(#116): fixed eACL tests; refactored acl keywords

Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
This commit is contained in:
anastasia prasolova 2021-09-10 15:44:40 +03:00 committed by Anastasia Prasolova
parent 19f9d97328
commit 7552a742f3
16 changed files with 772 additions and 678 deletions

199
robot/resources/lib/acl.py Normal file
View file

@ -0,0 +1,199 @@
#!/usr/bin/python3.8
from enum import Enum, auto
import json
import os
import re
import uuid
import base64
import base58
from cli_helpers import _cmd_run
from common import ASSETS_DIR, NEOFS_ENDPOINT
from robot.api.deco import keyword
from robot.api import logger
"""
Robot Keywords and helper functions for work with NeoFS ACL.
"""
ROBOT_AUTO_KEYWORDS = False
# path to neofs-cli executable
NEOFS_CLI_EXEC = os.getenv('NEOFS_CLI_EXEC', 'neofs-cli')
EACL_LIFETIME = 100500
class AutoName(Enum):
def _generate_next_value_(name, start, count, last_values):
return name
class Role(AutoName):
USER = auto()
SYSTEM = auto()
OTHERS = auto()
@keyword('Get eACL')
def get_eacl(wif: str, cid: str):
cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {wif} '
f'container get-eacl --cid {cid}'
)
logger.info(f"cmd: {cmd}")
try:
output = _cmd_run(cmd)
if re.search(r'extended ACL table is not set for this container', output):
return None
return output
except RuntimeError as exc:
logger.info("Extended ACL table is not set for this container")
logger.info(f"Got exception while getting eacl: {exc}")
return None
@keyword('Set eACL')
def set_eacl(wif: str, cid: str, eacl_table_path: str):
cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {wif} '
f'container set-eacl --cid {cid} --table {eacl_table_path} --await'
)
logger.info(f"cmd: {cmd}")
_cmd_run(cmd)
def _encode_cid_for_eacl(cid: str) -> str:
cid_base58 = base58.b58decode(cid)
return base64.b64encode(cid_base58).decode("utf-8")
@keyword('Form BearerToken File')
def form_bearertoken_file(wif: str, cid: str, eacl_records: list) -> str:
"""
This function fetches eACL for given <cid> on behalf of <wif>,
then extends it with filters taken from <eacl_records>, signs
with bearer token and writes to file
"""
enc_cid = _encode_cid_for_eacl(cid)
file_path = f"{os.getcwd()}/{ASSETS_DIR}/{str(uuid.uuid4())}"
eacl = get_eacl(wif, cid)
json_eacl = dict()
if eacl:
eacl = eacl.replace('eACL: ', '')
eacl = eacl.split('Signature')[0]
json_eacl = json.loads(eacl)
logger.info(json_eacl)
eacl_result = {
"body":
{
"eaclTable":
{
"containerID":
{
"value": enc_cid
},
"records": []
},
"lifetime":
{
"exp": EACL_LIFETIME,
"nbf": "1",
"iat": "0"
}
}
}
if not eacl_records:
raise(f"Got empty eacl_records list: {eacl_records}")
for record in eacl_records:
op_data = {
"operation": record['Operation'],
"action": record['Access'],
"filters": [],
"targets": []
}
if Role(record['Role']):
op_data['targets'] = [
{
"role": record['Role']
}
]
else:
op_data['targets'] = [
{
"keys": [ record['Role'] ]
}
]
if 'Filters' in record.keys():
op_data["filters"].append(record['Filters'])
eacl_result["body"]["eaclTable"]["records"].append(op_data)
# Add records from current eACL
if "records" in json_eacl.keys():
for record in json_eacl["records"]:
eacl_result["body"]["eaclTable"]["records"].append(record)
with open(file_path, 'w', encoding='utf-8') as eacl_file:
json.dump(eacl_result, eacl_file, ensure_ascii=False, indent=4)
logger.info(f"Got these extended ACL records: {eacl_result}")
sign_bearer_token(wif, file_path)
return file_path
def sign_bearer_token(wif: str, eacl_rules_file: str):
cmd = (
f'{NEOFS_CLI_EXEC} util sign bearer-token --from {eacl_rules_file} '
f'--to {eacl_rules_file} --wif {wif} --json'
)
logger.info(f"cmd: {cmd}")
_cmd_run(cmd)
@keyword('Form eACL json common file')
def form_eacl_json_common_file(file_path: str, eacl_records: list) -> str:
# Input role can be Role (USER, SYSTEM, OTHERS) or public key.
eacl = {"records":[]}
for record in eacl_records:
op_data = dict()
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
op_data = {
"operation": record['Operation'],
"action": record['Access'],
"filters": [],
"targets": [
{
"role": record['Role']
}
]
}
else:
op_data = {
"operation": record['Operation'],
"action": record['Access'],
"filters": [],
"targets": [
{
"keys": [ record['Role'] ]
}
]
}
if 'Filters' in record.keys():
op_data["filters"].append(record['Filters'])
eacl["records"].append(op_data)
logger.info(f"Got these extended ACL records: {eacl}")
with open(file_path, 'w', encoding='utf-8') as eacl_file:
json.dump(eacl, eacl_file, ensure_ascii=False, indent=4)
return file_path

