commit
50c4a21ba1
4 changed files with 659 additions and 14 deletions
10
README.md
10
README.md
|
@ -13,6 +13,16 @@
|
||||||
|
|
||||||
3. Логи будут доступны в папке artifacts/ после завершения тестов с любым из статусов.
|
3. Логи будут доступны в папке artifacts/ после завершения тестов с любым из статусов.
|
||||||
|
|
||||||
|
### Запуск произвольного тесткейса
|
||||||
|
Для запуска произвольного тесткейса нужно выполнить команду:
|
||||||
|
`robot --timestampoutputs --outputdir artifacts/ robot/testsuites/integration/<testsuite name>.robot `
|
||||||
|
|
||||||
|
Для запуска доступны следущие сценарии:
|
||||||
|
* acl_basic.robot - базовый ACL
|
||||||
|
* acl_extended.robot - extended ACL
|
||||||
|
* object_complex.robot - операции над простым объектом
|
||||||
|
* object_simple.robot - операции над большим объектом
|
||||||
|
|
||||||
|
|
||||||
### Запуск тесткейсов в докере
|
### Запуск тесткейсов в докере
|
||||||
1. Задать переменные окружения для работы с dev-env:
|
1. Задать переменные окружения для работы с dev-env:
|
||||||
|
|
|
@ -62,10 +62,55 @@ def validate_storage_policy_for_object(private_key: bytes, expected_copies: int,
|
||||||
raise Exception("Not enough object copies to match storage policyю Found: %s, expexted: %s." % (copies, expected_copies))
|
raise Exception("Not enough object copies to match storage policyю Found: %s, expexted: %s." % (copies, expected_copies))
|
||||||
|
|
||||||
|
|
||||||
|
# docker exec neofs-cli neofs-cli --host 192.168.123.71:8080 --key 1ed43848107fd2d513c38ebfba3bb8c33d5abd2b6a99fafb09d07a30191989af container set-eacl --cid DNG1DCV3PTfxuYCLdbdMpRmrumfvacyWmyqLzNrV1koi --eacl 0a4b080210021a1e080310011a0a686561646572206b6579220c6865616465722076616c7565222508031221031a6c6fbbdf02ca351745fa86b9ba5a9452d785ac4f7fc2b7548ca2a46c4fcf4a
|
||||||
|
# Updating ACL rules of container...
|
||||||
|
|
||||||
|
@keyword('Get eACL')
|
||||||
|
def get_eacl(private_key: bytes, cid: str):
|
||||||
|
|
||||||
|
Cmd = f'{CLI_PREFIX}neofs-cli --host {NEOFS_ENDPOINT} --key {binascii.hexlify(private_key).decode()} container get-eacl --cid {cid}'
|
||||||
|
logger.info("Cmd: %s" % Cmd)
|
||||||
|
complProc = subprocess.run(Cmd, check=True, universal_newlines=True,
|
||||||
|
stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=150, shell=True)
|
||||||
|
output = complProc.stdout
|
||||||
|
logger.info("Output: %s" % output)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Convert Str to Hex Str with Len')
|
||||||
|
def conver_str_to_hex(string_convert: str):
|
||||||
|
converted = binascii.hexlify(bytes(string_convert, encoding= 'utf-8')).decode("utf-8")
|
||||||
|
prev_len_2 = '{:04x}'.format(int(len(converted)/2))
|
||||||
|
|
||||||
|
return str(prev_len_2)+str(converted)
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Set custom eACL')
|
||||||
|
def set_custom_eacl(private_key: bytes, cid: str, eacl_prefix: str, eacl_slice: str, eacl_postfix: str):
|
||||||
|
|
||||||
|
logger.info(str(eacl_prefix))
|
||||||
|
logger.info(str(eacl_slice))
|
||||||
|
logger.info(str(eacl_postfix))
|
||||||
|
|
||||||
|
eacl = str(eacl_prefix) + str(eacl_slice) + str(eacl_postfix)
|
||||||
|
logger.info("Custom eACL: %s" % eacl)
|
||||||
|
|
||||||
|
set_eacl(private_key, cid, eacl)
|
||||||
|
return
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Set eACL')
|
||||||
|
def set_eacl(private_key: bytes, cid: str, eacl: str):
|
||||||
|
|
||||||
|
Cmd = f'{CLI_PREFIX}neofs-cli --host {NEOFS_ENDPOINT} --key {binascii.hexlify(private_key).decode()} container set-eacl --cid {cid} --eacl {eacl}'
|
||||||
|
logger.info("Cmd: %s" % Cmd)
|
||||||
|
complProc = subprocess.run(Cmd, check=True, universal_newlines=True,
|
||||||
|
stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=150, shell=True)
|
||||||
|
output = complProc.stdout
|
||||||
|
logger.info("Output: %s" % output)
|
||||||
|
|
||||||
|
|
||||||
#docker exec neofs-cli neofs-cli --host 192.168.123.71:8080 --key 22b2f3faea9383e27262364c96d8e5ef7e893abf7a6ad7bf31ee1f2c2b3cfc42
|
|
||||||
# object get-range --cid 4H9iChvzYdBg6qntfYUWGWCzsJFBDdo99KegefsD721Q --oid a101d078-b3d4-4325-8fe8-41dce6917097 0:10
|
|
||||||
#fead193c1f6f488255f7
|
|
||||||
|
|
||||||
@keyword('Get Range')
|
@keyword('Get Range')
|
||||||
def get_range(private_key: bytes, cid: str, oid: str, range_cut: str):
|
def get_range(private_key: bytes, cid: str, oid: str, range_cut: str):
|
||||||
|
@ -300,10 +345,117 @@ def head_object(private_key: bytes, cid: str, oid: str, full_headers:bool=False,
