[] Overhaul credentials work

Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
This commit is contained in:
Andrey Berezin 2024-03-11 19:34:54 +03:00
parent 6af5ad9de5
commit b61dd7b39c
27 changed files with 384 additions and 494 deletions

View file

@ -3,6 +3,7 @@ from typing import List, Optional
from frostfs_testlib.shell import Shell from frostfs_testlib.shell import Shell
from frostfs_testlib.storage.cluster import Cluster from frostfs_testlib.storage.cluster import Cluster
from frostfs_testlib.storage.dataclasses.acl import EACLOperation from frostfs_testlib.storage.dataclasses.acl import EACLOperation
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from pytest_tests.helpers.object_access import ( from pytest_tests.helpers.object_access import (
can_delete_object, can_delete_object,
@ -16,57 +17,47 @@ from pytest_tests.helpers.object_access import (
def check_full_access_to_container( def check_full_access_to_container(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
oid: str, oid: str,
file_name: str, file_name: str,
shell: Shell, shell: Shell,
cluster: Cluster, cluster: Cluster,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
): ):
endpoint = cluster.default_rpc_endpoint endpoint = cluster.default_rpc_endpoint
assert can_put_object(wallet, cid, file_name, shell, cluster, bearer, wallet_config, xhdr) assert can_put_object(wallet, cid, file_name, shell, cluster, bearer, xhdr)
assert can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr) assert can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
assert can_get_range_of_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr) assert can_get_range_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
assert can_get_range_hash_of_object( assert can_get_range_hash_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr assert can_search_object(wallet, cid, shell, endpoint, oid, bearer, xhdr)
) assert can_get_object(wallet, cid, oid, file_name, shell, cluster, bearer, xhdr)
assert can_search_object(wallet, cid, shell, endpoint, oid, bearer, wallet_config, xhdr) assert can_delete_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
assert can_get_object(wallet, cid, oid, file_name, shell, cluster, bearer, wallet_config, xhdr)
assert can_delete_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr)
def check_no_access_to_container( def check_no_access_to_container(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
oid: str, oid: str,
file_name: str, file_name: str,
shell: Shell, shell: Shell,
cluster: Cluster, cluster: Cluster,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
): ):
endpoint = cluster.default_rpc_endpoint endpoint = cluster.default_rpc_endpoint
assert not can_put_object(wallet, cid, file_name, shell, cluster, bearer, wallet_config, xhdr) assert not can_put_object(wallet, cid, file_name, shell, cluster, bearer, xhdr)
assert not can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr) assert not can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
assert not can_get_range_of_object( assert not can_get_range_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr assert not can_get_range_hash_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
) assert not can_search_object(wallet, cid, shell, endpoint, oid, bearer, xhdr)
assert not can_get_range_hash_of_object( assert not can_get_object(wallet, cid, oid, file_name, shell, cluster, bearer, xhdr)
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr assert not can_delete_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
)
assert not can_search_object(wallet, cid, shell, endpoint, oid, bearer, wallet_config, xhdr)
assert not can_get_object(
wallet, cid, oid, file_name, shell, cluster, bearer, wallet_config, xhdr
)
assert not can_delete_object(wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr)
def check_custom_access_to_container( def check_custom_access_to_container(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
oid: str, oid: str,
file_name: str, file_name: str,
@ -75,7 +66,6 @@ def check_custom_access_to_container(
deny_operations: Optional[List[EACLOperation]] = None, deny_operations: Optional[List[EACLOperation]] = None,
ignore_operations: Optional[List[EACLOperation]] = None, ignore_operations: Optional[List[EACLOperation]] = None,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
): ):
endpoint = cluster.default_rpc_endpoint endpoint = cluster.default_rpc_endpoint
@ -83,56 +73,39 @@ def check_custom_access_to_container(
ignore_operations = [op.value for op in ignore_operations or []] ignore_operations = [op.value for op in ignore_operations or []]
checks: dict = {} checks: dict = {}
if EACLOperation.PUT.value not in ignore_operations: if EACLOperation.PUT.value not in ignore_operations:
checks[EACLOperation.PUT.value] = can_put_object( checks[EACLOperation.PUT.value] = can_put_object(wallet, cid, file_name, shell, cluster, bearer, xhdr)
wallet, cid, file_name, shell, cluster, bearer, wallet_config, xhdr
)
if EACLOperation.HEAD.value not in ignore_operations: if EACLOperation.HEAD.value not in ignore_operations:
checks[EACLOperation.HEAD.value] = can_get_head_object( checks[EACLOperation.HEAD.value] = can_get_head_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
)
if EACLOperation.GET_RANGE.value not in ignore_operations: if EACLOperation.GET_RANGE.value not in ignore_operations:
checks[EACLOperation.GET_RANGE.value] = can_get_range_of_object( checks[EACLOperation.GET_RANGE.value] = can_get_range_of_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
)
if EACLOperation.GET_RANGE_HASH.value not in ignore_operations: if EACLOperation.GET_RANGE_HASH.value not in ignore_operations:
checks[EACLOperation.GET_RANGE_HASH.value] = can_get_range_hash_of_object( checks[EACLOperation.GET_RANGE_HASH.value] = can_get_range_hash_of_object(
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr wallet, cid, oid, shell, endpoint, bearer, xhdr
) )
if EACLOperation.SEARCH.value not in ignore_operations: if EACLOperation.SEARCH.value not in ignore_operations:
checks[EACLOperation.SEARCH.value] = can_search_object( checks[EACLOperation.SEARCH.value] = can_search_object(wallet, cid, shell, endpoint, oid, bearer, xhdr)
wallet, cid, shell, endpoint, oid, bearer, wallet_config, xhdr
)
if EACLOperation.GET.value not in ignore_operations: if EACLOperation.GET.value not in ignore_operations:
checks[EACLOperation.GET.value] = can_get_object( checks[EACLOperation.GET.value] = can_get_object(wallet, cid, oid, file_name, shell, cluster, bearer, xhdr)
wallet, cid, oid, file_name, shell, cluster, bearer, wallet_config, xhdr
)
if EACLOperation.DELETE.value not in ignore_operations: if EACLOperation.DELETE.value not in ignore_operations:
checks[EACLOperation.DELETE.value] = can_delete_object( checks[EACLOperation.DELETE.value] = can_delete_object(wallet, cid, oid, shell, endpoint, bearer, xhdr)
wallet, cid, oid, shell, endpoint, bearer, wallet_config, xhdr
)
failed_checks = [ failed_checks = [
f"allowed {action} failed" f"allowed {action} failed"
for action, success in checks.items() for action, success in checks.items()
if not success and action not in deny_operations if not success and action not in deny_operations
] + [ ] + [f"denied {action} succeeded" for action, success in checks.items() if success and action in deny_operations]
f"denied {action} succeeded"
for action, success in checks.items()
if success and action in deny_operations
]
assert not failed_checks, ", ".join(failed_checks) assert not failed_checks, ", ".join(failed_checks)
def check_read_only_container( def check_read_only_container(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
oid: str, oid: str,
file_name: str, file_name: str,
shell: Shell, shell: Shell,
cluster: Cluster, cluster: Cluster,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
): ):
return check_custom_access_to_container( return check_custom_access_to_container(
@ -142,7 +115,6 @@ def check_read_only_container(
file_name, file_name,
deny_operations=[EACLOperation.PUT, EACLOperation.DELETE], deny_operations=[EACLOperation.PUT, EACLOperation.DELETE],
bearer=bearer, bearer=bearer,
wallet_config=wallet_config,
xhdr=xhdr, xhdr=xhdr,
shell=shell, shell=shell,
cluster=cluster, cluster=cluster,

View file

@ -14,6 +14,7 @@ from frostfs_testlib.steps.cli.object import (
search_object, search_object,
) )
from frostfs_testlib.storage.cluster import Cluster from frostfs_testlib.storage.cluster import Cluster
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.utils import string_utils from frostfs_testlib.utils import string_utils
from frostfs_testlib.utils.file_utils import get_file_hash from frostfs_testlib.utils.file_utils import get_file_hash
@ -21,14 +22,13 @@ OPERATION_ERROR_TYPE = RuntimeError
def can_get_object( def can_get_object(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
oid: str, oid: str,
file_name: str, file_name: str,
shell: Shell, shell: Shell,
cluster: Cluster, cluster: Cluster,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
) -> bool: ) -> bool:
with reporter.step("Try get object from container"): with reporter.step("Try get object from container"):
@ -38,7 +38,6 @@ def can_get_object(
cid, cid,
oid, oid,
bearer=bearer, bearer=bearer,
wallet_config=wallet_config,
xhdr=xhdr, xhdr=xhdr,
shell=shell, shell=shell,
cluster=cluster, cluster=cluster,
@ -53,13 +52,12 @@ def can_get_object(
def can_put_object( def can_put_object(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
file_name: str, file_name: str,
shell: Shell, shell: Shell,
cluster: Cluster, cluster: Cluster,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
attributes: Optional[dict] = None, attributes: Optional[dict] = None,
) -> bool: ) -> bool:
@ -70,7 +68,6 @@ def can_put_object(
file_name, file_name,
cid, cid,
bearer=bearer, bearer=bearer,
wallet_config=wallet_config,
xhdr=xhdr, xhdr=xhdr,
attributes=attributes, attributes=attributes,
shell=shell, shell=shell,
@ -85,13 +82,12 @@ def can_put_object(
def can_delete_object( def can_delete_object(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
oid: str, oid: str,
shell: Shell, shell: Shell,
endpoint: str, endpoint: str,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
) -> bool: ) -> bool:
with reporter.step("Try delete object from container"): with reporter.step("Try delete object from container"):
@ -101,7 +97,6 @@ def can_delete_object(
cid, cid,
oid, oid,
bearer=bearer, bearer=bearer,
wallet_config=wallet_config,
xhdr=xhdr, xhdr=xhdr,
shell=shell, shell=shell,
endpoint=endpoint, endpoint=endpoint,
@ -115,13 +110,12 @@ def can_delete_object(
def can_get_head_object( def can_get_head_object(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
oid: str, oid: str,
shell: Shell, shell: Shell,
endpoint: str, endpoint: str,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
timeout: Optional[str] = CLI_DEFAULT_TIMEOUT, timeout: Optional[str] = CLI_DEFAULT_TIMEOUT,
) -> bool: ) -> bool:
@ -132,7 +126,6 @@ def can_get_head_object(
cid, cid,
oid, oid,
bearer=bearer, bearer=bearer,
wallet_config=wallet_config,
xhdr=xhdr, xhdr=xhdr,
shell=shell, shell=shell,
endpoint=endpoint, endpoint=endpoint,
@ -147,13 +140,12 @@ def can_get_head_object(
def can_get_range_of_object( def can_get_range_of_object(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
oid: str, oid: str,
shell: Shell, shell: Shell,
endpoint: str, endpoint: str,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
timeout: Optional[str] = CLI_DEFAULT_TIMEOUT, timeout: Optional[str] = CLI_DEFAULT_TIMEOUT,
) -> bool: ) -> bool:
@ -165,7 +157,6 @@ def can_get_range_of_object(
oid, oid,
bearer=bearer, bearer=bearer,
range_cut="0:10", range_cut="0:10",
wallet_config=wallet_config,
xhdr=xhdr, xhdr=xhdr,
shell=shell, shell=shell,
endpoint=endpoint, endpoint=endpoint,
@ -180,13 +171,12 @@ def can_get_range_of_object(
def can_get_range_hash_of_object( def can_get_range_hash_of_object(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
oid: str, oid: str,
shell: Shell, shell: Shell,
endpoint: str, endpoint: str,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
timeout: Optional[str] = CLI_DEFAULT_TIMEOUT, timeout: Optional[str] = CLI_DEFAULT_TIMEOUT,
) -> bool: ) -> bool:
@ -198,7 +188,6 @@ def can_get_range_hash_of_object(
oid, oid,
bearer=bearer, bearer=bearer,
range_cut="0:10", range_cut="0:10",
wallet_config=wallet_config,
xhdr=xhdr, xhdr=xhdr,
shell=shell, shell=shell,
endpoint=endpoint, endpoint=endpoint,
@ -213,13 +202,12 @@ def can_get_range_hash_of_object(
def can_search_object( def can_search_object(
wallet: str, wallet: WalletInfo,
cid: str, cid: str,
shell: Shell, shell: Shell,
endpoint: str, endpoint: str,
oid: Optional[str] = None, oid: Optional[str] = None,
bearer: Optional[str] = None, bearer: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None, xhdr: Optional[dict] = None,
timeout: Optional[str] = CLI_DEFAULT_TIMEOUT, timeout: Optional[str] = CLI_DEFAULT_TIMEOUT,
) -> bool: ) -> bool:
@ -229,7 +217,6 @@ def can_search_object(
wallet, wallet,
cid, cid,
bearer=bearer, bearer=bearer,
wallet_config=wallet_config,
xhdr=xhdr, xhdr=xhdr,
shell=shell, shell=shell,
endpoint=endpoint, endpoint=endpoint,

View file

@ -1,11 +1,10 @@
import os import os
import uuid
from dataclasses import dataclass from dataclasses import dataclass
from typing import Optional from datetime import datetime
import pytest import pytest
from frostfs_testlib import reporter from frostfs_testlib import reporter
from frostfs_testlib.resources.common import DEFAULT_WALLET_CONFIG, DEFAULT_WALLET_PASS from frostfs_testlib.credentials.interfaces import CredentialsProvider, User
from frostfs_testlib.resources.wellknown_acl import PUBLIC_ACL from frostfs_testlib.resources.wellknown_acl import PUBLIC_ACL
from frostfs_testlib.shell import Shell from frostfs_testlib.shell import Shell
from frostfs_testlib.steps.cli.container import create_container from frostfs_testlib.steps.cli.container import create_container
@ -14,54 +13,40 @@ from frostfs_testlib.storage.cluster import Cluster
from frostfs_testlib.storage.dataclasses.acl import EACLRole from frostfs_testlib.storage.dataclasses.acl import EACLRole
from frostfs_testlib.storage.dataclasses.frostfs_services import InnerRing, StorageNode from frostfs_testlib.storage.dataclasses.frostfs_services import InnerRing, StorageNode
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.utils import wallet_utils from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.utils.file_utils import generate_file from frostfs_testlib.utils.file_utils import generate_file
OBJECT_COUNT = 5 OBJECT_COUNT = 5
@dataclass
class Wallet:
wallet_path: Optional[str] = None
config_path: Optional[str] = None
@dataclass @dataclass
class Wallets: class Wallets:
wallets: dict[EACLRole, list[Wallet]] wallets: dict[EACLRole, list[WalletInfo]]
def get_wallet(self, role: EACLRole = EACLRole.USER) -> Wallet: def get_wallet(self, role: EACLRole = EACLRole.USER) -> WalletInfo:
return self.wallets[role][0] return self.wallets[role][0]
def get_wallets_list(self, role: EACLRole = EACLRole.USER) -> list[Wallet]: def get_wallets_list(self, role: EACLRole = EACLRole.USER) -> list[WalletInfo]:
return self.wallets[role] return self.wallets[role]
@pytest.fixture(scope="module") @pytest.fixture(scope="module")
def wallets(default_wallet: str, temp_directory: str, cluster: Cluster) -> Wallets: def wallets(default_wallet: WalletInfo, credentials_provider: CredentialsProvider, cluster: Cluster) -> Wallets:
other_wallets_paths = [os.path.join(temp_directory, f"{str(uuid.uuid4())}.json") for _ in range(2)] other_wallets: list = []
for other_wallet_path in other_wallets_paths: for _ in range(2):
wallet_utils.init_wallet(other_wallet_path, DEFAULT_WALLET_PASS) user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
other_wallets.append(credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0]))
ir_node: InnerRing = cluster.ir_nodes[0] ir_node: InnerRing = cluster.ir_nodes[0]
storage_node: StorageNode = cluster.storage_nodes[0] storage_node: StorageNode = cluster.storage_nodes[0]
ir_wallet_path = ir_node.get_wallet_path()
ir_wallet_config = ir_node.get_wallet_config_path()
storage_wallet_path = storage_node.get_wallet_path()
storage_wallet_config = storage_node.get_wallet_config_path()
wallets_collection = Wallets( wallets_collection = Wallets(
wallets={ wallets={
EACLRole.USER: [Wallet(wallet_path=default_wallet, config_path=DEFAULT_WALLET_CONFIG)], EACLRole.USER: [default_wallet],
EACLRole.OTHERS: [ EACLRole.OTHERS: other_wallets,
Wallet(wallet_path=other_wallet_path, config_path=DEFAULT_WALLET_CONFIG)
for other_wallet_path in other_wallets_paths
],
EACLRole.SYSTEM: [ EACLRole.SYSTEM: [
Wallet(wallet_path=ir_wallet_path, config_path=ir_wallet_config), WalletInfo.from_node(ir_node),
Wallet(wallet_path=storage_wallet_path, config_path=storage_wallet_config), WalletInfo.from_node(storage_node),
], ],
} }
) )
@ -70,7 +55,7 @@ def wallets(default_wallet: str, temp_directory: str, cluster: Cluster) -> Walle
if role == EACLRole.SYSTEM: if role == EACLRole.SYSTEM:
continue continue
for wallet in wallets: for wallet in wallets:
reporter.attach(wallet.wallet_path, os.path.basename(wallet.wallet_path)) reporter.attach(wallet.path, os.path.basename(wallet.path))
return wallets_collection return wallets_collection
@ -87,7 +72,7 @@ def eacl_container_with_objects(
user_wallet = wallets.get_wallet() user_wallet = wallets.get_wallet()
with reporter.step("Create eACL public container"): with reporter.step("Create eACL public container"):
cid = create_container( cid = create_container(
user_wallet.wallet_path, user_wallet,
basic_acl=PUBLIC_ACL, basic_acl=PUBLIC_ACL,
shell=client_shell, shell=client_shell,
endpoint=cluster.default_rpc_endpoint, endpoint=cluster.default_rpc_endpoint,
@ -96,7 +81,7 @@ def eacl_container_with_objects(
with reporter.step("Add test objects to container"): with reporter.step("Add test objects to container"):
objects_oids = [ objects_oids = [
put_object_to_random_node( put_object_to_random_node(
user_wallet.wallet_path, user_wallet,
file_path, file_path,
cid, cid,
attributes={"key1": "val1", "key": val, "key2": "abc"}, attributes={"key1": "val1", "key": val, "key2": "abc"},

