forked from TrueCloudLab/frostfs-testcases
fb5da3dc21
- Add bearer token coverage with the request filter #8 - Add eACL coverage with the request filter #9 - Add Bearer token coverage of the case with different permissions for operations in the complex operations #15 (Check Сompound Operations) - Add eACL token coverage of the case with different permissions for operations in the complex operations - Add latest nodes and services logs to the artifacts in case of failure #10 - Prepare neofs-testcases repository for the public #11 - new eACL and bearer token generation by rules. - Readme update - Fixes and additional extensions of the existed test cases - Large file size has been changed from 20mb to 10mb
730 lines
No EOL
61 KiB
Text
730 lines
No EOL
61 KiB
Text
*** Settings ***
|
|
Variables ../../variables/common.py
|
|
|
|
Library Collections
|
|
|
|
Library ${RESOURCES}/neofs.py
|
|
Library ${RESOURCES}/payment_neogo.py
|
|
|
|
*** Variables ***
|
|
${FILE_USR_HEADER} = key1=1,key2=abc
|
|
${FILE_USR_HEADER_DEL} = key1=del,key2=del
|
|
${FILE_OTH_HEADER} = key1=oth,key2=oth
|
|
${RULE_FOR_ALL} = REP 2 IN X CBF 1 SELECT 4 FROM * AS X
|
|
|
|
*** Test cases ***
|
|
BearerToken Operations
|
|
[Documentation] Testcase to validate NeoFS operations with BearerToken.
|
|
[Tags] ACL NeoFS NeoCLI BearerToken
|
|
[Timeout] 20 min
|
|
|
|
Generate Keys
|
|
Prepare eACL Role rules
|
|
|
|
Log Check Bearer token with simple object
|
|
Generate file 1024
|
|
Check Container Inaccessible and Allow All Bearer
|
|
Check eACL Deny and Allow All Bearer
|
|
Check eACL Deny and Allow All Bearer Filter OID Equal
|
|
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
|
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
|
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
|
Check eACL Allow All Bearer Filter Requst Equal Deny
|
|
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
|
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
|
Check Сompound Operations
|
|
|
|
# TODO:
|
|
|
|
Log Check Bearer token with complex object
|
|
Cleanup Files ${FILE_S}
|
|
Generate file 10e+6
|
|
Check Container Inaccessible and Allow All Bearer
|
|
Check eACL Deny and Allow All Bearer
|
|
Check eACL Deny and Allow All Bearer Filter OID Equal
|
|
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
|
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
|
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
|
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
|
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
|
Check Сompound Operations
|
|
|
|
[Teardown] Cleanup
|
|
|
|
|
|
|
|
*** Keywords ***
|
|
|
|
Generate Keys
|
|
${WALLET} = Init wallet
|
|
Generate wallet ${WALLET}
|
|
${ADDR} = Dump Address ${WALLET}
|
|
${USER_KEY_GEN} = Dump PrivKey ${WALLET} ${ADDR}
|
|
|
|
${WALLET_OTH} = Init wallet
|
|
Generate wallet ${WALLET_OTH}
|
|
${ADDR_OTH} = Dump Address ${WALLET_OTH}
|
|
${OTHER_KEY_GEN} = Dump PrivKey ${WALLET_OTH} ${ADDR_OTH}
|
|
|
|
|
|
${EACL_KEY_GEN} = Form WIF from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de
|
|
${SYSTEM_KEY_GEN} = Form WIF from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
|
${SYSTEM_KEY_GEN_SN} = Form WIF from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
|
|
|
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
|
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
|
Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN}
|
|
Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN}
|
|
Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN}
|
|
|
|
Payment Operations ${WALLET} ${ADDR} ${USER_KEY}
|
|
Payment Operations ${WALLET_OTH} ${ADDR_OTH} ${OTHER_KEY}
|
|
|
|
|
|
Payment Operations
|
|
[Arguments] ${WALLET} ${ADDR} ${KEY}
|
|
|
|
${TX} = Transfer Mainnet Gas wallets/wallet.json NTrezR3C4X8aMLVg7vozt5wguyNfFhwuFx ${ADDR} 55
|
|
Wait Until Keyword Succeeds 1 min 15 sec
|
|
... Transaction accepted in block ${TX}
|
|
Get Transaction ${TX}
|
|
Expexted Mainnet Balance ${ADDR} 55
|
|
|
|
${SCRIPT_HASH} = Get ScripHash ${KEY}
|
|
|
|
${TX_DEPOSIT} = NeoFS Deposit ${WALLET} ${ADDR} ${SCRIPT_HASH} 50
|
|
Wait Until Keyword Succeeds 1 min 15 sec
|
|
... Transaction accepted in block ${TX_DEPOSIT}
|
|
Get Transaction ${TX_DEPOSIT}
|
|
|
|
|
|
Create Container Public
|
|
Log Create Public Container
|
|
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x0FFFFFFF
|
|
[Return] ${PUBLIC_CID_GEN}
|
|
|
|
|
|
Create Container Inaccessible
|
|
Log Create Inaccessible Container
|
|
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x40000000
|
|
[Return] ${PUBLIC_CID_GEN}
|
|
|
|
|
|
Generate file
|
|
[Arguments] ${SIZE}
|
|
|
|
${FILE_S_GEN} = Generate file of bytes ${SIZE}
|
|
Set Global Variable ${FILE_S} ${FILE_S_GEN}
|
|
|
|
|
|
Prepare eACL Role rules
|
|
Log Set eACL for different Role cases
|
|
|
|
# eACL rules for all operations and similar permissions
|
|
@{Roles} = Create List OTHERS USER SYSTEM
|
|
FOR ${role} IN @{Roles}
|
|
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
|
|
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
|
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
|
|
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
|
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
|
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
|
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
|
|
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
|
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
|
|
END
|
|
|
|
|
|
Check Container Inaccessible and Allow All Bearer
|
|
${CID} = Create Container Inaccessible
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
|
|
${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
|
${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
|
|
|
${eACL_gen}= Create List ${rule1} ${rule2}
|
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER}
|
|
|
|
|
|
Check eACL Deny and Allow All Bearer
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
|
|
|
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
|
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
|
|
|
|
Check eACL Deny and Allow All Bearer Filter OID Equal
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
|
|
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER}
|
|
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
|
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
|
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
|
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user