|
||||||
else:
|
else:
|
||||||
raise Exception("User header %s was not found in the command output: \t%s" % (user_header, complProc.stdout))
|
raise Exception("User header %s was not found in the command output: \t%s" % (user_header, complProc.stdout))
|
||||||
|
|
||||||
|
return complProc.stdout
|
||||||
|
|
||||||
except subprocess.CalledProcessError as e:
|
except subprocess.CalledProcessError as e:
|
||||||
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
raise Exception("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Parse Object System Header')
|
||||||
|
def parse_object_system_header(header: str):
|
||||||
|
result_header = dict()
|
||||||
|
|
||||||
|
#SystemHeader
|
||||||
|
logger.info("Input: %s" % header)
|
||||||
|
# ID
|
||||||
|
m = re.search(r'- ID=([a-zA-Z0-9-]+)', header)
|
||||||
|
if m.start() != m.end(): # e.g., if match found something
|
||||||
|
result_header['ID'] = m.group(1)
|
||||||
|
else:
|
||||||
|
raise Exception("no ID was parsed from object header: \t%s" % output)
|
||||||
|
|
||||||
|
# CID
|
||||||
|
m = re.search(r'- CID=([a-zA-Z0-9]+)', header)
|
||||||
|
if m.start() != m.end(): # e.g., if match found something
|
||||||
|
result_header['CID'] = m.group(1)
|
||||||
|
else:
|
||||||
|
raise Exception("no CID was parsed from object header: \t%s" % output)
|
||||||
|
|
||||||
|
# Owner
|
||||||
|
m = re.search(r'- OwnerID=([a-zA-Z0-9]+)', header)
|
||||||
|
if m.start() != m.end(): # e.g., if match found something
|
||||||
|
result_header['OwnerID'] = m.group(1)
|
||||||
|
else:
|
||||||
|
raise Exception("no OwnerID was parsed from object header: \t%s" % output)
|
||||||
|
|
||||||
|
# Version
|
||||||
|
m = re.search(r'- Version=(\d+)', header)
|
||||||
|
if m.start() != m.end(): # e.g., if match found something
|
||||||
|
result_header['Version'] = m.group(1)
|
||||||
|
else:
|
||||||
|
raise Exception("no Version was parsed from object header: \t%s" % output)
|
||||||
|
|
||||||
|
|
||||||
|
# PayloadLength
|
||||||
|
m = re.search(r'- PayloadLength=(\d+)', header)
|
||||||
|
if m.start() != m.end(): # e.g., if match found something
|
||||||
|
result_header['PayloadLength'] = m.group(1)
|
||||||
|
else:
|
||||||
|
raise Exception("no PayloadLength was parsed from object header: \t%s" % output)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# CreatedAtUnixTime
|
||||||
|
m = re.search(r'- CreatedAt={UnixTime=(\d+)', header)
|
||||||
|
if m.start() != m.end(): # e.g., if match found something
|
||||||
|
result_header['CreatedAtUnixTime'] = m.group(1)
|
||||||
|
else:
|
||||||
|
raise Exception("no CreatedAtUnixTime was parsed from object header: \t%s" % output)
|
||||||
|
|
||||||
|
# CreatedAtEpoch
|
||||||
|
m = re.search(r'- CreatedAt={UnixTime=\d+ Epoch=(\d+)', header)
|
||||||
|
if m.start() != m.end(): # e.g., if match found something
|
||||||
|
result_header['CreatedAtEpoch'] = m.group(1)
|
||||||
|
else:
|
||||||
|
raise Exception("no CreatedAtEpoch was parsed from object header: \t%s" % output)
|
||||||
|
|
||||||
|
logger.info("Result: %s" % result_header)
|
||||||
|
return result_header
|
||||||
|
|
||||||
|
# SystemHeader:
|
||||||
|
# - ID=c9fdc3e8-6576-4822-9bc4-2a0addcbf105
|
||||||
|
# - CID=42n81QNr7o513t2pTGuzM2PPFiHLhJ1MeSCJzizQW1wP
|
||||||
|
# - OwnerID=ANwbVH8nyWfTg7G6L9uzZxfXhKUhdjTYDa
|
||||||
|
# - Version=1
|
||||||
|
# - PayloadLength=1024
|
||||||
|
# - CreatedAt={UnixTime=1597330026 Epoch=2427}
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Parse Object Extended Header')
|
||||||
|
def parse_object_extended_header(header: str):
|
||||||
|
result_header = dict()
|
||||||
|
|
||||||
|
|
||||||
|
pattern = re.compile(r'- Type=(\w+)\n.+Value=(.+)\n')
|
||||||
|
# key in dict.keys()
|
||||||
|
|
||||||
|
for (f_type, f_val) in re.findall(pattern, header):
|
||||||
|
logger.info("found: %s - %s" % (f_type, f_val))
|
||||||
|
if f_type not in result_header.keys():
|
||||||
|
result_header[f_type] = []
|
||||||
|
|
||||||
|
# if {} -> dict -> if re.search(r'(%s)' % cid, output):
|
||||||
|
result_header[f_type].append(f_val)
|
||||||
|
|
||||||
|
logger.info("Result: %s" % result_header)
|
||||||
|
return result_header
|
||||||
|
# ExtendedHeaders:
|
||||||
|
# - Type=UserHeader
|
||||||
|
# Value={Key=key1 Val=1}
|
||||||
|
# - Type=UserHeader
|
||||||
|
# Value={Key=key2 Val='abc1'}
|
||||||
|
# - Type=Token
|
||||||
|
# Value={ID=6143e50f-5dbf-4964-ba16-266517e4fe9a Verb=Put}
|
||||||
|
# - Type=HomoHash
|
||||||
|