View file

@ -0,0 +1,29 @@
#!/usr/bin/python3.8
"""
Helper functions to use with `neofs-cli`, `neo-go`
and other CLIs.
"""
import subprocess
from robot.api import logger
ROBOT_AUTO_KEYWORDS = False
def _cmd_run(cmd):
"""
Runs given shell command <cmd>, in case of success returns its stdout,
in case of failure returns error message.
"""
try:
compl_proc = subprocess.run(cmd, check=True, universal_newlines=True,
stdout=subprocess.PIPE, stderr=subprocess.STDOUT, timeout=30,
shell=True)
output = compl_proc.stdout
logger.info(f"Output: {output}")
return output
except subprocess.CalledProcessError as exc:
raise RuntimeError(f"Error:\nreturn code: {exc.returncode} "
f"\nOutput: {exc.output}") from exc

View file

@ -17,6 +17,7 @@ from robot.api.deco import keyword
from robot.api import logger from robot.api import logger
from common import * from common import *
from cli_helpers import _cmd_run
ROBOT_AUTO_KEYWORDS = False ROBOT_AUTO_KEYWORDS = False
@ -120,115 +121,12 @@ def validate_storage_policy_for_object(private_key: str, expected_copies: int, c
raise Exception(f"Found node list '{found_nodes}' is not equal to expected list '{expected_node_list}'") raise Exception(f"Found node list '{found_nodes}' is not equal to expected list '{expected_node_list}'")
@keyword('Get eACL')
def get_eacl(private_key: str, cid: str):
Cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
f'container get-eacl --cid {cid}'
)
logger.info(f"Cmd: {Cmd}")
output = _cmd_run(Cmd)
if re.search(r'extended ACL table is not set for this container', output):
logger.info("Extended ACL table is not set for this container.")
@keyword('Set eACL')
def set_eacl(private_key: str, cid: str, eacl_table_path: str):
cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
f'container set-eacl --cid {cid} --table {eacl_table_path} --await'
)
logger.info(f"Cmd: {cmd}")
_cmd_run(cmd)
@keyword('Form BearerToken file')
def form_bearertoken_file(private_key: str, cid: str, file_name: str, eacl_oper_list,
lifetime_exp: str ):
cid_base58_b = base58.b58decode(cid)
cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8")
eacl = get_eacl(private_key, cid)
json_eacl = {}
file_path = f"{ASSETS_DIR}/{file_name}"
if eacl:
res_json = re.split(r'[\s\n]+Signature:', eacl)
input_eacl = res_json[0].replace('eACL: ', '')
json_eacl = json.loads(input_eacl)
eacl_result = {"body":{ "eaclTable": { "containerID": { "value": cid_base64 }, "records": [] }, "lifetime": {"exp": lifetime_exp, "nbf": "1", "iat": "0"} } }
if eacl_oper_list:
for record in eacl_oper_list:
op_data = dict()
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
else:
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
if 'Filters' in record.keys():
op_data["filters"].append(record['Filters'])
eacl_result["body"]["eaclTable"]["records"].append(op_data)
# Add records from current eACL
if "records" in json_eacl.keys():
for record in json_eacl["records"]:
eacl_result["body"]["eaclTable"]["records"].append(record)
with open(file_path, 'w', encoding='utf-8') as f:
json.dump(eacl_result, f, ensure_ascii=False, indent=4)
logger.info(eacl_result)
# Sign bearer token
Cmd = (
f'{NEOFS_CLI_EXEC} util sign bearer-token --from {file_path} '
f'--to {file_path} --wif {private_key} --json'
)
logger.info(f"Cmd: {Cmd}")
_cmd_run(Cmd)
return file_path
@keyword('Form eACL json common file')
def form_eacl_json_common_file(file_path, eacl_oper_list ):
# Input role can be Role (USER, SYSTEM, OTHERS) or public key.
eacl = {"records":[]}
logger.info(eacl_oper_list)
if eacl_oper_list:
for record in eacl_oper_list:
op_data = dict()
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
else:
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
if 'Filters' in record.keys():
op_data["filters"].append(record['Filters'])
eacl["records"].append(op_data)
logger.info(eacl)
with open(file_path, 'w', encoding='utf-8') as f:
json.dump(eacl, f, ensure_ascii=False, indent=4)
return file_path
@keyword('Get Range') @keyword('Get Range')
def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str, def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str,
range_cut: str, options:str=""): range_cut: str, options:str=""):
bearer_token = "" bearer_token = ""
if bearer: if bearer:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer}" bearer_token = f"--bearer {bearer}"
Cmd = ( Cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} ' f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
@ -294,7 +192,7 @@ def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: s
filters_result = "" filters_result = ""
if bearer: if bearer:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer}" bearer_token = f"--bearer {bearer}"
if filters: if filters:
for filter_item in filters.split(','): for filter_item in filters.split(','):
filter_item = re.sub(r'=', ' EQ ', filter_item) filter_item = re.sub(r'=', ' EQ ', filter_item)
@ -601,7 +499,7 @@ def head_object(private_key: str, cid: str, oid: str, bearer_token: str="",
user_headers:str="", options:str="", endpoint: str="", json_output: bool = False): user_headers:str="", options:str="", endpoint: str="", json_output: bool = False):
if bearer_token: if bearer_token:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}" bearer_token = f"--bearer {bearer_token}"
