forked from TrueCloudLab/frostfs-testcases
102 lines
4.7 KiB
Python
102 lines
4.7 KiB
Python
import allure
|
|
import pytest
|
|
|
|
from python_keywords.acl import EACLRole
|
|
from python_keywords.container import create_container
|
|
from python_keywords.container_access import (check_full_access_to_container, check_no_access_to_container,
|
|
check_read_only_container)
|
|
from python_keywords.neofs_verbs import put_object
|
|
from wellknown_acl import PRIVATE_ACL_F, PUBLIC_ACL_F, READONLY_ACL_F
|
|
|
|
|
|
@pytest.mark.sanity
|
|
@pytest.mark.acl
|
|
@pytest.mark.acl_container
|
|
class TestACLBasic:
|
|
|
|
@pytest.fixture(scope='function')
|
|
def public_container(self, wallets):
|
|
user_wallet = wallets.get_wallet()
|
|
with allure.step('Create public container'):
|
|
cid_public = create_container(user_wallet.wallet_path, basic_acl=PUBLIC_ACL_F)
|
|
|
|
yield cid_public
|
|
|
|
# with allure.step('Delete public container'):
|
|
# delete_container(user_wallet.wallet_path, cid_public)
|
|
|
|
@pytest.fixture(scope='function')
|
|
def private_container(self, wallets):
|
|
user_wallet = wallets.get_wallet()
|
|
with allure.step('Create private container'):
|
|
cid_private = create_container(user_wallet.wallet_path, basic_acl=PRIVATE_ACL_F)
|
|
|
|
yield cid_private
|
|
|
|
# with allure.step('Delete private container'):
|
|
# delete_container(user_wallet.wallet_path, cid_private)
|
|
|
|
@pytest.fixture(scope='function')
|
|
def read_only_container(self, wallets):
|
|
user_wallet = wallets.get_wallet()
|
|
with allure.step('Create public readonly container'):
|
|
cid_read_only = create_container(user_wallet.wallet_path, basic_acl=READONLY_ACL_F)
|
|
|
|
yield cid_read_only
|
|
|
|
# with allure.step('Delete public readonly container'):
|
|
# delete_container(user_wallet.wallet_path, cid_read_only)
|
|
|
|
@allure.title('Test basic ACL on public container')
|
|
def test_basic_acl_public(self, wallets, public_container, file_path):
|
|
"""
|
|
Test basic ACL set during public container creation.
|
|
"""
|
|
user_wallet = wallets.get_wallet()
|
|
other_wallet = wallets.get_wallet(role=EACLRole.OTHERS)
|
|
cid = public_container
|
|
for wallet, desc in ((user_wallet, 'owner'), (other_wallet, 'other users')):
|
|
with allure.step('Add test objects to container'):
|
|
# We create new objects for each wallet because check_full_access_to_container deletes the object
|
|
owner_object_oid = put_object(user_wallet.wallet_path, file_path, cid, attributes={'created': 'owner'})
|
|
other_object_oid = put_object(other_wallet.wallet_path, file_path, cid, attributes={'created': 'other'})
|
|
with allure.step(f'Check {desc} has full access to public container'):
|
|
check_full_access_to_container(wallet.wallet_path, cid, owner_object_oid, file_path)
|
|
check_full_access_to_container(wallet.wallet_path, cid, other_object_oid, file_path)
|
|
|
|
@allure.title('Test basic ACL on private container')
|
|
def test_basic_acl_private(self, wallets, private_container, file_path):
|
|
"""
|
|
Test basic ACL set during private container creation.
|
|
"""
|
|
user_wallet = wallets.get_wallet()
|
|
other_wallet = wallets.get_wallet(role=EACLRole.OTHERS)
|
|
cid = private_container
|
|
with allure.step('Add test objects to container'):
|
|
owner_object_oid = put_object(user_wallet.wallet_path, file_path, cid)
|
|
|
|
with allure.step('Check only owner has full access to private container'):
|
|
with allure.step('Check no one except owner has access to operations with container'):
|
|
check_no_access_to_container(other_wallet.wallet_path, cid, owner_object_oid, file_path)
|
|
|
|
with allure.step('Check owner has full access to private container'):
|
|
check_full_access_to_container(
|
|
user_wallet.wallet_path, cid, owner_object_oid, file_path)
|
|
|
|
@allure.title('Test basic ACL on readonly container')
|
|
def test_basic_acl_readonly(self, wallets, read_only_container, file_path):
|
|
"""
|
|
Test basic ACL Operations for Read-Only Container.
|
|
"""
|
|
user_wallet = wallets.get_wallet()
|
|
other_wallet = wallets.get_wallet(role=EACLRole.OTHERS)
|
|
cid = read_only_container
|
|
|
|
with allure.step('Add test objects to container'):
|
|
object_oid = put_object(user_wallet.wallet_path, file_path, cid)
|
|
|
|
with allure.step('Check other has read-only access to operations with container'):
|
|
check_read_only_container(other_wallet.wallet_path, cid, object_oid, file_path)
|
|
|
|
with allure.step('Check owner has full access to public container'):
|
|
check_full_access_to_container(user_wallet.wallet_path, cid, object_oid, file_path)
|