(#116): fixed eACL tests; refactored acl keywords
Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
This commit is contained in:
parent
19f9d97328
commit
7552a742f3
16 changed files with 772 additions and 678 deletions
199
robot/resources/lib/acl.py
Normal file
199
robot/resources/lib/acl.py
Normal file
|
@ -0,0 +1,199 @@
|
||||||
|
#!/usr/bin/python3.8
|
||||||
|
|
||||||
|
from enum import Enum, auto
|
||||||
|
import json
|
||||||
|
import os
|
||||||
|
import re
|
||||||
|
import uuid
|
||||||
|
|
||||||
|
import base64
|
||||||
|
import base58
|
||||||
|
from cli_helpers import _cmd_run
|
||||||
|
from common import ASSETS_DIR, NEOFS_ENDPOINT
|
||||||
|
from robot.api.deco import keyword
|
||||||
|
from robot.api import logger
|
||||||
|
|
||||||
|
|
||||||
|
"""
|
||||||
|
Robot Keywords and helper functions for work with NeoFS ACL.
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
ROBOT_AUTO_KEYWORDS = False
|
||||||
|
|
||||||
|
# path to neofs-cli executable
|
||||||
|
NEOFS_CLI_EXEC = os.getenv('NEOFS_CLI_EXEC', 'neofs-cli')
|
||||||
|
EACL_LIFETIME = 100500
|
||||||
|
|
||||||
|
class AutoName(Enum):
|
||||||
|
def _generate_next_value_(name, start, count, last_values):
|
||||||
|
return name
|
||||||
|
|
||||||
|
class Role(AutoName):
|
||||||
|
USER = auto()
|
||||||
|
SYSTEM = auto()
|
||||||
|
OTHERS = auto()
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Get eACL')
|
||||||
|
def get_eacl(wif: str, cid: str):
|
||||||
|
cmd = (
|
||||||
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {wif} '
|
||||||
|
f'container get-eacl --cid {cid}'
|
||||||
|
)
|
||||||
|
logger.info(f"cmd: {cmd}")
|
||||||
|
try:
|
||||||
|
output = _cmd_run(cmd)
|
||||||
|
if re.search(r'extended ACL table is not set for this container', output):
|
||||||
|
return None
|
||||||
|
return output
|
||||||
|
except RuntimeError as exc:
|
||||||
|
logger.info("Extended ACL table is not set for this container")
|
||||||
|
logger.info(f"Got exception while getting eacl: {exc}")
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Set eACL')
|
||||||
|
def set_eacl(wif: str, cid: str, eacl_table_path: str):
|
||||||
|
cmd = (
|
||||||
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {wif} '
|
||||||
|
f'container set-eacl --cid {cid} --table {eacl_table_path} --await'
|
||||||
|
)
|
||||||
|
logger.info(f"cmd: {cmd}")
|
||||||
|
_cmd_run(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
def _encode_cid_for_eacl(cid: str) -> str:
|
||||||
|
cid_base58 = base58.b58decode(cid)
|
||||||
|
return base64.b64encode(cid_base58).decode("utf-8")
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Form BearerToken File')
|
||||||
|
def form_bearertoken_file(wif: str, cid: str, eacl_records: list) -> str:
|
||||||
|
"""
|
||||||
|
This function fetches eACL for given <cid> on behalf of <wif>,
|
||||||
|
then extends it with filters taken from <eacl_records>, signs
|
||||||
|
with bearer token and writes to file
|
||||||
|
"""
|
||||||
|
enc_cid = _encode_cid_for_eacl(cid)
|
||||||
|
file_path = f"{os.getcwd()}/{ASSETS_DIR}/{str(uuid.uuid4())}"
|
||||||
|
|
||||||
|
eacl = get_eacl(wif, cid)
|
||||||
|
json_eacl = dict()
|
||||||
|
if eacl:
|
||||||
|
eacl = eacl.replace('eACL: ', '')
|
||||||
|
eacl = eacl.split('Signature')[0]
|
||||||
|
json_eacl = json.loads(eacl)
|
||||||
|
logger.info(json_eacl)
|
||||||
|
eacl_result = {
|
||||||
|
"body":
|
||||||
|
{
|
||||||
|
"eaclTable":
|
||||||
|
{
|
||||||
|
"containerID":
|
||||||
|
{
|
||||||
|
"value": enc_cid
|
||||||
|
},
|
||||||
|
"records": []
|
||||||
|
},
|
||||||
|
"lifetime":
|
||||||
|
{
|
||||||
|
"exp": EACL_LIFETIME,
|
||||||
|
"nbf": "1",
|
||||||
|
"iat": "0"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if not eacl_records:
|
||||||
|
raise(f"Got empty eacl_records list: {eacl_records}")
|
||||||
|
for record in eacl_records:
|
||||||
|
op_data = {
|
||||||
|
"operation": record['Operation'],
|
||||||
|
"action": record['Access'],
|
||||||
|
"filters": [],
|
||||||
|
"targets": []
|
||||||
|
}
|
||||||
|
|
||||||
|
if Role(record['Role']):
|
||||||
|
op_data['targets'] = [
|
||||||
|
{
|
||||||
|
"role": record['Role']
|
||||||
|
}
|
||||||
|
]
|
||||||
|
else:
|
||||||
|
op_data['targets'] = [
|
||||||
|
{
|
||||||
|
"keys": [ record['Role'] ]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
|
||||||
|
if 'Filters' in record.keys():
|
||||||
|
op_data["filters"].append(record['Filters'])
|
||||||
|
|
||||||
|
eacl_result["body"]["eaclTable"]["records"].append(op_data)
|
||||||
|
|
||||||
|
# Add records from current eACL
|
||||||
|
if "records" in json_eacl.keys():
|
||||||
|
for record in json_eacl["records"]:
|
||||||
|
eacl_result["body"]["eaclTable"]["records"].append(record)
|
||||||
|
|
||||||
|
with open(file_path, 'w', encoding='utf-8') as eacl_file:
|
||||||
|
json.dump(eacl_result, eacl_file, ensure_ascii=False, indent=4)
|
||||||
|
|
||||||
|
logger.info(f"Got these extended ACL records: {eacl_result}")
|
||||||
|
sign_bearer_token(wif, file_path)
|
||||||
|
return file_path
|
||||||
|
|
||||||
|
|
||||||
|
def sign_bearer_token(wif: str, eacl_rules_file: str):
|
||||||
|
cmd = (
|
||||||
|
f'{NEOFS_CLI_EXEC} util sign bearer-token --from {eacl_rules_file} '
|
||||||
|
f'--to {eacl_rules_file} --wif {wif} --json'
|
||||||
|
)
|
||||||
|
logger.info(f"cmd: {cmd}")
|
||||||
|
_cmd_run(cmd)
|
||||||
|
|
||||||
|
|
||||||
|
@keyword('Form eACL json common file')
|
||||||
|
def form_eacl_json_common_file(file_path: str, eacl_records: list) -> str:
|
||||||
|
# Input role can be Role (USER, SYSTEM, OTHERS) or public key.
|
||||||
|
eacl = {"records":[]}
|
||||||
|
|
||||||
|
for record in eacl_records:
|
||||||
|
op_data = dict()
|
||||||
|
|
||||||
|
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
|
||||||
|
op_data = {
|
||||||
|
"operation": record['Operation'],
|
||||||
|
"action": record['Access'],
|
||||||
|
"filters": [],
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"role": record['Role']
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
else:
|
||||||
|
op_data = {
|
||||||
|
"operation": record['Operation'],
|
||||||
|
"action": record['Access'],
|
||||||
|
"filters": [],
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"keys": [ record['Role'] ]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
if 'Filters' in record.keys():
|
||||||
|
op_data["filters"].append(record['Filters'])
|
||||||
|
|
||||||
|
eacl["records"].append(op_data)
|
||||||
|
|
||||||
|
logger.info(f"Got these extended ACL records: {eacl}")
|
||||||
|
|
||||||
|
with open(file_path, 'w', encoding='utf-8') as eacl_file:
|
||||||
|
json.dump(eacl, eacl_file, ensure_ascii=False, indent=4)
|
||||||
|
|
||||||
|
return file_path
|
29
robot/resources/lib/cli_helpers.py
Normal file
29
robot/resources/lib/cli_helpers.py
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
#!/usr/bin/python3.8
|
||||||
|
|
||||||
|
"""
|
||||||
|
Helper functions to use with `neofs-cli`, `neo-go`
|
||||||
|
and other CLIs.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import subprocess
|
||||||
|
|
||||||
|
from robot.api import logger
|
||||||
|
|
||||||
|
ROBOT_AUTO_KEYWORDS = False
|
||||||
|
|
||||||
|
|
||||||
|
def _cmd_run(cmd):
|
||||||
|
"""
|
||||||
|
Runs given shell command <cmd>, in case of success returns its stdout,
|
||||||
|
in case of failure returns error message.
|
||||||
|
"""
|
||||||
|
try:
|
||||||
|
compl_proc = subprocess.run(cmd, check=True, universal_newlines=True,
|
||||||
|
stdout=subprocess.PIPE, stderr=subprocess.STDOUT, timeout=30,
|
||||||
|
shell=True)
|
||||||
|
output = compl_proc.stdout
|
||||||
|
logger.info(f"Output: {output}")
|
||||||
|
return output
|
||||||
|
except subprocess.CalledProcessError as exc:
|
||||||
|
raise RuntimeError(f"Error:\nreturn code: {exc.returncode} "
|
||||||
|
f"\nOutput: {exc.output}") from exc
|
|
@ -17,6 +17,7 @@ from robot.api.deco import keyword
|
||||||
from robot.api import logger
|
from robot.api import logger
|
||||||
|
|
||||||
from common import *
|
from common import *
|
||||||
|
from cli_helpers import _cmd_run
|
||||||
|
|
||||||
ROBOT_AUTO_KEYWORDS = False
|
ROBOT_AUTO_KEYWORDS = False
|
||||||
|
|
||||||
|
@ -120,115 +121,12 @@ def validate_storage_policy_for_object(private_key: str, expected_copies: int, c
|
||||||
raise Exception(f"Found node list '{found_nodes}' is not equal to expected list '{expected_node_list}'")
|
raise Exception(f"Found node list '{found_nodes}' is not equal to expected list '{expected_node_list}'")
|
||||||
|
|
||||||
|
|
||||||
@keyword('Get eACL')
|
|
||||||
def get_eacl(private_key: str, cid: str):
|
|
||||||
|
|
||||||
Cmd = (
|
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
|
||||||
f'container get-eacl --cid {cid}'
|
|
||||||
)
|
|
||||||
logger.info(f"Cmd: {Cmd}")
|
|
||||||
output = _cmd_run(Cmd)
|
|
||||||
if re.search(r'extended ACL table is not set for this container', output):
|
|
||||||
logger.info("Extended ACL table is not set for this container.")
|
|
||||||
|
|
||||||
|
|
||||||
@keyword('Set eACL')
|
|
||||||
def set_eacl(private_key: str, cid: str, eacl_table_path: str):
|
|
||||||
cmd = (
|
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
|
||||||
f'container set-eacl --cid {cid} --table {eacl_table_path} --await'
|
|
||||||
)
|
|
||||||
logger.info(f"Cmd: {cmd}")
|
|
||||||
_cmd_run(cmd)
|
|
||||||
|
|
||||||
|
|
||||||
@keyword('Form BearerToken file')
|
|
||||||
def form_bearertoken_file(private_key: str, cid: str, file_name: str, eacl_oper_list,
|
|
||||||
lifetime_exp: str ):
|
|
||||||
cid_base58_b = base58.b58decode(cid)
|
|
||||||
cid_base64 = base64.b64encode(cid_base58_b).decode("utf-8")
|
|
||||||
eacl = get_eacl(private_key, cid)
|
|
||||||
json_eacl = {}
|
|
||||||
file_path = f"{ASSETS_DIR}/{file_name}"
|
|
||||||
|
|
||||||
if eacl:
|
|
||||||
res_json = re.split(r'[\s\n]+Signature:', eacl)
|
|
||||||
input_eacl = res_json[0].replace('eACL: ', '')
|
|
||||||
json_eacl = json.loads(input_eacl)
|
|
||||||
|
|
||||||
eacl_result = {"body":{ "eaclTable": { "containerID": { "value": cid_base64 }, "records": [] }, "lifetime": {"exp": lifetime_exp, "nbf": "1", "iat": "0"} } }
|
|
||||||
|
|
||||||
if eacl_oper_list:
|
|
||||||
for record in eacl_oper_list:
|
|
||||||
op_data = dict()
|
|
||||||
|
|
||||||
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
|
|
||||||
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
|
|
||||||
else:
|
|
||||||
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
|
|
||||||
|
|
||||||
if 'Filters' in record.keys():
|
|
||||||
op_data["filters"].append(record['Filters'])
|
|
||||||
|
|
||||||
eacl_result["body"]["eaclTable"]["records"].append(op_data)
|
|
||||||
|
|
||||||
# Add records from current eACL
|
|
||||||
if "records" in json_eacl.keys():
|
|
||||||
for record in json_eacl["records"]:
|
|
||||||
eacl_result["body"]["eaclTable"]["records"].append(record)
|
|
||||||
|
|
||||||
with open(file_path, 'w', encoding='utf-8') as f:
|
|
||||||
json.dump(eacl_result, f, ensure_ascii=False, indent=4)
|
|
||||||
|
|
||||||
logger.info(eacl_result)
|
|
||||||
|
|
||||||
# Sign bearer token
|
|
||||||
Cmd = (
|
|
||||||
f'{NEOFS_CLI_EXEC} util sign bearer-token --from {file_path} '
|
|
||||||
f'--to {file_path} --wif {private_key} --json'
|
|
||||||
)
|
|
||||||
logger.info(f"Cmd: {Cmd}")
|
|
||||||
_cmd_run(Cmd)
|
|
||||||
|
|
||||||
return file_path
|
|
||||||
|
|
||||||
|
|
||||||
@keyword('Form eACL json common file')
|
|
||||||
def form_eacl_json_common_file(file_path, eacl_oper_list ):