if endpoint == "": if endpoint == "":
endpoint = NEOFS_ENDPOINT endpoint = NEOFS_ENDPOINT
@ -770,7 +668,7 @@ def verify_head_attribute(header, attribute):
def delete_object(private_key: str, cid: str, oid: str, bearer: str, options: str=""): def delete_object(private_key: str, cid: str, oid: str, bearer: str, options: str=""):
bearer_token = "" bearer_token = ""
if bearer: if bearer:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer}" bearer_token = f"--bearer {bearer}"
object_cmd = ( object_cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} ' f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
@ -828,7 +726,7 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
user_headers = f"--attributes {user_headers}" user_headers = f"--attributes {user_headers}"
if bearer: if bearer:
bearer = f"--bearer {ASSETS_DIR}/{bearer}" bearer = f"--bearer {bearer}"
putobject_cmd = ( putobject_cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {endpoint} --wif {private_key} object ' f'{NEOFS_CLI_EXEC} --rpc-endpoint {endpoint} --wif {private_key} object '
@ -905,7 +803,7 @@ def find_in_nodes_Log(line: str, nodes_logs_time: dict):
def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str, def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str,
range_cut: str, options: str=""): range_cut: str, options: str=""):
if bearer_token: if bearer_token:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}" bearer_token = f"--bearer {bearer_token}"
object_cmd = ( object_cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} ' f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
@ -928,7 +826,7 @@ def get_object(private_key: str, cid: str, oid: str, bearer_token: str,
if bearer_token: if bearer_token:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}" bearer_token = f"--bearer {bearer_token}"
object_cmd = ( object_cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {endpoint} --wif {private_key} ' f'{NEOFS_CLI_EXEC} --rpc-endpoint {endpoint} --wif {private_key} '
@ -947,7 +845,7 @@ def put_storagegroup(private_key: str, cid: str, bearer_token: str="", *oid_list
cmd_oid_line = ",".join(oid_list) cmd_oid_line = ",".join(oid_list)
if bearer_token: if bearer_token:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}" bearer_token = f"--bearer {bearer_token}"
object_cmd = ( object_cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup ' f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup '
@ -964,7 +862,7 @@ def put_storagegroup(private_key: str, cid: str, bearer_token: str="", *oid_list
def list_storagegroup(private_key: str, cid: str, bearer_token: str="", *expected_list): def list_storagegroup(private_key: str, cid: str, bearer_token: str="", *expected_list):
if bearer_token: if bearer_token:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}" bearer_token = f"--bearer {bearer_token}"
object_cmd = ( object_cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} ' f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
@ -988,7 +886,7 @@ def list_storagegroup(private_key: str, cid: str, bearer_token: str="", *expecte
def get_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str, expected_size, *expected_objects_list): def get_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str, expected_size, *expected_objects_list):
if bearer_token: if bearer_token:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}" bearer_token = f"--bearer {bearer_token}"
object_cmd = f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup get --cid {cid} --id {oid} {bearer_token}' object_cmd = f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup get --cid {cid} --id {oid} {bearer_token}'
logger.info(f"Cmd: {object_cmd}") logger.info(f"Cmd: {object_cmd}")
@ -1013,7 +911,7 @@ def get_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str, ex
def delete_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str=""): def delete_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str=""):
if bearer_token: if bearer_token:
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}" bearer_token = f"--bearer {bearer_token}"
object_cmd = ( object_cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup ' f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup '
@ -1118,14 +1016,3 @@ def _search_object(node:str, private_key: str, cid:str, oid: str):
logger.info("Server is not presented in container.") logger.info("Server is not presented in container.")
elif ( re.search(r'timed out after 30 seconds', output) or re.search(r'no route to host', output) or re.search(r'i/o timeout', output)): elif ( re.search(r'timed out after 30 seconds', output) or re.search(r'no route to host', output) or re.search(r'i/o timeout', output)):
logger.warn("Node is unavailable") logger.warn("Node is unavailable")
def _cmd_run(cmd):
try:
complProc = subprocess.run(cmd, check=True, universal_newlines=True,
stdout=subprocess.PIPE, stderr=subprocess.STDOUT, timeout=30, shell=True)
output = complProc.stdout
logger.info(f"Output: {output}")
return output
except subprocess.CalledProcessError as e:
raise Exception(f"Error:\nreturn code: {e.returncode} \nOutput: {e.output}")

