forked from TrueCloudLab/frostfs-testcases
Feature/acl extension operations (#17)
- Add bearer token coverage with the request filter #8 - Add eACL coverage with the request filter #9 - Add Bearer token coverage of the case with different permissions for operations in the complex operations #15 (Check Сompound Operations) - Add eACL token coverage of the case with different permissions for operations in the complex operations - Add latest nodes and services logs to the artifacts in case of failure #10 - Prepare neofs-testcases repository for the public #11 - new eACL and bearer token generation by rules. - Readme update - Fixes and additional extensions of the existed test cases - Large file size has been changed from 20mb to 10mb
This commit is contained in:
parent
708bf2a012
commit
fb5da3dc21
24 changed files with 1028 additions and 1151 deletions
|
@ -35,7 +35,7 @@ In this case, dev-env should be running with the tested environment.
|
||||||
### Running an arbitrary test case
|
### Running an arbitrary test case
|
||||||
|
|
||||||
To run an arbitrary testcase, you need to run the command:
|
To run an arbitrary testcase, you need to run the command:
|
||||||
`robot --timestampoutputs --outputdir artifacts/ robot/testsuites/integration/<testsuite name>.robot `
|
`robot --outputdir artifacts/ robot/testsuites/integration/<testsuite name>.robot `
|
||||||
|
|
||||||
The following scripts are available for execution:
|
The following scripts are available for execution:
|
||||||
|
|
||||||
|
@ -76,7 +76,7 @@ Dev-env is not needed. But you need to install neo-go.
|
||||||
- `make`
|
- `make`
|
||||||
- `sudo cp bin/neo-go /usr/local/bin/neo-go` or add alias path to bin/neo-go
|
- `sudo cp bin/neo-go /usr/local/bin/neo-go` or add alias path to bin/neo-go
|
||||||
|
|
||||||
3. To run smoke test: `robot --timestampoutputs --outputdir artifacts/ robot/testsuites/smoke/selectelcdn_smoke.robot`
|
3. To run smoke test: `robot --outputdir artifacts/ robot/testsuites/smoke/selectelcdn_smoke.robot`
|
||||||
|
|
||||||
|
|
||||||
## Generation of documentation
|
## Generation of documentation
|
||||||
|
|
|
@ -1,69 +0,0 @@
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
|
@ -1,132 +0,0 @@
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,68 +0,0 @@
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,68 +0,0 @@
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": "ALLOW",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,68 +0,0 @@
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,68 +0,0 @@
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "SYSTEM"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,68 +0,0 @@
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "USER"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,21 +0,0 @@
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "DENY",
|
|
||||||
"filters": [
|
|
||||||
{
|
|
||||||
"headerType": "OBJECT",
|
|
||||||
"matchType": "STRING_NOT_EQUAL",
|
|
||||||
"key": "$Object:objectID",
|
|
||||||
"value": "X"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,68 +0,0 @@
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": "DENY",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": "OTHERS"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -13,6 +13,7 @@ import base64
|
||||||
import base58
|
import base58
|
||||||
import docker
|
import docker
|
||||||
import json
|
import json
|
||||||
|
import tarfile
|
||||||
|
|
||||||
if os.getenv('ROBOT_PROFILE') == 'selectel_smoke':
|
if os.getenv('ROBOT_PROFILE') == 'selectel_smoke':
|
||||||
from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
||||||
|
@ -166,7 +167,7 @@ def get_eacl(private_key: str, cid: str):
|
||||||
|
|
||||||
except subprocess.CalledProcessError as e:
|
except subprocess.CalledProcessError as e:
|
||||||
if re.search(r'extended ACL table is not set for this container', e.output):
|
if re.search(r'extended ACL table is not set for this container', e.output):
|
||||||
logger.info("Server is not presented in container.")
|
logger.info("Extended ACL table is not set for this container.")
|
||||||
else:
|
else:
|
||||||
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
||||||
|
|
||||||
|
@ -184,329 +185,99 @@ def set_eacl(private_key: str, cid: str, eacl: str, add_keys: str = ""):
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@keyword('Form BearerToken file for all ops')
|
@keyword('Form BearerToken file')
|
||||||
def form_bearertoken_file_for_all_ops(file_name: str, private_key: str, cid: str, action: str, target_role: str, lifetime_exp: str ):
|
def form_bearertoken_file(private_key: str, cid: str, file_name: str, eacl_oper_list, lifetime_exp: str ):
|
||||||
|
|
||||||
|
cid_base58_b = base58.b58decode(cid)
|
||||||
|
cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8")
|
||||||
eacl = get_eacl(private_key, cid)
|
eacl = get_eacl(private_key, cid)
|
||||||
input_records = ""
|
json_eacl = {}
|
||||||
|
|
||||||
|
if eacl:
|
||||||
|
res_json = re.split(r'[\s\n]+Signature:', eacl)
|
||||||
|
input_eacl = res_json[0].replace('eACL: ', '')
|
||||||
|
json_eacl = json.loads(input_eacl)
|
||||||
|
|
||||||
|
eacl_result = {"body":{ "eaclTable": { "containerID": { "value": cid_base64 }, "records": [] }, "lifetime": {"exp": lifetime_exp, "nbf": "1", "iat": "0"} } }
|
||||||
|
|
||||||
|
if eacl_oper_list:
|
||||||
|
for record in eacl_oper_list:
|
||||||
|
op_data = dict()
|
||||||
|
|
||||||
|
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
|
||||||
|
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
|
||||||
|
else:
|
||||||
|
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
|
||||||
|
|
||||||
|
if 'Filters' in record.keys():
|
||||||
|
op_data["filters"].append(record['Filters'])
|
||||||
|
|
||||||
|
eacl_result["body"]["eaclTable"]["records"].append(op_data)
|
||||||
|
|
||||||
|
# Add records from current eACL
|
||||||
|
if "records" in json_eacl.keys():
|
||||||
|
for record in json_eacl["records"]:
|
||||||
|
eacl_result["body"]["eaclTable"]["records"].append(record)
|
||||||
|
|
||||||
|
with open(file_name, 'w', encoding='utf-8') as f:
|
||||||
|
json.dump(eacl_result, f, ensure_ascii=False, indent=4)
|
||||||
|
|
||||||
|
logger.info(eacl_result)
|
||||||
|
|
||||||
|
# Sign bearer token
|
||||||
|
Cmd = f'neofs-cli util sign bearer-token --from {file_name} --to {file_name} --key {private_key} --json'
|
||||||
|
logger.info("Cmd: %s" % Cmd)
|
||||||
|
|
||||||
|
try:
|
||||||
|
complProc = subprocess.run(Cmd, check=True, universal_newlines=True,
|
||||||
|
stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=15, shell=True)
|
||||||
|
output = complProc.stdout
|
||||||
|
logger.info("Output: %s" % str(output))
|
||||||
|
except subprocess.CalledProcessError as e:
|
||||||
|
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
||||||
|
|
||||||
|
return file_name
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Form eACL json common file')
|
||||||
|
def form_eacl_json_common_file(file_name, eacl_oper_list ):