|
|
||||||
# Input role can be Role (USER, SYSTEM, OTHERS) or public key.
|
|
||||||
eacl = {"records":[]}
|
|
||||||
|
|
||||||
logger.info(eacl_oper_list)
|
|
||||||
|
|
||||||
if eacl_oper_list:
|
|
||||||
for record in eacl_oper_list:
|
|
||||||
op_data = dict()
|
|
||||||
|
|
||||||
if record['Role'] == "USER" or record['Role'] == "SYSTEM" or record['Role'] == "OTHERS":
|
|
||||||
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"role":record['Role']}]}
|
|
||||||
else:
|
|
||||||
op_data = {"operation":record['Operation'],"action":record['Access'],"filters": [],"targets":[{"keys": [ record['Role'] ]}]}
|
|
||||||
|
|
||||||
if 'Filters' in record.keys():
|
|
||||||
op_data["filters"].append(record['Filters'])
|
|
||||||
|
|
||||||
eacl["records"].append(op_data)
|
|
||||||
|
|
||||||
logger.info(eacl)
|
|
||||||
|
|
||||||
with open(file_path, 'w', encoding='utf-8') as f:
|
|
||||||
json.dump(eacl, f, ensure_ascii=False, indent=4)
|
|
||||||
|
|
||||||
return file_path
|
|
||||||
|
|
||||||
|
|
||||||
@keyword('Get Range')
|
@keyword('Get Range')
|
||||||
def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str,
|
def get_range(private_key: str, cid: str, oid: str, range_file: str, bearer: str,
|
||||||
range_cut: str, options:str=""):
|
range_cut: str, options:str=""):
|
||||||
bearer_token = ""
|
bearer_token = ""
|
||||||
if bearer:
|
if bearer:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer}"
|
bearer_token = f"--bearer {bearer}"
|
||||||
|
|
||||||
Cmd = (
|
Cmd = (
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
||||||
|
@ -294,7 +192,7 @@ def search_object(private_key: str, cid: str, keys: str, bearer: str, filters: s
|
||||||
filters_result = ""
|
filters_result = ""
|
||||||
|
|
||||||
if bearer:
|
if bearer:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer}"
|
bearer_token = f"--bearer {bearer}"
|
||||||
if filters:
|
if filters:
|
||||||
for filter_item in filters.split(','):
|
for filter_item in filters.split(','):
|
||||||
filter_item = re.sub(r'=', ' EQ ', filter_item)
|
filter_item = re.sub(r'=', ' EQ ', filter_item)
|
||||||
|
@ -601,7 +499,7 @@ def head_object(private_key: str, cid: str, oid: str, bearer_token: str="",
|
||||||
user_headers:str="", options:str="", endpoint: str="", json_output: bool = False):
|
user_headers:str="", options:str="", endpoint: str="", json_output: bool = False):
|
||||||
|
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
if endpoint == "":
|
if endpoint == "":
|
||||||
endpoint = NEOFS_ENDPOINT
|
endpoint = NEOFS_ENDPOINT
|
||||||
|
|
||||||
|
@ -770,7 +668,7 @@ def verify_head_attribute(header, attribute):
|
||||||
def delete_object(private_key: str, cid: str, oid: str, bearer: str, options: str=""):
|
def delete_object(private_key: str, cid: str, oid: str, bearer: str, options: str=""):
|
||||||
bearer_token = ""
|
bearer_token = ""
|
||||||
if bearer:
|
if bearer:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer}"
|
bearer_token = f"--bearer {bearer}"
|
||||||
|
|
||||||
object_cmd = (
|
object_cmd = (
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
||||||
|
@ -828,7 +726,7 @@ def put_object(private_key: str, path: str, cid: str, bearer: str, user_headers:
|
||||||
user_headers = f"--attributes {user_headers}"
|
user_headers = f"--attributes {user_headers}"
|
||||||
|
|
||||||
if bearer:
|
if bearer:
|
||||||
bearer = f"--bearer {ASSETS_DIR}/{bearer}"
|
bearer = f"--bearer {bearer}"
|
||||||
|
|
||||||
putobject_cmd = (
|
putobject_cmd = (
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {endpoint} --wif {private_key} object '
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {endpoint} --wif {private_key} object '
|
||||||
|
@ -905,7 +803,7 @@ def find_in_nodes_Log(line: str, nodes_logs_time: dict):
|
||||||
def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str,
|
def get_range_hash(private_key: str, cid: str, oid: str, bearer_token: str,
|
||||||
range_cut: str, options: str=""):
|
range_cut: str, options: str=""):
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
|
|
||||||
object_cmd = (
|
object_cmd = (
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
||||||
|
@ -928,7 +826,7 @@ def get_object(private_key: str, cid: str, oid: str, bearer_token: str,
|
||||||
|
|
||||||
|
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
|
|
||||||
object_cmd = (
|
object_cmd = (
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {endpoint} --wif {private_key} '
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {endpoint} --wif {private_key} '
|
||||||
|
@ -947,7 +845,7 @@ def put_storagegroup(private_key: str, cid: str, bearer_token: str="", *oid_list
|
||||||
cmd_oid_line = ",".join(oid_list)
|
cmd_oid_line = ",".join(oid_list)
|
||||||
|
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
|
|
||||||
object_cmd = (
|
object_cmd = (
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup '
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup '
|
||||||
|
@ -964,7 +862,7 @@ def put_storagegroup(private_key: str, cid: str, bearer_token: str="", *oid_list
|
||||||
def list_storagegroup(private_key: str, cid: str, bearer_token: str="", *expected_list):
|
def list_storagegroup(private_key: str, cid: str, bearer_token: str="", *expected_list):
|
||||||
|
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
|
|
||||||
object_cmd = (
|
object_cmd = (
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} '
|
||||||
|
@ -988,7 +886,7 @@ def list_storagegroup(private_key: str, cid: str, bearer_token: str="", *expecte
|
||||||
def get_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str, expected_size, *expected_objects_list):
|
def get_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str, expected_size, *expected_objects_list):
|
||||||
|
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
|
|
||||||
object_cmd = f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup get --cid {cid} --id {oid} {bearer_token}'
|
object_cmd = f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup get --cid {cid} --id {oid} {bearer_token}'
|
||||||
logger.info(f"Cmd: {object_cmd}")
|
logger.info(f"Cmd: {object_cmd}")
|
||||||
|
@ -1013,7 +911,7 @@ def get_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str, ex
|
||||||
def delete_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str=""):
|
def delete_storagegroup(private_key: str, cid: str, oid: str, bearer_token: str=""):
|
||||||
|
|
||||||
if bearer_token:
|
if bearer_token:
|
||||||
bearer_token = f"--bearer {ASSETS_DIR}/{bearer_token}"
|
bearer_token = f"--bearer {bearer_token}"
|
||||||
|
|
||||||
object_cmd = (
|
object_cmd = (
|
||||||
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup '
|
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} --wif {private_key} storagegroup '
|
||||||
|
@ -1118,14 +1016,3 @@ def _search_object(node:str, private_key: str, cid:str, oid: str):
|
||||||
logger.info("Server is not presented in container.")