View file

@ -1,9 +1,12 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections
Library Collections
Library neofs.py
Library acl.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
@ -64,7 +67,7 @@ Check eACL Deny and Allow All Bearer
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -80,9 +83,9 @@ Check eACL Deny and Allow All Bearer
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
# All operations on object should be passed with bearer token # All operations on object should be passed with bearer token
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}

View file

@ -1,9 +1,12 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library acl.py
Library neofs.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
@ -65,7 +68,7 @@ Check eACL Deny and Allow All Bearer
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
# All storage groups should fail without bearer token # All storage groups should fail without bearer token
Run Keyword And Expect Error * Run Keyword And Expect Error *
@ -78,7 +81,7 @@ Check eACL Deny and Allow All Bearer
... Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY} ... Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY}
# Storagegroup should passed with User group key and bearer token # Storagegroup should passed with User group key and bearer token
${SG_OID_NEW} = Put Storagegroup ${USER_KEY} ${CID} bearer_allow_all_user ${S_OID_USER} ${SG_OID_NEW} = Put Storagegroup ${USER_KEY} ${CID} ${EACL_TOKEN} ${S_OID_USER}
List Storagegroup ${USER_KEY} ${CID} bearer_allow_all_user ${SG_OID_NEW} ${SG_OID_INV} List Storagegroup ${USER_KEY} ${CID} ${EACL_TOKEN} ${SG_OID_NEW} ${SG_OID_INV}
Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_INV} bearer_allow_all_user ${EMPTY} @{EXPECTED_OIDS} Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_INV} ${EACL_TOKEN} ${EMPTY} @{EXPECTED_OIDS}
Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_INV} bearer_allow_all_user Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_INV} ${EACL_TOKEN}