|
||||||
|
# Input role can be Role (USER, SYSTEM, OTHERS) or public key.
|
||||||
|
|
||||||
cid_base58_b = base58.b58decode(cid)
|
eacl = {"records":[]}
|
||||||
cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8")
|
|
||||||
|
|
||||||
if eacl:
|
logger.info(eacl_oper_list)
|
||||||
res_json = re.split(r'[\s\n]+\][\s\n]+\}[\s\n]+Signature:', eacl)
|
|
||||||
records = re.split(r'"records": \[', res_json[0])
|
|
||||||
input_records = ",\n" + records[1]
|
|
||||||
|
|
||||||
myjson = """
|
if eacl_oper_list:
|
||||||
{
|
for record in eacl_oper_list:
|
||||||
"body": {
|
op_data = dict()
|
||||||
"eaclTable": {
|
|
||||||
"containerID": {
|
|
||||||
"value": \"""" + str(cid_base64) + """"
|
|
||||||
},
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}""" + input_records + """
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"lifetime": {
|
|
||||||
"exp": \"""" + lifetime_exp + """",
|
|
||||||
"nbf": "1",
|
|
||||||
"iat": "0"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
"""
|
|
||||||
with open(file_name,'w') as out:
|
|
||||||
out.write(myjson)
|
|
||||||
logger.info("Output: %s" % myjson)
|
|
||||||
|
|
||||||
# Sign bearer token
|
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
|
||||||
Cmd = f'neofs-cli util sign bearer-token --from {file_name} --to {file_name} --key {private_key} --json'
|
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
|
||||||
logger.info("Cmd: %s" % Cmd)
|
else:
|
||||||
|
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
|
||||||
|
|
||||||
|
if 'Filters' in record.keys():
|
||||||
|
op_data["filters"].append(record['Filters'])
|
||||||
|
|
||||||
try:
|
eacl["records"].append(op_data)
|
||||||
complProc = subprocess.run(Cmd, check=True, universal_newlines=True,
|
|
||||||
stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=15, shell=True)
|
logger.info(eacl)
|
||||||
output = complProc.stdout
|
|
||||||
logger.info("Output: %s" % str(output))
|
with open(file_name, 'w', encoding='utf-8') as f:
|
||||||
except subprocess.CalledProcessError as e:
|
json.dump(eacl, f, ensure_ascii=False, indent=4)
|
||||||
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
|
||||||
|
|
||||||
return file_name
|
return file_name
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@keyword('Form BearerToken file filter for all ops')
|
|
||||||
def form_bearertoken_file_filter_for_all_ops(file_name: str, private_key: str, cid: str, action: str, target_role: str, lifetime_exp: str, matchType: str, key: str, value: str):
|
|
||||||
|
|
||||||
# SEARCH should be allowed without filters to use GET, HEAD, DELETE, and SEARCH? Need to clarify.
|
|
||||||
|
|
||||||
eacl = get_eacl(private_key, cid)
|
|
||||||
|
|
||||||
cid_base58_b = base58.b58decode(cid)
|
|
||||||
cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8")
|
|
||||||
|
|
||||||
input_records = ""
|
|
||||||
if eacl:
|
|
||||||
res_json = re.split(r'[\s\n]+\][\s\n]+\}[\s\n]+Signature:', eacl)
|
|
||||||
records = re.split(r'"records": \[', res_json[0])
|
|
||||||
input_records = ",\n" + records[1]
|
|
||||||
|
|
||||||
myjson = """
|
|
||||||
{
|
|
||||||
"body": {
|
|
||||||
"eaclTable": {
|
|
||||||
"containerID": {
|
|
||||||
"value": \"""" + str(cid_base64) + """"
|
|
||||||
},
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": "GET",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"filters": [
|
|
||||||
{
|
|
||||||
"headerType": "OBJECT",
|
|
||||||
"matchType": \"""" + matchType + """",
|
|
||||||
"key": \"""" + key + """",
|
|
||||||
"value": \"""" + value + """"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "PUT",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"filters": [
|
|
||||||
{
|
|
||||||
"headerType": "OBJECT",
|
|
||||||
"matchType": \"""" + matchType + """",
|
|
||||||
"key": \"""" + key + """",
|
|
||||||
"value": \"""" + value + """"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "HEAD",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"filters": [
|
|
||||||
{
|
|
||||||
"headerType": "OBJECT",
|
|
||||||
"matchType": \"""" + matchType + """",
|
|
||||||
"key": \"""" + key + """",
|
|
||||||
"value": \"""" + value + """"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "DELETE",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"filters": [
|
|
||||||
{
|
|
||||||
"headerType": "OBJECT",
|
|
||||||
"matchType": \"""" + matchType + """",
|
|
||||||
"key": \"""" + key + """",
|
|
||||||
"value": \"""" + value + """"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "SEARCH",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGE",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"filters": [
|
|
||||||
{
|
|
||||||
"headerType": "OBJECT",
|
|
||||||
"matchType": \"""" + matchType + """",
|
|
||||||
"key": \"""" + key + """",
|
|
||||||
"value": \"""" + value + """"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "GETRANGEHASH",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"filters": [
|
|
||||||
{
|
|
||||||
"headerType": "OBJECT",
|
|
||||||
"matchType": \"""" + matchType + """",
|
|
||||||
"key": \"""" + key + """",
|
|
||||||
"value": \"""" + value + """"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}""" + input_records + """
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"lifetime": {
|
|
||||||
"exp": \"""" + lifetime_exp + """",
|
|
||||||
"nbf": "1",
|
|
||||||
"iat": "0"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
"""
|
|
||||||
with open(file_name,'w') as out:
|
|
||||||
out.write(myjson)
|
|
||||||
logger.info("Output: %s" % myjson)
|
|
||||||
|
|
||||||
# Sign bearer token
|
|
||||||
Cmd = f'neofs-cli util sign bearer-token --from {file_name} --to {file_name} --key {private_key} --json'
|
|
||||||
logger.info("Cmd: %s" % Cmd)
|
|
||||||
|
|
||||||
try:
|
|
||||||
complProc = subprocess.run(Cmd, check=True, universal_newlines=True,
|
|
||||||
stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=15, shell=True)
|
|
||||||
output = complProc.stdout
|
|
||||||
logger.info("Output: %s" % str(output))
|
|
||||||
except subprocess.CalledProcessError as e:
|
|
||||||
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
|
||||||
|
|
||||||
return file_name
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@keyword('Form eACL json file')
|
|
||||||
def form_eacl_json_file(file_name: str, operation: str, action: str, matchType: str, key: str, value: str, target_role: str):
|
|
||||||
|
|
||||||
myjson = """
|
|
||||||
{
|
|
||||||
"records": [
|
|
||||||
{
|
|
||||||
"operation": \"""" + operation + """",
|
|
||||||
"action": \"""" + action + """",
|
|
||||||
"filters": [
|
|
||||||
{
|
|
||||||
"headerType": "OBJECT",
|
|
||||||
"matchType": \"""" + matchType + """",
|
|
||||||
"key": \"""" + key + """",
|
|
||||||
"value": \"""" + value + """"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"targets": [
|
|
||||||
{
|
|
||||||
"role": \"""" + target_role + """"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
"""
|
|
||||||
with open(file_name,'w') as out:
|
|
||||||
out.write(myjson)
|
|
||||||
logger.info("Output: %s" % myjson)
|
|
||||||
|
|
||||||
return file_name
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@keyword('Get Range')
|
@keyword('Get Range')
|
||||||
def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str, range_cut: str):
|
def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str, range_cut: str, options:str=""):
|
||||||
|
|
||||||
bearer_token = ""
|
bearer_token = ""
|
||||||
if bearer:
|
if bearer:
|
||||||
bearer_token = f"--bearer {bearer}"
|
bearer_token = f"--bearer {bearer}"
|
||||||
|
|
||||||
Cmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object range --cid {cid} --oid {oid} {bearer_token} --range {range_cut} --file {range_file} '
|
Cmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object range --cid {cid} --oid {oid} {bearer_token} --range {range_cut} --file {range_file} {options}'
|
||||||
logger.info("Cmd: %s" % Cmd)
|
logger.info("Cmd: %s" % Cmd)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
@ -582,7 +353,7 @@ def generate_file_of_bytes(size):
|
||||||
|
|
||||||
|
|
||||||
@keyword('Search object')
|
@keyword('Search object')
|
||||||
def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: str, *expected_objects_list ):
|
def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: str, expected_objects_list=[], options:str=""):
|
||||||
|
|
||||||
bearer_token = ""
|
bearer_token = ""
|
||||||
if bearer:
|
if bearer:
|
||||||
|
@ -591,7 +362,7 @@ def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: s
|
||||||
if filters:
|
if filters:
|
||||||
filters = f"--filters {filters}"
|
filters = f"--filters {filters}"
|
||||||
|
|
||||||
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object search {keys} --cid {cid} {bearer_token} {filters}'
|
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object search {keys} --cid {cid} {bearer_token} {filters} {options}'
|
||||||
logger.info("Cmd: %s" % ObjectCmd)
|
logger.info("Cmd: %s" % ObjectCmd)