# Value=4c3304688e23b884f29a3e50cb65e067357d074f52e1e634a940a7488f40a3f53ffb0cb94d4b9c619432307fa615eb076d0c3d153acdd77835acac0553992238
|
||||||
|
# - Type=PayloadChecksum
|
||||||
|
# Value=776bc1c03d2c72885c4976b000e2483df57275964308cc67eb36a829cad9a2c3
|
||||||
|
# - Type=Integrity
|
||||||
|
# Value={Checksum=45859b067c6525b6f9fa78b9764ceca0a0eeb506cefd71c374aabd4cfd773430 Signature=04e80f81919fa14879b04fcad0fab411ebb0b7c38f00f030c98a4813ae402300b79b666c705317b358a17963d50ee5dceab4f6f3599e54da210b860df2f8b2a63c}
|
||||||
|
|
||||||
|
|
||||||
@keyword('Delete object')
|
@keyword('Delete object')
|
||||||
def delete_object(private_key: bytes, cid: str, oid: str):
|
def delete_object(private_key: bytes, cid: str, oid: str):
|
||||||
ObjectCmd = f'{CLI_PREFIX}neofs-cli --host {NEOFS_ENDPOINT} --key {binascii.hexlify(private_key).decode()} object delete --cid {cid} --oid {oid}'
|
ObjectCmd = f'{CLI_PREFIX}neofs-cli --host {NEOFS_ENDPOINT} --key {binascii.hexlify(private_key).decode()} object delete --cid {cid} --oid {oid}'
|
||||||
|
|
|
@ -31,10 +31,12 @@ Generate Keys
|
||||||
${USER_KEY_GEN} = Generate Neo private key
|
${USER_KEY_GEN} = Generate Neo private key
|
||||||
${OTHER_KEY_GEN} = Generate Neo private key
|
${OTHER_KEY_GEN} = Generate Neo private key
|
||||||
${SYSTEM_KEY_GEN} = Form Privkey from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
${SYSTEM_KEY_GEN} = Form Privkey from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
||||||
|
${SYSTEM_KEY_GEN_SN} = Form Privkey from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
||||||
|
|
||||||
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
||||||
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
||||||
Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN}
|
Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN}
|
||||||
|
Set Global Variable ${SYSTEM_KEY_STOR_NODE} ${SYSTEM_KEY_GEN_SN}
|
||||||
|
|
||||||
# Basic ACL manual page: https://neospcc.atlassian.net/wiki/spaces/NEOF/pages/362348545/NeoFS+ACL
|
# Basic ACL manual page: https://neospcc.atlassian.net/wiki/spaces/NEOF/pages/362348545/NeoFS+ACL
|
||||||
# TODO: X - Sticky bit validation on public container!!!
|
# TODO: X - Sticky bit validation on public container!!!
|
||||||
|
@ -50,7 +52,7 @@ Create Containers
|
||||||
Container Existing ${USER_KEY} ${PUBLIC_CID_GEN}
|
Container Existing ${USER_KEY} ${PUBLIC_CID_GEN}
|
||||||
|
|
||||||
Log Create Read-Only Container
|
Log Create Read-Only Container
|
||||||
${READONLY_CID_GEN} = Create container ${USER_KEY} 0x1FFFCCFF
|
${READONLY_CID_GEN} = Create container ${USER_KEY} 0x1FFF8CFF
|
||||||
Container Existing ${USER_KEY} ${READONLY_CID_GEN}
|
Container Existing ${USER_KEY} ${READONLY_CID_GEN}
|
||||||
|
|
||||||
Set Global Variable ${PRIV_CID} ${PRIV_CID_GEN}
|
Set Global Variable ${PRIV_CID} ${PRIV_CID_GEN}
|
||||||
|
@ -76,6 +78,9 @@ Check Private Container
|
||||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PRIV_CID}
|
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${PRIV_CID}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${PRIV_CID}
|
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${PRIV_CID}
|
||||||
|
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_STOR_NODE} ${FILE_S} ${PRIV_CID}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Get
|
# Get
|
||||||
|
@ -84,6 +89,7 @@ Check Private Container
|
||||||
... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} s_file_read
|
... Get object from NeoFS ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} s_file_read
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER} s_file_read
|
... Get object from NeoFS ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER} s_file_read
|
||||||
|
Get object from NeoFS ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${S_OID_USER} s_file_read
|
||||||
|
|
||||||
# Get Range
|
# Get Range
|
||||||
Get Range ${USER_KEY} ${PRIV_CID} ${S_OID_USER} 0:256
|
Get Range ${USER_KEY} ${PRIV_CID} ${S_OID_USER} 0:256
|
||||||
|
@ -91,6 +97,8 @@ Check Private Container
|
||||||
... Get Range ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} 0:256
|
... Get Range ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER} 0:256
|
... Get Range ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${S_OID_USER} 0:256
|
||||||
|
|
||||||
# TODO: GetRangeHash
|
# TODO: GetRangeHash
|
||||||
# get-range-hash --cid <cid> --oid <oid> [--bearer <hex>] [--verify --file </path/to/file>] [--salt <hex>] [<offset1>:<length1> [...]]
