[#312] Add new test for s3 Bucket function

Signed-off-by: Yulia Kovshova <y.kovshova@yadro.com>
2022-10-04 11:22:04 +03:00 · 2022-10-04 11:22:04 +03:00 · f9d1a4dfae
commit f9d1a4dfae
parent bb62299945
3 changed files with 205 additions and 1 deletions
--- a/pytest_tests/steps/aws_cli_client.py
+++ b/pytest_tests/steps/aws_cli_client.py
@ -23,6 +23,10 @@ class AwsCliClient:
        Bucket: str,
        ObjectLockEnabledForBucket: Optional[bool] = None,
        ACL: Optional[str] = None,
+        GrantFullControl: Optional[str] = None,
+        GrantRead: Optional[str] = None,
+        GrantWrite: Optional[str] = None,
+        CreateBucketConfiguration: Optional[dict] = None,
    ):
        if ObjectLockEnabledForBucket is None:
            object_lock = ""
@ -36,6 +40,14 @@ class AwsCliClient:
        )
        if ACL:
            cmd += f" --acl {ACL}"
+        if GrantFullControl:
+            cmd += f" --grant-full-control {GrantFullControl}"
+        if GrantWrite:
+            cmd += f" --grant-write {GrantWrite}"
+        if GrantRead:
+            cmd += f" --grant-read {GrantRead}"
+        if CreateBucketConfiguration:
+            cmd += f" --create-bucket-configuration LocationConstraint={CreateBucketConfiguration['LocationConstraint']}"
        _cmd_run(cmd, REGULAR_TIMEOUT)

    def list_buckets(self) -> dict:
--- a/pytest_tests/steps/s3_gate_bucket.py
+++ b/pytest_tests/steps/s3_gate_bucket.py
@ -24,7 +24,13 @@ class VersioningStatus(Enum):

@allure.step("Create bucket S3")
 def create_bucket_s3(
-    s3_client, object_lock_enabled_for_bucket: Optional[bool] = None, acl: Optional[str] = None
+    s3_client,
+    object_lock_enabled_for_bucket: Optional[bool] = None,
+    acl: Optional[str] = None,
+    grant_write: Optional[str] = None,
+    grant_read: Optional[str] = None,
+    grant_full_control: Optional[str] = None,
+    bucket_configuration: Optional[str] = None,
 ) -> str:
    bucket_name = str(uuid.uuid4())

@ -34,6 +40,18 @@ def create_bucket_s3(
            params.update({"ObjectLockEnabledForBucket": object_lock_enabled_for_bucket})
        if acl is not None:
            params.update({"ACL": acl})
+        elif grant_write or grant_read or grant_full_control:
+            if grant_write:
+                params.update({"GrantWrite": grant_write})
+            elif grant_read:
+                params.update({"GrantRead": grant_read})
+            elif grant_full_control:
+                params.update({"GrantFullControl": grant_full_control})
+        if bucket_configuration:
+            params.update(
+                {"CreateBucketConfiguration": {"LocationConstraint": bucket_configuration}}
+            )
+
        s3_bucket = s3_client.create_bucket(**params)
        log_command_execution(f"Created S3 bucket {bucket_name}", s3_bucket)
        sleep(S3_SYNC_WAIT_TIME)
--- a/pytest_tests/testsuites/services/s3_gate/test_s3_bucket.py
+++ b/pytest_tests/testsuites/services/s3_gate/test_s3_bucket.py
@ -0,0 +1,174 @@
+import os
+from datetime import datetime, timedelta
+
+import allure
+import pytest
+from python_keywords.storage_policy import get_simple_object_copies
+from python_keywords.utility_keywords import generate_file
+from s3_helper import check_objects_in_bucket, object_key_from_file_path, set_bucket_versioning
+
+from steps import s3_gate_bucket, s3_gate_object
+from steps.s3_gate_base import TestS3GateBase
+
+
+def pytest_generate_tests(metafunc):
+    if "s3_client" in metafunc.fixturenames:
+        metafunc.parametrize("s3_client", ["aws cli", "boto3"], indirect=True)
+
+
+@pytest.mark.s3_gate
+class TestS3GateBucket(TestS3GateBase):
+    @allure.title("Test S3: Create Bucket with different ACL")
+    def test_s3_create_bucket_with_ACL(self):
+
+        with allure.step("Create bucket with ACL private"):
+            bucket = s3_gate_bucket.create_bucket_s3(self.s3_client, True, acl="private")
