forked from TrueCloudLab/frostfs-testcases
Feature/acl extension operations (#17)
- Add bearer token coverage with the request filter #8 - Add eACL coverage with the request filter #9 - Add Bearer token coverage of the case with different permissions for operations in the complex operations #15 (Check Сompound Operations) - Add eACL token coverage of the case with different permissions for operations in the complex operations - Add latest nodes and services logs to the artifacts in case of failure #10 - Prepare neofs-testcases repository for the public #11 - new eACL and bearer token generation by rules. - Readme update - Fixes and additional extensions of the existed test cases - Large file size has been changed from 20mb to 10mb
This commit is contained in:
anatoly-bogatyrev
GitHub
parent
708bf2a012
commit
fb5da3dc21
24 changed files with 1028 additions and 1151 deletions
|
|
@ -35,7 +35,7 @@ In this case, dev-env should be running with the tested environment.
|
|||
### Running an arbitrary test case
|
||||
|
||||
To run an arbitrary testcase, you need to run the command:
|
||||
`robot --timestampoutputs --outputdir artifacts/ robot/testsuites/integration/<testsuite name>.robot `
|
||||
`robot --outputdir artifacts/ robot/testsuites/integration/<testsuite name>.robot `
|
||||
|
||||
The following scripts are available for execution:
|
||||
|
||||
|
|
@ -76,7 +76,7 @@ Dev-env is not needed. But you need to install neo-go.
|
|||
- `make`
|
||||
- `sudo cp bin/neo-go /usr/local/bin/neo-go` or add alias path to bin/neo-go
|
||||
|
||||
3. To run smoke test: `robot --timestampoutputs --outputdir artifacts/ robot/testsuites/smoke/selectelcdn_smoke.robot`
|
||||
3. To run smoke test: `robot --outputdir artifacts/ robot/testsuites/smoke/selectelcdn_smoke.robot`
|
||||
|
||||
|
||||
## Generation of documentation
|
||||
|
|
|
|||
|
|
@ -1,69 +0,0 @@
|
|||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -1,132 +0,0 @@
|
|||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"keys": [ "A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA" ]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
]
|
||||
}
|
||||
|
||||
|
|
@ -1,68 +0,0 @@
|
|||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
|
@ -1,68 +0,0 @@
|
|||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": "ALLOW",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
|
@ -1,68 +0,0 @@
|
|||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
|
@ -1,68 +0,0 @@
|
|||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "SYSTEM"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
|
@ -1,68 +0,0 @@
|
|||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "USER"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "DENY",
|
||||
"filters": [
|
||||
{
|
||||
"headerType": "OBJECT",
|
||||
"matchType": "STRING_NOT_EQUAL",
|
||||
"key": "$Object:objectID",
|
||||
"value": "X"
|
||||
}
|
||||
],
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
@ -1,68 +0,0 @@
|
|||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": "DENY",
|
||||
"targets": [
|
||||
{
|
||||
"role": "OTHERS"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
|
@ -13,6 +13,7 @@ import base64
|
|||
import base58
|
||||
import docker
|
||||
import json
|
||||
import tarfile
|
||||
|
||||
if os.getenv('ROBOT_PROFILE') == 'selectel_smoke':
|
||||
from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
||||
|
|
@ -166,7 +167,7 @@ def get_eacl(private_key: str, cid: str):
|
|||
|
||||
except subprocess.CalledProcessError as e:
|
||||
if re.search(r'extended ACL table is not set for this container', e.output):
|
||||
logger.info("Server is not presented in container.")
|
||||
logger.info("Extended ACL table is not set for this container.")
|
||||
else:
|
||||
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
||||
|
||||
|
|
@ -184,104 +185,44 @@ def set_eacl(private_key: str, cid: str, eacl: str, add_keys: str = ""):
|
|||
|
||||
|
||||
|
||||
@keyword('Form BearerToken file for all ops')
|
||||
def form_bearertoken_file_for_all_ops(file_name: str, private_key: str, cid: str, action: str, target_role: str, lifetime_exp: str ):
|
||||
|
||||
eacl = get_eacl(private_key, cid)
|
||||
input_records = ""
|
||||
@keyword('Form BearerToken file')
|
||||
def form_bearertoken_file(private_key: str, cid: str, file_name: str, eacl_oper_list, lifetime_exp: str ):
|
||||
|
||||
cid_base58_b = base58.b58decode(cid)
|
||||
cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8")
|
||||
eacl = get_eacl(private_key, cid)
|
||||
json_eacl = {}
|
||||
|
||||
if eacl:
|
||||
res_json = re.split(r'[\s\n]+\][\s\n]+\}[\s\n]+Signature:', eacl)
|
||||
records = re.split(r'"records": \[', res_json[0])
|
||||
input_records = ",\n" + records[1]
|
||||
res_json = re.split(r'[\s\n]+Signature:', eacl)
|
||||
input_eacl = res_json[0].replace('eACL: ', '')
|
||||
json_eacl = json.loads(input_eacl)
|
||||
|
||||
myjson = """
|
||||
{
|
||||
"body": {
|
||||
"eaclTable": {
|
||||
"containerID": {
|
||||
"value": \"""" + str(cid_base64) + """"
|
||||
},
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": \"""" + action + """",
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": \"""" + action + """",
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": \"""" + action + """",
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": \"""" + action + """",
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": \"""" + action + """",
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": \"""" + action + """",
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": \"""" + action + """",
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
}""" + input_records + """
|
||||
]
|
||||
},
|
||||
"lifetime": {
|
||||
"exp": \"""" + lifetime_exp + """",
|
||||
"nbf": "1",
|
||||
"iat": "0"
|
||||
}
|
||||
}
|
||||
}
|
||||
"""
|
||||
with open(file_name,'w') as out:
|
||||
out.write(myjson)
|
||||
logger.info("Output: %s" % myjson)
|
||||
eacl_result = {"body":{ "eaclTable": { "containerID": { "value": cid_base64 }, "records": [] }, "lifetime": {"exp": lifetime_exp, "nbf": "1", "iat": "0"} } }
|
||||
|
||||
if eacl_oper_list:
|
||||
for record in eacl_oper_list:
|
||||
op_data = dict()
|
||||
|
||||
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
|
||||
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
|
||||
else:
|
||||
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
|
||||
|
||||
if 'Filters' in record.keys():
|
||||
op_data["filters"].append(record['Filters'])
|
||||
|
||||
eacl_result["body"]["eaclTable"]["records"].append(op_data)
|
||||
|
||||
# Add records from current eACL
|
||||
if "records" in json_eacl.keys():
|
||||
for record in json_eacl["records"]:
|
||||
eacl_result["body"]["eaclTable"]["records"].append(record)
|
||||
|
||||
with open(file_name, 'w', encoding='utf-8') as f:
|
||||
json.dump(eacl_result, f, ensure_ascii=False, indent=4)
|
||||
|
||||
logger.info(eacl_result)
|
||||
|
||||
# Sign bearer token
|
||||
Cmd = f'neofs-cli util sign bearer-token --from {file_name} --to {file_name} --key {private_key} --json'
|
||||
|
|
@ -299,214 +240,44 @@ def form_bearertoken_file_for_all_ops(file_name: str, private_key: str, cid: str
|
|||
|
||||
|
||||
|
||||
@keyword('Form BearerToken file filter for all ops')
|
||||
def form_bearertoken_file_filter_for_all_ops(file_name: str, private_key: str, cid: str, action: str, target_role: str, lifetime_exp: str, matchType: str, key: str, value: str):
|
||||
@keyword('Form eACL json common file')
|
||||
def form_eacl_json_common_file(file_name, eacl_oper_list ):