|
# get-range-hash --cid <cid> --oid <oid> [--bearer <hex>] [--verify --file </path/to/file>] [--salt <hex>] [<offset1>:<length1> [...]]
|
||||||
|
@ -100,11 +108,12 @@ Check Private Container
|
||||||
|
|
||||||
|
|
||||||
# Search
|
# Search
|
||||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER}
|
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||||
Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${USER_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV}
|
... Search object ${OTHER_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV}
|
||||||
Search object ${SYSTEM_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${SYSTEM_KEY} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV}
|
||||||
|
Search object ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${EMPTY} @{S_OBJ_PRIV}
|
||||||
|
|
||||||
|
|
||||||
# Head
|
# Head
|
||||||
|
@ -112,6 +121,8 @@ Check Private Container
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${OTHER_KEY} ${PRIV_CID} ${S_OBJ_PRIV} ${True}
|
... Head object ${OTHER_KEY} ${PRIV_CID} ${S_OBJ_PRIV} ${True}
|
||||||
Head object ${SYSTEM_KEY} ${PRIV_CID} ${S_OBJ_PRIV} ${True}
|
Head object ${SYSTEM_KEY} ${PRIV_CID} ${S_OBJ_PRIV} ${True}
|
||||||
|
Head object ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${S_OBJ_PRIV} ${True}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Delete
|
# Delete
|
||||||
|
@ -120,6 +131,8 @@ Check Private Container
|
||||||
... Delete object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER}
|
... Delete object ${OTHER_KEY} ${PRIV_CID} ${S_OID_USER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER}
|
... Delete object ${SYSTEM_KEY} ${PRIV_CID} ${S_OID_USER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${SYSTEM_KEY_STOR_NODE} ${PRIV_CID} ${S_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -133,6 +146,7 @@ Check Public Container
|
||||||
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${PUBLIC_CID}
|
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${PUBLIC_CID}
|
||||||
|
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_STOR_NODE} ${FILE_S} ${PUBLIC_CID}
|
||||||
|
|
||||||
# Get
|
# Get
|
||||||
Get object from NeoFS ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_file_read
|
Get object from NeoFS ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} s_file_read
|
||||||
|
@ -140,6 +154,7 @@ Check Public Container
|
||||||
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} s_file_read
|
... Get object from NeoFS ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} s_file_read
|
||||||
|
Get object from NeoFS ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_USER} s_file_read
|
||||||
|
|
||||||
# Get Range
|
# Get Range
|
||||||
Get Range ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} 0:256
|
Get Range ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} 0:256
|
||||||
|
@ -147,6 +162,7 @@ Check Public Container
|
||||||
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} 0:256
|
... Get Range ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} 0:256
|
||||||
|
Get Range ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_USER} 0:256
|
||||||
|
|
||||||
# TODO: GetRangeHash
|
# TODO: GetRangeHash
|
||||||
# get-range-hash --cid <cid> --oid <oid> [--bearer <hex>] [--verify --file </path/to/file>] [--salt <hex>] [<offset1>:<length1> [...]]
|
# get-range-hash --cid <cid> --oid <oid> [--bearer <hex>] [--verify --file </path/to/file>] [--salt <hex>] [<offset1>:<length1> [...]]