|
logger.info("Server is not presented in container.")
|
||||||
elif ( re.search(r'timed out after 30 seconds', output) or re.search(r'no route to host', output) or re.search(r'i/o timeout', output)):
|
elif ( re.search(r'timed out after 30 seconds', output) or re.search(r'no route to host', output) or re.search(r'i/o timeout', output)):
|
||||||
logger.warn("Node is unavailable")
|
logger.warn("Node is unavailable")
|
||||||
|
|
||||||
|
|
||||||
def _cmd_run(cmd):
|
|
||||||
try:
|
|
||||||
complProc = subprocess.run(cmd, check=True, universal_newlines=True,
|
|
||||||
stdout=subprocess.PIPE, stderr=subprocess.STDOUT, timeout=30, shell=True)
|
|
||||||
output = complProc.stdout
|
|
||||||
logger.info(f"Output: {output}")
|
|
||||||
return output
|
|
||||||
except subprocess.CalledProcessError as e:
|
|
||||||
raise Exception(f"Error:\nreturn code: {e.returncode} \nOutput: {e.output}")
|
|
||||||
|
|
|
@ -1,9 +1,12 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
Library Collections
|
|
||||||
|
|
||||||
|
Library Collections
|
||||||
|
Library neofs.py
|
||||||
|
Library acl.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
@ -37,52 +40,52 @@ BearerToken Operations
|
||||||
|
|
||||||
Check eACL Deny and Allow All Bearer
|
Check eACL Deny and Allow All Bearer
|
||||||
|
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
||||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
||||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
||||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
||||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
||||||
|
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
# All operations on object should be passed with bearer token
|
# All operations on object should be passed with bearer token
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
|
||||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
|
|
|
@ -1,9 +1,12 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library acl.py
|
||||||
|
Library neofs.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
@ -42,43 +45,43 @@ Check eACL Deny and Allow All Bearer
|
||||||
|
|
||||||
|
|
||||||
# Storage group Operations (Put, List, Get, Delete)
|
# Storage group Operations (Put, List, Get, Delete)
|
||||||
${SG_OID_INV} = Put Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${S_OID_USER}
|
${SG_OID_INV} = Put Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${S_OID_USER}
|
||||||
${SG_OID_1} = Put Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${S_OID_USER}
|
${SG_OID_1} = Put Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${S_OID_USER}
|
||||||
List Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${SG_OID_1} ${SG_OID_INV}
|
List Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${SG_OID_1} ${SG_OID_INV}
|
||||||
@{EXPECTED_OIDS} = Run Keyword If "${RUN_TYPE}" == "Complex" Get Split objects ${USER_KEY} ${CID} ${S_OID_USER}
|
@{EXPECTED_OIDS} = Run Keyword If "${RUN_TYPE}" == "Complex" Get Split objects ${USER_KEY} ${CID} ${S_OID_USER}
|
||||||
... ELSE IF "${RUN_TYPE}" == "Simple" Create List ${S_OID_USER}
|
... ELSE IF "${RUN_TYPE}" == "Simple" Create List ${S_OID_USER}
|
||||||
Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY} ${EMPTY} @{EXPECTED_OIDS}
|
Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY} ${EMPTY} @{EXPECTED_OIDS}
|
||||||
Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY}
|
Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER
|
||||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER
|
||||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER
|
||||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER
|
||||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER
|
||||||
|
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
# All storage groups should fail without bearer token
|
# All storage groups should fail without bearer token
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${S_OID_USER}
|
... Put Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${S_OID_USER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... List Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${SG_OID_1} ${SG_OID_INV}
|
... List Storagegroup ${USER_KEY} ${CID} ${EMPTY} ${SG_OID_1} ${SG_OID_INV}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY} ${EMPTY} @{EXPECTED_OIDS}
|
... Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY} ${EMPTY} @{EXPECTED_OIDS}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY}
|
... Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_1} ${EMPTY}
|
||||||
|
|
||||||
# Storagegroup should passed with User group key and bearer token
|
# Storagegroup should passed with User group key and bearer token
|
||||||
${SG_OID_NEW} = Put Storagegroup ${USER_KEY} ${CID} bearer_allow_all_user ${S_OID_USER}
|
${SG_OID_NEW} = Put Storagegroup ${USER_KEY} ${CID} ${EACL_TOKEN} ${S_OID_USER}
|
||||||
List Storagegroup ${USER_KEY} ${CID} bearer_allow_all_user ${SG_OID_NEW} ${SG_OID_INV}
|
List Storagegroup ${USER_KEY} ${CID} ${EACL_TOKEN} ${SG_OID_NEW} ${SG_OID_INV}
|
||||||
Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_INV} bearer_allow_all_user ${EMPTY} @{EXPECTED_OIDS}
|
Get Storagegroup ${USER_KEY} ${CID} ${SG_OID_INV} ${EACL_TOKEN} ${EMPTY} @{EXPECTED_OIDS}
|
||||||
Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_INV} bearer_allow_all_user
|
Delete Storagegroup ${USER_KEY} ${CID} ${SG_OID_INV} ${EACL_TOKEN}
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library acl.py
|
||||||
|
Library neofs.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
@ -15,7 +17,7 @@ ${SYSTEM_KEY} = ${NEOFS_IR_WIF}
|
||||||
*** Test cases ***
|
*** Test cases ***
|
||||||
BearerToken Operations for Сompound Operations
|
BearerToken Operations for Сompound Operations
|
||||||
[Documentation] Testcase to validate NeoFS operations with BearerToken for Сompound Operations.