|
||||
# Input role can be Role (USER, SYSTEM, OTHERS) or public key.
|
||||
|
||||
# SEARCH should be allowed without filters to use GET, HEAD, DELETE, and SEARCH? Need to clarify.
|
||||
eacl = {"records":[]}
|
||||
|
||||
eacl = get_eacl(private_key, cid)
|
||||
logger.info(eacl_oper_list)
|
||||
|
||||
cid_base58_b = base58.b58decode(cid)
|
||||
cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8")
|
||||
if eacl_oper_list:
|
||||
for record in eacl_oper_list:
|
||||
op_data = dict()
|
||||
|
||||
input_records = ""
|
||||
if eacl:
|
||||
res_json = re.split(r'[\s\n]+\][\s\n]+\}[\s\n]+Signature:', eacl)
|
||||
records = re.split(r'"records": \[', res_json[0])
|
||||
input_records = ",\n" + records[1]
|
||||
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
|
||||
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
|
||||
else:
|
||||
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
|
||||
|
||||
myjson = """
|
||||
{
|
||||
"body": {
|
||||
"eaclTable": {
|
||||
"containerID": {
|
||||
"value": \"""" + str(cid_base64) + """"
|
||||
},
|
||||
"records": [
|
||||
{
|
||||
"operation": "GET",
|
||||
"action": \"""" + action + """",
|
||||
"filters": [
|
||||
{
|
||||
"headerType": "OBJECT",
|
||||
"matchType": \"""" + matchType + """",
|
||||
"key": \"""" + key + """",
|
||||
"value": \"""" + value + """"
|
||||
}
|
||||
],
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "PUT",
|
||||
"action": \"""" + action + """",
|
||||
"filters": [
|
||||
{
|
||||
"headerType": "OBJECT",
|
||||
"matchType": \"""" + matchType + """",
|
||||
"key": \"""" + key + """",
|
||||
"value": \"""" + value + """"
|
||||
}
|
||||
],
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "HEAD",
|
||||
"action": \"""" + action + """",
|
||||
"filters": [
|
||||
{
|
||||
"headerType": "OBJECT",
|
||||
"matchType": \"""" + matchType + """",
|
||||
"key": \"""" + key + """",
|
||||
"value": \"""" + value + """"
|
||||
}
|
||||
],
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "DELETE",
|
||||
"action": \"""" + action + """",
|
||||
"filters": [
|
||||
{
|
||||
"headerType": "OBJECT",
|
||||
"matchType": \"""" + matchType + """",
|
||||
"key": \"""" + key + """",
|
||||
"value": \"""" + value + """"
|
||||
}
|
||||
],
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "SEARCH",
|
||||
"action": \"""" + action + """",
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGE",
|
||||
"action": \"""" + action + """",
|
||||
"filters": [
|
||||
{
|
||||
"headerType": "OBJECT",
|
||||
"matchType": \"""" + matchType + """",
|
||||
"key": \"""" + key + """",
|
||||
"value": \"""" + value + """"
|
||||
}
|
||||
],
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operation": "GETRANGEHASH",
|
||||
"action": \"""" + action + """",
|
||||
"filters": [
|
||||
{
|
||||
"headerType": "OBJECT",
|
||||
"matchType": \"""" + matchType + """",
|
||||
"key": \"""" + key + """",
|
||||
"value": \"""" + value + """"
|
||||
}
|
||||
],
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
}""" + input_records + """
|
||||
]
|
||||
},
|
||||
"lifetime": {
|
||||
"exp": \"""" + lifetime_exp + """",
|
||||
"nbf": "1",
|
||||
"iat": "0"
|
||||
}
|
||||
}
|
||||
}
|
||||
"""
|
||||
with open(file_name,'w') as out:
|
||||
out.write(myjson)
|
||||
logger.info("Output: %s" % myjson)
|
||||
if 'Filters' in record.keys():
|
||||
op_data["filters"].append(record['Filters'])
|
||||
|
||||
# Sign bearer token
|
||||
Cmd = f'neofs-cli util sign bearer-token --from {file_name} --to {file_name} --key {private_key} --json'
|
||||
logger.info("Cmd: %s" % Cmd)
|
||||
eacl["records"].append(op_data)
|
||||
|
||||
try:
|
||||
complProc = subprocess.run(Cmd, check=True, universal_newlines=True,
|
||||
stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=15, shell=True)
|
||||
output = complProc.stdout
|
||||
logger.info("Output: %s" % str(output))
|
||||
except subprocess.CalledProcessError as e:
|
||||
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
||||
logger.info(eacl)
|
||||
|
||||
with open(file_name, 'w', encoding='utf-8') as f:
|
||||
json.dump(eacl, f, ensure_ascii=False, indent=4)
|
||||
|
||||
return file_name
|
||||
|
||||
|
||||
|
||||
@keyword('Form eACL json file')
|
||||
def form_eacl_json_file(file_name: str, operation: str, action: str, matchType: str, key: str, value: str, target_role: str):
|
||||
|
||||
myjson = """
|
||||
{
|
||||
"records": [
|
||||
{
|
||||
"operation": \"""" + operation + """",
|
||||
"action": \"""" + action + """",
|
||||
"filters": [
|
||||
{
|
||||
"headerType": "OBJECT",
|
||||
"matchType": \"""" + matchType + """",
|
||||
"key": \"""" + key + """",
|
||||
"value": \"""" + value + """"
|
||||
}
|
||||
],
|
||||
"targets": [
|
||||
{
|
||||
"role": \"""" + target_role + """"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
"""
|
||||
with open(file_name,'w') as out:
|
||||
out.write(myjson)
|
||||
logger.info("Output: %s" % myjson)
|
||||
|
||||
return file_name
|
||||
|
||||
|
||||
|
||||
|
||||
@keyword('Get Range')
|
||||
def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str, range_cut: str):
|
||||
def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str, range_cut: str, options:str=""):
|
||||
|
||||
bearer_token = ""
|
||||
if bearer:
|
||||
bearer_token = f"--bearer {bearer}"
|
||||
|
||||
Cmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object range --cid {cid} --oid {oid} {bearer_token} --range {range_cut} --file {range_file} '
|
||||
Cmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object range --cid {cid} --oid {oid} {bearer_token} --range {range_cut} --file {range_file} {options}'
|
||||
logger.info("Cmd: %s" % Cmd)
|
||||
|
||||
try:
|
||||
|
|
@ -582,7 +353,7 @@ def generate_file_of_bytes(size):
|
|||
|
||||
|
||||
@keyword('Search object')
|
||||
def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: str, *expected_objects_list ):
|
||||
def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: str, expected_objects_list=[], options:str=""):
|
||||
|
||||
bearer_token = ""
|
||||
if bearer:
|
||||
|
|
@ -591,7 +362,7 @@ def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: s
|
|||
if filters:
|
||||
filters = f"--filters {filters}"
|
||||
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object search {keys} --cid {cid} {bearer_token} {filters}'
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object search {keys} --cid {cid} {bearer_token} {filters} {options}'
|
||||
logger.info("Cmd: %s" % ObjectCmd)
|
||||
try:
|
||||
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
|
||||
|
|
@ -733,6 +504,26 @@ def _verify_child_link(private_key: str, cid: str, oid: str, header_last_parsed:
|
|||
|
||||
return final_verif_data
|
||||
|
||||
@keyword('Get Docker Logs')
|
||||
def get_container_logs(testcase_name: str):
|
||||
#client = docker.APIClient()
|
||||
client = docker.from_env()
|
||||
|
||||
tar_name = "artifacts/dockerlogs("+testcase_name+").tar.gz"
|