|
||||||
try:
|
try:
|
||||||
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
|
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
|
||||||
|
@ -733,6 +504,26 @@ def _verify_child_link(private_key: str, cid: str, oid: str, header_last_parsed:
|
||||||
|
|
||||||
return final_verif_data
|
return final_verif_data
|
||||||
|
|
||||||
|
@keyword('Get Docker Logs')
|
||||||
|
def get_container_logs(testcase_name: str):
|
||||||
|
#client = docker.APIClient()
|
||||||
|
client = docker.from_env()
|
||||||
|
|
||||||
|
tar_name = "artifacts/dockerlogs("+testcase_name+").tar.gz"
|
||||||
|
tar = tarfile.open(tar_name, "w:gz")
|
||||||
|
|
||||||
|
for container in client.containers.list():
|
||||||
|
file_name = "artifacts/docker_log_" + container.name
|
||||||
|
with open(file_name,'wb') as out:
|
||||||
|
out.write(container.logs())
|
||||||
|
logger.info(container.name)
|
||||||
|
|
||||||
|
tar.add(file_name)
|
||||||
|
os.remove(file_name)
|
||||||
|
|
||||||
|
tar.close()
|
||||||
|
|
||||||
|
return 1
|
||||||
|
|
||||||
@keyword('Verify Head Tombstone')
|
@keyword('Verify Head Tombstone')
|
||||||
def verify_head_tombstone(private_key: str, cid: str, oid_ts: str, oid: str, addr: str):
|
def verify_head_tombstone(private_key: str, cid: str, oid_ts: str, oid: str, addr: str):
|
||||||
|
@ -793,8 +584,7 @@ def _json_cli_decode(data: str):
|
||||||
return base58.b58encode(base64.b64decode(data)).decode("utf-8")
|
return base58.b58encode(base64.b64decode(data)).decode("utf-8")
|
||||||
|
|
||||||
@keyword('Head object')
|
@keyword('Head object')
|
||||||
def head_object(private_key: str, cid: str, oid: str, bearer_token: str="", user_headers:str="", keys:str="", endpoint: str="", ignore_failure: bool = False):
|
def head_object(private_key: str, cid: str, oid: str, bearer_token: str="", user_headers:str="", options:str="", endpoint: str="", ignore_failure: bool = False):
|
||||||
options = ""
|
|
||||||
|
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {bearer_token}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
|
@ -802,7 +592,7 @@ def head_object(private_key: str, cid: str, oid: str, bearer_token: str="", user
|
||||||
if endpoint == "":
|
if endpoint == "":
|
||||||
endpoint = NEOFS_ENDPOINT
|
endpoint = NEOFS_ENDPOINT
|
||||||
|
|
||||||
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object head --cid {cid} --oid {oid} {bearer_token} {keys}'
|
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object head --cid {cid} --oid {oid} {bearer_token} {options}'
|
||||||
logger.info("Cmd: %s" % ObjectCmd)
|
logger.info("Cmd: %s" % ObjectCmd)
|
||||||
try:
|
try:
|
||||||
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
|
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
|
||||||
|
@ -941,13 +731,13 @@ def parse_object_system_header(header: str):
|
||||||
|
|
||||||
|
|
||||||
@keyword('Delete object')
|
@keyword('Delete object')
|
||||||
def delete_object(private_key: str, cid: str, oid: str, bearer: str):
|
def delete_object(private_key: str, cid: str, oid: str, bearer: str, options: str=""):
|
||||||
|
|
||||||
bearer_token = ""
|
bearer_token = ""
|
||||||
if bearer:
|
if bearer:
|
||||||
bearer_token = f"--bearer {bearer}"
|
bearer_token = f"--bearer {bearer}"
|
||||||
|
|
||||||
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object delete --cid {cid} --oid {oid} {bearer_token}'
|
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object delete --cid {cid} --oid {oid} {bearer_token} {options}'
|
||||||
logger.info("Cmd: %s" % ObjectCmd)
|
logger.info("Cmd: %s" % ObjectCmd)
|
||||||
try:
|
try:
|
||||||
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
|
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
|
||||||
|
@ -997,7 +787,7 @@ def cleanup_file(*filename_list):
|
||||||
|
|
||||||
|
|
||||||
@keyword('Put object to NeoFS')
|
@keyword('Put object to NeoFS')
|
||||||
def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers: str, endpoint: str="" ):
|
def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers: str, endpoint: str="", options: str="" ):
|
||||||
logger.info("Going to put the object")
|
logger.info("Going to put the object")
|
||||||
|
|
||||||
if not endpoint:
|
if not endpoint:
|
||||||
|
@ -1009,7 +799,7 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
|
||||||
if bearer:
|
if bearer:
|
||||||
bearer = f"--bearer {bearer}"
|
bearer = f"--bearer {bearer}"
|
||||||
|
|
||||||
putObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object put --file {path} --cid {cid} {bearer} {user_headers}'
|
putObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object put --file {path} --cid {cid} {bearer} {user_headers} {options}'
|
||||||
logger.info("Cmd: %s" % putObjectCmd)
|
logger.info("Cmd: %s" % putObjectCmd)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
@ -1024,12 +814,12 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
|
||||||
|
|
||||||
|
|
||||||
@keyword('Get Range Hash')
|
@keyword('Get Range Hash')
|
||||||
def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, range_cut: str):
|
def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, range_cut: str, options: str=""):
|
||||||
|
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {bearer}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
|
|
||||||
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object hash --cid {cid} --oid {oid} --range {range_cut} {bearer_token}'
|
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object hash --cid {cid} --oid {oid} --range {range_cut} {bearer_token} {options}'
|
||||||
|
|
||||||
logger.info("Cmd: %s" % ObjectCmd)
|
logger.info("Cmd: %s" % ObjectCmd)
|
||||||
try:
|
try:
|
||||||
|
@ -1041,8 +831,7 @@ def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, rang
|
||||||
|
|
||||||
|
|
||||||
@keyword('Get object from NeoFS')
|
@keyword('Get object from NeoFS')
|
||||||
def get_object(private_key: str, cid: str, oid: str, bearer_token: str, read_object: str, endpoint: str="" ):
|
def get_object(private_key: str, cid: str, oid: str, bearer_token: str, write_object: str, endpoint: str="", options: str="" ):
|
||||||
# TODO: add object return instead of read_object (uuid)
|
|
||||||
|
|
||||||
logger.info("Going to put the object")
|
logger.info("Going to put the object")
|
||||||
|
|
||||||
|
@ -1053,7 +842,7 @@ def get_object(private_key: str, cid: str, oid: str, bearer_token: str, read_obj
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {bearer_token}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
|
|
||||||
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object get --cid {cid} --oid {oid} --file {read_object} {bearer_token}'
|
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object get --cid {cid} --oid {oid} --file {write_object} {bearer_token} {options}'
|
||||||
|
|
||||||
logger.info("Cmd: %s" % ObjectCmd)
|
logger.info("Cmd: %s" % ObjectCmd)
|
||||||
try:
|
try:
|
||||||
|
|
|
@ -10,4 +10,5 @@ HTTP_GATE = 'http://http.neofs.devenv'
|
||||||
S3_GATE = 'https://s3.neofs.devenv:8080'
|
S3_GATE = 'https://s3.neofs.devenv:8080'
|
||||||
NEOFS_NETMAP = ['s01.neofs.devenv:8080', 's02.neofs.devenv:8080','s03.neofs.devenv:8080','s04.neofs.devenv:8080']
|
NEOFS_NETMAP = ['s01.neofs.devenv:8080', 's02.neofs.devenv:8080','s03.neofs.devenv:8080','s04.neofs.devenv:8080']
|
||||||
|
|
||||||
GAS_HASH = '0xb5df804bbadefea726afb5d3f4e8a6f6d32d2a20'
|
GAS_HASH = '0xa6a6c15dcdc9b997dac448b6926522d22efeedfb'
|
||||||
|
NEOFS_CONTRACT = "e11db12b0df3b3c05e6ed5f85e5cf53236e9dbeb"
|
|
@ -15,14 +15,14 @@ import robot.errors
|
||||||
from robot.libraries.BuiltIn import BuiltIn
|
from robot.libraries.BuiltIn import BuiltIn
|
||||||
|
|
||||||
ROBOT_AUTO_KEYWORDS = False
|
ROBOT_AUTO_KEYWORDS = False
|
||||||
NEOFS_CONTRACT = "ce96811ca25577c058484dab10dd8db2defc5eed"
|
|
||||||
|
|
||||||
if os.getenv('ROBOT_PROFILE') == 'selectel_smoke':
|
if os.getenv('ROBOT_PROFILE') == 'selectel_smoke':
|
||||||
from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
||||||
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH)
|
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH, NEOFS_CONTRACT)
|
||||||
else:
|
else:
|
||||||
from neofs_int_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
from neofs_int_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
||||||
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH)
|
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH, NEOFS_CONTRACT)
|
||||||
|
|
||||||
|
|
||||||
@keyword('Init wallet')
|
@keyword('Init wallet')
|
||||||
|
@ -141,8 +141,10 @@ def mainnet_balance(address: str):
|
||||||
status code: {response.status_code} {response.reason}""")
|
status code: {response.status_code} {response.reason}""")
|
||||||
|
|
||||||
m = re.search(rf'"{GAS_HASH}","amount":"([\d\.]+)"', response.text)
|
m = re.search(rf'"{GAS_HASH}","amount":"([\d\.]+)"', response.text)
|
||||||
if not m.start() != m.end():
|
if not m:
|
||||||
raise Exception("Can not get mainnet gas balance.")