|
||||||
|
@ -156,26 +172,36 @@ Check Public Container
|
||||||
|
|
||||||
|
|
||||||
# Search
|
# Search
|
||||||
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER}
|
@{S_OBJ_PRIV} = Create List ${S_OID_USER} ${S_OID_OTHER} ${S_OID_SYS_SN}
|
||||||
Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${USER_KEY} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV}
|
||||||
Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${OTHER_KEY} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV}
|
||||||
Search object ${SYSTEM_KEY} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV}
|
Search object ${SYSTEM_KEY} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV}
|
||||||
|
Search object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${EMPTY} @{S_OBJ_PRIV}
|
||||||
|
|
||||||
|
|
||||||
# Head
|
# Head
|
||||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${True}
|
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${True}
|
||||||
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${True}
|
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER} ${True}
|
||||||
Head object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} ${True}
|
Head object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER} ${True}
|
||||||
|
Head object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_USER} ${True}
|
||||||
|
|
||||||
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${True}
|
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${True}
|
||||||
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${True}
|
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${True}
|
||||||
Head object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${True}
|
Head object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_OTHER} ${True}
|
||||||
|
Head object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_OTHER} ${True}
|
||||||
|
|
||||||
|
Head object ${USER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${True}
|
||||||
|
Head object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${True}
|
||||||
|
Head object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_SYS_SN} ${True}
|
||||||
|
Head object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_SYS_SN} ${True}
|
||||||
|
|
||||||
|
|
||||||
# Delete
|
# Delete
|
||||||
Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER}
|
Delete object ${USER_KEY} ${PUBLIC_CID} ${S_OID_USER}
|
||||||
Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER}
|
Delete object ${OTHER_KEY} ${PUBLIC_CID} ${S_OID_USER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER}
|
... Delete object ${SYSTEM_KEY} ${PUBLIC_CID} ${S_OID_USER}
|
||||||
|
Delete object ${SYSTEM_KEY_STOR_NODE} ${PUBLIC_CID} ${S_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
Check Read-Only Container
|
Check Read-Only Container
|
||||||
|
@ -187,6 +213,7 @@ Check Read-Only Container
|
||||||
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${READONLY_CID}
|
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${READONLY_CID}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${READONLY_CID}
|
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${READONLY_CID}
|
||||||
|
${S_OID_SYS_SN} = Put object to NeoFS ${SYSTEM_KEY_STOR_NODE} ${FILE_S} ${READONLY_CID}
|
||||||
|
|
||||||
# Get
|
# Get
|
||||||
Get object from NeoFS ${USER_KEY} ${READONLY_CID} ${S_OID_USER} s_file_read
|
Get object from NeoFS ${USER_KEY} ${READONLY_CID} ${S_OID_USER} s_file_read
|
||||||
|
@ -194,6 +221,7 @@ Check Read-Only Container
|
||||||
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object from NeoFS ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} s_file_read
|
... Get object from NeoFS ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} s_file_read
|
||||||
|
Get object from NeoFS ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${S_OID_USER} s_file_read
|
||||||
|
|
||||||
# Get Range
|
# Get Range
|
||||||
Get Range ${USER_KEY} ${READONLY_CID} ${S_OID_USER} 0:256
|
Get Range ${USER_KEY} ${READONLY_CID} ${S_OID_USER} 0:256
|
||||||
|
@ -201,6 +229,7 @@ Check Read-Only Container
|
||||||
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} 0:256
|
... Get Range ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} 0:256
|
||||||
|
Get Range ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${S_OID_USER} 0:256
|
||||||
|
|
||||||
# TODO: GetRangeHash
|
# TODO: GetRangeHash
|
||||||
# get-range-hash --cid <cid> --oid <oid> [--bearer <hex>] [--verify --file </path/to/file>] [--salt <hex>] [<offset1>:<length1> [...]]
|
# get-range-hash --cid <cid> --oid <oid> [--bearer <hex>] [--verify --file </path/to/file>] [--salt <hex>] [<offset1>:<length1> [...]]
|
||||||
|
@ -210,16 +239,18 @@ Check Read-Only Container
|
||||||
|
|
||||||
|
|
||||||
# Search
|
# Search
|
||||||
@{S_OBJ_RO} = Create List ${S_OID_USER}
|
@{S_OBJ_RO} = Create List ${S_OID_USER} ${S_OID_SYS_SN}
|
||||||
Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO}
|
Search object ${USER_KEY} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO}
|
||||||
Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO}
|
Search object ${OTHER_KEY} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO}
|
||||||
Search object ${SYSTEM_KEY} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO}
|
Search object ${SYSTEM_KEY} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO}
|
||||||
|
Search object ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${EMPTY} @{S_OBJ_RO}
|
||||||
|
|
||||||
|
|
||||||
# Head
|
# Head
|
||||||
Head object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${True}
|
Head object ${USER_KEY} ${READONLY_CID} ${S_OID_USER} ${True}
|
||||||
Head object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${True}
|
Head object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER} ${True}
|
||||||
Head object ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} ${True}
|
Head object ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER} ${True}
|
||||||
|
Head object ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${S_OID_USER} ${True}
|
||||||
|
|
||||||
# Delete
|
# Delete
|
||||||
Delete object ${USER_KEY} ${READONLY_CID} ${S_OID_USER}
|
Delete object ${USER_KEY} ${READONLY_CID} ${S_OID_USER}
|
||||||
|
@ -227,3 +258,5 @@ Check Read-Only Container
|
||||||
... Delete object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER}
|
... Delete object ${OTHER_KEY} ${READONLY_CID} ${S_OID_USER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER}
|
... Delete object ${SYSTEM_KEY} ${READONLY_CID} ${S_OID_USER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${SYSTEM_KEY_STOR_NODE} ${READONLY_CID} ${S_OID_USER}
|
450
robot/testsuites/integration/acl_extended.robot
Normal file
450
robot/testsuites/integration/acl_extended.robot
Normal file
|
@ -0,0 +1,450 @@
|
||||||
|
*** Settings ***
|
||||||
|
Variables ../../variables/common.py
|
||||||
|
|
||||||
|
Library Collections
|
||||||
|
Library ${RESOURCES}/environment.py
|
||||||
|
Library ${RESOURCES}/neo.py
|
||||||
|
Library ${RESOURCES}/neofs.py
|
||||||
|
|
||||||
|
|
||||||
|
*** Variables ***
|
||||||
|
&{FILE_USR_HEADER} = key1=1 key2='abc1'
|
||||||
|
&{FILE_USR_HEADER_DEL} = key1=del key2=del
|
||||||
|
&{FILE_OTH_HEADER} = key1=oth key2=oth
|
||||||
|
|
||||||
|
*** Test cases ***
|
||||||
|
Extended ACL Operations
|
||||||
|
[Documentation] Testcase to validate NeoFS operations with extended ACL.