||||
tar = tarfile.open(tar_name, "w:gz")
|
||||
|
||||
for container in client.containers.list():
|
||||
file_name = "artifacts/docker_log_" + container.name
|
||||
with open(file_name,'wb') as out:
|
||||
out.write(container.logs())
|
||||
logger.info(container.name)
|
||||
|
||||
tar.add(file_name)
|
||||
os.remove(file_name)
|
||||
|
||||
tar.close()
|
||||
|
||||
return 1
|
||||
|
||||
@keyword('Verify Head Tombstone')
|
||||
def verify_head_tombstone(private_key: str, cid: str, oid_ts: str, oid: str, addr: str):
|
||||
|
|
@ -793,8 +584,7 @@ def _json_cli_decode(data: str):
|
|||
return base58.b58encode(base64.b64decode(data)).decode("utf-8")
|
||||
|
||||
@keyword('Head object')
|
||||
def head_object(private_key: str, cid: str, oid: str, bearer_token: str="", user_headers:str="", keys:str="", endpoint: str="", ignore_failure: bool = False):
|
||||
options = ""
|
||||
def head_object(private_key: str, cid: str, oid: str, bearer_token: str="", user_headers:str="", options:str="", endpoint: str="", ignore_failure: bool = False):
|
||||
|
||||
if bearer_token:
|
||||
bearer_token = f"--bearer {bearer_token}"
|
||||
|
|
@ -802,7 +592,7 @@ def head_object(private_key: str, cid: str, oid: str, bearer_token: str="", user
|
|||
if endpoint == "":
|
||||
endpoint = NEOFS_ENDPOINT
|
||||
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object head --cid {cid} --oid {oid} {bearer_token} {keys}'
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object head --cid {cid} --oid {oid} {bearer_token} {options}'
|
||||
logger.info("Cmd: %s" % ObjectCmd)
|
||||
try:
|
||||
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
|
||||
|
|
@ -941,13 +731,13 @@ def parse_object_system_header(header: str):
|
|||
|
||||
|
||||
@keyword('Delete object')
|
||||
def delete_object(private_key: str, cid: str, oid: str, bearer: str):
|
||||
def delete_object(private_key: str, cid: str, oid: str, bearer: str, options: str=""):
|
||||
|
||||
bearer_token = ""
|
||||
if bearer:
|
||||
bearer_token = f"--bearer {bearer}"
|
||||
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object delete --cid {cid} --oid {oid} {bearer_token}'
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object delete --cid {cid} --oid {oid} {bearer_token} {options}'
|
||||
logger.info("Cmd: %s" % ObjectCmd)
|
||||
try:
|
||||
complProc = subprocess.run(ObjectCmd, check=True, universal_newlines=True,
|
||||
|
|
@ -997,7 +787,7 @@ def cleanup_file(*filename_list):
|
|||
|
||||
|
||||
@keyword('Put object to NeoFS')
|
||||
def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers: str, endpoint: str="" ):
|
||||
def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers: str, endpoint: str="", options: str="" ):
|
||||
logger.info("Going to put the object")
|
||||
|
||||
if not endpoint:
|
||||
|
|
@ -1009,7 +799,7 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
|
|||
if bearer:
|
||||
bearer = f"--bearer {bearer}"
|
||||
|
||||
putObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object put --file {path} --cid {cid} {bearer} {user_headers}'
|
||||
putObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object put --file {path} --cid {cid} {bearer} {user_headers} {options}'
|
||||
logger.info("Cmd: %s" % putObjectCmd)
|
||||
|
||||
try:
|
||||
|
|
@ -1024,12 +814,12 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
|
|||
|
||||
|
||||
@keyword('Get Range Hash')
|
||||
def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, range_cut: str):
|
||||
def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, range_cut: str, options: str=""):
|
||||
|
||||
if bearer_token:
|
||||
bearer_token = f"--bearer {bearer}"
|
||||
bearer_token = f"--bearer {bearer_token}"
|
||||
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object hash --cid {cid} --oid {oid} --range {range_cut} {bearer_token}'
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {NEOFS_ENDPOINT} --key {private_key} object hash --cid {cid} --oid {oid} --range {range_cut} {bearer_token} {options}'
|
||||
|
||||
logger.info("Cmd: %s" % ObjectCmd)
|
||||
try:
|
||||
|
|
@ -1041,8 +831,7 @@ def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, rang
|
|||
|
||||
|
||||
@keyword('Get object from NeoFS')
|
||||
def get_object(private_key: str, cid: str, oid: str, bearer_token: str, read_object: str, endpoint: str="" ):
|
||||
# TODO: add object return instead of read_object (uuid)
|
||||
def get_object(private_key: str, cid: str, oid: str, bearer_token: str, write_object: str, endpoint: str="", options: str="" ):
|
||||
|
||||
logger.info("Going to put the object")
|
||||
|
||||
|
|
@ -1053,7 +842,7 @@ def get_object(private_key: str, cid: str, oid: str, bearer_token: str, read_obj
|
|||
if bearer_token:
|
||||
bearer_token = f"--bearer {bearer_token}"
|
||||
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object get --cid {cid} --oid {oid} --file {read_object} {bearer_token}'
|
||||
ObjectCmd = f'neofs-cli --rpc-endpoint {endpoint} --key {private_key} object get --cid {cid} --oid {oid} --file {write_object} {bearer_token} {options}'
|
||||
|
||||
logger.info("Cmd: %s" % ObjectCmd)
|
||||
try:
|
||||
|
|
|
|||
|
|
@ -10,4 +10,5 @@ HTTP_GATE = 'http://http.neofs.devenv'
|
|||
S3_GATE = 'https://s3.neofs.devenv:8080'
|
||||
NEOFS_NETMAP = ['s01.neofs.devenv:8080', 's02.neofs.devenv:8080','s03.neofs.devenv:8080','s04.neofs.devenv:8080']
|
||||
|
||||
GAS_HASH = '0xb5df804bbadefea726afb5d3f4e8a6f6d32d2a20'
|
||||
GAS_HASH = '0xa6a6c15dcdc9b997dac448b6926522d22efeedfb'
|
||||
NEOFS_CONTRACT = "e11db12b0df3b3c05e6ed5f85e5cf53236e9dbeb"
|
||||
|
|
@ -15,14 +15,14 @@ import robot.errors
|
|||
from robot.libraries.BuiltIn import BuiltIn
|
||||
|
||||
ROBOT_AUTO_KEYWORDS = False
|
||||
NEOFS_CONTRACT = "ce96811ca25577c058484dab10dd8db2defc5eed"
|
||||
|
||||
|
||||
if os.getenv('ROBOT_PROFILE') == 'selectel_smoke':
|
||||
from selectelcdn_smoke_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
||||
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH)
|
||||
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH, NEOFS_CONTRACT)
|
||||
else:
|
||||
from neofs_int_vars import (NEOGO_CLI_PREFIX, NEO_MAINNET_ENDPOINT,
|
||||
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH)
|
||||
NEOFS_NEO_API_ENDPOINT, NEOFS_ENDPOINT, GAS_HASH, NEOFS_CONTRACT)
|
||||
|
||||
|
||||
@keyword('Init wallet')
|
||||
|
|
@ -141,8 +141,10 @@ def mainnet_balance(address: str):
|
|||
status code: {response.status_code} {response.reason}""")
|
||||
|
||||
m = re.search(rf'"{GAS_HASH}","amount":"([\d\.]+)"', response.text)
|
||||
if not m.start() != m.end():
|
||||
raise Exception("Can not get mainnet gas balance.")
|
||||
if not m:
|
||||
raise Exception("Can not get mainnet gas balance. Output: %s" % response.text )
|
||||
else:
|
||||
logger.info("Output: %s" % response.text)
|
||||
|
||||
amount = m.group(1)
|
||||
|
||||
|
|
|
|||
|
|
@ -11,3 +11,4 @@ S3_GATE = 'https://92.53.71.51:28080'
|
|||