|
raise Exception("Can not get mainnet gas balance. Output: %s" % response.text )
|
||||||
|
else:
|
||||||
|
logger.info("Output: %s" % response.text)
|
||||||
|
|
||||||
amount = m.group(1)
|
amount = m.group(1)
|
||||||
|
|
||||||
|
|
|
@ -10,4 +10,5 @@ HTTP_GATE = 'http://92.53.71.51:38080'
|
||||||
S3_GATE = 'https://92.53.71.51:28080'
|
S3_GATE = 'https://92.53.71.51:28080'
|
||||||
NEOFS_NETMAP = ['92.53.71.51:18080', '92.53.71.52:18080','92.53.71.53:18080','92.53.71.54:18080', '92.53.71.55:18080']
|
NEOFS_NETMAP = ['92.53.71.51:18080', '92.53.71.52:18080','92.53.71.53:18080','92.53.71.54:18080', '92.53.71.55:18080']
|
||||||
|
|
||||||
GAS_HASH = '668e0c1f9d7b70a99dd9e06eadd4c784d641afbc'
|
GAS_HASH = '668e0c1f9d7b70a99dd9e06eadd4c784d641afbc'
|
||||||
|
NEOFS_CONTRACT = "ce96811ca25577c058484dab10dd8db2defc5eed"
|
|
@ -107,8 +107,6 @@ Generate file
|
||||||
|
|
||||||
Check Private Container
|
Check Private Container
|
||||||
# Check Private:
|
# Check Private:
|
||||||
# Expected: User - pass, Other - fail, System(IR) - pass (+ System(Container node) - pass, Non-container node - fail).
|
|
||||||
|
|
||||||
# Put
|
# Put
|
||||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
|
@ -118,14 +116,11 @@ Check Private Container
|
||||||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Get
|
# Get
|
||||||
Get object from NeoFS ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
Get object from NeoFS ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||||
Run Keyword And Expect Error *
|
Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||||
... Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
|
||||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
Get object from NeoFS ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||||
|
|
||||||
# Get Range
|
# Get Range
|
||||||
|
@ -146,11 +141,11 @@ Check Private Container
|
||||||
|
|
||||||
# Search
|
# Search
|
||||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||||
Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||||
Search object ${SYSTEM_KEY_IR} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${SYSTEM_KEY_IR} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||||
Search object ${SYSTEM_KEY_SN} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${SYSTEM_KEY_SN} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||||
|
|
||||||
|
|
||||||
# Head
|
# Head
|
||||||
|
@ -176,7 +171,6 @@ Check Public Container
|
||||||
# Put
|
# Put
|
||||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||||
${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||||
# https://github.com/nspcc-dev/neofs-node/issues/178
|
|
||||||
${S_OID_SYS_IR} = Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
${S_OID_SYS_IR} = Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||||
|
|
||||||
|
@ -201,10 +195,10 @@ Check Public Container
|
||||||
|
|
||||||
# Search
|
# Search
|
||||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} ${S_OID_SYS_IR}
|
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} ${S_OID_SYS_IR}
|
||||||
Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||||
Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||||
Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||||
Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||||
|
|
||||||
# Head
|
# Head
|
||||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||||
|
@ -224,7 +218,6 @@ Check Public Container
|
||||||
|
|
||||||
|
|
||||||
# Delete
|
# Delete
|
||||||
# https://github.com/nspcc-dev/neofs-node/issues/178
|
|
||||||
Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_IR} ${EMPTY}
|
Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_IR} ${EMPTY}
|
||||||
Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY}
|
Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY}
|
||||||
Delete object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY}
|
Delete object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
@ -263,10 +256,10 @@ Check Read-Only Container
|
||||||
|
|
||||||
# Search
|
# Search
|
||||||
@{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
@{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||||
Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO}
|
Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||||
Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO}
|
Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||||
Search object ${SYSTEM_KEY_IR} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO}
|
Search object ${SYSTEM_KEY_IR} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||||
Search object ${SYSTEM_KEY_SN} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO}
|
Search object ${SYSTEM_KEY_SN} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||||
|
|
||||||
|
|
||||||
# Head
|
# Head
|
||||||
|
@ -287,5 +280,6 @@ Check Read-Only Container
|
||||||
|
|
||||||
|
|
||||||
Cleanup
|
Cleanup
|
||||||
@{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range
|
@{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range
|
||||||
Cleanup Files @{CLEANUP_FILES}
|
Cleanup Files @{CLEANUP_FILES}
|
||||||
|
Get Docker Logs acl_basic
|
|
@ -21,7 +21,6 @@ BearerToken Operations
|
||||||
Generate Keys
|
Generate Keys
|
||||||
Prepare eACL Role rules
|
Prepare eACL Role rules
|
||||||
|
|
||||||
|
|
||||||
Log Check Bearer token with simple object
|
Log Check Bearer token with simple object
|
||||||
Generate file 1024
|
Generate file 1024
|
||||||
Check Container Inaccessible and Allow All Bearer
|
Check Container Inaccessible and Allow All Bearer
|
||||||
|
@ -29,16 +28,26 @@ BearerToken Operations
|
||||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||||
|
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||||
|
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||||
|
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||||
|
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||||
|
Check Сompound Operations
|
||||||
|
|
||||||
|
# TODO:
|
||||||
|
|
||||||
|
|
||||||
Log Check Bearer token with complex object
|
Log Check Bearer token with complex object
|
||||||
Cleanup Files ${FILE_S}
|
Cleanup Files ${FILE_S}
|
||||||
Generate file 20e+6
|
Generate file 10e+6
|
||||||
Check Container Inaccessible and Allow All Bearer
|
Check Container Inaccessible and Allow All Bearer
|
||||||
Check eACL Deny and Allow All Bearer
|
Check eACL Deny and Allow All Bearer
|
||||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||||
|
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||||
|
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||||
|
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||||
|
Check Сompound Operations
|
||||||
|
|
||||||
[Teardown] Cleanup
|
[Teardown] Cleanup
|
||||||
|
|
||||||
|
@ -58,9 +67,9 @@ Generate Keys
|
||||||
${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH}
|
${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH}
|
||||||
|
|
||||||
|
|
||||||
${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de
|
${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de
|
||||||
${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
||||||
${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
||||||
|
|
||||||
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
||||||
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
||||||
|
@ -89,8 +98,6 @@ Payment Operations
|
||||||
Get Transaction ${TX_DEPOSIT}
|
Get Transaction ${TX_DEPOSIT}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Create Container Public
|
Create Container Public
|
||||||
Log Create Public Container
|
Log Create Public Container
|
||||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF
|
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF
|
||||||
|
@ -103,7 +110,6 @@ Create Container Inaccessible
|
||||||
[Return] ${PUBLIC_CID_GEN}
|
[Return] ${PUBLIC_CID_GEN}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Generate file
|
Generate file
|
||||||
[Arguments] ${SIZE}
|
[Arguments] ${SIZE}
|
||||||
|
|
||||||
|
@ -113,77 +119,101 @@ Generate file
|
||||||
|
|
||||||
Prepare eACL Role rules
|
Prepare eACL Role rules
|
||||||
Log Set eACL for different Role cases
|
Log Set eACL for different Role cases
|
||||||
Set Global Variable ${EACL_DENY_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_deny_all
|
|
||||||
Set Global Variable ${EACL_ALLOW_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_allow_all
|
|
||||||
|
|
||||||
Set Global Variable ${EACL_DENY_ALL_USER} robot/resources/lib/eacl/eacl_encoded_deny_all_user
|
|
||||||
Set Global Variable ${EACL_ALLOW_ALL_USER} robot/resources/lib/eacl/eacl_encoded_allow_all_user
|
|
||||||
|
|
||||||
Set Global Variable ${EACL_DENY_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_deny_all_sys
|
# eACL rules for all operations and similar permissions
|
||||||
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_allow_all_sys
|
@{Roles} = Create List OTHERS USER SYSTEM
|
||||||
|
FOR ${role} IN @{Roles}
|
||||||
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} robot/resources/lib/eacl/eacl_encoded_allow_all_pubkey
|
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||||
|
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||||
|
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||||
|
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||||
|
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||||
|
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||||
|
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||||
|
|
||||||
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||||
|
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
|
||||||
|
END
|
||||||
|
|
||||||
|
|
||||||
Check Container Inaccessible and Allow All Bearer
|
Check Container Inaccessible and Allow All Bearer
|
||||||
${CID} = Create Container Inaccessible
|
${CID} = Create Container Inaccessible
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER}
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Run Keyword And Expect Error *
|
||||||
Form BearerToken file for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||||
|
${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||||
|
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2}
|
||||||
|
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER}
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Check eACL Deny and Allow All Bearer
|
Check eACL Deny and Allow All Bearer
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||||
|
|
||||||
Form BearerToken file for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500
|
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
||||||
|
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
|
||||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
|
||||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
|
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
|
||||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||||
|
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||||
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||||
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||||
|
|
||||||
|
|
||||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||||
|
@ -193,34 +223,43 @@ Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||||
|
|
||||||
Form BearerToken file filter for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 STRING_EQUAL $Object:objectID ${S_OID_USER}