+            bucket_acl = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket)
+            bucket_permission = [permission.get("Permission") for permission in bucket_acl]
+            assert bucket_permission == [
+                "FULL_CONTROL"
+            ], "Permission for CanonicalUser is FULL_CONTROL"
+
+        with allure.step("Create bucket with ACL = public-read"):
+            bucket_1 = s3_gate_bucket.create_bucket_s3(self.s3_client, True, acl="public-read")
+            bucket_acl_1 = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket_1)
+            bucket_permission_1 = [permission.get("Permission") for permission in bucket_acl_1]
+            assert bucket_permission_1 == [
+                "FULL_CONTROL",
+                "FULL_CONTROL",
+            ], "Permission for all groups is FULL_CONTROL"
+
+        with allure.step("Create bucket with ACL public-read-write"):
+            bucket_2 = s3_gate_bucket.create_bucket_s3(
+                self.s3_client, True, acl="public-read-write"
+            )
+            bucket_acl_2 = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket_2)
+            bucket_permission_2 = [permission.get("Permission") for permission in bucket_acl_2]
+            assert bucket_permission_2 == [
+                "FULL_CONTROL",
+                "FULL_CONTROL",
+            ], "Permission for CanonicalUser is FULL_CONTROL"
+
+        with allure.step("Create bucket with ACL = authenticated-read"):
+            bucket_3 = s3_gate_bucket.create_bucket_s3(
+                self.s3_client, True, acl="authenticated-read"
+            )
+            bucket_acl_3 = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket_3)
+            bucket_permission_3 = [permission.get("Permission") for permission in bucket_acl_3]
+            assert bucket_permission_3 == [
+                "FULL_CONTROL",
+                "FULL_CONTROL",
+            ], "Permission for all groups is FULL_CONTROL"
+
+    @allure.title("Test S3: Create Bucket with different ACL by grand")
+    def test_s3_create_bucket_with_grands(self):
+
+        with allure.step("Create bucket with  --grant-read"):
+            bucket = s3_gate_bucket.create_bucket_s3(
+                self.s3_client,
+                True,
+                grant_read="uri=http://acs.amazonaws.com/groups/global/AllUsers",
+            )
+            bucket_acl = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket)
+            bucket_permission = [permission.get("Permission") for permission in bucket_acl]
+            assert bucket_permission == [
+                "FULL_CONTROL",
+                "FULL_CONTROL",
+            ], "Permission for CanonicalUser is FULL_CONTROL"
+
+        with allure.step("Create bucket with --grant-wtite"):
+            bucket_1 = s3_gate_bucket.create_bucket_s3(
+                self.s3_client,
+                True,
+                grant_write="uri=http://acs.amazonaws.com/groups/global/AllUsers",
+            )
+            bucket_acl_1 = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket_1)
+            bucket_permission_1 = [permission.get("Permission") for permission in bucket_acl_1]
+            assert bucket_permission_1 == [
+                "FULL_CONTROL",
+                "FULL_CONTROL",
+            ], "Permission for all groups is FULL_CONTROL"
+
+        with allure.step("Create bucket with --grant-full-control"):
+            bucket_2 = s3_gate_bucket.create_bucket_s3(
+                self.s3_client,
+                True,
+                grant_full_control="uri=http://acs.amazonaws.com/groups/global/AllUsers",
+            )
+            bucket_acl_2 = s3_gate_bucket.get_bucket_acl(self.s3_client, bucket_2)
+            bucket_permission_2 = [permission.get("Permission") for permission in bucket_acl_2]
+            assert bucket_permission_2 == [
