Container Existing ${USER_KEY} ${PUBLIC_CID_GEN}
|
||||
|
||||
Log Create Read-Only Container
|
||||
${READONLY_CID_GEN} = Create container ${USER_KEY} 0x1FFF88FF ${RULE_FOR_ALL}
|
||||
Container Existing ${USER_KEY} ${READONLY_CID_GEN}
|
||||
|
||||
Set Global Variable ${PRIV_CID} ${PRIV_CID_GEN}
|
||||
Set Global Variable ${PUBLIC_CID} ${PUBLIC_CID_GEN}
|
||||
Set Global Variable ${READONLY_CID} ${READONLY_CID_GEN}
|
||||
|
||||
|
||||
Generate file
|
||||
# Generate small file
|
||||
${FILE_S_GEN} = Generate file of bytes 1024
|
||||
${FILE_S_HASH_GEN} = Get file hash ${FILE_S_GEN}
|
||||
|
||||
Set Global Variable ${FILE_S} ${FILE_S_GEN}
|
||||
Set Global Variable ${FILE_S_HASH} ${FILE_S_HASH_GEN}
|
||||
|
||||
Check Private Container
|
||||
# Check Private:
|
||||
# Put
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
|
||||
|
||||
# Get
|
||||
Get object from NeoFS ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
|
||||
# Get Range
|
||||
Get Range ${USER_KEY} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
# Get Range Hash
|
||||
Get Range Hash ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
# Search
|
||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||
Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_IR} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_SN} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
|
||||
|
||||
# Head
|
||||
Head object ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
|
||||
|
||||
# Delete
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY}
|
||||
Delete object ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
Check Public Container
|
||||
|
||||
# Put
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_SYS_IR} = Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
|
||||
# Get
|
||||
Get object from NeoFS ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
|
||||
# Get Range
|
||||
Get Range ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
|
||||
# Get Range Hash
|
||||
Get Range Hash ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
# Search
|
||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} ${S_OID_SYS_IR}
|
||||
Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
|
||||
# Head
|
||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
|
||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY}
|
||||
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY} ${EMPTY}
|
||||
|
||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY}
|
||||
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY} ${EMPTY}
|
||||
|
||||
|
||||
# Delete
|
||||
Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_IR} ${EMPTY}
|
||||
Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${S_OID_OTHER} ${EMPTY}
|
||||
|
||||
|
||||
Check Read-Only Container
|
||||
# Check Read Only container:
|
||||
|
||||
# Put
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${READONLY_CID} ${EMPTY} ${EMPTY}
|
||||
|
||||
# Get
|
||||
Get object from NeoFS ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
|
||||
# Get Range
|
||||
Get Range ${USER_KEY} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
|
||||
# Get Range Hash
|
||||
Get Range Hash ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
# Search
|
||||
@{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||
Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
Search object ${SYSTEM_KEY_IR} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
Search object ${SYSTEM_KEY_SN} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
|
||||
|
||||
# Head
|
||||
Head object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
|
||||
# Delete
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_IR} ${READONLY_CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_SN} ${READONLY_CID} ${S_OID_USER} ${EMPTY}
|
||||
Delete object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_basic
|
|
@ -1,730 +0,0 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
|
||||
Library Collections
|
||||
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
|
||||
*** Variables ***
|
||||
${FILE_USR_HEADER} = key1=1,key2=abc
|
||||
${FILE_USR_HEADER_DEL} = key1=del,key2=del
|
||||
${FILE_OTH_HEADER} = key1=oth,key2=oth
|
||||
${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X
|
||||
|
||||
*** Test cases ***
|
||||
BearerToken Operations
|
||||
[Documentation] Testcase to validate NeoFS operations with BearerToken.