View file

@ -22,11 +22,11 @@ from pytest_tests.testsuites.acl.conftest import Wallets
@pytest.mark.acl_basic @pytest.mark.acl_basic
class TestACLBasic(ClusterTestBase): class TestACLBasic(ClusterTestBase):
@pytest.fixture(scope="function") @pytest.fixture(scope="function")
def public_container(self, wallets): def public_container(self, wallets: Wallets):
user_wallet = wallets.get_wallet() user_wallet = wallets.get_wallet()
with reporter.step("Create public container"): with reporter.step("Create public container"):
cid_public = create_container( cid_public = create_container(
user_wallet.wallet_path, user_wallet,
basic_acl=PUBLIC_ACL_F, basic_acl=PUBLIC_ACL_F,
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
@ -35,14 +35,14 @@ class TestACLBasic(ClusterTestBase):
yield cid_public yield cid_public
# with reporter.step('Delete public container'): # with reporter.step('Delete public container'):
# delete_container(user_wallet.wallet_path, cid_public) # delete_container(user_wallet, cid_public)
@pytest.fixture(scope="function") @pytest.fixture(scope="function")
def private_container(self, wallets: Wallets): def private_container(self, wallets: Wallets):
user_wallet = wallets.get_wallet() user_wallet = wallets.get_wallet()
with reporter.step("Create private container"): with reporter.step("Create private container"):
cid_private = create_container( cid_private = create_container(
user_wallet.wallet_path, user_wallet,
basic_acl=PRIVATE_ACL_F, basic_acl=PRIVATE_ACL_F,
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
@ -51,14 +51,14 @@ class TestACLBasic(ClusterTestBase):
yield cid_private yield cid_private
# with reporter.step('Delete private container'): # with reporter.step('Delete private container'):
# delete_container(user_wallet.wallet_path, cid_private) # delete_container(user_wallet, cid_private)
@pytest.fixture(scope="function") @pytest.fixture(scope="function")
def read_only_container(self, wallets: Wallets): def read_only_container(self, wallets: Wallets):
user_wallet = wallets.get_wallet() user_wallet = wallets.get_wallet()
with reporter.step("Create public readonly container"): with reporter.step("Create public readonly container"):
cid_read_only = create_container( cid_read_only = create_container(
user_wallet.wallet_path, user_wallet,
basic_acl=READONLY_ACL_F, basic_acl=READONLY_ACL_F,
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
@ -67,7 +67,7 @@ class TestACLBasic(ClusterTestBase):
yield cid_read_only yield cid_read_only
# with reporter.step('Delete public readonly container'): # with reporter.step('Delete public readonly container'):
# delete_container(user_wallet.wallet_path, cid_read_only) # delete_container(user_wallet, cid_read_only)
@allure.title("Operations with basic ACL on public container (obj_size={object_size})") @allure.title("Operations with basic ACL on public container (obj_size={object_size})")
def test_basic_acl_public(self, wallets: Wallets, public_container: str, file_path: str): def test_basic_acl_public(self, wallets: Wallets, public_container: str, file_path: str):
@ -82,7 +82,7 @@ class TestACLBasic(ClusterTestBase):
# We create new objects for each wallet because check_full_access_to_container # We create new objects for each wallet because check_full_access_to_container
# deletes the object # deletes the object
owner_object_oid = put_object_to_random_node( owner_object_oid = put_object_to_random_node(
user_wallet.wallet_path, user_wallet,
file_path, file_path,
cid, cid,
shell=self.shell, shell=self.shell,
@ -90,7 +90,7 @@ class TestACLBasic(ClusterTestBase):
attributes={"created": "owner"}, attributes={"created": "owner"},
) )
other_object_oid = put_object_to_random_node( other_object_oid = put_object_to_random_node(
other_wallet.wallet_path, other_wallet,
file_path, file_path,
cid, cid,
shell=self.shell, shell=self.shell,
@ -99,7 +99,7 @@ class TestACLBasic(ClusterTestBase):
) )
with reporter.step(f"Check {desc} has full access to public container"): with reporter.step(f"Check {desc} has full access to public container"):
check_full_access_to_container( check_full_access_to_container(
wallet.wallet_path, wallet,
cid, cid,
owner_object_oid, owner_object_oid,
file_path, file_path,
@ -107,7 +107,7 @@ class TestACLBasic(ClusterTestBase):
cluster=self.cluster, cluster=self.cluster,
) )
check_full_access_to_container( check_full_access_to_container(
wallet.wallet_path, wallet,
cid, cid,
other_object_oid, other_object_oid,
file_path, file_path,
@ -125,13 +125,13 @@ class TestACLBasic(ClusterTestBase):
cid = private_container cid = private_container
with reporter.step("Add test objects to container"): with reporter.step("Add test objects to container"):
owner_object_oid = put_object_to_random_node( owner_object_oid = put_object_to_random_node(
user_wallet.wallet_path, file_path, cid, shell=self.shell, cluster=self.cluster user_wallet, file_path, cid, shell=self.shell, cluster=self.cluster
) )
with reporter.step("Check only owner has full access to private container"): with reporter.step("Check only owner has full access to private container"):
with reporter.step("Check no one except owner has access to operations with container"): with reporter.step("Check no one except owner has access to operations with container"):
check_no_access_to_container( check_no_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
owner_object_oid, owner_object_oid,
file_path, file_path,
@ -141,7 +141,7 @@ class TestACLBasic(ClusterTestBase):
with reporter.step("Check owner has full access to private container"): with reporter.step("Check owner has full access to private container"):
check_full_access_to_container( check_full_access_to_container(
user_wallet.wallet_path, user_wallet,
cid, cid,
owner_object_oid, owner_object_oid,
file_path, file_path,
@ -160,12 +160,12 @@ class TestACLBasic(ClusterTestBase):
with reporter.step("Add test objects to container"): with reporter.step("Add test objects to container"):
object_oid = put_object_to_random_node( object_oid = put_object_to_random_node(
user_wallet.wallet_path, file_path, cid, shell=client_shell, cluster=self.cluster user_wallet, file_path, cid, shell=client_shell, cluster=self.cluster
) )
with reporter.step("Check other has read-only access to operations with container"): with reporter.step("Check other has read-only access to operations with container"):
check_read_only_container( check_read_only_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
object_oid, object_oid,
file_path, file_path,
@ -175,7 +175,7 @@ class TestACLBasic(ClusterTestBase):
with reporter.step("Check owner has full access to public container"): with reporter.step("Check owner has full access to public container"):
check_full_access_to_container( check_full_access_to_container(
user_wallet.wallet_path, user_wallet,
cid, cid,
object_oid, object_oid,
file_path, file_path,

View file

@ -32,11 +32,10 @@ class TestACLBearer(ClusterTestBase):
with reporter.step(f"Check {role.value} has full access to container without bearer token"): with reporter.step(f"Check {role.value} has full access to container without bearer token"):
check_full_access_to_container( check_full_access_to_container(
deny_wallet.wallet_path, deny_wallet,
cid, cid,
objects_oids.pop(), objects_oids.pop(),
file_path, file_path,
wallet_config=deny_wallet.config_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
) )
@ -44,12 +43,12 @@ class TestACLBearer(ClusterTestBase):
with reporter.step(f"Set deny all operations for {role.value} via eACL"): with reporter.step(f"Set deny all operations for {role.value} via eACL"):
eacl = [EACLRule(access=EACLAccess.DENY, role=role, operation=op) for op in EACLOperation] eacl = [EACLRule(access=EACLAccess.DENY, role=role, operation=op) for op in EACLOperation]
eacl_file = create_eacl(cid, eacl, shell=self.shell) eacl_file = create_eacl(cid, eacl, shell=self.shell)
set_eacl(user_wallet.wallet_path, cid, eacl_file, shell=self.shell, endpoint=endpoint) set_eacl(user_wallet, cid, eacl_file, shell=self.shell, endpoint=endpoint)
wait_for_cache_expired() wait_for_cache_expired()
with reporter.step(f"Create bearer token for {role.value} with all operations allowed"): with reporter.step(f"Create bearer token for {role.value} with all operations allowed"):
bearer = form_bearertoken_file( bearer = form_bearertoken_file(
user_wallet.wallet_path, user_wallet,
cid, cid,
[EACLRule(operation=op, access=EACLAccess.ALLOW, role=role) for op in EACLOperation], [EACLRule(operation=op, access=EACLAccess.ALLOW, role=role) for op in EACLOperation],
shell=self.shell, shell=self.shell,
@ -58,23 +57,21 @@ class TestACLBearer(ClusterTestBase):
with reporter.step(f"Check {role.value} without token has no access to all operations with container"): with reporter.step(f"Check {role.value} without token has no access to all operations with container"):
check_no_access_to_container( check_no_access_to_container(
deny_wallet.wallet_path, deny_wallet,
cid, cid,
objects_oids.pop(), objects_oids.pop(),
file_path, file_path,
wallet_config=deny_wallet.config_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
) )
with reporter.step(f"Check {role.value} with token has access to all operations with container"): with reporter.step(f"Check {role.value} with token has access to all operations with container"):
check_full_access_to_container( check_full_access_to_container(
deny_wallet.wallet_path, deny_wallet,
cid, cid,
objects_oids.pop(), objects_oids.pop(),
file_path, file_path,
bearer=bearer, bearer=bearer,
wallet_config=deny_wallet.config_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
) )
@ -82,22 +79,21 @@ class TestACLBearer(ClusterTestBase):
with reporter.step(f"Set allow all operations for {role.value} via eACL"): with reporter.step(f"Set allow all operations for {role.value} via eACL"):
eacl = [EACLRule(access=EACLAccess.ALLOW, role=role, operation=op) for op in EACLOperation] eacl = [EACLRule(access=EACLAccess.ALLOW, role=role, operation=op) for op in EACLOperation]
eacl_file = create_eacl(cid, eacl, shell=self.shell) eacl_file = create_eacl(cid, eacl, shell=self.shell)
set_eacl(user_wallet.wallet_path, cid, eacl_file, shell=self.shell, endpoint=endpoint) set_eacl(user_wallet, cid, eacl_file, shell=self.shell, endpoint=endpoint)
wait_for_cache_expired() wait_for_cache_expired()
with reporter.step(f"Check {role.value} without token has access to all operations with container"): with reporter.step(f"Check {role.value} without token has access to all operations with container"):
check_full_access_to_container( check_full_access_to_container(
deny_wallet.wallet_path, deny_wallet,
cid, cid,
objects_oids.pop(), objects_oids.pop(),
file_path, file_path,
wallet_config=deny_wallet.config_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
) )
@allure.title("BearerToken for compound operations (obj_size={object_size})") @allure.title("BearerToken for compound operations (obj_size={object_size})")
def test_bearer_token_compound_operations(self, wallets, eacl_container_with_objects): def test_bearer_token_compound_operations(self, wallets: Wallets, eacl_container_with_objects):
endpoint = self.cluster.default_rpc_endpoint endpoint = self.cluster.default_rpc_endpoint
cid, objects_oids, file_path = eacl_container_with_objects cid, objects_oids, file_path = eacl_container_with_objects
user_wallet = wallets.get_wallet() user_wallet = wallets.get_wallet()
@ -136,7 +132,7 @@ class TestACLBearer(ClusterTestBase):
for role, operations in deny_map.items(): for role, operations in deny_map.items():
eacl_deny += [EACLRule(access=EACLAccess.DENY, role=role, operation=op) for op in operations] eacl_deny += [EACLRule(access=EACLAccess.DENY, role=role, operation=op) for op in operations]
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
eacl_table_path=create_eacl(cid, eacl_deny, shell=self.shell), eacl_table_path=create_eacl(cid, eacl_deny, shell=self.shell),
shell=self.shell, shell=self.shell,
@ -146,29 +142,27 @@ class TestACLBearer(ClusterTestBase):
with reporter.step("Check rule consistency without bearer"): with reporter.step("Check rule consistency without bearer"):
check_custom_access_to_container( check_custom_access_to_container(
user_wallet.wallet_path, user_wallet,
cid, cid,
objects_oids.pop(), objects_oids.pop(),
file_path, file_path,
deny_operations=deny_map[EACLRole.USER], deny_operations=deny_map[EACLRole.USER],
wallet_config=user_wallet.config_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
) )
check_custom_access_to_container( check_custom_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
objects_oids.pop(), objects_oids.pop(),
file_path, file_path,
deny_operations=deny_map[EACLRole.OTHERS], deny_operations=deny_map[EACLRole.OTHERS],
wallet_config=other_wallet.config_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
) )
with reporter.step("Check rule consistency using bearer token"): with reporter.step("Check rule consistency using bearer token"):
bearer_user = form_bearertoken_file( bearer_user = form_bearertoken_file(
user_wallet.wallet_path, user_wallet,
cid, cid,
[ [
EACLRule(operation=op, access=EACLAccess.ALLOW, role=EACLRole.USER) EACLRule(operation=op, access=EACLAccess.ALLOW, role=EACLRole.USER)
@ -179,7 +173,7 @@ class TestACLBearer(ClusterTestBase):
) )
bearer_other = form_bearertoken_file( bearer_other = form_bearertoken_file(
user_wallet.wallet_path, user_wallet,
cid, cid,
[ [
EACLRule(operation=op, access=EACLAccess.ALLOW, role=EACLRole.OTHERS) EACLRule(operation=op, access=EACLAccess.ALLOW, role=EACLRole.OTHERS)
@ -190,24 +184,22 @@ class TestACLBearer(ClusterTestBase):
) )
check_custom_access_to_container( check_custom_access_to_container(
user_wallet.wallet_path, user_wallet,
cid, cid,
objects_oids.pop(), objects_oids.pop(),
file_path, file_path,
deny_operations=deny_map_with_bearer[EACLRole.USER], deny_operations=deny_map_with_bearer[EACLRole.USER],
bearer=bearer_user, bearer=bearer_user,
wallet_config=user_wallet.config_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
) )
check_custom_access_to_container( check_custom_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
objects_oids.pop(), objects_oids.pop(),
file_path, file_path,
deny_operations=deny_map_with_bearer[EACLRole.OTHERS], deny_operations=deny_map_with_bearer[EACLRole.OTHERS],
bearer=bearer_other, bearer=bearer_other,
wallet_config=other_wallet.config_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
) )