|
[Documentation] Testcase to validate NeoFS operations with BearerToken for Сompound Operations.
|
||||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
[Tags] ACL NeoFSCLI BearerToken
|
||||||
[Timeout] 20 min
|
[Timeout] 20 min
|
||||||
|
|
||||||
[Setup] Setup
|
[Setup] Setup
|
||||||
|
@ -28,7 +30,6 @@ BearerToken Operations for Сompound Operations
|
||||||
Check Сompound Operations
|
Check Сompound Operations
|
||||||
|
|
||||||
Log Check Bearer token with complex object
|
Log Check Bearer token with complex object
|
||||||
|
|
||||||
Generate file ${COMPLEX_OBJ_SIZE}
|
Generate file ${COMPLEX_OBJ_SIZE}
|
||||||
Check Сompound Operations
|
Check Сompound Operations
|
||||||
|
|
||||||
|
@ -38,101 +39,101 @@ BearerToken Operations for Сompound Operations
|
||||||
*** Keywords ***
|
*** Keywords ***
|
||||||
|
|
||||||
Check Сompound Operations
|
Check Сompound Operations
|
||||||
Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
Check Bearer Сompound Get ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||||
Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
Check Bearer Сompound Get ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||||
Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
Check Bearer Сompound Get ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||||
|
|
||||||
Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
Check Bearer Сompound Delete ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||||
Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
Check Bearer Сompound Delete ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||||
Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
Check Bearer Сompound Delete ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||||
|
|
||||||
Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
Check Bearer Сompound Get Range Hash ${OTHER_KEY} OTHERS ${EACL_DENY_ALL_OTHERS}
|
||||||
Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
Check Bearer Сompound Get Range Hash ${USER_KEY} USER ${EACL_DENY_ALL_USER}
|
||||||
Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
Check Bearer Сompound Get Range Hash ${SYSTEM_KEY} SYSTEM ${EACL_DENY_ALL_SYSTEM}
|
||||||
|
|
||||||
|
|
||||||
Check Bearer Сompound Get
|
Check Bearer Сompound Get
|
||||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||||
|
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Put object ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object ${KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP}
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=${DENY_GROUP}
|
||||||
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
|
${rule2}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=${DENY_GROUP}
|
||||||
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
${rule3}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3}
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
... Head object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
|
|
||||||
Get object ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
Get object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
|
||||||
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
|
||||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256
|
||||||
|
|
||||||
|
|
||||||
Check Bearer Сompound Delete
|
Check Bearer Сompound Delete
|
||||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||||
|
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
|
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
Put object ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP}
|
${rule1} = Create Dictionary Operation=DELETE Access=ALLOW Role=${DENY_GROUP}
|
||||||
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
|
${rule2} = Create Dictionary Operation=PUT Access=DENY Role=${DENY_GROUP}
|
||||||
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
|
${rule3} = Create Dictionary Operation=HEAD Access=DENY Role=${DENY_GROUP}
|
||||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
... Head object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${KEY} ${FILE_S} ${CID} bearer_allow ${FILE_OTH_HEADER}
|
... Put object ${KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
|
||||||
|
|
||||||
Delete object ${KEY} ${CID} ${S_OID_USER} bearer_allow
|
Delete object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Check Bearer Сompound Get Range Hash
|
Check Bearer Сompound Get Range Hash
|
||||||
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
[Arguments] ${KEY} ${DENY_GROUP} ${DENY_EACL}
|
||||||
|
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
|
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Put object ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object ${KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
Get Range Hash ${SYSTEM_KEY_SN} ${CID} ${S_OID_USER} ${EMPTY} 0:256
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
Set eACL ${USER_KEY} ${CID} ${DENY_EACL}
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
${rule1} = Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=${DENY_GROUP}
|
||||||
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
|
${rule2} = Create Dictionary Operation=GETRANGE Access=DENY Role=${DENY_GROUP}
|
||||||
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
|
${rule3} = Create Dictionary Operation=GET Access=DENY Role=${DENY_GROUP}
|
||||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3}
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow 0:256
|
... Get Range ${KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${KEY} ${CID} ${S_OID_USER} bearer_allow local_file_eacl
|
... Get object ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
|
||||||
|
|
||||||
Get Range Hash ${KEY} ${CID} ${S_OID_USER} bearer_allow 0:256
|
Get Range Hash ${KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256
|
||||||
|
|
|
@ -1,12 +1,15 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library neofs.py
|
||||||
|
Library acl.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource setup_teardown.robot
|
||||||
|
|
||||||
|
|
||||||
*** Test cases ***
|
*** Test cases ***
|
||||||
|
@ -18,7 +21,6 @@ BearerToken Operations with Filter OID Equal
|
||||||
[Setup] Setup
|
[Setup] Setup
|
||||||
|
|
||||||
Generate Keys
|
Generate Keys
|
||||||
Prepare eACL Role rules
|
|
||||||
|
|
||||||
Log Check Bearer token with simple object
|
Log Check Bearer token with simple object
|
||||||
Generate file ${SIMPLE_OBJ_SIZE}
|
Generate file ${SIMPLE_OBJ_SIZE}
|
||||||
|
@ -54,43 +56,43 @@ Check eACL Deny and Allow All Bearer Filter OID Equal
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER}
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=$Object:objectID value=${S_OID_USER}
|
||||||
|
|
||||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN} local_file_eacl
|
||||||
|
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
|
||||||
|
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user
|
... Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EACL_TOKEN}
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library neofs.py
|
||||||
|
Library acl.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
@ -13,20 +15,18 @@ Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
*** Test cases ***
|
*** Test cases ***
|
||||||
BearerToken Operations with Filter OID NotEqual
|
BearerToken Operations with Filter OID NotEqual
|
||||||
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter OID NotEqual.
|
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter OID NotEqual.