|
||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check Container Inaccessible and Allow All Bearer
|
||||
Check eACL Deny and Allow All Bearer
|
||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||
Check Сompound Operations
|
||||
|
||||
# TODO:
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 10e+6
|
||||
Check Container Inaccessible and Allow All Bearer
|
||||
Check eACL Deny and Allow All Bearer
|
||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||
Check Сompound Operations
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Generate Keys
|
||||
${WALLET} = Init wallet
|
||||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
|
||||
${WALLET_OTH} = Init wallet
|
||||
Generate wallet ${WALLET_OTH}
|
||||
${ADDR_OTH} = Dump Address ${WALLET_OTH}
|
||||
${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH}
|
||||
|
||||
|
||||
${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de
|
||||
${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
||||
${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
||||
|
||||
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
||||
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN}
|
||||
Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN}
|
||||
|
||||
Payment Operations ${WALLET} ${ADDR} ${USER_KEY}
|
||||
Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY}
|
||||
|
||||
|
||||
Payment Operations
|
||||
[Arguments] ${WALLET} ${ADDR} ${KEY}
|
||||
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 55
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
|
||||
Create Container Public
|
||||
Log Create Public Container
|
||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF
|
||||
[Return] ${PUBLIC_CID_GEN}
|
||||
|
||||
|
||||
Create Container Inaccessible
|
||||
Log Create Inaccessible Container
|
||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x40000000
|
||||
[Return] ${PUBLIC_CID_GEN}
|
||||
|
||||
|
||||
Generate file
|
||||
[Arguments] ${SIZE}
|
||||
|
||||
${FILE_S_GEN} = Generate file of bytes ${SIZE}
|
||||
Set Global Variable ${FILE_S} ${FILE_S_GEN}
|
||||
|
||||
|
||||
Prepare eACL Role rules
|
||||
Log Set eACL for different Role cases
|
||||
|
||||
# eACL rules for all operations and similar permissions
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
|
||||
END
|
||||
|
||||
|
||||
Check Container Inaccessible and Allow All Bearer
|
||||
${CID} = Create Container Inaccessible
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||
${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER}
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER}
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user
|
||||
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2}
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER_2} s_get_range bearer_allow_all_user 0:256
|
||||
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${D_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
|
||||
|
||||
|
||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||
${rule1}= Create Dictionary Operation=GET Access=DENY Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
#Run Keyword And Expect Error *
|
||||
#... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
||||
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
# Delete can not be filtered by UserHeader.
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER_2}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
# Search can not use filter by headers
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
# Different behaviour for big and small objects!
|
||||
# Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY}
|
||||
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
||||
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
# Delete can not be filtered by UserHeader.
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
|
||||
Check Сompound Operations
|
||||
Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||
Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||
Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||
|
||||
Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||
Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||
Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||
|
||||
Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||
Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||
Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||
|
||||
|
||||
Check Bearer Сompound Get
|
||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
||||
|
||||
|
||||
Check Bearer Сompound Delete
|
||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
|
||||
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER}
|
||||
|
||||
Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||
|
||||
|
||||
|
||||
Check Bearer Сompound Get Range Hash
|
||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
|
||||
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
||||
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER bearer_allow
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
|
@ -1,701 +0,0 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
Library Collections
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
|
||||
*** Variables ***
|
||||
${FILE_USR_HEADER} = key1=1,key2=abc
|
||||
${FILE_USR_HEADER_DEL} = key1=del,key2=del
|
||||
${FILE_OTH_HEADER} = key1=oth,key2=oth
|
||||
${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X
|
||||
|
||||
*** Test cases ***
|
||||
Extended ACL Operations
|
||||
[Documentation] Testcase to validate NeoFS operations with extended ACL.