View file

@ -27,14 +27,14 @@ from pytest_tests.testsuites.acl.conftest import Wallets
@pytest.mark.acl_extended @pytest.mark.acl_extended
class TestEACLContainer(ClusterTestBase): class TestEACLContainer(ClusterTestBase):
@pytest.fixture(scope="function") @pytest.fixture(scope="function")
def eacl_full_placement_container_with_object(self, wallets: Wallets, file_path: str) -> str: def eacl_full_placement_container_with_object(self, wallets: Wallets, file_path: str) -> tuple[str, str, str]:
user_wallet = wallets.get_wallet() user_wallet = wallets.get_wallet()
storage_nodes = self.cluster.storage_nodes storage_nodes = self.cluster.storage_nodes
node_count = len(storage_nodes) node_count = len(storage_nodes)
with reporter.step("Create eACL public container with full placement rule"): with reporter.step("Create eACL public container with full placement rule"):
full_placement_rule = f"REP {node_count} IN X CBF 1 SELECT {node_count} FROM * AS X" full_placement_rule = f"REP {node_count} IN X CBF 1 SELECT {node_count} FROM * AS X"
cid = create_container( cid = create_container(
wallet=user_wallet.wallet_path, wallet=user_wallet,
rule=full_placement_rule, rule=full_placement_rule,
basic_acl=PUBLIC_ACL, basic_acl=PUBLIC_ACL,
shell=self.shell, shell=self.shell,
@ -42,9 +42,7 @@ class TestEACLContainer(ClusterTestBase):
) )
with reporter.step("Add test object to container"): with reporter.step("Add test object to container"):
oid = put_object_to_random_node( oid = put_object_to_random_node(user_wallet, file_path, cid, shell=self.shell, cluster=self.cluster)
user_wallet.wallet_path, file_path, cid, shell=self.shell, cluster=self.cluster
)
wait_object_replication( wait_object_replication(
cid, cid,
oid, oid,
@ -75,7 +73,7 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step(f"Deny all operations for {deny_role_str} via eACL"): with reporter.step(f"Deny all operations for {deny_role_str} via eACL"):
eacl_deny = [EACLRule(access=EACLAccess.DENY, role=deny_role, operation=op) for op in EACLOperation] eacl_deny = [EACLRule(access=EACLAccess.DENY, role=deny_role, operation=op) for op in EACLOperation]
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
create_eacl(cid, eacl_deny, shell=self.shell), create_eacl(cid, eacl_deny, shell=self.shell),
shell=self.shell, shell=self.shell,
@ -86,7 +84,7 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step(f"Check only {not_deny_role_str} has full access to container"): with reporter.step(f"Check only {not_deny_role_str} has full access to container"):
with reporter.step(f"Check {deny_role_str} has not access to any operations with container"): with reporter.step(f"Check {deny_role_str} has not access to any operations with container"):
check_no_access_to_container( check_no_access_to_container(
deny_role_wallet.wallet_path, deny_role_wallet,
cid, cid,
object_oids[0], object_oids[0],
file_path, file_path,
@ -96,7 +94,7 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step(f"Check {not_deny_role_wallet} has full access to eACL public container"): with reporter.step(f"Check {not_deny_role_wallet} has full access to eACL public container"):
check_full_access_to_container( check_full_access_to_container(
not_deny_role_wallet.wallet_path, not_deny_role_wallet,
cid, cid,
object_oids.pop(), object_oids.pop(),
file_path, file_path,
@ -107,7 +105,7 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step(f"Allow all operations for {deny_role_str} via eACL"): with reporter.step(f"Allow all operations for {deny_role_str} via eACL"):
eacl_deny = [EACLRule(access=EACLAccess.ALLOW, role=deny_role, operation=op) for op in EACLOperation] eacl_deny = [EACLRule(access=EACLAccess.ALLOW, role=deny_role, operation=op) for op in EACLOperation]
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
create_eacl(cid, eacl_deny, shell=self.shell), create_eacl(cid, eacl_deny, shell=self.shell),
shell=self.shell, shell=self.shell,
@ -117,7 +115,7 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step("Check all have full access to eACL public container"): with reporter.step("Check all have full access to eACL public container"):
check_full_access_to_container( check_full_access_to_container(
user_wallet.wallet_path, user_wallet,
cid, cid,
object_oids.pop(), object_oids.pop(),
file_path, file_path,
@ -125,7 +123,7 @@ class TestEACLContainer(ClusterTestBase):
cluster=self.cluster, cluster=self.cluster,
) )
check_full_access_to_container( check_full_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
object_oids.pop(), object_oids.pop(),
file_path, file_path,
@ -145,14 +143,14 @@ class TestEACLContainer(ClusterTestBase):
eacl = [ eacl = [
EACLRule( EACLRule(
access=EACLAccess.ALLOW, access=EACLAccess.ALLOW,
role=other_wallet_allow.wallet_path, role=other_wallet_allow,
operation=op, operation=op,
) )
for op in EACLOperation for op in EACLOperation
] ]
eacl += [EACLRule(access=EACLAccess.DENY, role=EACLRole.OTHERS, operation=op) for op in EACLOperation] eacl += [EACLRule(access=EACLAccess.DENY, role=EACLRole.OTHERS, operation=op) for op in EACLOperation]
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
create_eacl(cid, eacl, shell=self.shell), create_eacl(cid, eacl, shell=self.shell),
shell=self.shell, shell=self.shell,
@ -163,7 +161,7 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step("Check only owner and allowed other have full access to public container"): with reporter.step("Check only owner and allowed other have full access to public container"):
with reporter.step("Check other has not access to operations with container"): with reporter.step("Check other has not access to operations with container"):
check_no_access_to_container( check_no_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
object_oids[0], object_oids[0],
file_path, file_path,
@ -173,7 +171,7 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step("Check owner has full access to public container"): with reporter.step("Check owner has full access to public container"):
check_full_access_to_container( check_full_access_to_container(
user_wallet.wallet_path, user_wallet,
cid, cid,
object_oids.pop(), object_oids.pop(),
file_path, file_path,
@ -183,7 +181,7 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step("Check allowed other has full access to public container"): with reporter.step("Check allowed other has full access to public container"):
check_full_access_to_container( check_full_access_to_container(
other_wallet_allow.wallet_path, other_wallet_allow,
cid, cid,
object_oids.pop(), object_oids.pop(),
file_path, file_path,
@ -206,7 +204,7 @@ class TestEACLContainer(ClusterTestBase):
eacl_deny = [EACLRule(access=EACLAccess.DENY, role=EACLRole.USER, operation=op) for op in EACLOperation] eacl_deny = [EACLRule(access=EACLAccess.DENY, role=EACLRole.USER, operation=op) for op in EACLOperation]
eacl_deny += [EACLRule(access=EACLAccess.DENY, role=EACLRole.OTHERS, operation=op) for op in EACLOperation] eacl_deny += [EACLRule(access=EACLAccess.DENY, role=EACLRole.OTHERS, operation=op) for op in EACLOperation]
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
create_eacl(cid, eacl_deny, shell=self.shell), create_eacl(cid, eacl_deny, shell=self.shell),
shell=self.shell, shell=self.shell,
@ -237,134 +235,120 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step("Check IR and STORAGE rules compliance"): with reporter.step("Check IR and STORAGE rules compliance"):
assert not can_put_object( assert not can_put_object(
ir_wallet.wallet_path, ir_wallet,
cid, cid,
file_path, file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=ir_wallet.config_path,
) )
assert can_put_object( assert can_put_object(
storage_wallet.wallet_path, storage_wallet,
cid, cid,
file_path, file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=storage_wallet.config_path,
) )
assert can_get_object( assert can_get_object(
ir_wallet.wallet_path, ir_wallet,
cid, cid,
object_oids[0], object_oids[0],
file_path, file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=ir_wallet.config_path,
) )
assert can_get_object( assert can_get_object(
storage_wallet.wallet_path, storage_wallet,
cid, cid,
object_oids[0], object_oids[0],
file_path, file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=storage_wallet.config_path,
) )
assert can_get_head_object( assert can_get_head_object(
ir_wallet.wallet_path, ir_wallet,
cid, cid,
object_oids[0], object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
assert can_get_head_object( assert can_get_head_object(
storage_wallet.wallet_path, storage_wallet,
cid, cid,
object_oids[0], object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
assert can_search_object( assert can_search_object(
ir_wallet.wallet_path, ir_wallet,
cid, cid,
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
oid=object_oids[0], oid=object_oids[0],
wallet_config=ir_wallet.config_path,
) )
assert can_search_object( assert can_search_object(
storage_wallet.wallet_path, storage_wallet,
cid, cid,
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
oid=object_oids[0], oid=object_oids[0],
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_range_of_object( assert can_get_range_of_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_range_of_object( assert can_get_range_of_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
assert can_get_range_hash_of_object( assert can_get_range_hash_of_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
assert can_get_range_hash_of_object( assert can_get_range_hash_of_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_delete_object( assert can_delete_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_delete_object( assert can_delete_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
with reporter.step("Deny all operations for SYSTEM via eACL"): with reporter.step("Deny all operations for SYSTEM via eACL"):
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
create_eacl( create_eacl(
cid=cid, cid=cid,
@ -380,141 +364,127 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step("Check IR and STORAGE rules compliance with deny eACL"): with reporter.step("Check IR and STORAGE rules compliance with deny eACL"):
assert not can_put_object( assert not can_put_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
file_name=file_path, file_name=file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=ir_wallet.config_path,
) )
assert not can_put_object( assert not can_put_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
file_name=file_path, file_name=file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_object( assert can_get_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
file_name=file_path, file_name=file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_object( assert can_get_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
file_name=file_path, file_name=file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_head_object( assert can_get_head_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_head_object( assert can_get_head_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_search_object( assert can_search_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
oid=object_oids[0], oid=object_oids[0],
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_search_object( assert can_search_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
oid=object_oids[0], oid=object_oids[0],
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_range_of_object( assert can_get_range_of_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_range_of_object( assert can_get_range_of_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_range_hash_of_object( assert can_get_range_hash_of_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_range_hash_of_object( assert can_get_range_hash_of_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_delete_object( assert can_delete_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_delete_object( assert can_delete_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
with reporter.step("Allow all operations for SYSTEM via eACL"): with reporter.step("Allow all operations for SYSTEM via eACL"):
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
create_eacl( create_eacl(
cid=cid, cid=cid,
@ -530,127 +500,113 @@ class TestEACLContainer(ClusterTestBase):
with reporter.step("Check IR and STORAGE rules compliance with allow eACL"): with reporter.step("Check IR and STORAGE rules compliance with allow eACL"):
assert not can_put_object( assert not can_put_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
file_name=file_path, file_name=file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=ir_wallet.config_path,
) )
assert can_put_object( assert can_put_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
file_name=file_path, file_name=file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=storage_wallet.config_path,
) )
assert can_get_object( assert can_get_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
file_name=file_path, file_name=file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=ir_wallet.config_path,
) )
assert can_get_object( assert can_get_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
file_name=file_path, file_name=file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
wallet_config=storage_wallet.config_path,
) )
assert can_get_head_object( assert can_get_head_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
assert can_get_head_object( assert can_get_head_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
assert can_search_object( assert can_search_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
shell=self.shell, shell=self.shell,
oid=object_oids[0], oid=object_oids[0],
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
assert can_search_object( assert can_search_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
shell=self.shell, shell=self.shell,
oid=object_oids[0], oid=object_oids[0],
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_range_of_object( assert can_get_range_of_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_range_of_object( assert can_get_range_of_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
assert can_get_range_hash_of_object( assert can_get_range_hash_of_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
assert can_get_range_hash_of_object( assert can_get_range_hash_of_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_delete_object( assert can_delete_object(
wallet=ir_wallet.wallet_path, wallet=ir_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=ir_wallet.config_path,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_delete_object( assert can_delete_object(
wallet=storage_wallet.wallet_path, wallet=storage_wallet,
cid=cid, cid=cid,
oid=object_oids[0], oid=object_oids[0],
shell=self.shell, shell=self.shell,
endpoint=endpoint, endpoint=endpoint,
wallet_config=storage_wallet.config_path,
) )