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER}
|
||||||
|
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
# Search is allowed without filter condition.
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
|
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
|
@ -246,30 +285,41 @@ Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||||
|
|
||||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||||
|
|
||||||
Form BearerToken file filter for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 STRING_NOT_EQUAL $Object:objectID ${S_OID_USER_2}
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2}
|
||||||
|
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
# Search is allowed without filter condition.
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
|
|
||||||
|
|
||||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||||
|
|
||||||
|
@ -292,6 +342,148 @@ Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=DENY Role=USER Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=USER Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=USER Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=USER Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=USER Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters}
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||||
|
|
||||||
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||||
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
||||||
|
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
||||||
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
||||||
|
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
||||||
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||||
|
|
||||||
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
#Run Keyword And Expect Error *
|
||||||
|
#... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||||
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
||||||
|
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
||||||
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
||||||
|
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
||||||
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||||
|
|
||||||
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||||
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
||||||
|
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
||||||
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
||||||
|
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
||||||
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
||||||
|
|
||||||
|
|
||||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
@ -302,30 +494,42 @@ Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||||
|
|
||||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||||
|
|
||||||
Form BearerToken file filter for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 STRING_EQUAL key2 abc
|
|
||||||
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc
|
||||||
|
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
# Search is allowed without filter condition.
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
|
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||||
|
@ -346,14 +550,181 @@ Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||||
|
|
||||||
# Delete can not be filtered by UserHeader.
|
# Delete can not be filtered by UserHeader.
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||||
|
|
||||||
|
|
||||||
# Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
|
||||||
|
|
||||||
|
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
|
@{S_OBJ_H} = Create List ${S_OID_USER_2}
|
||||||
|
|
||||||
|
|
||||||
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||||
|
|
||||||
|
|
||||||
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc
|
||||||
|
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7}
|
||||||
|
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
# Search can not use filter by headers
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
|
||||||
|
# Different behaviour for big and small objects!
|
||||||
|
# Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY}
|
||||||
|
|
||||||
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
||||||
|
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||||
|
|
||||||
|
# Delete can not be filtered by UserHeader.
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||||
|
|
||||||
|
|
||||||
|
Check Сompound Operations
|
||||||
|
Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||||
|
Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||||
|
Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||||
|
|
||||||
|
Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||||
|
Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||||
|
Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||||
|
|
||||||
|
Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||||
|
Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||||
|
Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||||
|
|
||||||
|
|
||||||
|
Check Bearer Сompound Get
|
||||||
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||||
|
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||||
|
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP}
|
||||||
|
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
|
||||||
|
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||||
|
|
||||||
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
||||||
|
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
||||||
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
||||||
|
|
||||||
|
|
||||||
|
Check Bearer Сompound Delete
|
||||||
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||||
|
|
||||||
|
${CID} = Create Container Public
|
||||||
|
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||||
|
|
||||||
|
${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP}
|
||||||
|
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
|
||||||
|
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
|
||||||
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER}
|
||||||
|
|
||||||
|
Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Check Bearer Сompound Get Range Hash
|
||||||
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||||
|
|
||||||
|
${CID} = Create Container Public
|
||||||
|
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||||
|
|
||||||
|
${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||||
|
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
|
||||||
|
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
|
||||||
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||||
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
||||||
|
|
||||||
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
||||||
|
|
||||||
|
|
||||||
Cleanup
|
Cleanup
|
||||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range bearer_allow_all_user
|
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||||
Cleanup Files @{CLEANUP_FILES}
|
... bearer_allow_all_user gen_eacl_deny_all_USER bearer_allow
|
||||||
|
Cleanup Files @{CLEANUP_FILES}
|
||||||
|
Get Docker Logs acl_bearer
|
|
@ -20,18 +20,22 @@ Extended ACL Operations
|
||||||
Prepare eACL Role rules
|
Prepare eACL Role rules
|
||||||
|
|
||||||
Log Check extended ACL with simple object
|
Log Check extended ACL with simple object
|
||||||
|
|
||||||
Generate files 1024
|
Generate files 1024
|
||||||
|
|
||||||
Check Actions
|
Check Actions
|
||||||
Check Filters
|
Check Filters
|
||||||
|
Check Сompound Operations
|
||||||
|
|
||||||
Cleanup Files ${FILE_S} ${FILE_S_2}
|
Cleanup Files ${FILE_S} ${FILE_S_2}
|
||||||
|
|
||||||
Log Check extended ACL with complex object
|
Log Check extended ACL with complex object
|
||||||
Generate files 20e+6
|
Generate files 10e+6
|
||||||
Check Actions
|
Check Actions
|
||||||
Check Filters
|
Check Filters
|
||||||
|
Check Сompound Operations
|
||||||
[Teardown] Cleanup
|
|
||||||
|
#[Teardown] Cleanup
|
||||||
|
|
||||||
|
|
||||||
*** Keywords ***
|
*** Keywords ***
|
||||||
|
@ -44,11 +48,168 @@ Check Actions
|
||||||
|
|
||||||
|
|
||||||
Check Filters
|
Check Filters
|
||||||
Check eACL MatchType String Equal
|
Check eACL MatchType String Equal Object
|
||||||
Check eACL MatchType String Not Equal
|
Check eACL MatchType String Not Equal Object
|
||||||
|
Check eACL MatchType String Equal Request Deny
|
||||||
|
Check eACL MatchType String Equal Request Allow
|
||||||
|
|
||||||
|
Check Сompound Operations
|
||||||
|
Check eACL Сompound Get ${OTHER_KEY} ${EACL_COMPOUND_GET_OTHERS}
|
||||||