|
||||
[Tags] ACL eACL NeoFS NeoCLI
|
||||
[Timeout] 20 min
|
||||
|
||||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
Log Check extended ACL with simple object
|
||||
|
||||
Generate files 1024
|
||||
|
||||
Check Actions
|
||||
Check Filters
|
||||
Check Сompound Operations
|
||||
|
||||
Cleanup Files ${FILE_S} ${FILE_S_2}
|
||||
|
||||
Log Check extended ACL with complex object
|
||||
Generate files 10e+6
|
||||
Check Actions
|
||||
Check Filters
|
||||
Check Сompound Operations
|
||||
|
||||
#[Teardown] Cleanup
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Check Actions
|
||||
Check eACL Deny and Allow All Other
|
||||
Check eACL Deny and Allow All User
|
||||
Check eACL Deny and Allow All System
|
||||
Check eACL Deny All Other and Allow All Pubkey
|
||||
|
||||
|
||||
Check Filters
|
||||
Check eACL MatchType String Equal Object
|
||||
Check eACL MatchType String Not Equal Object
|
||||
Check eACL MatchType String Equal Request Deny
|
||||
Check eACL MatchType String Equal Request Allow
|
||||
|
||||
Check Сompound Operations
|
||||
Check eACL Сompound Get ${OTHER_KEY} ${EACL_COMPOUND_GET_OTHERS}
|
||||
Check eACL Сompound Get ${USER_KEY} ${EACL_COMPOUND_GET_USER}
|
||||
Check eACL Сompound Get ${SYSTEM_KEY} ${EACL_COMPOUND_GET_SYSTEM}
|
||||
|
||||
Check eACL Сompound Delete ${OTHER_KEY} ${EACL_COMPOUND_DELETE_OTHERS}
|
||||
Check eACL Сompound Delete ${USER_KEY} ${EACL_COMPOUND_DELETE_USER}
|
||||
Check eACL Сompound Delete ${SYSTEM_KEY} ${EACL_COMPOUND_DELETE_SYSTEM}
|
||||
|
||||
Check eACL Сompound Get Range Hash ${OTHER_KEY} ${EACL_COMPOUND_GET_HASH_OTHERS}
|
||||
Check eACL Сompound Get Range Hash ${USER_KEY} ${EACL_COMPOUND_GET_HASH_USER}
|
||||
Check eACL Сompound Get Range Hash ${SYSTEM_KEY} ${EACL_COMPOUND_GET_HASH_SYSTEM}
|
||||
|
||||
Check eACL Сompound Get
|
||||
[Arguments] ${KEY} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
|
||||
Check eACL Сompound Delete
|
||||
[Arguments] ${KEY} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
|
||||
Check eACL Сompound Get Range Hash
|
||||
[Arguments] ${KEY} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
|
||||
|
||||
Check eACL MatchType String Equal Request Deny
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_DENY_ALL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=256
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2"
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
|
||||
|
||||
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=256
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=*
|
||||
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=
|
||||
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=.*
|
||||
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2 2"
|
||||
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=256
|
||||
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=22
|
||||
|
||||
|
||||
|
||||
Check eACL MatchType String Equal Request Allow
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_ALLOW_ALL} --await
|
||||
Get eACL ${USER_KEY} ${CID}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
|
||||
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a=2
|
||||
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
|
||||
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
|
||||
|
||||
|
||||
|
||||
|
||||
Check eACL MatchType String Equal Object
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
Log Set eACL for Deny GET operation with StringEqual Object ID
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${ID_value}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key1 value=1
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
|
||||
Check eACL MatchType String Not Equal Object
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S_2} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY}
|
||||
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
|
||||
|
||||
Log Set eACL for Deny GET operation with StringNotEqual Object ID
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${ID_value}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key1 value=1
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
|
||||
|
||||
Generate Keys
|
||||
${WALLET} = Init wallet
|
||||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
|
||||
${WALLET_OTH} = Init wallet
|
||||
Generate wallet ${WALLET_OTH}
|
||||
${ADDR_OTH} = Dump Address ${WALLET_OTH}
|
||||
${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH}
|
||||
|
||||
|
||||
${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de
|
||||
${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
||||
${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
||||
|
||||
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
||||
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN}
|
||||
Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN}
|
||||
Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN}
|
||||
|
||||
Payment Operations ${WALLET} ${ADDR} ${USER_KEY}
|
||||
Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY}
|
||||
|
||||
|
||||
Payment Operations
|
||||
[Arguments] ${WALLET} ${ADDR} ${KEY}
|
||||
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55
|
||||
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 55
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
|
||||
Create Container Public
|
||||
Log Create Public Container
|
||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x4FFFFFFF ${RULE_FOR_ALL}
|
||||
[Return] ${PUBLIC_CID_GEN}
|
||||
|
||||
|
||||
Generate files
|
||||
[Arguments] ${SIZE}
|
||||
${FILE_S_GEN_1} = Generate file of bytes ${SIZE}
|
||||
${FILE_S_GEN_2} = Generate file of bytes ${SIZE}
|
||||
Set Global Variable ${FILE_S} ${FILE_S_GEN_1}
|
||||
Set Global Variable ${FILE_S_2} ${FILE_S_GEN_2}
|
||||
|
||||
|
||||
Prepare eACL Role rules
|
||||
Log Set eACL for different Role cases
|
||||
|
||||
# eACL rules for all operations and similar permissions
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||
END
|
||||
|
||||
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=${role}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=${role}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=${role}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_allow_all_${role} ${eACL_gen}