View file

@ -64,7 +64,7 @@ class TestEACLFilters(ClusterTestBase):
user_wallet = wallets.get_wallet() user_wallet = wallets.get_wallet()
with reporter.step("Create eACL public container"): with reporter.step("Create eACL public container"):
cid = create_container( cid = create_container(
user_wallet.wallet_path, user_wallet,
basic_acl=PUBLIC_ACL, basic_acl=PUBLIC_ACL,
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
@ -73,7 +73,7 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Add test objects to container"): with reporter.step("Add test objects to container"):
objects_with_header = [ objects_with_header = [
put_object_to_random_node( put_object_to_random_node(
user_wallet.wallet_path, user_wallet,
file_path, file_path,
cid, cid,
shell=self.shell, shell=self.shell,
@ -85,7 +85,7 @@ class TestEACLFilters(ClusterTestBase):
objects_with_other_header = [ objects_with_other_header = [
put_object_to_random_node( put_object_to_random_node(
user_wallet.wallet_path, user_wallet,
file_path, file_path,
cid, cid,
shell=self.shell, shell=self.shell,
@ -97,7 +97,7 @@ class TestEACLFilters(ClusterTestBase):
objects_without_header = [ objects_without_header = [
put_object_to_random_node( put_object_to_random_node(
user_wallet.wallet_path, user_wallet,
file_path, file_path,
cid, cid,
shell=self.shell, shell=self.shell,
@ -110,7 +110,7 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Delete eACL public container"): with reporter.step("Delete eACL public container"):
delete_container( delete_container(
user_wallet.wallet_path, user_wallet,
cid, cid,
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
@ -148,7 +148,7 @@ class TestEACLFilters(ClusterTestBase):
for op in EACLOperation for op in EACLOperation
] ]
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
create_eacl(cid, eacl_deny, shell=self.shell), create_eacl(cid, eacl_deny, shell=self.shell),
shell=self.shell, shell=self.shell,
@ -171,7 +171,7 @@ class TestEACLFilters(ClusterTestBase):
): ):
with reporter.step("Check other has full access when sending request without headers"): with reporter.step("Check other has full access when sending request without headers"):
check_full_access_to_container( check_full_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid.pop(), oid.pop(),
file_path, file_path,
@ -181,7 +181,7 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Check other has full access when sending request with allowed headers"): with reporter.step("Check other has full access when sending request with allowed headers"):
check_full_access_to_container( check_full_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid.pop(), oid.pop(),
file_path, file_path,
@ -192,7 +192,7 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Check other has no access when sending request with denied headers"): with reporter.step("Check other has no access when sending request with denied headers"):
check_no_access_to_container( check_no_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid.pop(), oid.pop(),
file_path, file_path,
@ -205,14 +205,14 @@ class TestEACLFilters(ClusterTestBase):
"Check other has full access when sending request " "with denied headers and using bearer token" "Check other has full access when sending request " "with denied headers and using bearer token"
): ):
bearer_other = form_bearertoken_file( bearer_other = form_bearertoken_file(
user_wallet.wallet_path, user_wallet,
cid, cid,
[EACLRule(operation=op, access=EACLAccess.ALLOW, role=EACLRole.OTHERS) for op in EACLOperation], [EACLRule(operation=op, access=EACLAccess.ALLOW, role=EACLRole.OTHERS) for op in EACLOperation],
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
) )
check_full_access_to_container( check_full_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid.pop(), oid.pop(),
file_path, file_path,
@ -253,7 +253,7 @@ class TestEACLFilters(ClusterTestBase):
for op in self.OBJECT_ATTRIBUTES_FILTER_SUPPORTED_OPERATIONS for op in self.OBJECT_ATTRIBUTES_FILTER_SUPPORTED_OPERATIONS
] ]
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
create_eacl(cid, eacl_deny, shell=self.shell), create_eacl(cid, eacl_deny, shell=self.shell),
shell=self.shell, shell=self.shell,
@ -270,7 +270,7 @@ class TestEACLFilters(ClusterTestBase):
for xhdr in (self.ATTRIBUTE, self.OTHER_ATTRIBUTE, None): for xhdr in (self.ATTRIBUTE, self.OTHER_ATTRIBUTE, None):
with reporter.step("Check other have full access to objects without attributes"): with reporter.step("Check other have full access to objects without attributes"):
check_full_access_to_container( check_full_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
objs_without_header.pop(), objs_without_header.pop(),
file_path, file_path,
@ -281,7 +281,7 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Check other have full access to objects without deny attribute"): with reporter.step("Check other have full access to objects without deny attribute"):
check_full_access_to_container( check_full_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
allow_objects.pop(), allow_objects.pop(),
file_path, file_path,
@ -293,7 +293,7 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Check other have no access to objects with deny attribute"): with reporter.step("Check other have no access to objects with deny attribute"):
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_head_object( assert can_get_head_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
deny_objects[0], deny_objects[0],
shell=self.shell, shell=self.shell,
@ -302,7 +302,7 @@ class TestEACLFilters(ClusterTestBase):
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_object( assert can_get_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
deny_objects[0], deny_objects[0],
file_path, file_path,
@ -313,7 +313,7 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Check other have access to objects with deny attribute and using bearer token"): with reporter.step("Check other have access to objects with deny attribute and using bearer token"):
bearer_other = form_bearertoken_file( bearer_other = form_bearertoken_file(
user_wallet.wallet_path, user_wallet,
cid, cid,
[ [
EACLRule( EACLRule(
@ -327,7 +327,7 @@ class TestEACLFilters(ClusterTestBase):
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
) )
check_full_access_to_container( check_full_access_to_container(
other_wallet.wallet_path, other_wallet,
cid, cid,
deny_objects.pop(), deny_objects.pop(),
file_path, file_path,
@ -340,20 +340,20 @@ class TestEACLFilters(ClusterTestBase):
allow_attribute = self.OTHER_ATTRIBUTE if match_type == EACLMatchType.STRING_EQUAL else self.ATTRIBUTE allow_attribute = self.OTHER_ATTRIBUTE if match_type == EACLMatchType.STRING_EQUAL else self.ATTRIBUTE
with reporter.step("Check other can PUT objects without denied attribute"): with reporter.step("Check other can PUT objects without denied attribute"):
assert can_put_object( assert can_put_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
file_path, file_path,
shell=self.shell, shell=self.shell,
cluster=self.cluster, cluster=self.cluster,
attributes=allow_attribute, attributes=allow_attribute,
) )
assert can_put_object(other_wallet.wallet_path, cid, file_path, shell=self.shell, cluster=self.cluster) assert can_put_object(other_wallet, cid, file_path, shell=self.shell, cluster=self.cluster)
deny_attribute = self.ATTRIBUTE if match_type == EACLMatchType.STRING_EQUAL else self.OTHER_ATTRIBUTE deny_attribute = self.ATTRIBUTE if match_type == EACLMatchType.STRING_EQUAL else self.OTHER_ATTRIBUTE
with reporter.step("Check other can not PUT objects with denied attribute"): with reporter.step("Check other can not PUT objects with denied attribute"):
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_put_object( assert can_put_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
file_path, file_path,
shell=self.shell, shell=self.shell,
@ -363,7 +363,7 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Check other can PUT objects with denied attribute and using bearer token"): with reporter.step("Check other can PUT objects with denied attribute and using bearer token"):
bearer_other_for_put = form_bearertoken_file( bearer_other_for_put = form_bearertoken_file(
user_wallet.wallet_path, user_wallet,
cid, cid,
[ [
EACLRule( EACLRule(
@ -376,7 +376,7 @@ class TestEACLFilters(ClusterTestBase):
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
) )
assert can_put_object( assert can_put_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
file_path, file_path,
shell=self.shell, shell=self.shell,
@ -419,7 +419,7 @@ class TestEACLFilters(ClusterTestBase):
for op in self.OBJECT_ATTRIBUTES_FILTER_SUPPORTED_OPERATIONS for op in self.OBJECT_ATTRIBUTES_FILTER_SUPPORTED_OPERATIONS
] ]
set_eacl( set_eacl(
user_wallet.wallet_path, user_wallet,
cid, cid,
create_eacl(cid, eacl, shell=self.shell), create_eacl(cid, eacl, shell=self.shell),
shell=self.shell, shell=self.shell,
@ -442,7 +442,7 @@ class TestEACLFilters(ClusterTestBase):
oid = objects_without_header.pop() oid = objects_without_header.pop()
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_head_object( assert can_get_head_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid, oid,
shell=self.shell, shell=self.shell,
@ -450,7 +450,7 @@ class TestEACLFilters(ClusterTestBase):
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_object( assert can_get_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid, oid,
file_path, file_path,
@ -458,11 +458,11 @@ class TestEACLFilters(ClusterTestBase):
cluster=self.cluster, cluster=self.cluster,
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_put_object(other_wallet.wallet_path, cid, file_path, shell=self.shell, cluster=self.cluster) assert can_put_object(other_wallet, cid, file_path, shell=self.shell, cluster=self.cluster)
with reporter.step("Check other can get and put objects without attributes and using bearer token"): with reporter.step("Check other can get and put objects without attributes and using bearer token"):
bearer_other = form_bearertoken_file( bearer_other = form_bearertoken_file(
user_wallet.wallet_path, user_wallet,
cid, cid,
[ [
EACLRule( EACLRule(
@ -476,7 +476,7 @@ class TestEACLFilters(ClusterTestBase):
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
) )
assert can_get_head_object( assert can_get_head_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
objects_without_header[0], objects_without_header[0],
shell=self.shell, shell=self.shell,
@ -484,7 +484,7 @@ class TestEACLFilters(ClusterTestBase):
bearer=bearer_other, bearer=bearer_other,
) )
assert can_get_object( assert can_get_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
objects_without_header[0], objects_without_header[0],
file_path, file_path,
@ -493,7 +493,7 @@ class TestEACLFilters(ClusterTestBase):
bearer=bearer_other, bearer=bearer_other,
) )
assert can_put_object( assert can_put_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
file_path, file_path,
shell=self.shell, shell=self.shell,
@ -504,14 +504,14 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Check other can get objects with attributes matching the filter"): with reporter.step("Check other can get objects with attributes matching the filter"):
oid = allow_objects.pop() oid = allow_objects.pop()
assert can_get_head_object( assert can_get_head_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid, oid,
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
) )
assert can_get_object( assert can_get_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid, oid,
file_path, file_path,
@ -519,7 +519,7 @@ class TestEACLFilters(ClusterTestBase):
cluster=self.cluster, cluster=self.cluster,
) )
assert can_put_object( assert can_put_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
file_path, file_path,
shell=self.shell, shell=self.shell,
@ -530,7 +530,7 @@ class TestEACLFilters(ClusterTestBase):
with reporter.step("Check other cannot get objects without attributes matching the filter"): with reporter.step("Check other cannot get objects without attributes matching the filter"):
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_head_object( assert can_get_head_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
deny_objects[0], deny_objects[0],
shell=self.shell, shell=self.shell,
@ -538,7 +538,7 @@ class TestEACLFilters(ClusterTestBase):
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_get_object( assert can_get_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
deny_objects[0], deny_objects[0],
file_path, file_path,
@ -547,7 +547,7 @@ class TestEACLFilters(ClusterTestBase):
) )
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
assert can_put_object( assert can_put_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
file_path, file_path,
attributes=deny_attribute, attributes=deny_attribute,
@ -560,7 +560,7 @@ class TestEACLFilters(ClusterTestBase):
): ):
oid = deny_objects.pop() oid = deny_objects.pop()
assert can_get_head_object( assert can_get_head_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid, oid,
shell=self.shell, shell=self.shell,
@ -568,7 +568,7 @@ class TestEACLFilters(ClusterTestBase):
bearer=bearer_other, bearer=bearer_other,
) )
assert can_get_object( assert can_get_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
oid, oid,
file_path, file_path,
@ -577,7 +577,7 @@ class TestEACLFilters(ClusterTestBase):
bearer=bearer_other, bearer=bearer_other,
) )
assert can_put_object( assert can_put_object(
other_wallet.wallet_path, other_wallet,
cid, cid,
file_path, file_path,
shell=self.shell, shell=self.shell,

View file

@ -11,7 +11,7 @@ import pytest
import yaml import yaml
from dateutil import parser from dateutil import parser
from frostfs_testlib import plugins, reporter from frostfs_testlib import plugins, reporter
from frostfs_testlib.credentials.interfaces import CredentialsProvider from frostfs_testlib.credentials.interfaces import CredentialsProvider, User
from frostfs_testlib.healthcheck.interfaces import Healthcheck from frostfs_testlib.healthcheck.interfaces import Healthcheck
from frostfs_testlib.hosting import Hosting from frostfs_testlib.hosting import Hosting
from frostfs_testlib.reporter import AllureHandler, StepsLogger from frostfs_testlib.reporter import AllureHandler, StepsLogger
@ -19,7 +19,6 @@ from frostfs_testlib.resources.common import (
ASSETS_DIR, ASSETS_DIR,
COMPLEX_OBJECT_CHUNKS_COUNT, COMPLEX_OBJECT_CHUNKS_COUNT,
COMPLEX_OBJECT_TAIL_SIZE, COMPLEX_OBJECT_TAIL_SIZE,
DEFAULT_WALLET_PASS,
SIMPLE_OBJECT_SIZE, SIMPLE_OBJECT_SIZE,
) )
from frostfs_testlib.s3 import AwsCliClient, Boto3ClientWrapper, S3ClientWrapper, VersioningStatus from frostfs_testlib.s3 import AwsCliClient, Boto3ClientWrapper, S3ClientWrapper, VersioningStatus
@ -31,7 +30,7 @@ from frostfs_testlib.storage.cluster import Cluster, ClusterNode
from frostfs_testlib.storage.controllers.cluster_state_controller import ClusterStateController from frostfs_testlib.storage.controllers.cluster_state_controller import ClusterStateController
from frostfs_testlib.storage.dataclasses.frostfs_services import StorageNode from frostfs_testlib.storage.dataclasses.frostfs_services import StorageNode
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.wallet import WalletFactory, WalletInfo from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.testing.parallel import parallel from frostfs_testlib.testing.parallel import parallel
from frostfs_testlib.testing.test_control import wait_for_success from frostfs_testlib.testing.test_control import wait_for_success
@ -174,9 +173,9 @@ def require_multiple_interfaces(cluster: Cluster):
@pytest.fixture(scope="session") @pytest.fixture(scope="session")
def max_object_size(cluster: Cluster, client_shell: Shell) -> int: def max_object_size(cluster: Cluster, client_shell: Shell) -> int:
storage_node = cluster.storage_nodes[0] storage_node = cluster.storage_nodes[0]
wallet = WalletInfo.from_node(storage_node)
net_info = get_netmap_netinfo( net_info = get_netmap_netinfo(
wallet=storage_node.get_wallet_path(), wallet=wallet,
wallet_config=storage_node.get_wallet_config_path(),
endpoint=storage_node.get_rpc_endpoint(), endpoint=storage_node.get_rpc_endpoint(),
shell=client_shell, shell=client_shell,
) )
@ -210,11 +209,6 @@ def object_size(
return complex_object_size return complex_object_size
@pytest.fixture(scope="session")
def wallet_factory(temp_directory: str, client_shell: Shell, cluster: Cluster) -> WalletFactory:
return WalletFactory(temp_directory, client_shell, cluster)
@pytest.fixture(scope="session") @pytest.fixture(scope="session")
def cluster(temp_directory: str, hosting: Hosting, client_shell: Shell) -> Cluster: def cluster(temp_directory: str, hosting: Hosting, client_shell: Shell) -> Cluster:
cluster = Cluster(hosting) cluster = Cluster(hosting)
@ -253,6 +247,11 @@ def cluster_state_controller(client_shell: Shell, cluster: Cluster, healthcheck:
yield controller yield controller
@pytest.fixture(scope="session")
def credentials_provider(cluster: Cluster) -> CredentialsProvider:
return CredentialsProvider(cluster)
@reporter.step("[Class]: Create S3 client") @reporter.step("[Class]: Create S3 client")
@pytest.fixture( @pytest.fixture(
scope="class", scope="class",
@ -262,25 +261,19 @@ def cluster_state_controller(client_shell: Shell, cluster: Cluster, healthcheck:
], ],
) )
def s3_client( def s3_client(
default_wallet: str, default_user: User,
client_shell: Shell,
s3_policy: Optional[str], s3_policy: Optional[str],
cluster: Cluster, cluster: Cluster,
request: pytest.FixtureRequest, request: pytest.FixtureRequest,
credentials_provider: CredentialsProvider,
) -> S3ClientWrapper: ) -> S3ClientWrapper:
wallet = WalletInfo(path=default_wallet, password=DEFAULT_WALLET_PASS)
node = cluster.cluster_nodes[0] node = cluster.cluster_nodes[0]
credentials_provider.S3.provide(default_user, node, s3_policy)
credentials_provider = CredentialsProvider(node.host.config.s3_creds_plugin_name)
credentials_provider.stash["cluster"] = cluster
credentials_provider.stash["wallet"] = wallet
credentials_provider.stash["shell"] = client_shell
credentials_provider.stash["location_constraints"] = s3_policy
access_key_id, secret_access_key = credentials_provider.S3.provide(node)
s3_client_cls = request.param s3_client_cls = request.param
client = s3_client_cls(access_key_id, secret_access_key, cluster.default_s3_gate_endpoint) client = s3_client_cls(
default_user.s3_credentials.access_key, default_user.s3_credentials.secret_key, cluster.default_s3_gate_endpoint
)
return client return client
@ -405,12 +398,22 @@ def run_health_check(healthcheck: Healthcheck, cluster: Cluster, request: pytest
parallel(healthcheck.storage_healthcheck, cluster.cluster_nodes) parallel(healthcheck.storage_healthcheck, cluster.cluster_nodes)
@reporter.step("Prepare wallet and deposit") @reporter.step("Prepare default user with wallet")
@pytest.fixture(scope="session") @pytest.fixture(scope="session")
def default_wallet(wallet_factory: WalletFactory) -> str: def default_user(credentials_provider: CredentialsProvider, cluster: Cluster) -> User:
wallet = wallet_factory.create_wallet(password=DEFAULT_WALLET_PASS) # always unique username
reporter.attach(wallet.path, os.path.basename(wallet.path)) user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
return wallet.path node = cluster.cluster_nodes[0]
credentials_provider.GRPC.provide(user, node)
return user
@reporter.step("Get wallet for default user")
@pytest.fixture(scope="session")
def default_wallet(default_user: User) -> WalletInfo:
return default_user.wallet
@pytest.fixture() @pytest.fixture()

