49cc629412
* hotfix for incorrect request due to ACL restriction
107 lines
No EOL
7.4 KiB
Text
107 lines
No EOL
7.4 KiB
Text
*** Settings ***
|
|
Variables ../../../variables/common.py
|
|
Library ../${RESOURCES}/neofs.py
|
|
Library ../${RESOURCES}/payment_neogo.py
|
|
|
|
Library Collections
|
|
Resource common_steps_acl_bearer.robot
|
|
|
|
|
|
*** Test cases ***
|
|
BearerToken Operations
|
|
[Documentation] Testcase to validate NeoFS operations with BearerToken.
|
|
[Tags] ACL NeoFS NeoCLI BearerToken
|
|
[Timeout] 20 min
|
|
|
|
Generate Keys
|
|
Prepare eACL Role rules
|
|
|
|
Log Check Bearer token with simple object
|
|
Generate file 1024
|
|
Check eACL Deny and Allow All Bearer Simple
|
|
|
|
Log Check Bearer token with complex object
|
|
Cleanup Files ${FILE_S}
|
|
Generate file 70e+6
|
|
Check eACL Deny and Allow All Bearer Complex
|
|
|
|
|
|
[Teardown] Cleanup
|
|
|
|
|
|
|
|
*** Keywords ***
|
|
|
|
Check eACL Deny and Allow All Bearer
|
|
[Arguments] ${RUN_TYPE}
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
|
|
# Storage group Operations (Put, List, Get, Delete)
|
|
${SG_OID_INV} = Put Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${S_OID_USER}
|
|
${SG_OID_1} = Put Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${S_OID_USER}
|
|
List Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${SG_OID_INV}
|
|
@{EXPECTED_OIDS} = Run Keyword If "${RUN_TYPE}" == "Complex" Get Split objects ${USER_KEY} ${CID} ${S_OID_USER}
|
|
... ELSE IF "${RUN_TYPE}" == "Simple" Create List ${S_OID_USER}
|
|
Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY} @{EXPECTED_OIDS}
|
|
Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_1}
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
|
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
|
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${S_OID_USER}
|
|
Run Keyword And Expect Error *
|
|
... List Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${SG_OID_INV}
|
|
Run Keyword And Expect Error *
|
|
... Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY} @{EXPECTED_OIDS}
|
|
Run Keyword And Expect Error *
|
|
... Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_1}
|
|
|
|
# Storagegroup will be added after https://github.com/nspcc-dev/neofs-node/issues/388
|
|
|
|
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
|
|
Cleanup
|
|
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
|
... bearer_allow_all_user gen_eacl_deny_all_USER
|
|
Cleanup Files @{CLEANUP_FILES}
|
|
Get Docker Logs acl_bearer |