|
||||
END
|
||||
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
|
||||
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
|
||||
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
|
||||
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
|
||||
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
|
||||
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
|
||||
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
|
||||
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
|
||||
Form eACL json common file gen_eacl_allow_pubkey_deny_OTHERS ${eACL_gen}
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_OTHER} gen_eacl_deny_all_OTHERS
|
||||
Set Global Variable ${EACL_ALLOW_ALL_OTHER} gen_eacl_allow_all_OTHERS
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_USER} gen_eacl_deny_all_USER
|
||||
Set Global Variable ${EACL_ALLOW_ALL_USER} gen_eacl_allow_all_USER
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_SYSTEM} gen_eacl_deny_all_SYSTEM
|
||||
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} gen_eacl_allow_all_SYSTEM
|
||||
|
||||
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} gen_eacl_allow_pubkey_deny_OTHERS
|
||||
|
||||
|
||||
# eACL rules for Compound operations: GET/GetRange/GetRangeHash
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
|
||||
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||
${rule4}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4}
|
||||
Form eACL json common file gen_eacl_compound_get_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_COMPOUND_GET_${role}} gen_eacl_compound_get_${role}
|
||||
END
|
||||
|
||||
# eACL rules for Compound operations: DELETE
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule3}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||
Form eACL json common file gen_eacl_compound_del_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_COMPOUND_DELETE_${role}} gen_eacl_compound_del_${role}
|
||||
END
|
||||
|
||||
# eACL rules for Compound operations: GETRANGEHASH
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule3}= Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||
Form eACL json common file gen_eacl_compound_get_hash_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_COMPOUND_GET_HASH_${role}} gen_eacl_compound_get_hash_${role}
|
||||
END
|
||||
|
||||
|
||||
|
||||
# eACL for X-Header Other DENY and ALLOW for all
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_xheader_deny_all ${eACL_gen}
|
||||
Set Global Variable ${EACL_XHEADER_DENY_ALL} gen_eacl_xheader_deny_all
|
||||
|
||||
|
||||
|
||||
# eACL for X-Header Other ALLOW and DENY for all
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
|
||||
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
|
||||
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
|
||||
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
|
||||
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
|
||||
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
|
||||
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
|
||||
Form eACL json common file gen_eacl_xheader_allow_all ${eACL_gen}
|
||||
Set Global Variable ${EACL_XHEADER_ALLOW_ALL} gen_eacl_xheader_allow_all
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Check eACL Deny and Allow All User
|
||||
Check eACL Deny and Allow All ${USER_KEY} ${EACL_DENY_ALL_USER} ${EACL_ALLOW_ALL_USER}
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Other
|
||||
Check eACL Deny and Allow All ${OTHER_KEY} ${EACL_DENY_ALL_OTHER} ${EACL_ALLOW_ALL_OTHER}
|
||||
|
||||
|
||||
Check eACL Deny and Allow All System
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM} --await
|
||||
|
||||
|
||||
${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
|
||||
|
||||
Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
|
||||
Get Range Hash ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY}
|
||||
|
||||
|
||||
|
||||
Check eACL Deny All Other and Allow All Pubkey
|
||||
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Delete object ${EACL_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_Pubkey} --await
|
||||
Get eACL ${USER_KEY} ${CID}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Delete object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
Check eACL Deny and Allow All
|
||||
[Arguments] ${KEY} ${DENY_EACL} ${ALLOW_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL} --await
|
||||
|
||||
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl eacl_custom s_get_range
|
||||
... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER
|
||||
... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS
|
||||
... gen_eacl_deny_all_OTHERS
|
||||
... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS
|
||||
... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER
|
||||
... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_extended
|
|
@ -1,8 +1,8 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
|
@ -83,15 +83,15 @@ Generate Key and Pre-payment
|
|||
Payment Operations
|
||||
[Arguments] ${WALLET} ${ADDR} ${KEY}
|
||||
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 11
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 55
|
||||
Expexted Mainnet Balance ${ADDR} 11
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 10
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
@ -105,9 +105,10 @@ Validate Policy
|
|||
Container Existing ${PRIV_KEY} ${CID}
|
||||
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
|
||||
Validate storage policy for object ${PRIV_KEY} ${EXPECTED_VAL} ${CID} ${S_OID} @{EXPECTED_LIST}
|
||||
Get object from NeoFS ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} s_file_read
|
||||
|
||||
|
||||
Cleanup
|
||||
[Arguments] ${FILE}
|
||||
Cleanup Files ${FILE}
|
||||
Cleanup Files ${FILE} s_file_read
|
||||
Get Docker Logs netmap_simple
|
|
@ -1,29 +1,29 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
*** Test cases ***
|
||||
NeoFS Object Replication
|
||||
[Documentation] Testcase to validate NeoFS object replication.