|
Check eACL Сompound Get ${USER_KEY} ${EACL_COMPOUND_GET_USER}
|
||||||
|
Check eACL Сompound Get ${SYSTEM_KEY} ${EACL_COMPOUND_GET_SYSTEM}
|
||||||
|
|
||||||
|
Check eACL Сompound Delete ${OTHER_KEY} ${EACL_COMPOUND_DELETE_OTHERS}
|
||||||
|
Check eACL Сompound Delete ${USER_KEY} ${EACL_COMPOUND_DELETE_USER}
|
||||||
|
Check eACL Сompound Delete ${SYSTEM_KEY} ${EACL_COMPOUND_DELETE_SYSTEM}
|
||||||
|
|
||||||
|
Check eACL Сompound Get Range Hash ${OTHER_KEY} ${EACL_COMPOUND_GET_HASH_OTHERS}
|
||||||
|
Check eACL Сompound Get Range Hash ${USER_KEY} ${EACL_COMPOUND_GET_HASH_USER}
|
||||||
|
Check eACL Сompound Get Range Hash ${SYSTEM_KEY} ${EACL_COMPOUND_GET_HASH_SYSTEM}
|
||||||
|
|
||||||
|
Check eACL Сompound Get
|
||||||
|
[Arguments] ${KEY} ${DENY_EACL}
|
||||||
|
|
||||||
|
${CID} = Create Container Public
|
||||||
|
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
|
|
||||||
|
|
||||||
Check eACL MatchType String Equal
|
Check eACL Сompound Delete
|
||||||
|
[Arguments] ${KEY} ${DENY_EACL}
|
||||||
|
|
||||||
|
${CID} = Create Container Public
|
||||||
|
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
|
||||||
|
Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL Сompound Get Range Hash
|
||||||
|
[Arguments] ${KEY} ${DENY_EACL}
|
||||||
|
|
||||||
|
${CID} = Create Container Public
|
||||||
|
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
|
||||||
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL MatchType String Equal Request Deny
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
|
||||||
|
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_DENY_ALL} --await
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=256
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2"
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
|
||||||
|
|
||||||
|
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=256
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=*
|
||||||
|
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=
|
||||||
|
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=.*
|
||||||
|
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2 2"
|
||||||
|
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=256
|
||||||
|
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=22
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL MatchType String Equal Request Allow
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
|
||||||
|
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_ALLOW_ALL} --await
|
||||||
|
Get eACL ${USER_KEY} ${CID}
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||||
|
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||||
|
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
|
||||||
|
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a=2
|
||||||
|
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
|
||||||
|
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL MatchType String Equal Object
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
|
||||||
|
@ -59,7 +220,12 @@ Check eACL MatchType String Equal
|
||||||
|
|
||||||
Log Set eACL for Deny GET operation with StringEqual Object ID
|
Log Set eACL for Deny GET operation with StringEqual Object ID
|
||||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||||
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_EQUAL $Object:objectID ${ID_value} OTHERS
|
|
||||||
|
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${ID_value}
|
||||||
|
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${eACL_gen} = Create List ${rule1}
|
||||||
|
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
@ -67,15 +233,21 @@ Check eACL MatchType String Equal
|
||||||
|
|
||||||
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||||
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_EQUAL key1 1 OTHERS
|
|
||||||
|
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key1 value=1
|
||||||
|
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${eACL_gen} = Create List ${rule1}
|
||||||
|
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||||
|
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL MatchType String Not Equal Object
|
||||||
Check eACL MatchType String Not Equal
|
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
|
|
||||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
@ -84,14 +256,19 @@ Check eACL MatchType String Not Equal
|
||||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY}
|
Head object ${USER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY}
|
||||||
|
|
||||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||||
|
|
||||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
|
||||||
|
|
||||||
Log Set eACL for Deny GET operation with StringNotEqual Object ID
|
Log Set eACL for Deny GET operation with StringNotEqual Object ID
|
||||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||||
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_NOT_EQUAL $Object:objectID ${ID_value} OTHERS
|
|
||||||
|
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${ID_value}
|
||||||
|
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${eACL_gen} = Create List ${rule1}
|
||||||
|
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
|
||||||
|
@ -100,7 +277,12 @@ Check eACL MatchType String Not Equal
|
||||||
|
|
||||||
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||||
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_NOT_EQUAL key1 1 OTHERS
|
|
||||||
|
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key1 value=1
|
||||||
|
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${eACL_gen} = Create List ${rule1}
|
||||||
|
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
|
||||||
|
@ -170,17 +352,145 @@ Generate files
|
||||||
Prepare eACL Role rules
|
Prepare eACL Role rules
|
||||||
Log Set eACL for different Role cases
|
Log Set eACL for different Role cases
|
||||||
|
|
||||||
Set Global Variable ${EACL_DENY_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_deny_all
|
# eACL rules for all operations and similar permissions
|
||||||
Set Global Variable ${EACL_ALLOW_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_allow_all
|
@{Roles} = Create List OTHERS USER SYSTEM
|
||||||
|
FOR ${role} IN @{Roles}
|
||||||
Set Global Variable ${EACL_DENY_ALL_USER} robot/resources/lib/eacl/eacl_encoded_deny_all_user
|
${rule1}= Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||||
Set Global Variable ${EACL_ALLOW_ALL_USER} robot/resources/lib/eacl/eacl_encoded_allow_all_user
|
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||||
|
|
||||||
Set Global Variable ${EACL_DENY_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_deny_all_sys
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_allow_all_sys
|
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||||
|
END
|
||||||
|
|
||||||
|
|
||||||
|
FOR ${role} IN @{Roles}
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=${role}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=${role}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=${role}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||||
|
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
Form eACL json common file gen_eacl_allow_all_${role} ${eACL_gen}
|
||||||
|
END
|
||||||
|
|
||||||
|
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||||
|
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
|
||||||
|
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
|
||||||
|
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
|
||||||
|
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
|
||||||
|
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
|
||||||
|
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
|
||||||
|
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
|
||||||
|
|
||||||
|
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
|
||||||
|
Form eACL json common file gen_eacl_allow_pubkey_deny_OTHERS ${eACL_gen}
|
||||||
|
|
||||||
|
Set Global Variable ${EACL_DENY_ALL_OTHER} gen_eacl_deny_all_OTHERS
|
||||||
|
Set Global Variable ${EACL_ALLOW_ALL_OTHER} gen_eacl_allow_all_OTHERS
|
||||||
|
|
||||||
|
Set Global Variable ${EACL_DENY_ALL_USER} gen_eacl_deny_all_USER
|
||||||
|
Set Global Variable ${EACL_ALLOW_ALL_USER} gen_eacl_allow_all_USER
|
||||||
|
|
||||||
|
Set Global Variable ${EACL_DENY_ALL_SYSTEM} gen_eacl_deny_all_SYSTEM
|
||||||
|
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} gen_eacl_allow_all_SYSTEM
|
||||||
|
|
||||||
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} robot/resources/lib/eacl/eacl_encoded_allow_all_pubkey