NEOFS_NETMAP = ['92.53.71.51:18080', '92.53.71.52:18080','92.53.71.53:18080','92.53.71.54:18080', '92.53.71.55:18080']
|
||||
|
||||
GAS_HASH = '668e0c1f9d7b70a99dd9e06eadd4c784d641afbc'
|
||||
NEOFS_CONTRACT = "ce96811ca25577c058484dab10dd8db2defc5eed"
|
||||
|
|
@ -107,8 +107,6 @@ Generate file
|
|||
|
||||
Check Private Container
|
||||
# Check Private:
|
||||
# Expected: User - pass, Other - fail, System(IR) - pass (+ System(Container node) - pass, Non-container node - fail).
|
||||
|
||||
# Put
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
|
|
@ -118,14 +116,11 @@ Check Private Container
|
|||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PRIV_CID} ${EMPTY} ${EMPTY}
|
||||
|
||||
|
||||
|
||||
|
||||
# Get
|
||||
Get object from NeoFS ${USER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_IR} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${PRIV_CID} ${S_OID_USER} ${EMPTY} s_file_read
|
||||
|
||||
# Get Range
|
||||
|
|
@ -146,11 +141,11 @@ Check Private Container
|
|||
|
||||
# Search
|
||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||
Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
||||
Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_IR} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_SN} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
||||
... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_IR} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_SN} ${PRIV_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
|
||||
|
||||
# Head
|
||||
|
|
@ -176,7 +171,6 @@ Check Public Container
|
|||
# Put
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
# https://github.com/nspcc-dev/neofs-node/issues/178
|
||||
${S_OID_SYS_IR} = Put object to NeoFS ${SYSTEM_KEY_IR} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${PUBLIC_CID} ${EMPTY} ${EMPTY}
|
||||
|
||||
|
|
@ -201,10 +195,10 @@ Check Public Container
|
|||
|
||||
# Search
|
||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN} ${S_OID_SYS_IR}
|
||||
Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
||||
Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_PRIV}
|
||||
Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
Search object ${SYSTEM_KEY_SN} ${PUBLIC_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_PRIV}
|
||||
|
||||
# Head
|
||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
|
|
@ -224,7 +218,6 @@ Check Public Container
|
|||
|
||||
|
||||
# Delete
|
||||
# https://github.com/nspcc-dev/neofs-node/issues/178
|
||||
Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_IR} ${EMPTY}
|
||||
Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_IR} ${PUBLIC_CID} ${S_OID_USER} ${EMPTY}
|
||||
|
|
@ -263,10 +256,10 @@ Check Read-Only Container
|
|||
|
||||
# Search
|
||||
@{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||
Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO}
|
||||
Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO}
|
||||
Search object ${SYSTEM_KEY_IR} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO}
|
||||
Search object ${SYSTEM_KEY_SN} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_RO}
|
||||
Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
Search object ${SYSTEM_KEY_IR} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
Search object ${SYSTEM_KEY_SN} ${READONLY_CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_RO}
|
||||
|
||||
|
||||
# Head
|
||||
|
|
@ -289,3 +282,4 @@ Check Read-Only Container
|
|||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} s_file_read s_get_range
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_basic
|
||||
|
|
@ -21,7 +21,6 @@ BearerToken Operations
|
|||
Generate Keys
|
||||
Prepare eACL Role rules
|
||||
|
||||
|
||||
Log Check Bearer token with simple object
|
||||
Generate file 1024
|
||||
Check Container Inaccessible and Allow All Bearer
|
||||
|
|
@ -29,16 +28,26 @@ BearerToken Operations
|
|||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||
Check Сompound Operations
|
||||
|
||||
# TODO:
|
||||
|
||||
Log Check Bearer token with complex object
|
||||
Cleanup Files ${FILE_S}
|
||||
Generate file 20e+6
|
||||
Generate file 10e+6
|
||||
Check Container Inaccessible and Allow All Bearer
|
||||
Check eACL Deny and Allow All Bearer
|
||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||
Check Сompound Operations
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
|
|
@ -89,8 +98,6 @@ Payment Operations
|
|||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
|
||||
|
||||
|
||||
Create Container Public
|
||||
Log Create Public Container
|
||||
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF
|
||||
|
|
@ -103,7 +110,6 @@ Create Container Inaccessible
|
|||
[Return] ${PUBLIC_CID_GEN}
|
||||
|
||||
|
||||
|
||||
Generate file
|
||||
[Arguments] ${SIZE}
|
||||
|
||||
|
|
@ -113,17 +119,22 @@ Generate file
|
|||
|
||||
Prepare eACL Role rules
|
||||
Log Set eACL for different Role cases
|
||||
Set Global Variable ${EACL_DENY_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_deny_all
|
||||
Set Global Variable ${EACL_ALLOW_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_allow_all
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_USER} robot/resources/lib/eacl/eacl_encoded_deny_all_user
|
||||
Set Global Variable ${EACL_ALLOW_ALL_USER} robot/resources/lib/eacl/eacl_encoded_allow_all_user
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_deny_all_sys
|
||||
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_allow_all_sys
|
||||
|
||||
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} robot/resources/lib/eacl/eacl_encoded_allow_all_pubkey
|
||||
# eACL rules for all operations and similar permissions
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
|
||||
END
|
||||
|
||||
|
||||
Check Container Inaccessible and Allow All Bearer
|
||||
|
|
@ -132,9 +143,22 @@ Check Container Inaccessible and Allow All Bearer
|
|||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Form BearerToken file for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500
|
||||
${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||
${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER}
|
||||
|
|
@ -142,7 +166,6 @@ Check Container Inaccessible and Allow All Bearer
|
|||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER}
|
||||
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
|
@ -152,21 +175,32 @@ Check eACL Deny and Allow All Bearer
|
|||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
Form BearerToken file for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
|
|
@ -174,18 +208,14 @@ Check eACL Deny and Allow All Bearer
|
|||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
|
@ -193,34 +223,43 @@ Check eACL Deny and Allow All Bearer Filter OID Equal
|
|||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
Form BearerToken file filter for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 STRING_EQUAL $Object:objectID ${S_OID_USER}