|
||||
[Tags] Migration Replication NeoFS NeoCLI
|
||||
[Timeout] 10 min
|
||||
[Timeout] 15 min
|
||||
|
||||
${WALLET} = Init wallet
|
||||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${PRIV_KEY} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 11
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 55
|
||||
Expexted Mainnet Balance ${ADDR} 11
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 10
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
@ -39,10 +39,19 @@ NeoFS Object Replication
|
|||
Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID}
|
||||
|
||||
@{NODES_OBJ} = Get nodes with object ${PRIV_KEY} ${CID} ${S_OID}
|
||||
|
||||
${NODES_LOG_TIME} = Get Nodes Log Latest Timestamp
|
||||
|
||||
@{NODES_OBJ_STOPPED} = Stop nodes 1 @{NODES_OBJ}
|
||||
|
||||
Wait Until Keyword Succeeds 10 min 1 min
|
||||
${state} ${output}= Run Keyword And Ignore Error
|
||||
... Wait Until Keyword Succeeds 10 min 2 min
|
||||
... Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID}
|
||||
|
||||
Run Keyword If '${state}'!='PASS' Log Warning: Keyword failed: Validate storage policy for object ${S_OID} {\n}${output} WARN
|
||||
|
||||
Find in Nodes Log object successfully replicated ${NODES_LOG_TIME}
|
||||
|
||||
Start nodes @{NODES_OBJ_STOPPED}
|
||||
|
||||
[Teardown] Cleanup ${FILE} @{NODES_OBJ_STOPPED}
|
|
@ -1,8 +1,8 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
*** Variables ***
|
||||
${FILE_USR_HEADER} = key1=1,key2=abc
|
||||
|
@ -19,29 +19,29 @@ NeoFS Complex Object Operations
|
|||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${PRIV_KEY} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 15
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 55
|
||||
Expexted Mainnet Balance ${ADDR} 15
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 10
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
${BALANCE} = Wait Until Keyword Succeeds 5 min 1 min
|
||||
... Expected Balance ${PRIV_KEY} 0 50
|
||||
... Expected Balance ${PRIV_KEY} 0 10
|
||||
|
||||
${CID} = Create container ${PRIV_KEY}
|
||||
Container Existing ${PRIV_KEY} ${CID}
|
||||
|
||||
Wait Until Keyword Succeeds 2 min 30 sec
|
||||
... Expected Balance ${PRIV_KEY} 50 -7e-08
|
||||
... Expected Balance ${PRIV_KEY} 10 -7e-08
|
||||
|
||||
${FILE} = Generate file of bytes 10e+6
|
||||
${FILE} = Generate file of bytes 70e+6
|
||||
${FILE_HASH} = Get file hash ${FILE}
|
||||
|
||||
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
|
||||
|
@ -58,8 +58,7 @@ NeoFS Complex Object Operations
|
|||
@{S_OBJ_H} = Create List ${H_OID}
|
||||
@{S_OBJ_H_OTH} = Create List ${H_OID_OTH}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
|
||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
|
||||
|
||||
Get object from NeoFS ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} h_file_read
|
|
@ -1,8 +1,8 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
*** Variables ***
|
||||
${FILE_USR_HEADER} = key1=1,key2=abc
|
||||
|
@ -18,27 +18,27 @@ NeoFS Simple Object Operations
|
|||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${PRIV_KEY} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 15
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 55
|