|
||||||
|
[Tags] ACL NeoFS NeoCLI
|
||||||
|
[Timeout] 20 min
|
||||||
|
|
||||||
|
Generate Keys
|
||||||
|
Generate file
|
||||||
|
Prepare eACL Role rules
|
||||||
|
Check Actions
|
||||||
|
Check Filters
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
*** Keywords ***
|
||||||
|
|
||||||
|
Check Actions
|
||||||
|
Check eACL Deny and Allow All Other
|
||||||
|
Check eACL Deny and Allow All User
|
||||||
|
Check eACL Deny and Allow All System
|
||||||
|
Check eACL Deny All Other and Allow All Pubkey
|
||||||
|
|
||||||
|
|
||||||
|
Check Filters
|
||||||
|
Check eACL MatchType String Equal
|
||||||
|
Check eACL MatchType String Not Equal
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL MatchType String Equal
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER}
|
||||||
|
|
||||||
|
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
&{SYS_HEADER_PARSED} = Parse Object System Header ${HEADER}
|
||||||
|
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object ID
|
||||||
|
${ID_value} = Get From Dictionary ${SYS_HEADER_PARSED} ID
|
||||||
|
${ID_value_hex} = Convert Str to Hex Str with Len ${ID_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 000100000002000000010001000000020000000100024944 ${ID_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object CID
|
||||||
|
${CID_value} = Get From Dictionary ${SYS_HEADER_PARSED} CID
|
||||||
|
${CID_value_hex} = Convert Str to Hex Str with Len ${CID_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 00010000000200000001000100000002000000010003434944 ${CID_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object OwnerID
|
||||||
|
${OwnerID_value} = Get From Dictionary ${SYS_HEADER_PARSED} OwnerID
|
||||||
|
${OwnerID_value_hex} = Convert Str to Hex Str with Len ${OwnerID_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 000100000002000000010001000000020000000100084f574e45525f4944 ${OwnerID_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object Version
|
||||||
|
${Version_value} = Get From Dictionary ${SYS_HEADER_PARSED} Version
|
||||||
|
${Version_value_hex} = Convert Str to Hex Str with Len ${Version_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 0001000000020000000100010000000200000001000756455253494f4e ${Version_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object PayloadLength
|
||||||
|
${Payload_value} = Get From Dictionary ${SYS_HEADER_PARSED} PayloadLength
|
||||||
|
${Payload_value_hex} = Convert Str to Hex Str with Len ${Payload_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 0001000000020000000100010000000200000001000e5041594c4f41445f4c454e475448 ${Payload_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object CreatedAtUnixTime
|
||||||
|
${AtUnixTime_value} = Get From Dictionary ${SYS_HEADER_PARSED} CreatedAtUnixTime
|
||||||
|
${AtUnixTime_value_hex} = Convert Str to Hex Str with Len ${AtUnixTime_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 0001000000020000000100010000000200000001000c435245415445445f554e4958 ${AtUnixTime_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object CreatedAtEpoch
|
||||||
|
${AtEpoch_value} = Get From Dictionary ${SYS_HEADER_PARSED} CreatedAtEpoch
|
||||||
|
${AtEpoch_value_hex} = Convert Str to Hex Str with Len ${AtEpoch_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 0001000000020000000100010000000200000001000d435245415445445f45504f4348 ${AtEpoch_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||||
|
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
Set eACL ${USER_KEY} ${CID} 000100000002000000010001000000030000000100046b65793200062761626331270001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER_OTH} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL MatchType String Not Equal
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${FILE_S_2} = Generate file of bytes 2048
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER}
|
||||||
|
# Sleep for 1 epoch
|
||||||
|
Sleep 30sec
|
||||||
|
${S_OID_OTHER} = Put object to NeoFS ${OTHER_KEY} ${FILE_S_2} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
${HEADER} = Head object ${USER_KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_OTHER} ${True}
|
||||||
|
&{SYS_HEADER_PARSED} = Parse Object System Header ${HEADER}
|
||||||
|
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} local_file_eacl
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringNotEqual Object ID
|
||||||
|
${ID_value} = Get From Dictionary ${SYS_HEADER_PARSED} ID
|
||||||
|
${ID_value_hex} = Convert Str to Hex Str with Len ${ID_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 000100000002000000010001000000020000000200024944 ${ID_value_hex} 0001000000030000
|
||||||
|
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object CID
|
||||||
|
${CID_value} = Get From Dictionary ${SYS_HEADER_PARSED} CID
|
||||||
|
${CID_value_hex} = Convert Str to Hex Str with Len ${CID_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 00010000000200000001000100000002000000020003434944 ${CID_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object OwnerID
|
||||||
|
${OwnerID_value} = Get From Dictionary ${SYS_HEADER_PARSED} OwnerID
|
||||||
|
${OwnerID_value_hex} = Convert Str to Hex Str with Len ${OwnerID_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 000100000002000000010001000000020000000200084f574e45525f4944 ${OwnerID_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object Version
|
||||||
|
${Version_value} = Get From Dictionary ${SYS_HEADER_PARSED} Version
|
||||||
|
${Version_value_hex} = Convert Str to Hex Str with Len ${Version_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 0001000000020000000100010000000200000002000756455253494f4e ${Version_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object PayloadLength