View file

@ -1,5 +1,3 @@
import json
import allure import allure
import pytest import pytest
from frostfs_testlib import reporter from frostfs_testlib import reporter
@ -12,6 +10,7 @@ from frostfs_testlib.steps.cli.container import (
wait_for_container_creation, wait_for_container_creation,
wait_for_container_deletion, wait_for_container_deletion,
) )
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from pytest_tests.helpers.utility import placement_policy_from_container from pytest_tests.helpers.utility import placement_policy_from_container
@ -22,13 +21,11 @@ from pytest_tests.helpers.utility import placement_policy_from_container
class TestContainer(ClusterTestBase): class TestContainer(ClusterTestBase):
@pytest.mark.parametrize("name", ["", "test-container"], ids=["No name", "Set particular name"]) @pytest.mark.parametrize("name", ["", "test-container"], ids=["No name", "Set particular name"])
@pytest.mark.smoke @pytest.mark.smoke
def test_container_creation(self, default_wallet: str, name: str): def test_container_creation(self, default_wallet: WalletInfo, name: str):
scenario_title = "with name" if name else "without name" scenario_title = "with name" if name else "without name"
allure.dynamic.title(f"Create container {scenario_title}") allure.dynamic.title(f"Create container {scenario_title}")
wallet = default_wallet wallet = default_wallet
with open(wallet) as file:
json_wallet = json.load(file)
placement_rule = "REP 2 IN X CBF 1 SELECT 2 FROM * AS X" placement_rule = "REP 2 IN X CBF 1 SELECT 2 FROM * AS X"
cid = create_container( cid = create_container(
@ -53,7 +50,7 @@ class TestContainer(ClusterTestBase):
info_to_check = { info_to_check = {
f"basic ACL: {PRIVATE_ACL_F} (private)", f"basic ACL: {PRIVATE_ACL_F} (private)",
f"owner ID: {json_wallet.get('accounts')[0].get('address')}", f"owner ID: {wallet.get_address_from_json(0)}",
f"CID: {cid}", f"CID: {cid}",
} }
if name: if name:
@ -82,7 +79,7 @@ class TestContainer(ClusterTestBase):
wait_for_container_deletion(wallet, cid, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint) wait_for_container_deletion(wallet, cid, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
@allure.title("Parallel container creation and deletion") @allure.title("Parallel container creation and deletion")
def test_container_creation_deletion_parallel(self, default_wallet: str): def test_container_creation_deletion_parallel(self, default_wallet: WalletInfo):
containers_count = 3 containers_count = 3
wallet = default_wallet wallet = default_wallet
placement_rule = "REP 2 IN X CBF 1 SELECT 2 FROM * AS X" placement_rule = "REP 2 IN X CBF 1 SELECT 2 FROM * AS X"

View file

@ -21,6 +21,7 @@ from frostfs_testlib.storage.cluster import ClusterNode
from frostfs_testlib.storage.controllers import ClusterStateController from frostfs_testlib.storage.controllers import ClusterStateController
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.storage_object_info import Interfaces, StorageObjectInfo from frostfs_testlib.storage.dataclasses.storage_object_info import Interfaces, StorageObjectInfo
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.testing.parallel import parallel from frostfs_testlib.testing.parallel import parallel
from frostfs_testlib.utils.failover_utils import wait_object_replication from frostfs_testlib.utils.failover_utils import wait_object_replication
@ -74,7 +75,7 @@ class TestFailoverNetwork(ClusterTestBase):
def storage_objects( def storage_objects(
self, self,
simple_object_size: ObjectSize, simple_object_size: ObjectSize,
default_wallet: str, default_wallet: WalletInfo,
) -> list[StorageObjectInfo]: ) -> list[StorageObjectInfo]:
file_path = generate_file(simple_object_size.value) file_path = generate_file(simple_object_size.value)
@ -105,7 +106,7 @@ class TestFailoverNetwork(ClusterTestBase):
storage_object = StorageObjectInfo(cid=cid, oid=oid) storage_object = StorageObjectInfo(cid=cid, oid=oid)
storage_object.size = simple_object_size.value storage_object.size = simple_object_size.value
storage_object.wallet_file_path = default_wallet storage_object.wallet = default_wallet
storage_object.file_path = file_path storage_object.file_path = file_path
storage_object.file_hash = file_hash storage_object.file_hash = file_hash
storage_object.attributes = attribute storage_object.attributes = attribute
@ -119,7 +120,7 @@ class TestFailoverNetwork(ClusterTestBase):
@allure.title("Block Storage node traffic") @allure.title("Block Storage node traffic")
def test_block_storage_node_traffic( def test_block_storage_node_traffic(
self, self,
default_wallet: str, default_wallet: WalletInfo,
require_multiple_hosts, require_multiple_hosts,
simple_object_size: ObjectSize, simple_object_size: ObjectSize,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
@ -201,7 +202,7 @@ class TestFailoverNetwork(ClusterTestBase):
def test_block_data_interface( def test_block_data_interface(
self, self,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
default_wallet: str, default_wallet: WalletInfo,
restore_down_interfaces: None, restore_down_interfaces: None,
delete_file_after_test: None, delete_file_after_test: None,
storage_objects: list[StorageObjectInfo], storage_objects: list[StorageObjectInfo],
@ -258,7 +259,7 @@ class TestFailoverNetwork(ClusterTestBase):
def test_block_internal_interface( def test_block_internal_interface(
self, self,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
default_wallet: str, default_wallet: WalletInfo,
restore_down_interfaces: None, restore_down_interfaces: None,
delete_file_after_test: None, delete_file_after_test: None,
storage_objects: list[StorageObjectInfo], storage_objects: list[StorageObjectInfo],
@ -342,7 +343,7 @@ class TestFailoverNetwork(ClusterTestBase):
self, self,
require_multiple_interfaces, require_multiple_interfaces,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
default_wallet: str, default_wallet: WalletInfo,
simple_object_size: ObjectSize, simple_object_size: ObjectSize,
delete_file_after_test: None, delete_file_after_test: None,
restore_down_interfaces: None, restore_down_interfaces: None,
@ -398,7 +399,7 @@ class TestFailoverNetwork(ClusterTestBase):
self, self,
require_multiple_interfaces, require_multiple_interfaces,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
default_wallet: str, default_wallet: WalletInfo,
simple_object_size: ObjectSize, simple_object_size: ObjectSize,
delete_file_after_test: None, delete_file_after_test: None,
restore_down_interfaces: None, restore_down_interfaces: None,

View file

@ -41,7 +41,7 @@ class TestFailoverServer(ClusterTestBase):
def containers( def containers(
self, self,
request: FixtureRequest, request: FixtureRequest,
default_wallet: str, default_wallet: WalletInfo,
) -> list[StorageContainer]: ) -> list[StorageContainer]:
placement_rule = "REP 2 CBF 2 SELECT 2 FROM *" placement_rule = "REP 2 CBF 2 SELECT 2 FROM *"
@ -66,7 +66,7 @@ class TestFailoverServer(ClusterTestBase):
@reporter.step("Creation container") @reporter.step("Creation container")
@pytest.fixture() @pytest.fixture()
def container(self, default_wallet: str) -> StorageContainer: def container(self, default_wallet: WalletInfo) -> StorageContainer:
select = len(self.cluster.cluster_nodes) select = len(self.cluster.cluster_nodes)
placement_rule = f"REP {select - 1} CBF 1 SELECT {select} FROM *" placement_rule = f"REP {select - 1} CBF 1 SELECT {select} FROM *"
cont_id = create_container( cont_id = create_container(
@ -120,7 +120,7 @@ class TestFailoverServer(ClusterTestBase):
for storage_object in storage_objects: for storage_object in storage_objects:
try: try:
got_file_path = get_object( got_file_path = get_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
endpoint=node.get_rpc_endpoint(), endpoint=node.get_rpc_endpoint(),
@ -152,7 +152,7 @@ class TestFailoverServer(ClusterTestBase):
@pytest.fixture() @pytest.fixture()
def object_and_nodes( def object_and_nodes(
self, simple_object_size: ObjectSize, container: StorageContainer, default_wallet: str self, simple_object_size: ObjectSize, container: StorageContainer
) -> tuple[StorageObjectInfo, list[ClusterNode]]: ) -> tuple[StorageObjectInfo, list[ClusterNode]]:
object_info = container.generate_object(simple_object_size.value) object_info = container.generate_object(simple_object_size.value)
object_nodes = get_object_nodes( object_nodes = get_object_nodes(
@ -240,7 +240,7 @@ class TestFailoverServer(ClusterTestBase):
self, self,
container: list[StorageContainer], container: list[StorageContainer],
object_and_nodes: tuple[StorageObjectInfo, list[ClusterNode]], object_and_nodes: tuple[StorageObjectInfo, list[ClusterNode]],
default_wallet: str, default_wallet: WalletInfo,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
simple_file: str, simple_file: str,
up_stop_nodes: None, up_stop_nodes: None,
@ -283,7 +283,7 @@ class TestFailoverServer(ClusterTestBase):
@allure.title("Not enough nodes in the container with policy - 'REP 2 CBF 2 SELECT 4 FROM *'") @allure.title("Not enough nodes in the container with policy - 'REP 2 CBF 2 SELECT 4 FROM *'")
def test_not_enough_nodes_in_container_rep_2( def test_not_enough_nodes_in_container_rep_2(
self, self,
default_wallet: str, default_wallet: WalletInfo,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
simple_file: str, simple_file: str,
up_stop_nodes: None, up_stop_nodes: None,

View file

@ -127,7 +127,7 @@ class TestFailoverStorage(ClusterTestBase):
def test_unhealthy_tree( def test_unhealthy_tree(
self, self,
s3_client: S3ClientWrapper, s3_client: S3ClientWrapper,
default_wallet: str, default_wallet: WalletInfo,
simple_object_size: ObjectSize, simple_object_size: ObjectSize,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
after_run_return_all_stopped_services, after_run_return_all_stopped_services,
@ -536,7 +536,7 @@ class TestStorageDataLoss(ClusterTestBase):
simple_object_size: ObjectSize, simple_object_size: ObjectSize,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
shards_watcher: ShardsWatcher, shards_watcher: ShardsWatcher,
default_wallet: str, default_wallet: WalletInfo,
test_start_time: datetime, test_start_time: datetime,
after_run_return_all_stopped_services: str, after_run_return_all_stopped_services: str,
): ):
@ -585,7 +585,7 @@ class TestStorageDataLoss(ClusterTestBase):
with reporter.step("Objects should be available"): with reporter.step("Objects should be available"):
for storage_object in storage_objects: for storage_object in storage_objects:
get_object( get_object(
storage_object.wallet_file_path, storage_object.wallet,
container.get_id(), container.get_id(),
storage_object.oid, storage_object.oid,
self.shell, self.shell,

View file

@ -40,6 +40,7 @@ from frostfs_testlib.storage.cluster import ClusterNode, StorageNode
from frostfs_testlib.storage.controllers import ClusterStateController from frostfs_testlib.storage.controllers import ClusterStateController
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.storage_object_info import ModeNode from frostfs_testlib.storage.dataclasses.storage_object_info import ModeNode
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.utils import datetime_utils, string_utils from frostfs_testlib.utils import datetime_utils, string_utils
from frostfs_testlib.utils.failover_utils import wait_object_replication from frostfs_testlib.utils.failover_utils import wait_object_replication
@ -58,7 +59,7 @@ class TestNodeManagement(ClusterTestBase):
@pytest.fixture @pytest.fixture
@allure.title("Create container and pick the node with data") @allure.title("Create container and pick the node with data")
def create_container_and_pick_node( def create_container_and_pick_node(
self, default_wallet: str, simple_object_size: ObjectSize self, default_wallet: WalletInfo, simple_object_size: ObjectSize
) -> Tuple[str, StorageNode]: ) -> Tuple[str, StorageNode]:
file_path = generate_file(simple_object_size.value) file_path = generate_file(simple_object_size.value)
placement_rule = "REP 1 IN X CBF 1 SELECT 1 FROM * AS X" placement_rule = "REP 1 IN X CBF 1 SELECT 1 FROM * AS X"
@ -133,7 +134,7 @@ class TestNodeManagement(ClusterTestBase):
@pytest.mark.add_nodes @pytest.mark.add_nodes
def test_add_nodes( def test_add_nodes(
self, self,
default_wallet: str, default_wallet: WalletInfo,
simple_object_size: ObjectSize, simple_object_size: ObjectSize,
return_nodes_after_test_run, return_nodes_after_test_run,
): ):
@ -356,7 +357,7 @@ class TestMaintenanceMode(ClusterTestBase):
return cli return cli
@pytest.fixture() @pytest.fixture()
def restore_online_mode_node(self, cluster_state_controller: ClusterStateController, default_wallet: str): def restore_online_mode_node(self, cluster_state_controller: ClusterStateController, default_wallet: WalletInfo):
yield yield
cluster_state_controller.set_mode_node(cluster_node=self.change_node, wallet=default_wallet, status="online") cluster_state_controller.set_mode_node(cluster_node=self.change_node, wallet=default_wallet, status="online")
self.tick_epoch(wait_block=2) self.tick_epoch(wait_block=2)
@ -383,7 +384,7 @@ class TestMaintenanceMode(ClusterTestBase):
@allure.title("Test of basic node operations in maintenance mode") @allure.title("Test of basic node operations in maintenance mode")
def test_maintenance_mode( def test_maintenance_mode(
self, self,
default_wallet: str, default_wallet: WalletInfo,
simple_object_size: ObjectSize, simple_object_size: ObjectSize,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
restore_online_mode_node: None, restore_online_mode_node: None,
@ -444,7 +445,7 @@ class TestMaintenanceMode(ClusterTestBase):
self, self,
cluster_state_controller: ClusterStateController, cluster_state_controller: ClusterStateController,
node_under_test: ClusterNode, node_under_test: ClusterNode,
default_wallet: str, default_wallet: WalletInfo,
frostfs_cli: FrostfsCli, frostfs_cli: FrostfsCli,
restore_online_mode_node: None, restore_online_mode_node: None,
): ):
@ -595,7 +596,7 @@ class TestMaintenanceMode(ClusterTestBase):
node_under_test: ClusterNode, node_under_test: ClusterNode,
frostfs_cli_remote: FrostfsCli, frostfs_cli_remote: FrostfsCli,
frostfs_cli: FrostfsCli, frostfs_cli: FrostfsCli,
default_wallet: str, default_wallet: WalletInfo,
restore_online_mode_node: None, restore_online_mode_node: None,
): ):
self.change_node = node_under_test self.change_node = node_under_test