View file

@ -1,10 +1,12 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library acl.py
Library neofs.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
@ -15,7 +17,7 @@ ${SYSTEM_KEY} = ${NEOFS_IR_WIF}
*** Test cases *** *** Test cases ***
BearerToken Operations for Сompound Operations BearerToken Operations for Сompound Operations
[Documentation] Testcase to validate NeoFS operations with BearerToken for Сompound Operations. [Documentation] Testcase to validate NeoFS operations with BearerToken for Сompound Operations.
[Tags] ACL NeoFS NeoCLI BearerToken [Tags] ACL NeoFSCLI BearerToken
[Timeout] 20 min [Timeout] 20 min
[Setup] Setup [Setup] Setup
@ -28,7 +30,6 @@ BearerToken Operations for Сompound Operations
Check Сompound Operations Check Сompound Operations
Log Check Bearer token with complex object Log Check Bearer token with complex object
Generate file ${COMPLEX_OBJ_SIZE} Generate file ${COMPLEX_OBJ_SIZE}
Check Сompound Operations Check Сompound Operations
@ -70,14 +71,14 @@ Check Bearer Сompound Get
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP} ${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP} ${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow ... Head object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Get object ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl Get object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256 Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256 Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256
Check Bearer Сompound Delete Check Bearer Сompound Delete
@ -99,14 +100,14 @@ Check Bearer Сompound Delete
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP} ${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP} ${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow ... Head object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER} ... Put object ${KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow Delete object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
@ -128,11 +129,11 @@ Check Bearer Сompound Get Range Hash
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP} ${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP} ${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256 ... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl ... Get object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256 Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256

View file

@ -1,12 +1,15 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library neofs.py
Library acl.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource setup_teardown.robot
*** Test cases *** *** Test cases ***
@ -18,7 +21,6 @@ BearerToken Operations with Filter OID Equal
[Setup] Setup [Setup] Setup
Generate Keys Generate Keys
Prepare eACL Role rules
Log Check Bearer token with simple object Log Check Bearer token with simple object
Generate file ${SIMPLE_OBJ_SIZE} Generate file ${SIMPLE_OBJ_SIZE}
@ -66,7 +68,7 @@ Check eACL Deny and Allow All Bearer Filter OID Equal
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -81,16 +83,16 @@ Check eACL Deny and Allow All Bearer Filter OID Equal
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl ... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN} local_file_eacl
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user ... Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EACL_TOKEN}