|
||||||
|
${Payload_value} = Get From Dictionary ${SYS_HEADER_PARSED} PayloadLength
|
||||||
|
${Payload_value_hex} = Convert Str to Hex Str with Len ${Payload_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 0001000000020000000100010000000200000002000e5041594c4f41445f4c454e475448 ${Payload_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object CreatedAtUnixTime
|
||||||
|
${AtUnixTime_value} = Get From Dictionary ${SYS_HEADER_PARSED} CreatedAtUnixTime
|
||||||
|
${AtUnixTime_value_hex} = Convert Str to Hex Str with Len ${AtUnixTime_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 0001000000020000000100010000000200000002000c435245415445445f554e4958 ${AtUnixTime_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object CreatedAtEpoch
|
||||||
|
${AtEpoch_value} = Get From Dictionary ${SYS_HEADER_PARSED} CreatedAtEpoch
|
||||||
|
${AtEpoch_value_hex} = Convert Str to Hex Str with Len ${AtEpoch_value}
|
||||||
|
Set custom eACL ${USER_KEY} ${CID} 0001000000020000000100010000000200000002000d435245415445445f45504f4348 ${AtEpoch_value_hex} 0001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Log Set eACL for Deny GET operation with StringEqual Object Extended User Header
|
||||||
|
${S_OID_USER_OTH} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
Set eACL ${USER_KEY} ${CID} 000100000002000000010001000000030000000200046b65793200062761626331270001000000030000
|
||||||
|
Sleep 15sec
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_OTHER} local_file_eacl
|
||||||
|
Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
|
||||||
|
Generate Keys
|
||||||
|
${USER_KEY_GEN} = Generate Neo private key
|
||||||
|
${OTHER_KEY_GEN} = Generate Neo private key
|
||||||
|
${EACL_KEY_GEN} = Form Privkey from String 782676b81a35c5f07325ec523e8521ee4946b6e5d4c6cd652dd0c3ba51ce03de
|
||||||
|
Get Neo public key ${EACL_KEY_GEN}
|
||||||
|
${SYSTEM_KEY_GEN} = Form Privkey from String c428b4a06f166fde9f8afcf918194acdde35aa2612ecf42fe0c94273425ded21
|
||||||
|
|
||||||
|
|
||||||
|
${SYSTEM_KEY_GEN_SN} = Form Privkey from String 0fa21a94be2227916284e4b3495180d9c93d04f095fe9d5a86f22044f5c411d2
|
||||||
|
|
||||||
|
|
||||||
|
Set Global Variable ${USER_KEY} ${USER_KEY_GEN}
|
||||||
|
Set Global Variable ${OTHER_KEY} ${OTHER_KEY_GEN}
|
||||||
|
Set Global Variable ${EACL_KEY} ${EACL_KEY_GEN}
|
||||||
|
Set Global Variable ${SYSTEM_KEY} ${SYSTEM_KEY_GEN}
|
||||||
|
|
||||||
|
Set Global Variable ${SYSTEM_KEY_SN} ${SYSTEM_KEY_GEN_SN}
|
||||||
|
|
||||||
|
|
||||||
|
Create Container Public
|
||||||
|
Log Create Public Container
|
||||||
|
${PUBLIC_CID_GEN} = Create container ${USER_KEY} 0x2FFFFFFF
|
||||||
|
[Return] ${PUBLIC_CID_GEN}
|
||||||
|
|
||||||
|
|
||||||
|
Generate file
|
||||||
|
# Generate small file
|
||||||
|
${FILE_S_GEN} = Generate file of bytes 1024
|
||||||
|
Set Global Variable ${FILE_S} ${FILE_S_GEN}
|
||||||
|
|
||||||
|
|
||||||
|
Prepare eACL Role rules
|
||||||
|
Log Set eACL for different Role cases
|
||||||
|
Set Global Variable ${EACL_DENY_ALL_OTHER} 0007000000020000000100000001000000030000000000020000000300000001000000030000000000020000000200000001000000030000000000020000000500000001000000030000000000020000000400000001000000030000000000020000000600000001000000030000000000020000000700000001000000030000
|
||||||
|
Set Global Variable ${EACL_ALLOW_ALL_OTHER} 0007000000010000000100000001000000030000000000010000000300000001000000030000000000010000000200000001000000030000000000010000000500000001000000030000000000010000000400000001000000030000000000010000000600000001000000030000000000010000000700000001000000030000
|
||||||
|
|
||||||
|
Set Global Variable ${EACL_DENY_ALL_USER} 0007000000020000000100000001000000010000000000020000000300000001000000010000000000020000000200000001000000010000000000020000000500000001000000010000000000020000000400000001000000010000000000020000000600000001000000010000000000020000000700000001000000010000
|
||||||
|
Set Global Variable ${EACL_ALLOW_ALL_USER} 0007000000010000000100000001000000010000000000010000000300000001000000010000000000010000000200000001000000010000000000010000000500000001000000010000000000010000000400000001000000010000000000010000000600000001000000010000000000010000000700000001000000010000
|
||||||
|
|
||||||
|
Set Global Variable ${EACL_DENY_ALL_SYSTEM} 0007000000020000000100000001000000020000000000020000000300000001000000020000000000020000000200000001000000020000000000020000000500000001000000020000000000020000000400000001000000020000000000020000000600000001000000020000000000020000000700000001000000020000
|
||||||
|
Set Global Variable ${EACL_ALLOW_ALL_SYSTEM} 0007000000010000000100000001000000020000000000010000000300000001000000020000000000010000000200000001000000020000000000010000000500000001000000020000000000010000000400000001000000020000000000010000000600000001000000020000000000010000000700000001000000020000
|
||||||
|
|
||||||
|
|
||||||
|
Set Global Variable ${EACL_ALLOW_ALL_Pubkey} 000e000000010000000100000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000300000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000200000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000500000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000400000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000600000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000010000000700000001000000000001002103db43cba61ef948a65c20b326b9409911341436478dfdd7472c9af6b10bb60000000000020000000100000001000000030000000000020000000300000001000000030000000000020000000200000001000000030000000000020000000500000001000000030000000000020000000400000001000000030000000000020000000600000001000000030000000000020000000700000001000000030000