+                "FULL_CONTROL",
+                "FULL_CONTROL",
+            ], "Permission for CanonicalUser is FULL_CONTROL"
+
+    @allure.title("Test S3: create bucket with object lock")
+    def test_s3_bucket_object_lock(self):
+        file_path = generate_file()
+        file_name = object_key_from_file_path(file_path)
+
+        with allure.step("Create bucket with --no-object-lock-enabled-for-bucket"):
+            bucket = s3_gate_bucket.create_bucket_s3(self.s3_client, False)
+            date_obj = datetime.utcnow() + timedelta(days=1)
+            with pytest.raises(
+                Exception, match=r".*Object Lock configuration does not exist for this bucket.*"
+            ):
+                # An error occurred (ObjectLockConfigurationNotFoundError) when calling the PutObject operation (reached max retries: 0):
+                # Object Lock configuration does not exist for this bucket
+                s3_gate_object.put_object_s3(
+                    self.s3_client,
+                    bucket,
+                    file_path,
+                    ObjectLockMode="COMPLIANCE",
+                    ObjectLockRetainUntilDate=date_obj.strftime("%Y-%m-%dT%H:%M:%S"),
+                )
+        with allure.step("Create bucket with --object-lock-enabled-for-bucket"):
+            bucket_1 = s3_gate_bucket.create_bucket_s3(self.s3_client, True)
+            date_obj_1 = datetime.utcnow() + timedelta(days=1)
+            s3_gate_object.put_object_s3(
+                self.s3_client,
+                bucket_1,
+                file_path,
+                ObjectLockMode="COMPLIANCE",
+                ObjectLockRetainUntilDate=date_obj_1.strftime("%Y-%m-%dT%H:%M:%S"),
+                ObjectLockLegalHoldStatus="ON",
+            )
+            object_1 = s3_gate_object.get_object_s3(
+                self.s3_client, bucket_1, file_name, full_output=True
+            )
+            assert (
+                object_1.get("ObjectLockMode") == "COMPLIANCE"
+            ), "Expected Object Lock Mode is COMPLIANCE"
+            assert str(date_obj_1.strftime("%Y-%m-%dT%H:%M:%S")) in object_1.get(
+                "ObjectLockRetainUntilDate"
+            ), f'Expected Object Lock Retain Until Date is {str(date_obj_1.strftime("%Y-%m-%dT%H:%M:%S"))}'
+            assert (
+                object_1.get("ObjectLockLegalHoldStatus") == "ON"
+            ), "Expected Object Lock Legal Hold Status is ON"
+
+    @allure.title("Test S3: delete bucket")
+    def test_s3_delete_bucket(self):
+        file_path_1 = generate_file()
+        file_name_1 = object_key_from_file_path(file_path_1)
+        file_path_2 = generate_file()
+        file_name_2 = object_key_from_file_path(file_path_2)
+        bucket = s3_gate_bucket.create_bucket_s3(self.s3_client)
+
+        with allure.step("Put two objects into bucket"):
+            s3_gate_object.put_object_s3(self.s3_client, bucket, file_path_1)
+            s3_gate_object.put_object_s3(self.s3_client, bucket, file_path_2)
+            check_objects_in_bucket(self.s3_client, bucket, [file_name_1, file_name_2])
+
+        with allure.step("Try to delete not empty bucket and get error"):
+            with pytest.raises(Exception, match=r".*The bucket you tried to delete is not empty.*"):
+                s3_gate_bucket.delete_bucket_s3(self.s3_client, bucket)
+
+        with allure.step("Delete object in bucket"):
+            s3_gate_object.delete_object_s3(self.s3_client, bucket, file_name_1)
+            s3_gate_object.delete_object_s3(self.s3_client, bucket, file_name_2)
+            check_objects_in_bucket(self.s3_client, bucket, [])
+
+        with allure.step(f"Delete empty bucket"):
+            s3_gate_bucket.delete_bucket_s3(self.s3_client, bucket)
+            with pytest.raises(Exception, match=r".*Not Found.*"):
+                s3_gate_bucket.head_bucket(self.s3_client, bucket)