View file

@ -28,6 +28,7 @@ from frostfs_testlib.steps.storage_policy import get_complex_object_copies, get_
from frostfs_testlib.storage.cluster import Cluster from frostfs_testlib.storage.cluster import Cluster
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.storage_object_info import StorageObjectInfo from frostfs_testlib.storage.dataclasses.storage_object_info import StorageObjectInfo
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.utils.file_utils import generate_file, get_file_content, get_file_hash from frostfs_testlib.utils.file_utils import generate_file, get_file_content, get_file_hash
@ -92,7 +93,7 @@ def generate_ranges(
scope="module" scope="module"
) )
def storage_objects( def storage_objects(
default_wallet: str, client_shell: Shell, cluster: Cluster, object_size: ObjectSize default_wallet: WalletInfo, client_shell: Shell, cluster: Cluster, object_size: ObjectSize
) -> list[StorageObjectInfo]: ) -> list[StorageObjectInfo]:
wallet = default_wallet wallet = default_wallet
# Separate containers for complex/simple objects to avoid side-effects # Separate containers for complex/simple objects to avoid side-effects
@ -117,7 +118,7 @@ def storage_objects(
storage_object = StorageObjectInfo(cid, storage_object_id) storage_object = StorageObjectInfo(cid, storage_object_id)
storage_object.size = object_size.value storage_object.size = object_size.value
storage_object.wallet_file_path = wallet storage_object.wallet = wallet
storage_object.file_path = file_path storage_object.file_path = file_path
storage_object.file_hash = file_hash storage_object.file_hash = file_hash
storage_object.attributes = attributes storage_object.attributes = attributes
@ -147,7 +148,7 @@ class TestObjectApi(ClusterTestBase):
for storage_object in storage_objects: for storage_object in storage_objects:
if storage_object.size == simple_object_size.value: if storage_object.size == simple_object_size.value:
copies = get_simple_object_copies( copies = get_simple_object_copies(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
shell=self.shell, shell=self.shell,
@ -155,7 +156,7 @@ class TestObjectApi(ClusterTestBase):
) )
else: else:
copies = get_complex_object_copies( copies = get_complex_object_copies(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
shell=self.shell, shell=self.shell,
@ -172,7 +173,7 @@ class TestObjectApi(ClusterTestBase):
with reporter.step("Get objects and compare hashes"): with reporter.step("Get objects and compare hashes"):
for storage_object in storage_objects: for storage_object in storage_objects:
file_path = get_object_from_random_node( file_path = get_object_from_random_node(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -192,14 +193,14 @@ class TestObjectApi(ClusterTestBase):
with reporter.step("Head object and validate"): with reporter.step("Head object and validate"):
head_object( head_object(
storage_object_1.wallet_file_path, storage_object_1.wallet,
storage_object_1.cid, storage_object_1.cid,
storage_object_1.oid, storage_object_1.oid,
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
) )
head_info = head_object( head_info = head_object(
storage_object_2.wallet_file_path, storage_object_2.wallet,
storage_object_2.cid, storage_object_2.cid,
storage_object_2.oid, storage_object_2.oid,
shell=self.shell, shell=self.shell,
@ -214,7 +215,7 @@ class TestObjectApi(ClusterTestBase):
""" """
oids = [storage_object.oid for storage_object in storage_objects] oids = [storage_object.oid for storage_object in storage_objects]
wallet = storage_objects[0].wallet_file_path wallet = storage_objects[0].wallet
cid = storage_objects[0].cid cid = storage_objects[0].cid
test_table = [ test_table = [
@ -249,7 +250,7 @@ class TestObjectApi(ClusterTestBase):
assert sorted(expected_oids) == sorted(result) assert sorted(expected_oids) == sorted(result)
@allure.title("Search objects with removed items (obj_size={object_size})") @allure.title("Search objects with removed items (obj_size={object_size})")
def test_object_search_should_return_tombstone_items(self, default_wallet: str, object_size: ObjectSize): def test_object_search_should_return_tombstone_items(self, default_wallet: WalletInfo, object_size: ObjectSize):
""" """
Validate object search with removed items Validate object search with removed items
""" """
@ -265,7 +266,7 @@ class TestObjectApi(ClusterTestBase):
cid=cid, cid=cid,
oid=put_object_to_random_node(wallet, file_path, cid, self.shell, self.cluster), oid=put_object_to_random_node(wallet, file_path, cid, self.shell, self.cluster),
size=object_size.value, size=object_size.value,
wallet_file_path=wallet, wallet=wallet,
file_path=file_path, file_path=file_path,
file_hash=file_hash, file_hash=file_hash,
) )
@ -308,7 +309,7 @@ class TestObjectApi(ClusterTestBase):
Validate get_range_hash for object by native gRPC API Validate get_range_hash for object by native gRPC API
""" """
wallet = storage_objects[0].wallet_file_path wallet = storage_objects[0].wallet
cid = storage_objects[0].cid cid = storage_objects[0].cid
oids = [storage_object.oid for storage_object in storage_objects[:2]] oids = [storage_object.oid for storage_object in storage_objects[:2]]
file_path = storage_objects[0].file_path file_path = storage_objects[0].file_path
@ -339,7 +340,7 @@ class TestObjectApi(ClusterTestBase):
Validate get_range for object by native gRPC API Validate get_range for object by native gRPC API
""" """
wallet = storage_objects[0].wallet_file_path wallet = storage_objects[0].wallet
cid = storage_objects[0].cid cid = storage_objects[0].cid
oids = [storage_object.oid for storage_object in storage_objects[:2]] oids = [storage_object.oid for storage_object in storage_objects[:2]]
file_path = storage_objects[0].file_path file_path = storage_objects[0].file_path
@ -374,7 +375,7 @@ class TestObjectApi(ClusterTestBase):
Validate get_range negative for object by native gRPC API Validate get_range negative for object by native gRPC API
""" """
wallet = storage_objects[0].wallet_file_path wallet = storage_objects[0].wallet
cid = storage_objects[0].cid cid = storage_objects[0].cid
oids = [storage_object.oid for storage_object in storage_objects[:2]] oids = [storage_object.oid for storage_object in storage_objects[:2]]
file_size = storage_objects[0].size file_size = storage_objects[0].size
@ -421,7 +422,7 @@ class TestObjectApi(ClusterTestBase):
Validate get_range_hash negative for object by native gRPC API Validate get_range_hash negative for object by native gRPC API
""" """
wallet = storage_objects[0].wallet_file_path wallet = storage_objects[0].wallet
cid = storage_objects[0].cid cid = storage_objects[0].cid
oids = [storage_object.oid for storage_object in storage_objects[:2]] oids = [storage_object.oid for storage_object in storage_objects[:2]]
file_size = storage_objects[0].size file_size = storage_objects[0].size

View file

@ -25,7 +25,7 @@ from pytest import FixtureRequest
@pytest.fixture(scope="module") @pytest.fixture(scope="module")
@allure.title("Create bearer token for OTHERS with all operations allowed for all containers") @allure.title("Create bearer token for OTHERS with all operations allowed for all containers")
def bearer_token_file_all_allow(default_wallet: str, client_shell: Shell, cluster: Cluster) -> str: def bearer_token_file_all_allow(default_wallet: WalletInfo, client_shell: Shell, cluster: Cluster) -> str:
bearer = form_bearertoken_file( bearer = form_bearertoken_file(
default_wallet, default_wallet,
"", "",
@ -40,7 +40,7 @@ def bearer_token_file_all_allow(default_wallet: str, client_shell: Shell, cluste
@pytest.fixture(scope="module") @pytest.fixture(scope="module")
@allure.title("Create user container for bearer token usage") @allure.title("Create user container for bearer token usage")
def user_container( def user_container(
default_wallet: str, client_shell: Shell, cluster: Cluster, request: FixtureRequest default_wallet: WalletInfo, client_shell: Shell, cluster: Cluster, request: FixtureRequest
) -> StorageContainer: ) -> StorageContainer:
container_id = create_container( container_id = create_container(
default_wallet, default_wallet,
@ -94,18 +94,17 @@ class TestObjectApiWithBearerToken(ClusterTestBase):
storage_objects: list[StorageObjectInfo], storage_objects: list[StorageObjectInfo],
bearer_token_file_all_allow: str, bearer_token_file_all_allow: str,
): ):
s3_gate_wallet = self.cluster.s3_gates[0] s3_gate_wallet = WalletInfo.from_node(self.cluster.s3_gates[0])
with reporter.step("Try to delete each object from first storage node"): with reporter.step("Try to delete each object from first storage node"):
for storage_object in storage_objects: for storage_object in storage_objects:
with expect_not_raises(): with expect_not_raises():
delete_object( delete_object(
s3_gate_wallet.get_wallet_path(), s3_gate_wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
bearer=bearer_token_file_all_allow, bearer=bearer_token_file_all_allow,
wallet_config=s3_gate_wallet.get_wallet_config_path(),
) )
@allure.title("Object can be fetched from any node using s3gate wallet with bearer token (obj_size={object_size})") @allure.title("Object can be fetched from any node using s3gate wallet with bearer token (obj_size={object_size})")
@ -120,7 +119,7 @@ class TestObjectApiWithBearerToken(ClusterTestBase):
object_size: ObjectSize, object_size: ObjectSize,
bearer_token_file_all_allow: str, bearer_token_file_all_allow: str,
): ):
s3_gate_wallet = self.cluster.s3_gates[0] s3_gate_wallet = WalletInfo.from_node(self.cluster.s3_gates[0])
with reporter.step("Put one object to container"): with reporter.step("Put one object to container"):
epoch = self.get_epoch() epoch = self.get_epoch()
storage_object = user_container.generate_object( storage_object = user_container.generate_object(
@ -131,11 +130,10 @@ class TestObjectApiWithBearerToken(ClusterTestBase):
for node in self.cluster.storage_nodes: for node in self.cluster.storage_nodes:
with expect_not_raises(): with expect_not_raises():
get_object( get_object(
s3_gate_wallet.get_wallet_path(), s3_gate_wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
endpoint=node.get_rpc_endpoint(), endpoint=node.get_rpc_endpoint(),
bearer=bearer_token_file_all_allow, bearer=bearer_token_file_all_allow,
wallet_config=s3_gate_wallet.get_wallet_config_path(),
) )

View file

@ -8,6 +8,7 @@ from frostfs_testlib.steps.cli.container import create_container
from frostfs_testlib.steps.cli.object import get_object_from_random_node, head_object, put_object_to_random_node from frostfs_testlib.steps.cli.object import get_object_from_random_node, head_object, put_object_to_random_node
from frostfs_testlib.steps.epoch import get_epoch from frostfs_testlib.steps.epoch import get_epoch
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.utils.file_utils import generate_file, get_file_hash from frostfs_testlib.utils.file_utils import generate_file, get_file_hash
@ -20,7 +21,7 @@ logger = logging.getLogger("NeoLogger")
@pytest.mark.grpc_api @pytest.mark.grpc_api
class TestObjectApiLifetime(ClusterTestBase): class TestObjectApiLifetime(ClusterTestBase):
@allure.title("Object is removed when lifetime expired (obj_size={object_size})") @allure.title("Object is removed when lifetime expired (obj_size={object_size})")
def test_object_api_lifetime(self, default_wallet: str, object_size: ObjectSize): def test_object_api_lifetime(self, default_wallet: WalletInfo, object_size: ObjectSize):
""" """
Test object deleted after expiration epoch. Test object deleted after expiration epoch.
""" """

