2021-02-08 05:05:17 +00:00
|
|
|
*** Settings ***
|
|
|
|
|
Variables ../../../variables/common.py
|
|
|
|
|
Library ../${RESOURCES}/neofs.py
|
|
|
|
|
Library ../${RESOURCES}/payment_neogo.py
|
|
|
|
|
|
|
|
|
|
Library Collections
|
2021-06-01 12:07:31 +00:00
|
|
|
|
2021-02-08 05:05:17 +00:00
|
|
|
Resource common_steps_acl_bearer.robot
|
2021-06-01 12:07:31 +00:00
|
|
|
Resource ../${RESOURCES}/payment_operations.robot
|
2021-06-01 12:07:31 +00:00
|
|
|
Resource ../${RESOURCES}/setup_teardown.robot
|
2021-02-08 05:05:17 +00:00
|
|
|
|
2021-06-30 21:18:37 +00:00
|
|
|
*** Variables ***
|
|
|
|
|
${SYSTEM_KEY} = ${NEOFS_IR_WIF}
|
|
|
|
|
|
2021-02-08 05:05:17 +00:00
|
|
|
*** Test cases ***
|
|
|
|
|
BearerToken Operations for Сompound Operations
|
|
|
|
|
[Documentation] Testcase to validate NeoFS operations with BearerToken for Сompound Operations.
|
|
|
|
|
[Tags] ACL NeoFS NeoCLI BearerToken
|
|
|
|
|
[Timeout] 20 min
|
|
|
|
|
|
2021-06-01 12:07:31 +00:00
|
|
|
[Setup] Setup
|
2021-04-26 10:30:40 +00:00
|
|
|
|
2021-02-08 05:05:17 +00:00
|
|
|
Generate Keys
|
|
|
|
|
Prepare eACL Role rules
|
2021-04-26 10:30:40 +00:00
|
|
|
|
2021-02-08 05:05:17 +00:00
|
|
|
Log Check Bearer token with simple object
|
2021-04-02 14:29:41 +00:00
|
|
|
Generate file ${SIMPLE_OBJ_SIZE}
|
2021-02-08 05:05:17 +00:00
|
|
|
Check Сompound Operations
|
|
|
|
|
|
|
|
|
|
Log Check Bearer token with complex object
|
2021-04-26 10:30:40 +00:00
|
|
|
|
2021-04-02 14:29:41 +00:00
|
|
|
Generate file ${COMPLEX_OBJ_SIZE}
|
2021-02-08 05:05:17 +00:00
|
|
|
Check Сompound Operations
|
|
|
|
|
|
2021-06-01 12:07:31 +00:00
|
|
|
[Teardown] Teardown acl_bearer_compound
|
2021-04-26 10:30:40 +00:00
|
|
|
|
|
|
|
|
|
2021-02-08 05:05:17 +00:00
|
|
|
*** Keywords ***
|
|
|
|
|
|
|
|
|
|
Check Сompound Operations
|
|
|
|
|
Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
|
|
|
|
Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
|
|
|
|
Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
|
|
|
|
|
|
|
|
|
Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
|
|
|
|
Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
|
|
|
|
Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
|
|
|
|
|
|
|
|
|
Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
|
|
|
|
Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
|
|
|
|
Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Check Bearer Сompound Get
|
|
|
|
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
|
|
|
|
|
|
|
|
|
${CID} = Create Container Public
|
2021-04-26 10:30:40 +00:00
|
|
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
2021-02-08 05:05:17 +00:00
|
|
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
|
|
|
|
|
2021-04-26 10:30:40 +00:00
|
|
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
|
|
|
Put object ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
2021-02-10 18:53:26 +00:00
|
|
|
Get object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
2021-06-24 13:51:59 +00:00
|
|
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
2021-04-26 10:30:40 +00:00
|
|
|
|
2021-04-02 14:29:41 +00:00
|
|
|
# The current ACL cache lifetime is 30 sec
|
|
|
|
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
|
|
|
|
|
2021-04-26 10:30:40 +00:00
|
|
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP}
|
|
|
|
|
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
|
|
|
|
|
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
2021-02-08 05:05:17 +00:00
|
|
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
2021-04-26 10:30:40 +00:00
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
2021-02-08 05:05:17 +00:00
|
|
|
|
|
|
|
|
Run Keyword And Expect Error *
|
2021-04-26 10:30:40 +00:00
|
|
|
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
2021-02-08 05:05:17 +00:00
|
|
|
|
2021-02-10 18:53:26 +00:00
|
|
|
Get object ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
2021-02-08 05:05:17 +00:00
|
|
|
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
|
|
|
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Check Bearer Сompound Delete
|
|
|
|
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
|
|
|
|
|
|
|
|
|
${CID} = Create Container Public
|
|
|
|
|
|
2021-02-10 18:53:26 +00:00
|
|
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
|
|
|
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
2021-04-26 10:30:40 +00:00
|
|
|
Put object ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
2021-02-08 05:05:17 +00:00
|
|
|
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
2021-04-26 10:30:40 +00:00
|
|
|
|
2021-06-24 13:51:59 +00:00
|
|
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
2021-04-26 10:30:40 +00:00
|
|
|
|
2021-04-02 14:29:41 +00:00
|
|
|
# The current ACL cache lifetime is 30 sec
|
|
|
|
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
|
|
|
|
|
2021-04-26 10:30:40 +00:00
|
|
|
${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP}
|
|
|
|
|
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
|
|
|
|
|
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
|
2021-02-08 05:05:17 +00:00
|
|
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
2021-04-26 10:30:40 +00:00
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
2021-02-08 05:05:17 +00:00
|
|
|
|
|
|
|
|
Run Keyword And Expect Error *
|
2021-04-26 10:30:40 +00:00
|
|
|
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
2021-02-08 05:05:17 +00:00
|
|
|
Run Keyword And Expect Error *
|
2021-04-26 10:30:40 +00:00
|
|
|
... Put object ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER}
|
2021-02-08 05:05:17 +00:00
|
|
|
|
|
|
|
|
Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Check Bearer Сompound Get Range Hash
|
2021-04-26 10:30:40 +00:00
|
|
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
2021-02-08 05:05:17 +00:00
|
|
|
|
|
|
|
|
${CID} = Create Container Public
|
|
|
|
|
|
2021-02-10 18:53:26 +00:00
|
|
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
2021-04-26 10:30:40 +00:00
|
|
|
Put object ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
2021-02-08 05:05:17 +00:00
|
|
|
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
|
|
|
|
|
2021-06-24 13:51:59 +00:00
|
|
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
2021-04-26 10:30:40 +00:00
|
|
|
|
2021-04-02 14:29:41 +00:00
|
|
|
# The current ACL cache lifetime is 30 sec
|
|
|
|
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
|
|
|
|
|
2021-04-26 10:30:40 +00:00
|
|
|
${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
|
|
|
|
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
|
|
|
|
|
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
|
2021-02-08 05:05:17 +00:00
|
|
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
2021-04-26 10:30:40 +00:00
|
|
|
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
2021-02-08 05:05:17 +00:00
|
|
|
|
|
|
|
|
Run Keyword And Expect Error *
|
|
|
|
|
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
|
|
|
|
Run Keyword And Expect Error *
|
2021-02-10 18:53:26 +00:00
|
|
|
... Get object ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
2021-04-26 10:30:40 +00:00
|
|
|
|
2021-02-08 05:05:17 +00:00
|
|
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