|
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} gen_eacl_allow_pubkey_deny_OTHERS
|
||||||
|
|
||||||
|
|
||||||
|
# eACL rules for Compound operations: GET/GetRange/GetRangeHash
|
||||||
|
@{Roles} = Create List OTHERS USER SYSTEM
|
||||||
|
FOR ${role} IN @{Roles}
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
|
||||||
|
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
|
||||||
|
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||||
|
${rule4}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4}
|
||||||
|
Form eACL json common file gen_eacl_compound_get_${role} ${eACL_gen}
|
||||||
|
Set Global Variable ${EACL_COMPOUND_GET_${role}} gen_eacl_compound_get_${role}
|
||||||
|
END
|
||||||
|
|
||||||
|
# eACL rules for Compound operations: DELETE
|
||||||
|
@{Roles} = Create List OTHERS USER SYSTEM
|
||||||
|
FOR ${role} IN @{Roles}
|
||||||
|
${rule1}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
|
||||||
|
${rule2}= Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||||
|
${rule3}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||||
|
Form eACL json common file gen_eacl_compound_del_${role} ${eACL_gen}
|
||||||
|
Set Global Variable ${EACL_COMPOUND_DELETE_${role}} gen_eacl_compound_del_${role}
|
||||||
|
END
|
||||||
|
|
||||||
|
# eACL rules for Compound operations: GETRANGEHASH
|
||||||
|
@{Roles} = Create List OTHERS USER SYSTEM
|
||||||
|
FOR ${role} IN @{Roles}
|
||||||
|
${rule1}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||||
|
${rule2}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||||
|
${rule3}= Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||||
|
Form eACL json common file gen_eacl_compound_get_hash_${role} ${eACL_gen}
|
||||||
|
Set Global Variable ${EACL_COMPOUND_GET_HASH_${role}} gen_eacl_compound_get_hash_${role}
|
||||||
|
END
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# eACL for X-Header Other DENY and ALLOW for all
|
||||||
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
|
||||||
|
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS Filters=${filters}
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
Form eACL json common file gen_eacl_xheader_deny_all ${eACL_gen}
|
||||||
|
Set Global Variable ${EACL_XHEADER_DENY_ALL} gen_eacl_xheader_deny_all
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# eACL for X-Header Other ALLOW and DENY for all
|
||||||
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
|
||||||
|
|
||||||
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=OTHERS Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=OTHERS Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=OTHERS Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=OTHERS Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=OTHERS Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=OTHERS Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=OTHERS Filters=${filters}
|
||||||
|
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
|
||||||
|
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
|
||||||
|
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
|
||||||
|
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
|
||||||
|
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
|
||||||
|
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
|
||||||
|
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
|
||||||
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
|
||||||
|
Form eACL json common file gen_eacl_xheader_allow_all ${eACL_gen}
|
||||||
|
Set Global Variable ${EACL_XHEADER_ALLOW_ALL} gen_eacl_xheader_allow_all
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Check eACL Deny and Allow All User
|
Check eACL Deny and Allow All User
|
||||||
Check eACL Deny and Allow All ${USER_KEY} ${EACL_DENY_ALL_USER} ${EACL_ALLOW_ALL_USER}
|
Check eACL Deny and Allow All ${USER_KEY} ${EACL_DENY_ALL_USER} ${EACL_ALLOW_ALL_USER}
|
||||||
|
@ -205,8 +515,8 @@ Check eACL Deny and Allow All System
|
||||||
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
|
||||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
|
||||||
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
@ -220,11 +530,7 @@ Check eACL Deny and Allow All System
|
||||||
Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY}
|
Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY}
|
||||||
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY}
|
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY}
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM} --await
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM}
|
|
||||||
Sleep ${MORPH_BLOCK_TIMEOUT}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
@ -237,9 +543,9 @@ Check eACL Deny and Allow All System
|
||||||
... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
|
@ -265,8 +571,8 @@ Check eACL Deny and Allow All System
|
||||||
... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM}
|
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM} --await
|
||||||
Sleep ${MORPH_BLOCK_TIMEOUT}
|
|
||||||
|
|
||||||
${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
|
@ -278,8 +584,8 @@ Check eACL Deny and Allow All System
|
||||||
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
|
||||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
|
||||||
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
@ -304,7 +610,7 @@ Check eACL Deny All Other and Allow All Pubkey
|
||||||
|
|
||||||
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
|
@ -318,7 +624,7 @@ Check eACL Deny All Other and Allow All Pubkey
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
|
@ -330,7 +636,7 @@ Check eACL Deny All Other and Allow All Pubkey
|
||||||
|
|
||||||
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
|
@ -348,22 +654,21 @@ Check eACL Deny and Allow All
|
||||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
|
||||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||||
Sleep ${MORPH_BLOCK_TIMEOUT}
|
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
|
@ -373,17 +678,24 @@ Check eACL Deny and Allow All
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL}
|
Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL} --await
|
||||||
Sleep ${MORPH_BLOCK_TIMEOUT}
|
|
||||||
|
|
||||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Cleanup
|
Cleanup
|
||||||
@{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl eacl_custom s_get_range
|
@{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl eacl_custom s_get_range
|
||||||
Cleanup Files @{CLEANUP_FILES}
|
... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER
|
||||||
|
... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS
|
||||||
|
... gen_eacl_deny_all_OTHERS
|
||||||
|
... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS
|
||||||
|
... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER
|
||||||
|
... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER
|
||||||
|
Cleanup Files @{CLEANUP_FILES}
|
||||||
|
Get Docker Logs acl_extended
|
||||||
|
|
|
@ -36,9 +36,12 @@ NeoFS HTTP Gateway
|
||||||
... Container Existing ${PRIV_KEY} ${CID}
|
... Container Existing ${PRIV_KEY} ${CID}
|
||||||
|
|
||||||
${FILE} = Generate file of bytes 1024
|
${FILE} = Generate file of bytes 1024
|
||||||
|
${FILE_L} = Generate file of bytes 10e+6
|
||||||
${FILE_HASH} = Get file hash ${FILE}
|
${FILE_HASH} = Get file hash ${FILE}
|
||||||
|
${FILE_L_HASH} = Get file hash ${FILE_L}
|
||||||
|
|
||||||
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
|
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
|
||||||
|
${L_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE_L} ${CID} ${EMPTY} ${EMPTY}
|
||||||
|
|
||||||
# By request from Service team - try to GET object from the node without object
|
# By request from Service team - try to GET object from the node without object
|
||||||
|
|
||||||
|
@ -50,5 +53,23 @@ NeoFS HTTP Gateway
|
||||||
|
|
||||||
Verify file hash s_file_read ${FILE_HASH}
|
Verify file hash s_file_read ${FILE_HASH}
|
||||||
Verify file hash ${FILEPATH} ${FILE_HASH}
|
Verify file hash ${FILEPATH} ${FILE_HASH}
|
||||||
|
|
||||||
[Teardown] Cleanup Files ${FILEPATH} ${FILE} s_file_read
|
@{GET_NODE_LIST} = Get nodes without object ${PRIV_KEY} ${CID} ${L_OID}
|
||||||
|
${NODE} = Evaluate random.choice($GET_NODE_LIST) random
|
||||||
|
|
||||||
|
Get object from NeoFS ${PRIV_KEY} ${CID} ${L_OID} ${EMPTY} l_file_read ${NODE}
|
||||||
|
${FILEPATH} = Get via HTTP Gate ${CID} ${L_OID}
|
||||||
|
|
||||||
|
Verify file hash l_file_read ${FILE_L_HASH}
|
||||||