View file

@ -1,9 +1,11 @@
import logging import logging
import re import re
from datetime import datetime
import allure import allure
import pytest import pytest
from frostfs_testlib import reporter from frostfs_testlib import reporter
from frostfs_testlib.credentials.interfaces import CredentialsProvider, User
from frostfs_testlib.resources.common import STORAGE_GC_TIME from frostfs_testlib.resources.common import STORAGE_GC_TIME
from frostfs_testlib.resources.error_patterns import ( from frostfs_testlib.resources.error_patterns import (
LIFETIME_REQUIRED, LIFETIME_REQUIRED,
@ -25,7 +27,7 @@ from frostfs_testlib.steps.storage_policy import get_nodes_with_object
from frostfs_testlib.storage.cluster import Cluster from frostfs_testlib.storage.cluster import Cluster
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.storage_object_info import LockObjectInfo, StorageObjectInfo from frostfs_testlib.storage.dataclasses.storage_object_info import LockObjectInfo, StorageObjectInfo
from frostfs_testlib.storage.dataclasses.wallet import WalletFactory, WalletInfo from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.testing.test_control import expect_not_raises, wait_for_success from frostfs_testlib.testing.test_control import expect_not_raises, wait_for_success
from frostfs_testlib.utils import datetime_utils from frostfs_testlib.utils import datetime_utils
@ -38,26 +40,20 @@ FIXTURE_LOCK_LIFETIME = 5
FIXTURE_OBJECT_LIFETIME = 10 FIXTURE_OBJECT_LIFETIME = 10
@pytest.fixture( @pytest.fixture(scope="module")
scope="module", def user_wallet(credentials_provider: CredentialsProvider, cluster: Cluster) -> WalletInfo:
)
def user_wallet(wallet_factory: WalletFactory):
with reporter.step("Create user wallet with container"): with reporter.step("Create user wallet with container"):
wallet_file = wallet_factory.create_wallet() user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
return wallet_file return credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0])
@pytest.fixture( @pytest.fixture(scope="module")
scope="module",
)
def user_container(user_wallet: WalletInfo, client_shell: Shell, cluster: Cluster): def user_container(user_wallet: WalletInfo, client_shell: Shell, cluster: Cluster):
container_id = create_container(user_wallet.path, shell=client_shell, endpoint=cluster.default_rpc_endpoint) container_id = create_container(user_wallet, shell=client_shell, endpoint=cluster.default_rpc_endpoint)
return StorageContainer(StorageContainerInfo(container_id, user_wallet), client_shell, cluster) return StorageContainer(StorageContainerInfo(container_id, user_wallet), client_shell, cluster)
@pytest.fixture( @pytest.fixture(scope="module")
scope="module",
)
def locked_storage_object( def locked_storage_object(
user_container: StorageContainer, user_container: StorageContainer,
client_shell: Shell, client_shell: Shell,
@ -75,7 +71,7 @@ def locked_storage_object(
object_size.value, expire_at=current_epoch + FIXTURE_OBJECT_LIFETIME object_size.value, expire_at=current_epoch + FIXTURE_OBJECT_LIFETIME
) )
lock_object_id = lock_object( lock_object_id = lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
client_shell, client_shell,
@ -98,7 +94,7 @@ def locked_storage_object(
tick_epoch(client_shell, cluster) tick_epoch(client_shell, cluster)
try: try:
delete_object( delete_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
client_shell, client_shell,
@ -113,10 +109,10 @@ def locked_storage_object(
@wait_for_success(datetime_utils.parse_time(STORAGE_GC_TIME)) @wait_for_success(datetime_utils.parse_time(STORAGE_GC_TIME))
def check_object_not_found(wallet_file_path: str, cid: str, oid: str, shell: Shell, rpc_endpoint: str): def check_object_not_found(wallet: WalletInfo, cid: str, oid: str, shell: Shell, rpc_endpoint: str):
with pytest.raises(Exception, match=OBJECT_NOT_FOUND): with pytest.raises(Exception, match=OBJECT_NOT_FOUND):
head_object( head_object(
wallet_file_path, wallet,
cid, cid,
oid, oid,
shell, shell,
@ -124,10 +120,10 @@ def check_object_not_found(wallet_file_path: str, cid: str, oid: str, shell: She
) )
def verify_object_available(wallet_file_path: str, cid: str, oid: str, shell: Shell, rpc_endpoint: str): def verify_object_available(wallet: WalletInfo, cid: str, oid: str, shell: Shell, rpc_endpoint: str):
with expect_not_raises(): with expect_not_raises():
head_object( head_object(
wallet_file_path, wallet,
cid, cid,
oid, oid,
shell, shell,
@ -150,7 +146,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
object_size.value, expire_at=current_epoch + FIXTURE_OBJECT_LIFETIME object_size.value, expire_at=current_epoch + FIXTURE_OBJECT_LIFETIME
) )
lock_object( lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -170,7 +166,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
""" """
with pytest.raises(Exception, match=OBJECT_IS_LOCKED): with pytest.raises(Exception, match=OBJECT_IS_LOCKED):
delete_object( delete_object(
locked_storage_object.wallet_file_path, locked_storage_object.wallet,
locked_storage_object.cid, locked_storage_object.cid,
locked_storage_object.oid, locked_storage_object.oid,
self.shell, self.shell,
@ -189,7 +185,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
""" """
lock_object = locked_storage_object.locks[0] lock_object = locked_storage_object.locks[0]
wallet_path = locked_storage_object.wallet_file_path wallet_path = locked_storage_object.wallet
with pytest.raises(Exception, match=LOCK_OBJECT_REMOVAL): with pytest.raises(Exception, match=LOCK_OBJECT_REMOVAL):
delete_object( delete_object(
@ -212,7 +208,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
""" """
lock_object_info = locked_storage_object.locks[0] lock_object_info = locked_storage_object.locks[0]
wallet_path = locked_storage_object.wallet_file_path wallet_path = locked_storage_object.wallet
with pytest.raises(Exception, match=LOCK_NON_REGULAR_OBJECT): with pytest.raises(Exception, match=LOCK_NON_REGULAR_OBJECT):
lock_object( lock_object(
@ -252,7 +248,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
""" """
lock_object_info = locked_storage_object.locks[0] lock_object_info = locked_storage_object.locks[0]
wallet_path = locked_storage_object.wallet_file_path wallet_path = locked_storage_object.wallet
with pytest.raises(Exception, match=expected_error): with pytest.raises(Exception, match=expected_error):
lock_object( lock_object(
@ -281,7 +277,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Lock object for couple epochs"): with reporter.step("Lock object for couple epochs"):
lock_object( lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -289,7 +285,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
lifetime=2, lifetime=2,
) )
lock_object( lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -303,7 +299,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
wait_for_gc_pass_on_storage_nodes() wait_for_gc_pass_on_storage_nodes()
with expect_not_raises(): with expect_not_raises():
head_object( head_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -313,7 +309,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Wait for object to be deleted after third epoch"): with reporter.step("Wait for object to be deleted after third epoch"):
self.tick_epoch() self.tick_epoch()
check_object_not_found( check_object_not_found(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -338,7 +334,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
storage_objects.append(user_container.generate_object(object_size.value, expire_at=current_epoch + 5)) storage_objects.append(user_container.generate_object(object_size.value, expire_at=current_epoch + 5))
lock_object( lock_object(
storage_objects[0].wallet_file_path, storage_objects[0].wallet,
storage_objects[0].cid, storage_objects[0].cid,
",".join([storage_object.oid for storage_object in storage_objects]), ",".join([storage_object.oid for storage_object in storage_objects]),
self.shell, self.shell,
@ -350,7 +346,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step(f"Try to delete object {storage_object.oid}"): with reporter.step(f"Try to delete object {storage_object.oid}"):
with pytest.raises(Exception, match=OBJECT_IS_LOCKED): with pytest.raises(Exception, match=OBJECT_IS_LOCKED):
delete_object( delete_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -384,7 +380,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
match=LOCK_OBJECT_EXPIRATION.format(expiration_epoch=expiration_epoch, current_epoch=current_epoch), match=LOCK_OBJECT_EXPIRATION.format(expiration_epoch=expiration_epoch, current_epoch=current_epoch),
): ):
lock_object( lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -408,7 +404,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
storage_object = user_container.generate_object(object_size.value, expire_at=current_epoch + 5) storage_object = user_container.generate_object(object_size.value, expire_at=current_epoch + 5)
lock_object( lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -419,7 +415,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
self.tick_epochs(2) self.tick_epochs(2)
with expect_not_raises(): with expect_not_raises():
delete_object( delete_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -442,7 +438,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
storage_object = user_container.generate_object(object_size.value, expire_at=current_epoch + 5) storage_object = user_container.generate_object(object_size.value, expire_at=current_epoch + 5)
lock_object( lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -454,7 +450,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with expect_not_raises(): with expect_not_raises():
delete_object( delete_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -481,7 +477,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step(f"Try to delete chunk object {chunk_object_id}"): with reporter.step(f"Try to delete chunk object {chunk_object_id}"):
with pytest.raises(Exception, match=OBJECT_IS_LOCKED): with pytest.raises(Exception, match=OBJECT_IS_LOCKED):
delete_object( delete_object(
locked_storage_object.wallet_file_path, locked_storage_object.wallet,
locked_storage_object.cid, locked_storage_object.cid,
chunk_object_id, chunk_object_id,
self.shell, self.shell,
@ -498,7 +494,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
) )
def test_link_object_of_locked_complex_object_can_be_dropped(self, new_locked_storage_object: StorageObjectInfo): def test_link_object_of_locked_complex_object_can_be_dropped(self, new_locked_storage_object: StorageObjectInfo):
link_object_id = get_link_object( link_object_id = get_link_object(
new_locked_storage_object.wallet_file_path, new_locked_storage_object.wallet,
new_locked_storage_object.cid, new_locked_storage_object.cid,
new_locked_storage_object.oid, new_locked_storage_object.oid,
self.shell, self.shell,
@ -569,7 +565,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
""" """
link_object_id = get_link_object( link_object_id = get_link_object(
locked_storage_object.wallet_file_path, locked_storage_object.wallet,
locked_storage_object.cid, locked_storage_object.cid,
locked_storage_object.oid, locked_storage_object.oid,
self.shell, self.shell,
@ -579,7 +575,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step(f"Try to delete link object {link_object_id}"): with reporter.step(f"Try to delete link object {link_object_id}"):
with pytest.raises(Exception, match=OBJECT_IS_LOCKED): with pytest.raises(Exception, match=OBJECT_IS_LOCKED):
delete_object( delete_object(
locked_storage_object.wallet_file_path, locked_storage_object.wallet,
locked_storage_object.cid, locked_storage_object.cid,
link_object_id, link_object_id,
self.shell, self.shell,
@ -597,7 +593,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Apply first lock to object for 3 epochs"): with reporter.step("Apply first lock to object for 3 epochs"):
lock_object_id_0 = lock_object( lock_object_id_0 = lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -609,7 +605,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Check first lock is still available"): with reporter.step("Check first lock is still available"):
verify_object_available( verify_object_available(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
lock_object_id_0, lock_object_id_0,
self.shell, self.shell,
@ -618,7 +614,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Apply second lock to object for 3 more epochs"): with reporter.step("Apply second lock to object for 3 more epochs"):
lock_object_id_1 = lock_object( lock_object_id_1 = lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -630,7 +626,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Verify first lock is expired and removed"): with reporter.step("Verify first lock is expired and removed"):
check_object_not_found( check_object_not_found(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
lock_object_id_0, lock_object_id_0,
self.shell, self.shell,
@ -639,7 +635,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Verify second lock is still available"): with reporter.step("Verify second lock is still available"):
verify_object_available( verify_object_available(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
lock_object_id_1, lock_object_id_1,
self.shell, self.shell,
@ -648,7 +644,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Apply third lock to object for 3 more epochs"): with reporter.step("Apply third lock to object for 3 more epochs"):
lock_object( lock_object(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -659,7 +655,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Verify object is deleted after all locks are expired"): with reporter.step("Verify object is deleted after all locks are expired"):
self.tick_epochs(4) self.tick_epochs(4)
check_object_not_found( check_object_not_found(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -687,7 +683,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step("Lock objects for 4 epochs"): with reporter.step("Lock objects for 4 epochs"):
lock_object( lock_object(
storage_objects[0].wallet_file_path, storage_objects[0].wallet,
storage_objects[0].cid, storage_objects[0].cid,
",".join([storage_object.oid for storage_object in storage_objects]), ",".join([storage_object.oid for storage_object in storage_objects]),
self.shell, self.shell,
@ -701,7 +697,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
with reporter.step(f"Check objects at epoch {current_epoch + epoch_i + 2}"): with reporter.step(f"Check objects at epoch {current_epoch + epoch_i + 2}"):
for storage_object in storage_objects: for storage_object in storage_objects:
verify_object_available( verify_object_available(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -712,7 +708,7 @@ class TestObjectLockWithGrpc(ClusterTestBase):
self.tick_epoch() self.tick_epoch()
for storage_object in storage_objects: for storage_object in storage_objects:
check_object_not_found( check_object_not_found(
storage_object.wallet_file_path, storage_object.wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,

View file

@ -1,6 +1,5 @@
import logging import logging
import random import random
from time import sleep
import allure import allure
import pytest import pytest
@ -11,6 +10,7 @@ from frostfs_testlib.steps.cli.object import delete_object, head_object, put_obj
from frostfs_testlib.storage.cluster import Cluster from frostfs_testlib.storage.cluster import Cluster
from frostfs_testlib.storage.controllers.cluster_state_controller import ClusterStateController from frostfs_testlib.storage.controllers.cluster_state_controller import ClusterStateController
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.utils.failover_utils import wait_object_replication from frostfs_testlib.utils.failover_utils import wait_object_replication
from frostfs_testlib.utils.file_utils import generate_file from frostfs_testlib.utils.file_utils import generate_file
@ -33,7 +33,7 @@ class TestReplication(ClusterTestBase):
@allure.title("Replication (obj_size={object_size})") @allure.title("Replication (obj_size={object_size})")
def test_replication( def test_replication(
self, self,
default_wallet: str, default_wallet: WalletInfo,
client_shell: Shell, client_shell: Shell,
cluster: Cluster, cluster: Cluster,
object_size: ObjectSize, object_size: ObjectSize,

View file

@ -70,7 +70,7 @@ class Test_http_bearer(ClusterTestBase):
bearer_signed = f"{bearer}_signed" bearer_signed = f"{bearer}_signed"
sign_bearer( sign_bearer(
shell=self.shell, shell=self.shell,
wallet_path=self.wallet, wallet=self.wallet,
eacl_rules_file_from=bearer, eacl_rules_file_from=bearer,
eacl_rules_file_to=bearer_signed, eacl_rules_file_to=bearer_signed,
json=False, json=False,

View file

@ -70,7 +70,7 @@ class Test_http_headers(ClusterTestBase):
) )
storage_object = StorageObjectInfo(cid, storage_object_id) storage_object = StorageObjectInfo(cid, storage_object_id)
storage_object.size = os.path.getsize(file_path) storage_object.size = os.path.getsize(file_path)
storage_object.wallet_file_path = wallet storage_object.wallet = wallet
storage_object.file_path = file_path storage_object.file_path = file_path
storage_object.attributes = attributes storage_object.attributes = attributes

View file

@ -5,6 +5,7 @@ from frostfs_testlib.s3 import S3ClientWrapper, VersioningStatus
from frostfs_testlib.steps.cli.container import list_objects, search_container_by_name from frostfs_testlib.steps.cli.container import list_objects, search_container_by_name
from frostfs_testlib.steps.s3 import s3_helper from frostfs_testlib.steps.s3 import s3_helper
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.utils.file_utils import generate_file, get_file_hash, split_file from frostfs_testlib.utils.file_utils import generate_file, get_file_hash, split_file
@ -54,7 +55,7 @@ class TestS3GateMultipart(ClusterTestBase):
def test_s3_abort_multipart( def test_s3_abort_multipart(
self, self,
s3_client: S3ClientWrapper, s3_client: S3ClientWrapper,
default_wallet: str, default_wallet: WalletInfo,
bucket: str, bucket: str,
simple_object_size: ObjectSize, simple_object_size: ObjectSize,
complex_object_size: ObjectSize, complex_object_size: ObjectSize,

View file

@ -8,6 +8,7 @@ from frostfs_testlib.steps.cli.container import search_container_by_name
from frostfs_testlib.steps.s3 import s3_helper from frostfs_testlib.steps.s3 import s3_helper
from frostfs_testlib.steps.storage_policy import get_simple_object_copies from frostfs_testlib.steps.storage_policy import get_simple_object_copies
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.testing.test_control import expect_not_raises from frostfs_testlib.testing.test_control import expect_not_raises
from frostfs_testlib.utils.file_utils import generate_file from frostfs_testlib.utils.file_utils import generate_file
@ -17,7 +18,9 @@ from frostfs_testlib.utils.file_utils import generate_file
@pytest.mark.parametrize("s3_policy", ["pytest_tests/resources/files/policy.json"], indirect=True) @pytest.mark.parametrize("s3_policy", ["pytest_tests/resources/files/policy.json"], indirect=True)
class TestS3GatePolicy(ClusterTestBase): class TestS3GatePolicy(ClusterTestBase):
@allure.title("Bucket creation with retention policy applied (s3_client={s3_client})") @allure.title("Bucket creation with retention policy applied (s3_client={s3_client})")
def test_s3_bucket_location(self, default_wallet: str, s3_client: S3ClientWrapper, simple_object_size: ObjectSize): def test_s3_bucket_location(
self, default_wallet: WalletInfo, s3_client: S3ClientWrapper, simple_object_size: ObjectSize
):
file_path_1 = generate_file(simple_object_size.value) file_path_1 = generate_file(simple_object_size.value)
file_name_1 = s3_helper.object_key_from_file_path(file_path_1) file_name_1 = s3_helper.object_key_from_file_path(file_path_1)
file_path_2 = generate_file(simple_object_size.value) file_path_2 = generate_file(simple_object_size.value)

View file

@ -1,26 +1,28 @@
from datetime import datetime
import pytest import pytest
from frostfs_testlib.storage.dataclasses.wallet import WalletFactory, WalletInfo from frostfs_testlib import reporter
from frostfs_testlib.credentials.interfaces import CredentialsProvider, User
from frostfs_testlib.storage.cluster import Cluster
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
@pytest.fixture(scope="module") @pytest.fixture(scope="module")
def owner_wallet(wallet_factory: WalletFactory) -> WalletInfo: def owner_wallet(credentials_provider: CredentialsProvider, cluster: Cluster) -> WalletInfo:
""" with reporter.step("Create user wallet which owns containers and objects"):
Returns wallet which owns containers and objects user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
""" return credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0])
return wallet_factory.create_wallet()
@pytest.fixture(scope="module") @pytest.fixture(scope="module")
def user_wallet(wallet_factory: WalletFactory) -> WalletInfo: def user_wallet(credentials_provider: CredentialsProvider, cluster: Cluster) -> WalletInfo:
""" with reporter.step("Create user wallet which will use objects from owner via static session"):
Returns wallet which will use objects from owner via static session user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
""" return credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0])
return wallet_factory.create_wallet()
@pytest.fixture(scope="module") @pytest.fixture(scope="module")
def stranger_wallet(wallet_factory: WalletFactory) -> WalletInfo: def stranger_wallet(credentials_provider: CredentialsProvider, cluster: Cluster) -> WalletInfo:
""" with reporter.step("Create stranger user wallet which should fail to obtain data"):
Returns stranger wallet which should fail to obtain data user = User(f"user_{hex(int(datetime.now().timestamp() * 1000000))}")
""" return credentials_provider.GRPC.provide(user, cluster.cluster_nodes[0])
return wallet_factory.create_wallet()

View file

@ -3,12 +3,12 @@ import random
import allure import allure
import pytest import pytest
from frostfs_testlib import reporter from frostfs_testlib import reporter
from frostfs_testlib.resources.common import DEFAULT_WALLET_PASS
from frostfs_testlib.resources.error_patterns import SESSION_NOT_FOUND from frostfs_testlib.resources.error_patterns import SESSION_NOT_FOUND
from frostfs_testlib.steps.cli.container import create_container from frostfs_testlib.steps.cli.container import create_container
from frostfs_testlib.steps.cli.object import delete_object, put_object, put_object_to_random_node from frostfs_testlib.steps.cli.object import delete_object, put_object, put_object_to_random_node
from frostfs_testlib.steps.session_token import create_session_token from frostfs_testlib.steps.session_token import create_session_token
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.utils import wallet_utils from frostfs_testlib.utils import wallet_utils
from frostfs_testlib.utils.file_utils import generate_file from frostfs_testlib.utils.file_utils import generate_file
@ -18,7 +18,7 @@ from frostfs_testlib.utils.file_utils import generate_file
@pytest.mark.session_token @pytest.mark.session_token
class TestDynamicObjectSession(ClusterTestBase): class TestDynamicObjectSession(ClusterTestBase):
@allure.title("Object Operations with Session Token (obj_size={object_size})") @allure.title("Object Operations with Session Token (obj_size={object_size})")
def test_object_session_token(self, default_wallet: str, object_size: ObjectSize): def test_object_session_token(self, default_wallet: WalletInfo, object_size: ObjectSize):
""" """
Test how operations over objects are executed with a session token Test how operations over objects are executed with a session token
@ -34,7 +34,6 @@ class TestDynamicObjectSession(ClusterTestBase):
with reporter.step("Init wallet"): with reporter.step("Init wallet"):
wallet = default_wallet wallet = default_wallet
address = wallet_utils.get_last_address_from_wallet(wallet, "")
with reporter.step("Nodes Settlements"): with reporter.step("Nodes Settlements"):
session_token_node, container_node, non_container_node = random.sample(self.cluster.storage_nodes, 3) session_token_node, container_node, non_container_node = random.sample(self.cluster.storage_nodes, 3)
@ -42,9 +41,8 @@ class TestDynamicObjectSession(ClusterTestBase):
with reporter.step("Create Session Token"): with reporter.step("Create Session Token"):
session_token = create_session_token( session_token = create_session_token(
shell=self.shell, shell=self.shell,
owner=address, owner=default_wallet.get_address(),
wallet_path=wallet, wallet=default_wallet,
wallet_password=DEFAULT_WALLET_PASS,
rpc_endpoint=session_token_node.get_rpc_endpoint(), rpc_endpoint=session_token_node.get_rpc_endpoint(),
) )