|
||||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
[Tags] ACL NeoFSCLI BearerToken
|
||||||
[Timeout] 20 min
|
[Timeout] 20 min
|
||||||
|
|
||||||
[Setup] Setup
|
[Setup] Setup
|
||||||
|
|
||||||
Generate Keys
|
Generate Keys
|
||||||
Prepare eACL Role rules
|
|
||||||
|
|
||||||
Log Check Bearer token with simple object
|
Log Check Bearer token with simple object
|
||||||
Generate file ${SIMPLE_OBJ_SIZE}
|
Generate file ${SIMPLE_OBJ_SIZE}
|
||||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||||
|
|
||||||
Log Check Bearer token with complex object
|
Log Check Bearer token with complex object
|
||||||
|
|
||||||
Generate file ${COMPLEX_OBJ_SIZE}
|
Generate file ${COMPLEX_OBJ_SIZE}
|
||||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||||
|
|
||||||
|
@ -36,90 +36,70 @@ BearerToken Operations with Filter OID NotEqual
|
||||||
|
|
||||||
*** Keywords ***
|
*** Keywords ***
|
||||||
|
|
||||||
|
|
||||||
Prepare eACL Role rules
|
|
||||||
Log Set eACL for different Role cases
|
|
||||||
|
|
||||||
# eACL rules for all operations and similar permissions
|
|
||||||
@{Roles} = Create List OTHERS USER SYSTEM
|
|
||||||
FOR ${role} IN @{Roles}
|
|
||||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
|
|
||||||
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
|
||||||
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
|
|
||||||
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
|
||||||
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
|
||||||
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
|
||||||
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
|
||||||
|
|
||||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
||||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
|
||||||
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
|
|
||||||
END
|
|
||||||
|
|
||||||
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
Check eACL Deny and Allow All Bearer Filter OID NotEqual
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2}
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=$Object:objectID value=${S_OID_USER_2}
|
||||||
|
|
||||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
|
||||||
|
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN} local_file_eacl
|
||||||
|
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER_2} s_get_range bearer_allow_all_user 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER_2} s_get_range ${EACL_TOKEN} 0:256
|
||||||
|
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}
|
||||||
|
|
||||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
... Delete object ${USER_KEY} ${CID} ${D_OID_USER_2} bearer_allow_all_user
|
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${D_OID_USER_2} ${EACL_TOKEN}
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library acl.py
|
||||||
|
Library neofs.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
@ -12,7 +14,7 @@ Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
*** Test cases ***
|
*** Test cases ***
|
||||||
BearerToken Operations with Filter UserHeader Equal
|
BearerToken Operations with Filter UserHeader Equal
|
||||||
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter UserHeader Equal.
|
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter UserHeader Equal.
|
||||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
[Tags] ACL NeoFSCLI BearerToken
|
||||||
[Timeout] 20 min
|
[Timeout] 20 min
|
||||||
|
|
||||||
[Setup] Setup
|
[Setup] Setup
|
||||||
|
@ -33,91 +35,73 @@ BearerToken Operations with Filter UserHeader Equal
|
||||||
|
|
||||||
*** Keywords ***
|
*** Keywords ***
|
||||||
|
|
||||||
Prepare eACL Role rules
|
|
||||||
Log Set eACL for different Role cases
|
|
||||||
# eACL rules for all operations and similar permissions
|
|
||||||
@{Roles} = Create List OTHERS USER SYSTEM
|
|
||||||
FOR ${role} IN @{Roles}
|
|
||||||
${rule1} = Create Dictionary Operation=GET Access=DENY Role=${role}
|
|
||||||
${rule2} = Create Dictionary Operation=HEAD Access=DENY Role=${role}
|
|
||||||
${rule3} = Create Dictionary Operation=PUT Access=DENY Role=${role}
|
|
||||||
${rule4} = Create Dictionary Operation=DELETE Access=DENY Role=${role}
|
|
||||||
${rule5} = Create Dictionary Operation=SEARCH Access=DENY Role=${role}
|
|
||||||
${rule6} = Create Dictionary Operation=GETRANGE Access=DENY Role=${role}
|
|
||||||
${rule7} = Create Dictionary Operation=GETRANGEHASH Access=DENY Role=${role}
|
|
||||||
|
|
||||||
${eACL_gen} = Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
|
||||||
Form eACL json common file gen_eacl_deny_all_${role} ${eACL_gen}
|
|
||||||
Set Global Variable ${EACL_DENY_ALL_${role}} gen_eacl_deny_all_${role}
|
|
||||||
END
|
|
||||||
|
|
||||||
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
Check eACL Deny and Allow All Bearer Filter UserHeader Equal
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_EQUAL key=key2 value=abc
|
||||||
|
|
||||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
|
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
|
||||||
|
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN} local_file_eacl
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256
|
||||||
|
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}
|
||||||
|
|
||||||
# Delete can not be filtered by UserHeader.
|
# Delete can not be filtered by UserHeader.
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}
|
||||||
|
|
|
@ -1,30 +1,31 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library neofs.py
|
||||||
|
Library acl.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
|
||||||
*** Test cases ***
|
*** Test cases ***
|
||||||
BearerToken Operations Filter UserHeader NotEqual
|
BearerToken Operations Filter UserHeader NotEqual
|
||||||
[Documentation] Testcase to validate NeoFS operations with BearerToken Filter UserHeader NotEqual.
|
[Documentation] Testcase to validate NeoFS operations with BearerToken Filter UserHeader NotEqual.
|
||||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
[Tags] ACL NeoFSCLI BearerToken
|
||||||
[Timeout] 20 min
|
[Timeout] 20 min
|
||||||
|
|
||||||
[Setup] Setup
|
[Setup] Setup
|
||||||
|
|
||||||
Generate Keys
|
Generate Keys
|
||||||
Prepare eACL Role rules
|
|
||||||
|
|
||||||
Log Check Bearer token with simple object
|
Log Check Bearer token with simple object
|
||||||
Generate file ${SIMPLE_OBJ_SIZE}
|
Generate file ${SIMPLE_OBJ_SIZE}
|
||||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||||
|
|
||||||
Log Check Bearer token with complex object
|
Log Check Bearer token with complex object
|
||||||
|
|
||||||
Generate file ${COMPLEX_OBJ_SIZE}
|
Generate file ${COMPLEX_OBJ_SIZE}
|
||||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||||
|
|
||||||
|
@ -33,77 +34,76 @@ BearerToken Operations Filter UserHeader NotEqual
|
||||||
*** Keywords ***
|
*** Keywords ***
|
||||||
|
|
||||||
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
Check eACL Deny and Allow All Bearer Filter UserHeader NotEqual
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER_2}
|
@{S_OBJ_H} = Create List ${S_OID_USER_2}
|
||||||
|
|
||||||
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
# The current ACL cache lifetime is 30 sec
|
||||||
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
|
||||||
|
|
||||||
${filters}= Create Dictionary headerType=OBJECT matchType=STRING_NOT_EQUAL key=key2 value=abc