View file

@ -1,10 +1,12 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library neofs.py
Library acl.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
@ -13,20 +15,18 @@ Resource ../${RESOURCES}/setup_teardown.robot
*** Test cases *** *** Test cases ***
BearerToken Operations with Filter OID NotEqual BearerToken Operations with Filter OID NotEqual
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter OID NotEqual. [Documentation] Testcase to validate NeoFS operations with BearerToken with Filter OID NotEqual.
[Tags] ACL NeoFS NeoCLI BearerToken [Tags] ACL NeoFSCLI BearerToken
[Timeout] 20 min [Timeout] 20 min
[Setup] Setup [Setup] Setup
Generate Keys Generate Keys
Prepare eACL Role rules
Log Check Bearer token with simple object Log Check Bearer token with simple object
Generate file ${SIMPLE_OBJ_SIZE} Generate file ${SIMPLE_OBJ_SIZE}
Check eACL Deny and Allow All Bearer Filter OID NotEqual Check eACL Deny and Allow All Bearer Filter OID NotEqual
Log Check Bearer token with complex object Log Check Bearer token with complex object
Generate file ${COMPLEX_OBJ_SIZE} Generate file ${COMPLEX_OBJ_SIZE}
Check eACL Deny and Allow All Bearer Filter OID NotEqual Check eACL Deny and Allow All Bearer Filter OID NotEqual
@ -36,26 +36,6 @@ BearerToken Operations with Filter OID NotEqual
*** Keywords *** *** Keywords ***
Prepare eACL Role rules
Log Set eACL for different Role cases
# eACL rules for all operations and similar permissions
@{Roles} = Create List OTHERS USER SYSTEM
FOR ${role} IN @{Roles}
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
END
Check eACL Deny and Allow All Bearer Filter OID NotEqual Check eACL Deny and Allow All Bearer Filter OID NotEqual
${CID} = Create Container Public ${CID} = Create Container Public
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -63,7 +43,6 @@ Check eACL Deny and Allow All Bearer Filter OID NotEqual
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} ${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
@{S_OBJ_H} = Create List ${S_OID_USER} @{S_OBJ_H} = Create List ${S_OID_USER}
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
@ -88,7 +67,7 @@ Check eACL Deny and Allow All Bearer Filter OID NotEqual
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -102,24 +81,25 @@ Check eACL Deny and Allow All Bearer Filter OID NotEqual
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256 ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} ... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN} local_file_eacl
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl ... Get Range ${USER_KEY} ${CID} ${S_OID_USER_2} s_get_range ${EACL_TOKEN} 0:256
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER_2} s_get_range bearer_allow_all_user 0:256 ... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${D_OID_USER_2} bearer_allow_all_user ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${D_OID_USER_2} ${EACL_TOKEN}

View file

@ -1,10 +1,12 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library acl.py
Library neofs.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
@ -12,7 +14,7 @@ Resource ../${RESOURCES}/setup_teardown.robot
*** Test cases *** *** Test cases ***
BearerToken Operations with Filter UserHeader Equal BearerToken Operations with Filter UserHeader Equal
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter UserHeader Equal. [Documentation] Testcase to validate NeoFS operations with BearerToken with Filter UserHeader Equal.
[Tags] ACL NeoFS NeoCLI BearerToken [Tags] ACL NeoFSCLI BearerToken
[Timeout] 20 min [Timeout] 20 min
[Setup] Setup [Setup] Setup
@ -33,24 +35,6 @@ BearerToken Operations with Filter UserHeader Equal
*** Keywords *** *** Keywords ***
Prepare eACL Role rules
Log Set eACL for different Role cases
# eACL rules for all operations and similar permissions
@{Roles} = Create List OTHERS USER SYSTEM
FOR ${role} IN @{Roles}
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
END
Check eACL Deny and Allow All Bearer Filter UserHeader Equal Check eACL Deny and Allow All Bearer Filter UserHeader Equal
${CID} = Create Container Public ${CID} = Create Container Public
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -82,7 +66,7 @@ Check eACL Deny and Allow All Bearer Filter UserHeader Equal
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -97,27 +81,27 @@ Check eACL Deny and Allow All Bearer Filter UserHeader Equal
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl ... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 ... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user ... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}
# Delete can not be filtered by UserHeader. # Delete can not be filtered by UserHeader.
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user ... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}