View file

@ -50,8 +50,8 @@ RANGE_OFFSET_FOR_COMPLEX_OBJECT = 200
@pytest.fixture(scope="module") @pytest.fixture(scope="module")
def storage_containers(owner_wallet: WalletInfo, client_shell: Shell, cluster: Cluster) -> list[str]: def storage_containers(owner_wallet: WalletInfo, client_shell: Shell, cluster: Cluster) -> list[str]:
cid = create_container(owner_wallet.path, shell=client_shell, endpoint=cluster.default_rpc_endpoint) cid = create_container(owner_wallet, shell=client_shell, endpoint=cluster.default_rpc_endpoint)
other_cid = create_container(owner_wallet.path, shell=client_shell, endpoint=cluster.default_rpc_endpoint) other_cid = create_container(owner_wallet, shell=client_shell, endpoint=cluster.default_rpc_endpoint)
yield [cid, other_cid] yield [cid, other_cid]
@ -74,7 +74,7 @@ def storage_objects(
# upload couple objects # upload couple objects
for _ in range(3): for _ in range(3):
storage_object_id = put_object_to_random_node( storage_object_id = put_object_to_random_node(
wallet=owner_wallet.path, wallet=owner_wallet,
path=file_path, path=file_path,
cid=storage_containers[0], cid=storage_containers[0],
shell=client_shell, shell=client_shell,
@ -83,7 +83,7 @@ def storage_objects(
storage_object = StorageObjectInfo(storage_containers[0], storage_object_id) storage_object = StorageObjectInfo(storage_containers[0], storage_object_id)
storage_object.size = object_size.value storage_object.size = object_size.value
storage_object.wallet_file_path = owner_wallet.path storage_object.wallet = owner_wallet
storage_object.file_path = file_path storage_object.file_path = file_path
storage_objects.append(storage_object) storage_objects.append(storage_object)
@ -163,7 +163,7 @@ class TestObjectStaticSession(ClusterTestBase):
for node in self.cluster.storage_nodes: for node in self.cluster.storage_nodes:
for storage_object in storage_objects[0:2]: for storage_object in storage_objects[0:2]:
method_under_test( method_under_test(
wallet=user_wallet.path, wallet=user_wallet,
cid=storage_object.cid, cid=storage_object.cid,
oid=storage_object.oid, oid=storage_object.oid,
shell=self.shell, shell=self.shell,
@ -196,7 +196,7 @@ class TestObjectStaticSession(ClusterTestBase):
with reporter.step(f"Check range {range_to_test}"): with reporter.step(f"Check range {range_to_test}"):
with expect_not_raises(): with expect_not_raises():
method_under_test( method_under_test(
user_wallet.path, user_wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
shell=self.shell, shell=self.shell,
@ -219,7 +219,7 @@ class TestObjectStaticSession(ClusterTestBase):
cid = storage_objects[0].cid cid = storage_objects[0].cid
expected_object_ids = [storage_object.oid for storage_object in storage_objects[0:2]] expected_object_ids = [storage_object.oid for storage_object in storage_objects[0:2]]
actual_object_ids = search_object( actual_object_ids = search_object(
user_wallet.path, user_wallet,
cid, cid,
self.shell, self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
@ -240,7 +240,7 @@ class TestObjectStaticSession(ClusterTestBase):
""" """
with pytest.raises(Exception, match=UNRELATED_OBJECT): with pytest.raises(Exception, match=UNRELATED_OBJECT):
head_object( head_object(
user_wallet.path, user_wallet,
storage_objects[2].cid, storage_objects[2].cid,
storage_objects[2].oid, storage_objects[2].oid,
self.shell, self.shell,
@ -262,7 +262,7 @@ class TestObjectStaticSession(ClusterTestBase):
with pytest.raises(Exception, match=UNRELATED_KEY): with pytest.raises(Exception, match=UNRELATED_KEY):
head_object( head_object(
stranger_wallet.path, stranger_wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -284,7 +284,7 @@ class TestObjectStaticSession(ClusterTestBase):
with pytest.raises(Exception, match=WRONG_VERB): with pytest.raises(Exception, match=WRONG_VERB):
get_object( get_object(
user_wallet.path, user_wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -307,7 +307,7 @@ class TestObjectStaticSession(ClusterTestBase):
with pytest.raises(Exception, match=UNRELATED_CONTAINER): with pytest.raises(Exception, match=UNRELATED_CONTAINER):
get_object_from_random_node( get_object_from_random_node(
user_wallet.path, user_wallet,
storage_containers[1], storage_containers[1],
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -341,7 +341,7 @@ class TestObjectStaticSession(ClusterTestBase):
signed_token_file = sign_session_token(self.shell, session_token_file, stranger_wallet) signed_token_file = sign_session_token(self.shell, session_token_file, stranger_wallet)
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED): with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
head_object( head_object(
user_wallet.path, user_wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -375,7 +375,7 @@ class TestObjectStaticSession(ClusterTestBase):
signed_token_file = sign_session_token(self.shell, session_token_file, owner_wallet) signed_token_file = sign_session_token(self.shell, session_token_file, owner_wallet)
with pytest.raises(Exception, match=OBJECT_NOT_FOUND): with pytest.raises(Exception, match=OBJECT_NOT_FOUND):
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -407,7 +407,7 @@ class TestObjectStaticSession(ClusterTestBase):
) )
with pytest.raises(Exception, match=INVALID_SIGNATURE): with pytest.raises(Exception, match=INVALID_SIGNATURE):
head_object( head_object(
user_wallet.path, user_wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -448,7 +448,7 @@ class TestObjectStaticSession(ClusterTestBase):
with reporter.step("Object should be available with session token after token creation"): with reporter.step("Object should be available with session token after token creation"):
with expect_not_raises(): with expect_not_raises():
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
object_id, object_id,
self.shell, self.shell,
@ -460,7 +460,7 @@ class TestObjectStaticSession(ClusterTestBase):
self.tick_epoch() self.tick_epoch()
with expect_not_raises(): with expect_not_raises():
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
object_id, object_id,
self.shell, self.shell,
@ -472,7 +472,7 @@ class TestObjectStaticSession(ClusterTestBase):
self.tick_epoch() self.tick_epoch()
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN): with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN):
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
object_id, object_id,
self.shell, self.shell,
@ -514,7 +514,7 @@ class TestObjectStaticSession(ClusterTestBase):
with reporter.step("Object should NOT be available with session token after token creation"): with reporter.step("Object should NOT be available with session token after token creation"):
with pytest.raises(Exception, match=MALFORMED_REQUEST): with pytest.raises(Exception, match=MALFORMED_REQUEST):
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
object_id, object_id,
self.shell, self.shell,
@ -526,7 +526,7 @@ class TestObjectStaticSession(ClusterTestBase):
self.tick_epoch() self.tick_epoch()
with expect_not_raises(): with expect_not_raises():
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
object_id, object_id,
self.shell, self.shell,
@ -538,7 +538,7 @@ class TestObjectStaticSession(ClusterTestBase):
self.tick_epoch() self.tick_epoch()
with expect_not_raises(): with expect_not_raises():
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
object_id, object_id,
self.shell, self.shell,
@ -550,7 +550,7 @@ class TestObjectStaticSession(ClusterTestBase):
self.tick_epoch() self.tick_epoch()
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN): with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN):
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
object_id, object_id,
self.shell, self.shell,
@ -589,7 +589,7 @@ class TestObjectStaticSession(ClusterTestBase):
with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN): with pytest.raises(Exception, match=EXPIRED_SESSION_TOKEN):
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
object_id, object_id,
self.shell, self.shell,
@ -610,7 +610,7 @@ class TestObjectStaticSession(ClusterTestBase):
storage_object = storage_objects[0] storage_object = storage_objects[0]
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED): with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
delete_object( delete_object(
user_wallet.path, user_wallet,
storage_object.cid, storage_object.cid,
storage_object.oid, storage_object.oid,
self.shell, self.shell,
@ -632,7 +632,7 @@ class TestObjectStaticSession(ClusterTestBase):
storage_object = storage_objects[0] storage_object = storage_objects[0]
with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED): with pytest.raises(Exception, match=OBJECT_ACCESS_DENIED):
put_object_to_random_node( put_object_to_random_node(
user_wallet.path, user_wallet,
storage_object.file_path, storage_object.file_path,
storage_object.cid, storage_object.cid,
self.shell, self.shell,
@ -671,7 +671,7 @@ class TestObjectStaticSession(ClusterTestBase):
with pytest.raises(Exception, match=MALFORMED_REQUEST): with pytest.raises(Exception, match=MALFORMED_REQUEST):
head_object( head_object(
user_wallet.path, user_wallet,
container, container,
object_id, object_id,
self.shell, self.shell,

View file

@ -43,7 +43,7 @@ class TestSessionTokenContainer(ClusterTestBase):
""" """
with reporter.step("Create container with static session token"): with reporter.step("Create container with static session token"):
cid = create_container( cid = create_container(
user_wallet.path, user_wallet,
session_token=static_sessions[ContainerVerb.CREATE], session_token=static_sessions[ContainerVerb.CREATE],
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
@ -51,14 +51,12 @@ class TestSessionTokenContainer(ClusterTestBase):
) )
container_info: dict[str, str] = get_container( container_info: dict[str, str] = get_container(
owner_wallet.path, cid, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint owner_wallet, cid, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint
) )
assert container_info["ownerID"] == owner_wallet.get_address() assert container_info["ownerID"] == owner_wallet.get_address()
assert cid not in list_containers( assert cid not in list_containers(user_wallet, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
user_wallet.path, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint assert cid in list_containers(owner_wallet, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
)
assert cid in list_containers(owner_wallet.path, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
def test_static_session_token_container_create_with_other_verb( def test_static_session_token_container_create_with_other_verb(
self, self,
@ -72,7 +70,7 @@ class TestSessionTokenContainer(ClusterTestBase):
for verb in [verb for verb in ContainerVerb if verb != ContainerVerb.CREATE]: for verb in [verb for verb in ContainerVerb if verb != ContainerVerb.CREATE]:
with pytest.raises(Exception): with pytest.raises(Exception):
create_container( create_container(
user_wallet.path, user_wallet,
session_token=static_sessions[verb], session_token=static_sessions[verb],
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
@ -90,7 +88,7 @@ class TestSessionTokenContainer(ClusterTestBase):
with reporter.step("Try create container with static session token without PUT rule"): with reporter.step("Try create container with static session token without PUT rule"):
with pytest.raises(Exception): with pytest.raises(Exception):
create_container( create_container(
stranger_wallet.path, stranger_wallet,
session_token=static_sessions[ContainerVerb.CREATE], session_token=static_sessions[ContainerVerb.CREATE],
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
@ -108,14 +106,14 @@ class TestSessionTokenContainer(ClusterTestBase):
""" """
with reporter.step("Create container"): with reporter.step("Create container"):
cid = create_container( cid = create_container(
owner_wallet.path, owner_wallet,
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
wait_for_creation=False, wait_for_creation=False,
) )
with reporter.step("Delete container with static session token"): with reporter.step("Delete container with static session token"):
delete_container( delete_container(
wallet=user_wallet.path, wallet=user_wallet,
cid=cid, cid=cid,
session_token=static_sessions[ContainerVerb.DELETE], session_token=static_sessions[ContainerVerb.DELETE],
shell=self.shell, shell=self.shell,
@ -123,9 +121,7 @@ class TestSessionTokenContainer(ClusterTestBase):
await_mode=True, await_mode=True,
) )
assert cid not in list_containers( assert cid not in list_containers(owner_wallet, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint)
owner_wallet.path, shell=self.shell, endpoint=self.cluster.default_rpc_endpoint
)
@pytest.mark.sanity @pytest.mark.sanity
def test_static_session_token_container_set_eacl( def test_static_session_token_container_set_eacl(
@ -141,18 +137,18 @@ class TestSessionTokenContainer(ClusterTestBase):
""" """
with reporter.step("Create container"): with reporter.step("Create container"):
cid = create_container( cid = create_container(
owner_wallet.path, owner_wallet,
basic_acl=PUBLIC_ACL, basic_acl=PUBLIC_ACL,
shell=self.shell, shell=self.shell,
endpoint=self.cluster.default_rpc_endpoint, endpoint=self.cluster.default_rpc_endpoint,
) )
file_path = generate_file(simple_object_size.value) file_path = generate_file(simple_object_size.value)
assert can_put_object(stranger_wallet.path, cid, file_path, self.shell, self.cluster) assert can_put_object(stranger_wallet, cid, file_path, self.shell, self.cluster)
with reporter.step("Deny all operations for other via eACL"): with reporter.step("Deny all operations for other via eACL"):
eacl_deny = [EACLRule(access=EACLAccess.DENY, role=EACLRole.OTHERS, operation=op) for op in EACLOperation] eacl_deny = [EACLRule(access=EACLAccess.DENY, role=EACLRole.OTHERS, operation=op) for op in EACLOperation]
set_eacl( set_eacl(
user_wallet.path, user_wallet,
cid, cid,
create_eacl(cid, eacl_deny, shell=self.shell), create_eacl(cid, eacl_deny, shell=self.shell),
shell=self.shell, shell=self.shell,
@ -161,4 +157,4 @@ class TestSessionTokenContainer(ClusterTestBase):
) )
wait_for_cache_expired() wait_for_cache_expired()
assert not can_put_object(stranger_wallet.path, cid, file_path, self.shell, self.cluster) assert not can_put_object(stranger_wallet, cid, file_path, self.shell, self.cluster)

View file

@ -1,5 +1,4 @@
import json import json
import pathlib
import allure import allure
import pytest import pytest
@ -14,6 +13,7 @@ from frostfs_testlib.storage.cluster import Cluster, ClusterNode, StorageNode
from frostfs_testlib.storage.controllers import ClusterStateController, ShardsWatcher from frostfs_testlib.storage.controllers import ClusterStateController, ShardsWatcher
from frostfs_testlib.storage.controllers.state_managers.config_state_manager import ConfigStateManager from frostfs_testlib.storage.controllers.state_managers.config_state_manager import ConfigStateManager
from frostfs_testlib.storage.dataclasses.shard import Shard from frostfs_testlib.storage.dataclasses.shard import Shard
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
from frostfs_testlib.testing import parallel from frostfs_testlib.testing import parallel
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.utils.file_utils import generate_file from frostfs_testlib.utils.file_utils import generate_file
@ -50,7 +50,7 @@ class TestControlShard(ClusterTestBase):
parallel(self.set_shard_rw_mode, self.cluster.cluster_nodes) parallel(self.set_shard_rw_mode, self.cluster.cluster_nodes)
@pytest.fixture() @pytest.fixture()
def oid_cid_node(self, default_wallet: str) -> tuple[str, str, ClusterNode]: def oid_cid_node(self, default_wallet: WalletInfo) -> tuple[str, str, ClusterNode]:
with reporter.step("Create container, and put object"): with reporter.step("Create container, and put object"):
cid = create_container( cid = create_container(
wallet=default_wallet, wallet=default_wallet,
@ -114,7 +114,7 @@ class TestControlShard(ClusterTestBase):
@pytest.mark.failover @pytest.mark.failover
def test_shard_errors( def test_shard_errors(
self, self,
default_wallet: str, default_wallet: WalletInfo,
oid_cid_node: tuple[str, str, ClusterNode], oid_cid_node: tuple[str, str, ClusterNode],
change_config_storage: None, change_config_storage: None,
revert_all_shards_mode: None, revert_all_shards_mode: None,