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER}
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
# Search is allowed without filter condition.
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
|
|
@ -246,30 +285,41 @@ Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
|||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
Form BearerToken file filter for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 STRING_NOT_EQUAL $Object:objectID ${S_OID_USER_2}
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2}
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
# Search is allowed without filter condition.
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
|
||||
|
|
@ -292,6 +342,148 @@ Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
|||
|
||||
|
||||
|
||||
|
||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||
${rule1}= Create Dictionary Operation=GET Access=DENY Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
#Run Keyword And Expect Error *
|
||||
#... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
||||
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
|
@ -302,30 +494,42 @@ Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
|||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
Form BearerToken file filter for all ops bearer_allow_all_user ${USER_KEY} ${CID} ALLOW USER 100500 STRING_EQUAL key2 abc
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
# Search is allowed without filter condition.
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
|
|
@ -351,9 +555,176 @@ Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
|||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
|
||||
# Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
|
||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER_2}
|
||||
|
||||
|
||||
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
||||
|
||||
|
||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7}
|
||||
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
# Search can not use filter by headers
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
# Different behaviour for big and small objects!
|
||||
# Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY}
|
||||
|
||||
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
||||
|
||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
# Delete can not be filtered by UserHeader.
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
||||
|
||||
|
||||
Check Сompound Operations
|
||||
Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||
Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||
Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||
|
||||
Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||
Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||
Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||
|
||||
Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||
Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||
Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||
|
||||
|
||||
Check Bearer Сompound Get
|
||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
||||
|
||||
|
||||
Check Bearer Сompound Delete
|
||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
|
||||
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER}
|
||||
|
||||
Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
||||
|
||||
|
||||
|
||||
Check Bearer Сompound Get Range Hash
|
||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
|
||||
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
|
||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
||||
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
||||
|
||||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range bearer_allow_all_user
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
||||
... bearer_allow_all_user gen_eacl_deny_all_USER bearer_allow
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_bearer
|
||||
|
|
@ -20,18 +20,22 @@ Extended ACL Operations
|
|||
Prepare eACL Role rules
|
||||
|
||||
Log Check extended ACL with simple object
|
||||
|
||||
Generate files 1024
|
||||
|
||||
Check Actions
|
||||
Check Filters
|
||||
Check Сompound Operations
|
||||
|
||||
Cleanup Files ${FILE_S} ${FILE_S_2}
|
||||
|
||||
Log Check extended ACL with complex object
|
||||
Generate files 20e+6
|
||||
Generate files 10e+6
|
||||
Check Actions
|
||||
Check Filters
|
||||
Check Сompound Operations
|
||||
|
||||
[Teardown] Cleanup
|
||||
#[Teardown] Cleanup
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
|
@ -44,11 +48,168 @@ Check Actions
|
|||
|
||||
|
||||
Check Filters
|
||||
Check eACL MatchType String Equal
|
||||
Check eACL MatchType String Not Equal
|
||||
Check eACL MatchType String Equal Object
|
||||
Check eACL MatchType String Not Equal Object
|
||||
Check eACL MatchType String Equal Request Deny
|
||||
Check eACL MatchType String Equal Request Allow
|
||||
|
||||
Check Сompound Operations
|
||||
Check eACL Сompound Get ${OTHER_KEY} ${EACL_COMPOUND_GET_OTHERS}
|
||||
Check eACL Сompound Get ${USER_KEY} ${EACL_COMPOUND_GET_USER}
|
||||
Check eACL Сompound Get ${SYSTEM_KEY} ${EACL_COMPOUND_GET_SYSTEM}
|
||||
|
||||
Check eACL Сompound Delete ${OTHER_KEY} ${EACL_COMPOUND_DELETE_OTHERS}
|
||||
Check eACL Сompound Delete ${USER_KEY} ${EACL_COMPOUND_DELETE_USER}
|
||||
Check eACL Сompound Delete ${SYSTEM_KEY} ${EACL_COMPOUND_DELETE_SYSTEM}
|
||||
|
||||
Check eACL Сompound Get Range Hash ${OTHER_KEY} ${EACL_COMPOUND_GET_HASH_OTHERS}
|
||||
Check eACL Сompound Get Range Hash ${USER_KEY} ${EACL_COMPOUND_GET_HASH_USER}
|
||||
Check eACL Сompound Get Range Hash ${SYSTEM_KEY} ${EACL_COMPOUND_GET_HASH_SYSTEM}
|
||||
|
||||
Check eACL Сompound Get
|
||||
[Arguments] ${KEY} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
|
||||
Check eACL MatchType String Equal
|
||||
Check eACL Сompound Delete
|
||||
[Arguments] ${KEY} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
|
||||
Check eACL Сompound Get Range Hash
|
||||
[Arguments] ${KEY} ${DENY_EACL}
|
||||
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
||||
|
||||
|
||||
Check eACL MatchType String Equal Request Deny
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_DENY_ALL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=256
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2"
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
|
||||
|
||||
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=256
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=*
|
||||
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=
|
||||
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=.*