View file

@ -1,30 +1,31 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library neofs.py
Library acl.py
Library payment_neogo.py
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../../../variables/eacl_tables.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
*** Test cases *** *** Test cases ***
BearerToken Operations Filter UserHeader NotEqual BearerToken Operations Filter UserHeader NotEqual
[Documentation] Testcase to validate NeoFS operations with BearerToken Filter UserHeader NotEqual. [Documentation] Testcase to validate NeoFS operations with BearerToken Filter UserHeader NotEqual.
[Tags] ACL NeoFS NeoCLI BearerToken [Tags] ACL NeoFSCLI BearerToken
[Timeout] 20 min [Timeout] 20 min
[Setup] Setup [Setup] Setup
Generate Keys Generate Keys
Prepare eACL Role rules
Log Check Bearer token with simple object Log Check Bearer token with simple object
Generate file ${SIMPLE_OBJ_SIZE} Generate file ${SIMPLE_OBJ_SIZE}
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
Log Check Bearer token with complex object Log Check Bearer token with complex object
Generate file ${COMPLEX_OBJ_SIZE} Generate file ${COMPLEX_OBJ_SIZE}
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
@ -39,7 +40,6 @@ Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL} ${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
@{S_OBJ_H} = Create List ${S_OID_USER_2} @{S_OBJ_H} = Create List ${S_OID_USER_2}
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER} Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H} Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
@ -64,7 +64,7 @@ Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -81,29 +81,29 @@ Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
# Search can not use filter by headers # Search can not use filter by headers
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
# Different behaviour for big and small objects! # Different behaviour for big and small objects!
# Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} # Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${EMPTY}
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl ... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN} local_file_eacl
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 ... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user ... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}
# Delete can not be filtered by UserHeader. # Delete can not be filtered by UserHeader.
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user ... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}

View file

@ -1,10 +1,13 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library neofs.py
Library acl.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
@ -12,20 +15,18 @@ Resource ../${RESOURCES}/setup_teardown.robot
*** Test cases *** *** Test cases ***
BearerToken Operations for Inaccessible Container BearerToken Operations for Inaccessible Container
[Documentation] Testcase to validate NeoFS operations with BearerToken for Inaccessible Container. [Documentation] Testcase to validate NeoFS operations with BearerToken for Inaccessible Container.
[Tags] ACL NeoFS NeoCLI BearerToken [Tags] ACL NeoFSCLI BearerToken
[Timeout] 20 min [Timeout] 20 min
[Setup] Setup [Setup] Setup
Generate Keys Generate Keys
Prepare eACL Role rules
Log Check Bearer token with simple object Log Check Bearer token with simple object
Generate file ${SIMPLE_OBJ_SIZE} Generate file ${SIMPLE_OBJ_SIZE}
Check Container Inaccessible and Allow All Bearer Check Container Inaccessible and Allow All Bearer
Log Check Bearer token with complex object Log Check Bearer token with complex object
Generate file ${COMPLEX_OBJ_SIZE} Generate file ${COMPLEX_OBJ_SIZE}
Check Container Inaccessible and Allow All Bearer Check Container Inaccessible and Allow All Bearer
@ -49,14 +50,13 @@ Check Container Inaccessible and Allow All Bearer
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER ${rule1} = Create Dictionary Operation=PUT Access=ALLOW Role=USER
${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER ${rule2} = Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
${eACL_gen} = Create List ${rule1} ${rule2}
${eACL_gen}= Create List ${rule1} ${rule2} ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_USR_HEADER}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER}

View file

@ -1,10 +1,12 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library neofs.py
Library acl.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
@ -25,7 +27,6 @@ BearerToken Operations
Check eACL Allow All Bearer Filter Requst Equal Deny Check eACL Allow All Bearer Filter Requst Equal Deny
Log Check Bearer token with complex object Log Check Bearer token with complex object
Generate file ${COMPLEX_OBJ_SIZE} Generate file ${COMPLEX_OBJ_SIZE}
Check eACL Allow All Bearer Filter Requst Equal Deny Check eACL Allow All Bearer Filter Requst Equal Deny
@ -52,27 +53,28 @@ Check eACL Allow All Bearer Filter Requst Equal Deny
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters} ${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters} ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2 Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2 Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl ${EMPTY} --xhdr a=2
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2 Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2 Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} ${EMPTY} --xhdr a=2
Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256 --xhdr a=2
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256 --xhdr a=2
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EACL_TOKEN} --xhdr a=2
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256 ... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl ${EMPTY} --xhdr a=256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 ... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256 ... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} ${EMPTY} --xhdr a=256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256 ... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256 --xhdr a=256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256 ... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256 --xhdr a=256
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256 ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} --xhdr a=256