|
Verify file hash ${FILEPATH} ${FILE_L_HASH}
|
||||||
|
|
||||||
|
[Teardown] Cleanup ${FILEPATH} ${FILE}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
*** Keywords ***
|
||||||
|
|
||||||
|
Cleanup
|
||||||
|
[Arguments] ${FILEPATH} ${FILE}
|
||||||
|
Cleanup Files ${FILEPATH} ${FILE} s_file_read l_file_read
|
||||||
|
Get Docker Logs http_gate
|
|
@ -60,7 +60,7 @@ NeoFS Simple Netmap
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Validate Policy REP 2 IN X CBF 2 SELECT 6 FROM * AS X 2 @{EMPTY}
|
... Validate Policy REP 2 IN X CBF 2 SELECT 6 FROM * AS X 2 @{EMPTY}
|
||||||
|
|
||||||
[Teardown] Cleanup Files ${FILE}
|
[Teardown] Cleanup ${FILE}
|
||||||
|
|
||||||
*** Keywords ***
|
*** Keywords ***
|
||||||
|
|
||||||
|
@ -107,3 +107,7 @@ Validate Policy
|
||||||
Validate storage policy for object ${PRIV_KEY} ${EXPECTED_VAL} ${CID} ${S_OID} @{EXPECTED_LIST}
|
Validate storage policy for object ${PRIV_KEY} ${EXPECTED_VAL} ${CID} ${S_OID} @{EXPECTED_LIST}
|
||||||
|
|
||||||
|
|
||||||
|
Cleanup
|
||||||
|
[Arguments] ${FILE}
|
||||||
|
Cleanup Files ${FILE}
|
||||||
|
Get Docker Logs netmap_simple
|
|
@ -41,8 +41,7 @@ NeoFS Complex Object Operations
|
||||||
Wait Until Keyword Succeeds 2 min 30 sec
|
Wait Until Keyword Succeeds 2 min 30 sec
|
||||||
... Expected Balance ${PRIV_KEY} 50 -7e-08
|
... Expected Balance ${PRIV_KEY} 50 -7e-08
|
||||||
|
|
||||||
${SIZE} = Set Variable 20e+6
|
${FILE} = Generate file of bytes 10e+6
|
||||||
${FILE} = Generate file of bytes ${SIZE}
|
|
||||||
${FILE_HASH} = Get file hash ${FILE}
|
${FILE_HASH} = Get file hash ${FILE}
|
||||||
|
|
||||||
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
|
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
|
||||||
|
@ -60,7 +59,7 @@ NeoFS Complex Object Operations
|
||||||
@{S_OBJ_H_OTH} = Create List ${H_OID_OTH}
|
@{S_OBJ_H_OTH} = Create List ${H_OID_OTH}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_ALL}
|
... Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
|
||||||
|
|
||||||
Get object from NeoFS ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} s_file_read
|
Get object from NeoFS ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} s_file_read
|
||||||
Get object from NeoFS ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} h_file_read
|
Get object from NeoFS ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} h_file_read
|
||||||
|
@ -74,9 +73,9 @@ NeoFS Complex Object Operations
|
||||||
Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10
|
Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10
|
||||||
Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10
|
Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10
|
||||||
|
|
||||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${EMPTY} @{S_OBJ_ALL}
|
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
|
||||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER_OTH} @{S_OBJ_H_OTH}
|
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER_OTH} ${S_OBJ_H_OTH}
|
||||||
|
|
||||||
Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY}
|
Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY}
|
||||||
Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER}
|
Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
@ -105,9 +104,9 @@ NeoFS Complex Object Operations
|
||||||
|
|
||||||
Cleanup
|
Cleanup
|
||||||
[Arguments] ${FILE}
|
[Arguments] ${FILE}
|
||||||
|
|
||||||
@{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range
|
@{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range
|
||||||
Cleanup Files @{CLEANUP_FILES}
|
Cleanup Files @{CLEANUP_FILES}
|
||||||
|
Get Docker Logs object_complex
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -68,9 +68,9 @@ NeoFS Simple Object Operations
|
||||||
Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10
|
Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10
|
||||||
Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10
|
Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10
|
||||||
|
|
||||||
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_ALL}
|
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
|
||||||
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER_OTH} @{S_OBJ_H_OTH}
|
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER_OTH} ${S_OBJ_H_OTH}
|
||||||
|
|
||||||
Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY}
|
Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY}
|
||||||
Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER}
|
Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
@ -100,6 +100,7 @@ Cleanup
|
||||||
|
|
||||||
@{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range
|
@{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range
|
||||||
Cleanup Files @{CLEANUP_FILES}
|
Cleanup Files @{CLEANUP_FILES}
|
||||||
|
Get Docker Logs object_simple
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -41,9 +41,8 @@ NeoFS Object Replication
|
||||||
@{NODES_OBJ} = Get nodes with object ${PRIV_KEY} ${CID} ${S_OID}
|
@{NODES_OBJ} = Get nodes with object ${PRIV_KEY} ${CID} ${S_OID}
|
||||||
@{NODES_OBJ_STOPPED} = Stop nodes 1 @{NODES_OBJ}
|
@{NODES_OBJ_STOPPED} = Stop nodes 1 @{NODES_OBJ}
|
||||||
|
|
||||||
Sleep 1 min
|
Wait Until Keyword Succeeds 10 min 1 min
|
||||||
|
... Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID}
|
||||||
Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID}
|
|
||||||
Start nodes @{NODES_OBJ_STOPPED}
|
Start nodes @{NODES_OBJ_STOPPED}
|
||||||
|
|
||||||
[Teardown] Cleanup ${FILE} @{NODES_OBJ_STOPPED}
|
[Teardown] Cleanup ${FILE} @{NODES_OBJ_STOPPED}
|
||||||
|
@ -55,5 +54,6 @@ Cleanup
|
||||||
[Arguments] ${FILE} @{NODES_OBJ_STOPPED}
|
[Arguments] ${FILE} @{NODES_OBJ_STOPPED}
|
||||||
Start nodes @{NODES_OBJ_STOPPED}
|
Start nodes @{NODES_OBJ_STOPPED}
|
||||||
Cleanup Files ${FILE}
|
Cleanup Files ${FILE}
|
||||||
|
Get Docker Logs replication
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -25,11 +25,11 @@ NeoFS S3 Gateway
|
||||||
... Transaction accepted in block ${TX_DEPOSIT}
|
... Transaction accepted in block ${TX_DEPOSIT}
|
||||||
Get Transaction ${TX_DEPOSIT}
|
Get Transaction ${TX_DEPOSIT}
|
||||||
|
|
||||||
${FILE_S3} = Generate file of bytes 20e+6
|
${FILE_S3} = Generate file of bytes 10e+6
|
||||||
${FILE_S3_HASH} = Get file hash ${FILE_S3}
|
${FILE_S3_HASH} = Get file hash ${FILE_S3}
|
||||||
${FILE_S3_NAME} = Get file name ${FILE_S3}
|
${FILE_S3_NAME} = Get file name ${FILE_S3}
|
||||||
|
|
||||||
${FILE_FS} = Generate file of bytes 20e+6
|
${FILE_FS} = Generate file of bytes 10e+6
|
||||||
${FILE_FS_HASH} = Get file hash ${FILE_FS}
|
${FILE_FS_HASH} = Get file hash ${FILE_FS}
|
||||||
${FILE_FS_NAME} = Get file name ${FILE_FS}
|
${FILE_FS_NAME} = Get file name ${FILE_FS}
|
||||||
|
|
||||||
|
@ -85,6 +85,12 @@ NeoFS S3 Gateway
|
||||||
${LIST_S3_OBJECTS} = List objects S3 ${S3_CLIENT} ${BUCKET}
|
${LIST_S3_OBJECTS} = List objects S3 ${S3_CLIENT} ${BUCKET}
|
||||||
List Should Not Contain Value ${LIST_S3_OBJECTS} FILE_S3_NAME
|
List Should Not Contain Value ${LIST_S3_OBJECTS} FILE_S3_NAME
|
||||||
|
|
||||||
[Teardown] Cleanup Files s3_obj_get_fs fs_obj_get_fs s3_obj_get_s3 fs_obj_get_s3
|
[Teardown] Cleanup ${FILE_S3} ${FILE_FS}
|
||||||
... ${FILE_S3} ${FILE_FS}
|
|
||||||
|
|
||||||
|
*** Keywords ***
|
||||||
|
|
||||||
|
Cleanup
|
||||||
|
[Arguments] ${FILE_S3} ${FILE_FS}
|
||||||
|
Cleanup Files s3_obj_get_fs fs_obj_get_fs s3_obj_get_s3 fs_obj_get_s3
|
||||||
|
... ${FILE_S3} ${FILE_FS}
|
||||||
|
Get Docker Logs s3_gate
|
|
@ -30,7 +30,7 @@ NeoFS Deposit and Withdraw
|
||||||
|
|
||||||
Sleep 1 min
|
Sleep 1 min
|
||||||
|
|
||||||
Expexted Mainnet Balance ${ADDR} 4.84454920
|
Expexted Mainnet Balance ${ADDR} 4.85019610
|
||||||
${NEOFS_BALANCE} = Get Balance ${PRIV_KEY}
|
${NEOFS_BALANCE} = Get Balance ${PRIV_KEY}
|
||||||
|
|
||||||
${TX} = Withdraw Mainnet Gas ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
${TX} = Withdraw Mainnet Gas ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||||
|
@ -40,5 +40,11 @@ NeoFS Deposit and Withdraw
|
||||||
Sleep 1 min
|
Sleep 1 min
|
||||||
Get Balance ${PRIV_KEY}
|
Get Balance ${PRIV_KEY}
|
||||||
Expected Balance ${PRIV_KEY} ${NEOFS_BALANCE} -50
|
Expected Balance ${PRIV_KEY} ${NEOFS_BALANCE} -50
|
||||||
Expexted Mainnet Balance ${ADDR} 54.80800160
|
Expexted Mainnet Balance ${ADDR} 54.81699450
|
||||||
|
|
||||||
|
[Teardown] Cleanup
|
||||||
|
|
||||||
|
*** Keywords ***
|
||||||
|
|
||||||
|
Cleanup
|
||||||
|
Get Docker Logs withdraw
|
Loading…
Reference in a new issue