|
||||
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a="2 2"
|
||||
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=256
|
||||
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=22
|
||||
|
||||
|
||||
|
||||
Check eACL MatchType String Equal Request Allow
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
&{HEADER_DICT} = Parse Object System Header ${HEADER}
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_XHEADER_ALLOW_ALL} --await
|
||||
Get eACL ${USER_KEY} ${CID}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Run Keyword And Expect Error *
|
||||
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl ${EMPTY} --xhdr a=2
|
||||
Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||
Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ${EMPTY} --xhdr a=2
|
||||
Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 --xhdr a=2
|
||||
Get Range Hash ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256 --xhdr a=2
|
||||
Delete object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} --xhdr a=2
|
||||
|
||||
|
||||
|
||||
|
||||
Check eACL MatchType String Equal Object
|
||||
${CID} = Create Container Public
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
||||
|
|
@ -59,7 +220,12 @@ Check eACL MatchType String Equal
|
|||
|
||||
Log Set eACL for Deny GET operation with StringEqual Object ID
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_EQUAL $Object:objectID ${ID_value} OTHERS
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${ID_value}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
|
@ -67,7 +233,13 @@ Check eACL MatchType String Equal
|
|||
|
||||
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_EQUAL key1 1 OTHERS
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key1 value=1
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
|
@ -75,7 +247,7 @@ Check eACL MatchType String Equal
|
|||
|
||||
|
||||
|
||||
Check eACL MatchType String Not Equal
|
||||
Check eACL MatchType String Not Equal Object
|
||||
${CID} = Create Container Public
|
||||
|
||||
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
|
@ -91,7 +263,12 @@ Check eACL MatchType String Not Equal
|
|||
|
||||
Log Set eACL for Deny GET operation with StringNotEqual Object ID
|
||||
${ID_value} = Get From Dictionary ${HEADER_DICT} ID
|
||||
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_NOT_EQUAL $Object:objectID ${ID_value} OTHERS
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${ID_value}
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} ${EMPTY} local_file_eacl
|
||||
|
|
@ -100,7 +277,12 @@ Check eACL MatchType String Not Equal
|
|||
|
||||
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
${EACL_CUSTOM} = Form eACL json file eacl_custom GET DENY STRING_NOT_EQUAL key1 1 OTHERS
|
||||
|
||||
${filters} = Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key1 value=1
|
||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen} = Create List ${rule1}
|
||||
${EACL_CUSTOM} = Form eACL json common file eacl_custom ${eACL_gen}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_CUSTOM} --await
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} ${EMPTY} local_file_eacl
|
||||
|
|
@ -170,16 +352,144 @@ Generate files
|
|||
Prepare eACL Role rules
|
||||
Log Set eACL for different Role cases
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_deny_all
|
||||
Set Global Variable ${EACL_ALLOW_ALL_OTHER} robot/resources/lib/eacl/eacl_encoded_allow_all
|
||||
# eACL rules for all operations and similar permissions
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
||||
END
|
||||
|
||||
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=${role}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=${role}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=${role}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_allow_all_${role} ${eACL_gen}
|
||||
END
|
||||
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=A9tDy6Ye+UimXCCzJrlAmRE0FDZHjf3XRyya9rELtgAA
|
||||
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
|
||||
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
|
||||
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
|
||||
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
|
||||
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
|
||||
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
|
||||
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
|
||||
|
||||
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
|
||||
Form eACL json common file gen_eacl_allow_pubkey_deny_OTHERS ${eACL_gen}
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_OTHER} gen_eacl_deny_all_OTHERS
|
||||
Set Global Variable ${EACL_ALLOW_ALL_OTHER} gen_eacl_allow_all_OTHERS
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_USER} gen_eacl_deny_all_USER
|
||||
Set Global Variable ${EACL_ALLOW_ALL_USER} gen_eacl_allow_all_USER
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_SYSTEM} gen_eacl_deny_all_SYSTEM
|
||||
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} gen_eacl_allow_all_SYSTEM
|
||||
|
||||
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} gen_eacl_allow_pubkey_deny_OTHERS
|
||||
|
||||
|
||||
# eACL rules for Compound operations: GET/GetRange/GetRangeHash
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${role}
|
||||
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||
${rule4}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4}
|
||||
Form eACL json common file gen_eacl_compound_get_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_COMPOUND_GET_${role}} gen_eacl_compound_get_${role}
|
||||
END
|
||||
|
||||
# eACL rules for Compound operations: DELETE
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=DELETE Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=PUT Access=DENY Role=${role}
|
||||
${rule3}= Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||
Form eACL json common file gen_eacl_compound_del_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_COMPOUND_DELETE_${role}} gen_eacl_compound_del_${role}
|
||||
END
|
||||
|
||||
# eACL rules for Compound operations: GETRANGEHASH
|
||||
@{Roles} = Create List OTHERS USER SYSTEM
|
||||
FOR ${role} IN @{Roles}
|
||||
${rule1}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${role}
|
||||
${rule2}= Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
||||
${rule3}= Create Dictionary Operation=GET Access=DENY Role=${role}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||
Form eACL json common file gen_eacl_compound_get_hash_${role} ${eACL_gen}
|
||||