||||
Expexted Mainnet Balance ${ADDR} 15
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 10
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
${BALANCE} = Wait Until Keyword Succeeds 5 min 1 min
|
||||
... Expected Balance ${PRIV_KEY} 0 50
|
||||
... Expected Balance ${PRIV_KEY} 0 10
|
||||
|
||||
${CID} = Create container ${PRIV_KEY}
|
||||
Container Existing ${PRIV_KEY} ${CID}
|
||||
|
||||
Wait Until Keyword Succeeds 2 min 30 sec
|
||||
... Expected Balance ${PRIV_KEY} 50 -7e-08
|
||||
... Expected Balance ${PRIV_KEY} 10 -7e-08
|
||||
|
||||
${FILE} = Generate file of bytes 1024
|
||||
${FILE_HASH} = Get file hash ${FILE}
|
|
@ -1,8 +1,8 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
|
||||
*** Test cases ***
|
||||
NeoFS Deposit and Withdraw
|
|
@ -1,10 +1,10 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
Variables ../../../variables/common.py
|
||||
|
||||
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
Library ${RESOURCES}/gates.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
Library ../${RESOURCES}/gates.py
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
|
@ -17,16 +17,16 @@ NeoFS HTTP Gateway
|
|||
Generate wallet ${WALLET}
|
||||
${ADDR} = Dump Address ${WALLET}
|
||||
${PRIV_KEY} = Dump PrivKey ${WALLET} ${ADDR}
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55
|
||||
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 6
|
||||
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX}
|
||||
Get Transaction ${TX}
|
||||
Expexted Mainnet Balance ${ADDR} 55
|
||||
Expexted Mainnet Balance ${ADDR} 6
|
||||
|
||||
${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 5
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
@ -36,7 +36,7 @@ NeoFS HTTP Gateway
|
|||
... Container Existing ${PRIV_KEY} ${CID}
|
||||
|
||||
${FILE} = Generate file of bytes 1024
|
||||
${FILE_L} = Generate file of bytes 10e+6
|
||||
${FILE_L} = Generate file of bytes 70e+6
|
||||
${FILE_HASH} = Get file hash ${FILE}
|
||||
${FILE_L_HASH} = Get file hash ${FILE_L}
|
||||
|
|
@ -1,9 +1,9 @@
|
|||
*** Settings ***
|
||||
Variables ../../variables/common.py
|
||||
Variables ../../../variables/common.py
|
||||
Library Collections
|
||||
Library ${RESOURCES}/neofs.py
|
||||
Library ${RESOURCES}/payment_neogo.py
|
||||
Library ${RESOURCES}/gates.py
|
||||
Library ../${RESOURCES}/neofs.py
|
||||
Library ../${RESOURCES}/payment_neogo.py
|
||||
Library ../${RESOURCES}/gates.py
|
||||
|
||||
|
||||
*** Test cases ***
|
||||
|
@ -20,16 +20,16 @@ NeoFS S3 Gateway
|
|||
Dump PrivKey ${WALLET} ${ADDR}
|
||||
${SCRIPT_HASH} = Get ScripHash ${PRIV_KEY}
|
||||
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 5
|
||||
Wait Until Keyword Succeeds 1 min 15 sec
|
||||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
${FILE_S3} = Generate file of bytes 10e+6
|
||||
${FILE_S3} = Generate file of bytes 70e+6
|
||||
${FILE_S3_HASH} = Get file hash ${FILE_S3}
|
||||
${FILE_S3_NAME} = Get file name ${FILE_S3}
|
||||
|
||||
${FILE_FS} = Generate file of bytes 10e+6
|
||||
${FILE_FS} = Generate file of bytes 70e+6
|
||||
${FILE_FS_HASH} = Get file hash ${FILE_FS}
|
||||
${FILE_FS_NAME} = Get file name ${FILE_FS}
|
||||
|
Loading…
Reference in a new issue