|
|
|
|
|
|
|
|
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
|
|
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2}
|
|
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
|
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
|
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
|
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER_2} s_get_range bearer_allow_all_user 0:256
|
|
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
|
|
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${D_OID_USER_2} bearer_allow_all_user
|
|
|
|
|
|
|
|
|
|
Check eACL Allow All Bearer Filter Requst Equal Deny
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
|
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
|
${rule1}= Create Dictionary Operation=GET Access=DENY Role=USER Filters=${filters}
|
|
${rule2}= Create Dictionary Operation=HEAD Access=DENY Role=USER Filters=${filters}
|
|
${rule3}= Create Dictionary Operation=PUT Access=DENY Role=USER Filters=${filters}
|
|
${rule4}= Create Dictionary Operation=DELETE Access=DENY Role=USER Filters=${filters}
|
|
${rule5}= Create Dictionary Operation=SEARCH Access=DENY Role=USER Filters=${filters}
|
|
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters}
|
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters}
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
|
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
|
Run Keyword And Expect Error *
|
|
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
|
|
|
|
|
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
|
|
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
#Run Keyword And Expect Error *
|
|
#... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
|
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2
|
|
|
|
|
|
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
|
|
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
|
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
|
|
|
|
|
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
|
|
|
|
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc
|
|
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
|
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
|
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
|
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
|
|
|
Run Keyword And Expect Error *
|
|
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
|
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
|
|
|
# Delete can not be filtered by UserHeader.
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
|
|
|
|
|
|
|
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
${S_OID_USER_2} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER_2}
|
|
|
|
|
|
Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER} --await
|
|
|
|
|
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc
|
|
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
|
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7}
|
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
|
|
# Search can not use filter by headers
|
|
Run Keyword And Expect Error *
|
|
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
|
|
# Different behaviour for big and small objects!
|
|
# Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY}
|
|
|
|
Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
|
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
|
|
|
Run Keyword And Expect Error *
|
|
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
|
|
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
Run Keyword And Expect Error *
|
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
|
|
|
# Delete can not be filtered by UserHeader.
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
Run Keyword And Expect Error *
|
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
|
|
|
|
|
Check Сompound Operations
|
|
Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
|
Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
|
Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
|
|
|
Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
|
Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
|
Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
|
|
|
Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
|
Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
|
Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
|
|
|
|
|
Check Bearer Сompound Get
|
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
|
|
|
${CID} = Create Container Public
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
|
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP}
|
|
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
|
|
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
|
|
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
|
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
|
|
|
|
|
Check Bearer Сompound Delete
|
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
|
|
|
${CID} = Create Container Public
|
|
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
|
|
|
${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP}
|
|
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
|
|
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
|
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
|
Run Keyword And Expect Error *
|
|
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER}
|
|
|
|
Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
|
|
|
|
|
|
|
Check Bearer Сompound Get Range Hash
|
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
|
|
|
${CID} = Create Container Public
|
|
|
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
|
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
|
|
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL} --await
|
|
|
|
${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
|
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
|
|
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
|
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
|
|
|
Run Keyword And Expect Error *
|
|
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
|
Run Keyword And Expect Error *
|
|
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
|
|
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
|
|
|
|
|
Cleanup
|
|
@{CLEANUP_FILES} = Create List ${FILE_S} local_file_eacl s_get_range
|
|
... bearer_allow_all_user gen_eacl_deny_all_USER bearer_allow
|
|
Cleanup Files @{CLEANUP_FILES}
|
|
Get Docker Logs acl_bearer |