Set Global Variable ${EACL_COMPOUND_GET_HASH_${role}} gen_eacl_compound_get_hash_${role}
|
||||
END
|
||||
|
||||
|
||||
|
||||
# eACL for X-Header Other DENY and ALLOW for all
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS Filters=${filters}
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
Form eACL json common file gen_eacl_xheader_deny_all ${eACL_gen}
|
||||
Set Global Variable ${EACL_XHEADER_DENY_ALL} gen_eacl_xheader_deny_all
|
||||
|
||||
|
||||
|
||||
# eACL for X-Header Other ALLOW and DENY for all
|
||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=2
|
||||
|
||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=OTHERS Filters=${filters}
|
||||
${rule8}= Create Dictionary Operation=GET Access=DENY Role=OTHERS
|
||||
${rule9}= Create Dictionary Operation=HEAD Access=DENY Role=OTHERS
|
||||
${rule10}= Create Dictionary Operation=PUT Access=DENY Role=OTHERS
|
||||
${rule11}= Create Dictionary Operation=DELETE Access=DENY Role=OTHERS
|
||||
${rule12}= Create Dictionary Operation=SEARCH Access=DENY Role=OTHERS
|
||||
${rule13}= Create Dictionary Operation=GETRANGE Access=DENY Role=OTHERS
|
||||
${rule14}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=OTHERS
|
||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||
... ${rule8} ${rule9} ${rule10} ${rule11} ${rule12} ${rule13} ${rule14}
|
||||
Form eACL json common file gen_eacl_xheader_allow_all ${eACL_gen}
|
||||
Set Global Variable ${EACL_XHEADER_ALLOW_ALL} gen_eacl_xheader_allow_all
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_USER} robot/resources/lib/eacl/eacl_encoded_deny_all_user
|
||||
Set Global Variable ${EACL_ALLOW_ALL_USER} robot/resources/lib/eacl/eacl_encoded_allow_all_user
|
||||
|
||||
Set Global Variable ${EACL_DENY_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_deny_all_sys
|
||||
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} robot/resources/lib/eacl/eacl_encoded_allow_all_sys
|
||||
|
||||
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} robot/resources/lib/eacl/eacl_encoded_allow_all_pubkey
|
||||
|
||||
|
||||
Check eACL Deny and Allow All User
|
||||
|
|
@ -205,8 +515,8 @@ Check eACL Deny and Allow All System
|
|||
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
|
@ -220,11 +530,7 @@ Check eACL Deny and Allow All System
|
|||
Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER_S} ${EMPTY}
|
||||
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER_SN} ${EMPTY}
|
||||
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM}
|
||||
Sleep ${MORPH_BLOCK_TIMEOUT}
|
||||
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
|
@ -237,9 +543,9 @@ Check eACL Deny and Allow All System
|
|||
... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
|
|
@ -265,8 +571,8 @@ Check eACL Deny and Allow All System
|
|||
... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM}
|
||||
Sleep ${MORPH_BLOCK_TIMEOUT}
|
||||
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM} --await
|
||||
|
||||
|
||||
${D_OID_USER_S} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
${D_OID_USER_SN} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||
|
|
@ -278,8 +584,8 @@ Check eACL Deny and Allow All System
|
|||
Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
|
||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
|
||||
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
|
@ -304,7 +610,7 @@ Check eACL Deny All Other and Allow All Pubkey
|
|||
|
||||
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
|
@ -318,7 +624,7 @@ Check eACL Deny All Other and Allow All Pubkey
|
|||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
... Search object ${OTHER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
|
|
@ -330,7 +636,7 @@ Check eACL Deny All Other and Allow All Pubkey
|
|||
|
||||
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${EACL_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${EACL_KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
|
@ -348,22 +654,21 @@ Check eACL Deny and Allow All
|
|||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
||||
Sleep ${MORPH_BLOCK_TIMEOUT}
|
||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
Run Keyword And Expect Error *
|
||||
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
... Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Run Keyword And Expect Error *
|
||||
... Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Run Keyword And Expect Error *
|
||||
|
|
@ -373,12 +678,12 @@ Check eACL Deny and Allow All
|
|||
Run Keyword And Expect Error *
|
||||
... Delete object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
|
||||
Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL}
|
||||
Sleep ${MORPH_BLOCK_TIMEOUT}
|
||||
Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL} --await
|
||||
|
||||
|
||||
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Head object ${KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||
|
|
@ -386,4 +691,11 @@ Check eACL Deny and Allow All
|
|||
|
||||
Cleanup
|
||||
@{CLEANUP_FILES} = Create List ${FILE_S} ${FILE_S_2} local_file_eacl eacl_custom s_get_range
|
||||
... gen_eacl_allow_all_OTHERS gen_eacl_deny_all_USER gen_eacl_allow_all_USER
|
||||
... gen_eacl_deny_all_SYSTEM gen_eacl_allow_all_SYSTEM gen_eacl_allow_pubkey_deny_OTHERS
|
||||
... gen_eacl_deny_all_OTHERS
|
||||
... gen_eacl_compound_del_SYSTEM gen_eacl_compound_del_USER gen_eacl_compound_del_OTHERS
|
||||
... gen_eacl_compound_get_hash_OTHERS gen_eacl_compound_get_hash_SYSTEM gen_eacl_compound_get_hash_USER
|
||||
... gen_eacl_compound_get_OTHERS gen_eacl_compound_get_SYSTEM gen_eacl_compound_get_USER
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs acl_extended
|
||||
|
|
|
|||
|
|
@ -36,9 +36,12 @@ NeoFS HTTP Gateway
|
|||
... Container Existing ${PRIV_KEY} ${CID}
|
||||
|
||||
${FILE} = Generate file of bytes 1024
|
||||
${FILE_L} = Generate file of bytes 10e+6
|
||||
${FILE_HASH} = Get file hash ${FILE}
|
||||
${FILE_L_HASH} = Get file hash ${FILE_L}
|
||||
|
||||
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
|
||||
${L_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE_L} ${CID} ${EMPTY} ${EMPTY}
|
||||
|
||||
# By request from Service team - try to GET object from the node without object
|
||||
|
||||
|
|
@ -51,4 +54,22 @@ NeoFS HTTP Gateway
|
|||
Verify file hash s_file_read ${FILE_HASH}
|
||||
Verify file hash ${FILEPATH} ${FILE_HASH}
|
||||
|
||||
[Teardown] Cleanup Files ${FILEPATH} ${FILE} s_file_read
|
||||
@{GET_NODE_LIST} = Get nodes without object ${PRIV_KEY} ${CID} ${L_OID}
|
||||
${NODE} = Evaluate random.choice($GET_NODE_LIST) random
|
||||
|
||||