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
|
|
||||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7}
|
||||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
|
||||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
|
||||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
|
||||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
|
||||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
|
||||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
|
||||||
|
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule6} ${rule7}
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
Run Keyword And Expect Error *
|
||||||
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
# Search can not use filter by headers
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
Run Keyword And Expect Error *
|
||||||
Run Keyword And Expect Error *
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
|
||||||
Run Keyword And Expect Error *
|
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
|
||||||
Run Keyword And Expect Error *
|
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
||||||
Run Keyword And Expect Error *
|
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
|
||||||
Run Keyword And Expect Error *
|
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
|
||||||
|
|
||||||
# Search can not use filter by headers
|
# Different behaviour for big and small objects!
|
||||||
Run Keyword And Expect Error *
|
# Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER}
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H}
|
Run Keyword And Expect Error *
|
||||||
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${EMPTY}
|
||||||
|
|
||||||
# Different behaviour for big and small objects!
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl
|
||||||
# Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER}
|
Run Keyword And Expect Error *
|
||||||
Run Keyword And Expect Error *
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN} local_file_eacl
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${EMPTY}
|
|
||||||
|
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl
|
Run Keyword And Expect Error *
|
||||||
Run Keyword And Expect Error *
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user local_file_eacl
|
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256
|
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}
|
||||||
|
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
# Delete can not be filtered by UserHeader.
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN}
|
||||||
|
Run Keyword And Expect Error *
|
||||||
# Delete can not be filtered by UserHeader.
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} ${EACL_TOKEN}
|
||||||
Run Keyword And Expect Error *
|
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user
|
|
||||||
Run Keyword And Expect Error *
|
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER_2} bearer_allow_all_user
|
|
||||||
|
|
|
@ -1,10 +1,13 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
|
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library neofs.py
|
||||||
|
Library acl.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
@ -12,20 +15,18 @@ Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
*** Test cases ***
|
*** Test cases ***
|
||||||
BearerToken Operations for Inaccessible Container
|
BearerToken Operations for Inaccessible Container
|
||||||
[Documentation] Testcase to validate NeoFS operations with BearerToken for Inaccessible Container.
|
[Documentation] Testcase to validate NeoFS operations with BearerToken for Inaccessible Container.
|
||||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
[Tags] ACL NeoFSCLI BearerToken
|
||||||
[Timeout] 20 min
|
[Timeout] 20 min
|
||||||
|
|
||||||
[Setup] Setup
|
[Setup] Setup
|
||||||
|
|
||||||
Generate Keys
|
Generate Keys
|
||||||
Prepare eACL Role rules
|
|
||||||
|
|
||||||
Log Check Bearer token with simple object
|
Log Check Bearer token with simple object
|
||||||
Generate file ${SIMPLE_OBJ_SIZE}
|
Generate file ${SIMPLE_OBJ_SIZE}
|
||||||
Check Container Inaccessible and Allow All Bearer
|
Check Container Inaccessible and Allow All Bearer
|
||||||
|
|
||||||
Log Check Bearer token with complex object
|
Log Check Bearer token with complex object
|
||||||
|
|
||||||
Generate file ${COMPLEX_OBJ_SIZE}
|
Generate file ${COMPLEX_OBJ_SIZE}
|
||||||
Check Container Inaccessible and Allow All Bearer
|
Check Container Inaccessible and Allow All Bearer
|
||||||
|
|
||||||
|
@ -34,29 +35,28 @@ BearerToken Operations for Inaccessible Container
|
||||||
*** Keywords ***
|
*** Keywords ***
|
||||||
|
|
||||||
Check Container Inaccessible and Allow All Bearer
|
Check Container Inaccessible and Allow All Bearer
|
||||||
${CID} = Create Container Inaccessible
|
${CID} = Create Container Inaccessible
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
${rule1}= Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
${rule1} = Create Dictionary Operation=PUT Access=ALLOW Role=USER
|
||||||
${rule2}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
${rule2} = Create Dictionary Operation=SEARCH Access=ALLOW Role=USER
|
||||||
|
${eACL_gen} = Create List ${rule1} ${rule2}
|
||||||
|
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2}
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
Run Keyword And Expect Error *
|
||||||
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER}
|
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library neofs.py
|
||||||
|
Library acl.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
@ -25,7 +27,6 @@ BearerToken Operations
|
||||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||||
|
|
||||||
Log Check Bearer token with complex object
|
Log Check Bearer token with complex object
|
||||||
|
|
||||||
Generate file ${COMPLEX_OBJ_SIZE}
|
Generate file ${COMPLEX_OBJ_SIZE}
|
||||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||||
|
|
||||||
|
@ -37,10 +38,10 @@ BearerToken Operations
|
||||||
|
|
||||||
Check eACL Allow All Bearer Filter Requst Equal Deny
|
Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
|
|
||||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||||
|
@ -52,27 +53,28 @@ Check eACL Allow All Bearer Filter Requst Equal Deny
|
||||||
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters}
|
${rule6}= Create Dictionary Operation=GETRANGE Access=DENY Role=USER Filters=${filters}
|
||||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters}
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=DENY Role=USER Filters=${filters}
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2
|
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
|
||||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} bearer_allow_all_user --xhdr a=2
|
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_OTH_HEADER} ${EMPTY} --xhdr a=2
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl ${EMPTY} --xhdr a=2
|
||||||
Run Keyword And Expect Error *
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${S_OBJ_H} --xhdr a=2
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} ${EMPTY} --xhdr a=2
|
||||||
Run Keyword And Expect Error *
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256 --xhdr a=2
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256 --xhdr a=2
|
||||||
Run Keyword And Expect Error *
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EACL_TOKEN} --xhdr a=2
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl ${EMPTY} --xhdr a=256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} ${EMPTY} --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256 --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256 --xhdr a=256
|
||||||
|
Run Keyword And Expect Error *
|
||||||
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} --xhdr a=256
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library acl.py
|
||||||
|
Library neofs.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
@ -13,7 +15,7 @@ Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
*** Test cases ***
|
*** Test cases ***
|
||||||
BearerToken Operations with Filter Requst Equal
|
BearerToken Operations with Filter Requst Equal
|
||||||
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst Equal.
|
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst Equal.
|
||||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
[Tags] ACL NeoFSCLI BearerToken
|
||||||
[Timeout] 20 min
|
[Timeout] 20 min
|
||||||
|
|
||||||
[Setup] Setup
|
[Setup] Setup
|
||||||
|
@ -26,7 +28,6 @@ BearerToken Operations with Filter Requst Equal
|
||||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||||
|
|
||||||
Log Check Bearer token with complex object
|
Log Check Bearer token with complex object
|
||||||
|
|
||||||
Generate file ${COMPLEX_OBJ_SIZE}
|
Generate file ${COMPLEX_OBJ_SIZE}
|
||||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||||
|
|
||||||
|
@ -38,51 +39,51 @@ BearerToken Operations with Filter Requst Equal
|
||||||
|
|
||||||
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
Check eACL Deny and Allow All Bearer Filter Requst Equal
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_EQUAL key=a value=256
|
||||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=256
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl ${EMPTY} --xhdr a=256
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=256
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=256
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} ${EMPTY} --xhdr a=256
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256 --xhdr a=256
|
||||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=256
|
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256 --xhdr a=256
|
||||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=256
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} --xhdr a=256
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library acl.py
|
||||||
|
Library neofs.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
|
Resource ../../../variables/eacl_tables.robot
|
||||||
Resource common_steps_acl_bearer.robot
|
Resource common_steps_acl_bearer.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
Resource ../${RESOURCES}/setup_teardown.robot
|
Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
|
@ -13,13 +15,12 @@ Resource ../${RESOURCES}/setup_teardown.robot
|
||||||
*** Test cases ***
|
*** Test cases ***
|
||||||
BearerToken Operations with Filter Requst NotEqual
|
BearerToken Operations with Filter Requst NotEqual
|
||||||
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst NotEqual.