View file

@ -1,10 +1,12 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library acl.py
Library neofs.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
@ -13,7 +15,7 @@ Resource ../${RESOURCES}/setup_teardown.robot
*** Test cases *** *** Test cases ***
BearerToken Operations with Filter Requst Equal BearerToken Operations with Filter Requst Equal
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst Equal. [Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst Equal.
[Tags] ACL NeoFS NeoCLI BearerToken [Tags] ACL NeoFSCLI BearerToken
[Timeout] 20 min [Timeout] 20 min
[Setup] Setup [Setup] Setup
@ -26,7 +28,6 @@ BearerToken Operations with Filter Requst Equal
Check eACL Deny and Allow All Bearer Filter Requst Equal Check eACL Deny and Allow All Bearer Filter Requst Equal
Log Check Bearer token with complex object Log Check Bearer token with complex object
Generate file ${COMPLEX_OBJ_SIZE} Generate file ${COMPLEX_OBJ_SIZE}
Check eACL Deny and Allow All Bearer Filter Requst Equal Check eACL Deny and Allow All Bearer Filter Requst Equal
@ -64,7 +65,7 @@ Check eACL Deny and Allow All Bearer Filter Requst Equal
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -79,10 +80,10 @@ Check eACL Deny and Allow All Bearer Filter Requst Equal
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256 Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl ${EMPTY} --xhdr a=256
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256 Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256 Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} ${EMPTY} --xhdr a=256
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256 --xhdr a=256
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256 Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256 --xhdr a=256
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256 Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} --xhdr a=256

View file

@ -1,10 +1,12 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library acl.py
Library neofs.py
Library payment_neogo.py
Resource ../../../variables/eacl_tables.robot
Resource common_steps_acl_bearer.robot Resource common_steps_acl_bearer.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot
Resource ../${RESOURCES}/setup_teardown.robot Resource ../${RESOURCES}/setup_teardown.robot
@ -13,13 +15,12 @@ Resource ../${RESOURCES}/setup_teardown.robot
*** Test cases *** *** Test cases ***
BearerToken Operations with Filter Requst NotEqual BearerToken Operations with Filter Requst NotEqual
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst NotEqual. [Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst NotEqual.
[Tags] ACL NeoFS NeoCLI BearerToken [Tags] ACL NeoFSCLI BearerToken
[Timeout] 20 min [Timeout] 20 min
[Setup] Setup [Setup] Setup
Generate Keys Generate Keys
Prepare eACL Role rules
Log Check Bearer token with simple object Log Check Bearer token with simple object
Generate file ${SIMPLE_OBJ_SIZE} Generate file ${SIMPLE_OBJ_SIZE}
@ -62,7 +63,7 @@ Check eACL Deny and Allow All Bearer Filter Requst NotEqual
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters} ${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters} ${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7} ${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500 ${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER} ... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
@ -77,10 +78,10 @@ Check eACL Deny and Allow All Bearer Filter Requst NotEqual
Run Keyword And Expect Error * Run Keyword And Expect Error *
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} ... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2 Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl ${EMPTY} --xhdr a=2
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2 Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2 Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} ${EMPTY} --xhdr a=2
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2 Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256 --xhdr a=2
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2 Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256 --xhdr a=2
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2 Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} --xhdr a=2

View file

@ -1,9 +1,10 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py
Library ../${RESOURCES}/payment_neogo.py
Library Collections Library Collections
Library acl.py
Library neofs.py
Library payment_neogo.py
Resource common_steps_acl_extended.robot Resource common_steps_acl_extended.robot
Resource ../${RESOURCES}/payment_operations.robot Resource ../${RESOURCES}/payment_operations.robot

View file

@ -1,8 +1,9 @@
*** Settings *** *** Settings ***
Variables ../../../variables/common.py Variables ../../../variables/common.py
Library ../${RESOURCES}/neofs.py Library acl.py
Library ../${RESOURCES}/payment_neogo.py Library neofs.py
Library payment_neogo.py
Library Collections Library Collections
Resource common_steps_acl_extended.robot Resource common_steps_acl_extended.robot