Get object from NeoFS ${PRIV_KEY} ${CID} ${L_OID} ${EMPTY} l_file_read ${NODE}
|
||||
${FILEPATH} = Get via HTTP Gate ${CID} ${L_OID}
|
||||
|
||||
Verify file hash l_file_read ${FILE_L_HASH}
|
||||
Verify file hash ${FILEPATH} ${FILE_L_HASH}
|
||||
|
||||
[Teardown] Cleanup ${FILEPATH} ${FILE}
|
||||
|
||||
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Cleanup
|
||||
[Arguments] ${FILEPATH} ${FILE}
|
||||
Cleanup Files ${FILEPATH} ${FILE} s_file_read l_file_read
|
||||
Get Docker Logs http_gate
|
||||
|
|
@ -60,7 +60,7 @@ NeoFS Simple Netmap
|
|||
Run Keyword And Expect Error *
|
||||
... Validate Policy REP 2 IN X CBF 2 SELECT 6 FROM * AS X 2 @{EMPTY}
|
||||
|
||||
[Teardown] Cleanup Files ${FILE}
|
||||
[Teardown] Cleanup ${FILE}
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
|
|
@ -107,3 +107,7 @@ Validate Policy
|
|||
Validate storage policy for object ${PRIV_KEY} ${EXPECTED_VAL} ${CID} ${S_OID} @{EXPECTED_LIST}
|
||||
|
||||
|
||||
Cleanup
|
||||
[Arguments] ${FILE}
|
||||
Cleanup Files ${FILE}
|
||||
Get Docker Logs netmap_simple
|
||||
|
|
@ -41,8 +41,7 @@ NeoFS Complex Object Operations
|
|||
Wait Until Keyword Succeeds 2 min 30 sec
|
||||
... Expected Balance ${PRIV_KEY} 50 -7e-08
|
||||
|
||||
${SIZE} = Set Variable 20e+6
|
||||
${FILE} = Generate file of bytes ${SIZE}
|
||||
${FILE} = Generate file of bytes 10e+6
|
||||
${FILE_HASH} = Get file hash ${FILE}
|
||||
|
||||
${S_OID} = Put object to NeoFS ${PRIV_KEY} ${FILE} ${CID} ${EMPTY} ${EMPTY}
|
||||
|
|
@ -60,7 +59,7 @@ NeoFS Complex Object Operations
|
|||
@{S_OBJ_H_OTH} = Create List ${H_OID_OTH}
|
||||
|
||||
Run Keyword And Expect Error *
|
||||
... Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_ALL}
|
||||
... Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
|
||||
|
||||
Get object from NeoFS ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY} s_file_read
|
||||
Get object from NeoFS ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} h_file_read
|
||||
|
|
@ -74,9 +73,9 @@ NeoFS Complex Object Operations
|
|||
Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10
|
||||
Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10
|
||||
|
||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${EMPTY} @{S_OBJ_ALL}
|
||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER_OTH} @{S_OBJ_H_OTH}
|
||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
|
||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Search object ${PRIV_KEY} ${CID} --root ${EMPTY} ${FILE_USR_HEADER_OTH} ${S_OBJ_H_OTH}
|
||||
|
||||
Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY}
|
||||
Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
|
@ -105,9 +104,9 @@ NeoFS Complex Object Operations
|
|||
|
||||
Cleanup
|
||||
[Arguments] ${FILE}
|
||||
|
||||
@{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs object_complex
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -68,9 +68,9 @@ NeoFS Simple Object Operations
|
|||
Get Range ${PRIV_KEY} ${CID} ${S_OID} s_get_range ${EMPTY} 0:10
|
||||
Get Range ${PRIV_KEY} ${CID} ${H_OID} h_get_range ${EMPTY} 0:10
|
||||
|
||||
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} @{S_OBJ_ALL}
|
||||
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} @{S_OBJ_H}
|
||||
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER_OTH} @{S_OBJ_H_OTH}
|
||||
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${EMPTY} ${S_OBJ_ALL}
|
||||
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||
Search object ${PRIV_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER_OTH} ${S_OBJ_H_OTH}
|
||||
|
||||
Head object ${PRIV_KEY} ${CID} ${S_OID} ${EMPTY}
|
||||
Head object ${PRIV_KEY} ${CID} ${H_OID} ${EMPTY} ${FILE_USR_HEADER}
|
||||
|
|
@ -100,6 +100,7 @@ Cleanup
|
|||
|
||||
@{CLEANUP_FILES} = Create List ${FILE} s_file_read h_file_read s_get_range h_get_range
|
||||
Cleanup Files @{CLEANUP_FILES}
|
||||
Get Docker Logs object_simple
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -41,9 +41,8 @@ NeoFS Object Replication
|
|||
@{NODES_OBJ} = Get nodes with object ${PRIV_KEY} ${CID} ${S_OID}
|
||||
@{NODES_OBJ_STOPPED} = Stop nodes 1 @{NODES_OBJ}
|
||||
|
||||
Sleep 1 min
|
||||
|
||||
Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID}
|
||||
Wait Until Keyword Succeeds 10 min 1 min
|
||||
... Validate storage policy for object ${PRIV_KEY} 2 ${CID} ${S_OID}
|
||||
Start nodes @{NODES_OBJ_STOPPED}
|
||||
|
||||
[Teardown] Cleanup ${FILE} @{NODES_OBJ_STOPPED}
|
||||
|
|
@ -55,5 +54,6 @@ Cleanup
|
|||
[Arguments] ${FILE} @{NODES_OBJ_STOPPED}
|
||||
Start nodes @{NODES_OBJ_STOPPED}
|
||||
Cleanup Files ${FILE}
|
||||
Get Docker Logs replication
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -25,11 +25,11 @@ NeoFS S3 Gateway
|
|||
... Transaction accepted in block ${TX_DEPOSIT}
|
||||
Get Transaction ${TX_DEPOSIT}
|
||||
|
||||
${FILE_S3} = Generate file of bytes 20e+6
|
||||
${FILE_S3} = Generate file of bytes 10e+6
|
||||
${FILE_S3_HASH} = Get file hash ${FILE_S3}
|
||||
${FILE_S3_NAME} = Get file name ${FILE_S3}
|
||||
|
||||
${FILE_FS} = Generate file of bytes 20e+6
|
||||
${FILE_FS} = Generate file of bytes 10e+6
|
||||
${FILE_FS_HASH} = Get file hash ${FILE_FS}
|
||||
${FILE_FS_NAME} = Get file name ${FILE_FS}
|
||||
|
||||
|
|
@ -85,6 +85,12 @@ NeoFS S3 Gateway
|
|||
${LIST_S3_OBJECTS} = List objects S3 ${S3_CLIENT} ${BUCKET}
|
||||
List Should Not Contain Value ${LIST_S3_OBJECTS} FILE_S3_NAME
|
||||
|
||||
[Teardown] Cleanup Files s3_obj_get_fs fs_obj_get_fs s3_obj_get_s3 fs_obj_get_s3
|
||||
... ${FILE_S3} ${FILE_FS}
|
||||
[Teardown] Cleanup ${FILE_S3} ${FILE_FS}
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Cleanup
|
||||
[Arguments] ${FILE_S3} ${FILE_FS}
|
||||
Cleanup Files s3_obj_get_fs fs_obj_get_fs s3_obj_get_s3 fs_obj_get_s3
|
||||
... ${FILE_S3} ${FILE_FS}
|
||||
Get Docker Logs s3_gate
|
||||
|
|
@ -30,7 +30,7 @@ NeoFS Deposit and Withdraw
|
|||
|
||||
Sleep 1 min
|
||||
|
||||
Expexted Mainnet Balance ${ADDR} 4.84454920
|
||||
Expexted Mainnet Balance ${ADDR} 4.85019610
|
||||
${NEOFS_BALANCE} = Get Balance ${PRIV_KEY}
|
||||
|
||||
${TX} = Withdraw Mainnet Gas ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
||||
|
|
@ -40,5 +40,11 @@ NeoFS Deposit and Withdraw
|
|||
Sleep 1 min
|
||||
Get Balance ${PRIV_KEY}
|
||||
Expected Balance ${PRIV_KEY} ${NEOFS_BALANCE} -50
|
||||
Expexted Mainnet Balance ${ADDR} 54.80800160
|
||||
Expexted Mainnet Balance ${ADDR} 54.81699450
|
||||
|
||||
[Teardown] Cleanup
|
||||
|
||||
*** Keywords ***
|
||||
|
||||
Cleanup
|
||||
Get Docker Logs withdraw
|
||||
Loading…
Reference in a new issue