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL Deny and Allow All User
|
||||||
|
Check eACL Deny and Allow All ${USER_KEY} ${EACL_DENY_ALL_USER} ${EACL_ALLOW_ALL_USER}
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL Deny and Allow All Other
|
||||||
|
Check eACL Deny and Allow All ${OTHER_KEY} ${EACL_DENY_ALL_OTHER} ${EACL_ALLOW_ALL_OTHER}
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL Deny and Allow All System
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER}
|
||||||
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER_DEL}
|
||||||
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
# By discussion, IR can not make any operations instead of HEAD, SEARCH and GET RANGE HASH at the current moment
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
|
||||||
|
|
||||||
|
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${True}
|
||||||
|
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} 0:256
|
||||||
|
Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} 0:256
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER}
|
||||||
|
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_SYSTEM}
|
||||||
|
Sleep 15sec
|
||||||
|
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${SYSTEM_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${True}
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} 0:256
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${SYSTEM_KEY} ${CID} ${S_OID_USER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_SYSTEM}
|
||||||
|
Sleep 15sec
|
||||||
|
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${SYSTEM_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
Put object to NeoFS ${SYSTEM_KEY_SN} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${SYSTEM_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
Get object from NeoFS ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
|
||||||
|
Search object ${SYSTEM_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
Search object ${SYSTEM_KEY_SN} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
|
||||||
|
|
||||||
|
Head object ${SYSTEM_KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Head object ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${True}
|
||||||
|
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${SYSTEM_KEY} ${CID} ${S_OID_USER} 0:256
|
||||||
|
Get Range ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} 0:256
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${SYSTEM_KEY} ${CID} ${D_OID_USER}
|
||||||
|
Delete object ${SYSTEM_KEY_SN} ${CID} ${D_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL Deny All Other and Allow All Pubkey
|
||||||
|
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER}
|
||||||
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER_DEL}
|
||||||
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
Search object ${EACL_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} 0:256
|
||||||
|
Delete object ${EACL_KEY} ${CID} ${D_OID_USER}
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${EACL_ALLOW_ALL_Pubkey}
|
||||||
|
Sleep 15sec
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${OTHER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${OTHER_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${OTHER_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${OTHER_KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${OTHER_KEY} ${CID} ${S_OID_USER} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${OTHER_KEY} ${CID} ${S_OID_USER}
|
||||||
|
|
||||||
|
Put object to NeoFS ${EACL_KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${EACL_KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
Search object ${EACL_KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
Head object ${EACL_KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Get Range ${EACL_KEY} ${CID} ${S_OID_USER} 0:256
|
||||||
|
Delete object ${EACL_KEY} ${CID} ${D_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
|
Check eACL Deny and Allow All
|
||||||
|
[Arguments] ${KEY} ${DENY_EACL} ${ALLOW_EACL}
|
||||||
|
|
||||||
|
${CID} = Create Container Public
|
||||||
|
${S_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER}
|
||||||
|
${D_OID_USER} = Put object to NeoFS ${USER_KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER_DEL}
|
||||||
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
Search object ${KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
Head object ${KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Get Range ${KEY} ${CID} ${S_OID_USER} 0:256
|
||||||
|
Delete object ${KEY} ${CID} ${D_OID_USER}
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
||||||
|
Sleep 15sec
|
||||||
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Put object to NeoFS ${KEY} ${FILE_S} ${CID} &{FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${KEY} ${CID} ${S_OID_USER} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${KEY} ${CID} ${S_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
|
Set eACL ${USER_KEY} ${CID} ${ALLOW_EACL}
|
||||||
|
Sleep 15sec
|
||||||
|
|
||||||
|
|
||||||
|
Put object to NeoFS ${KEY} ${FILE_S} ${CID} &{FILE_OTH_HEADER}
|
||||||
|
Get object from NeoFS ${KEY} ${CID} ${S_OID_USER} local_file_eacl
|
||||||
|
Search object ${KEY} ${CID} ${EMPTY} @{S_OBJ_H} &{FILE_USR_HEADER}
|
||||||
|
Head object ${KEY} ${CID} ${S_OID_USER} ${True}
|
||||||
|
Get Range ${KEY} ${CID} ${S_OID_USER} 0:256
|
||||||
|
Delete object ${KEY} ${CID} ${D_OID_USER}
|
||||||
|
|
Loading…
Reference in a new issue