|
[Documentation] Testcase to validate NeoFS operations with BearerToken with Filter Requst NotEqual.
|
||||||
[Tags] ACL NeoFS NeoCLI BearerToken
|
[Tags] ACL NeoFSCLI BearerToken
|
||||||
[Timeout] 20 min
|
[Timeout] 20 min
|
||||||
|
|
||||||
[Setup] Setup
|
[Setup] Setup
|
||||||
|
|
||||||
Generate Keys
|
Generate Keys
|
||||||
Prepare eACL Role rules
|
|
||||||
|
|
||||||
Log Check Bearer token with simple object
|
Log Check Bearer token with simple object
|
||||||
Generate file ${SIMPLE_OBJ_SIZE}
|
Generate file ${SIMPLE_OBJ_SIZE}
|
||||||
|
@ -36,51 +37,51 @@ BearerToken Operations with Filter Requst NotEqual
|
||||||
|
|
||||||
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
Check eACL Deny and Allow All Bearer Filter Requst NotEqual
|
||||||
${CID} = Create Container Public
|
${CID} = Create Container Public
|
||||||
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
${S_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
${S_OID_USER_2} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${EMPTY}
|
||||||
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
${D_OID_USER} = Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER_DEL}
|
||||||
@{S_OBJ_H} = Create List ${S_OID_USER}
|
@{S_OBJ_H} = Create List ${S_OID_USER}
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_OTH_HEADER}
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
Delete object ${USER_KEY} ${CID} ${D_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
Set eACL ${USER_KEY} ${CID} ${EACL_DENY_ALL_USER}
|
||||||
|
|
||||||
# The current ACL cache lifetime is 30 sec
|
# The current ACL cache lifetime is 30 sec
|
||||||
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
Sleep ${NEOFS_CONTRACT_CACHE_TIMEOUT}
|
||||||
|
|
||||||
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256
|
${filters}= Create Dictionary headerType=REQUEST matchType=STRING_NOT_EQUAL key=a value=256
|
||||||
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
${rule1}= Create Dictionary Operation=GET Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
${rule2}= Create Dictionary Operation=HEAD Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
${rule3}= Create Dictionary Operation=PUT Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
${rule4}= Create Dictionary Operation=DELETE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
${rule5}= Create Dictionary Operation=SEARCH Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
${rule6}= Create Dictionary Operation=GETRANGE Access=ALLOW Role=USER Filters=${filters}
|
||||||
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
${rule7}= Create Dictionary Operation=GETRANGEHASH Access=ALLOW Role=USER Filters=${filters}
|
||||||
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
${eACL_gen}= Create List ${rule1} ${rule2} ${rule3} ${rule4} ${rule5} ${rule6} ${rule7}
|
||||||
Form BearerToken file ${USER_KEY} ${CID} bearer_allow_all_user ${eACL_gen} 100500
|
${EACL_TOKEN} = Form BearerToken File ${USER_KEY} ${CID} ${eACL_gen}
|
||||||
|
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
... Put object ${USER_KEY} ${FILE_S} ${CID} ${EMPTY} ${FILE_USR_HEADER}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
... Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY} local_file_eacl
|
||||||
#Run Keyword And Expect Error *
|
#Run Keyword And Expect Error *
|
||||||
#... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
#... Search object ${USER_KEY} ${CID} ${EMPTY} ${EMPTY} ${FILE_USR_HEADER} ${S_OBJ_H}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
... Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EMPTY} 0:256
|
||||||
Run Keyword And Expect Error *
|
Run Keyword And Expect Error *
|
||||||
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
... Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EMPTY}
|
||||||
|
|
||||||
Put object ${USER_KEY} ${FILE_S} ${CID} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
Put object ${USER_KEY} ${FILE_S} ${CID} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||||
Get object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user local_file_eacl ${EMPTY} --xhdr a=2
|
Get object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} local_file_eacl ${EMPTY} --xhdr a=2
|
||||||
Search object ${USER_KEY} ${CID} ${EMPTY} bearer_allow_all_user ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
Search object ${USER_KEY} ${CID} ${EMPTY} ${EACL_TOKEN} ${FILE_USR_HEADER} ${EMPTY} --xhdr a=2
|
||||||
Head object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user ${EMPTY} --xhdr a=2
|
Head object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} ${EMPTY} --xhdr a=2
|
||||||
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range bearer_allow_all_user 0:256 --xhdr a=2
|
Get Range ${USER_KEY} ${CID} ${S_OID_USER} s_get_range ${EACL_TOKEN} 0:256 --xhdr a=2
|
||||||
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user 0:256 --xhdr a=2
|
Get Range Hash ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} 0:256 --xhdr a=2
|
||||||
Delete object ${USER_KEY} ${CID} ${S_OID_USER} bearer_allow_all_user --xhdr a=2
|
Delete object ${USER_KEY} ${CID} ${S_OID_USER} ${EACL_TOKEN} --xhdr a=2
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
Library ../${RESOURCES}/neofs.py
|
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
|
||||||
|
|
||||||
Library Collections
|
Library Collections
|
||||||
|
Library acl.py
|
||||||
|
Library neofs.py
|
||||||
|
Library payment_neogo.py
|
||||||
|
|
||||||
Resource common_steps_acl_extended.robot
|
Resource common_steps_acl_extended.robot
|
||||||
Resource ../${RESOURCES}/payment_operations.robot
|
Resource ../${RESOURCES}/payment_operations.robot
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
*** Settings ***
|
*** Settings ***
|
||||||
Variables ../../../variables/common.py
|
Variables ../../../variables/common.py
|
||||||
|
|
||||||
Library ../${RESOURCES}/neofs.py
|
Library acl.py
|
||||||
Library ../${RESOURCES}/payment_neogo.py
|
Library neofs.py
|
||||||
|
Library payment_neogo.py
|
||||||
Library Collections
|
Library Collections
|
||||||
|
|
||||||
Resource common_steps_acl_extended.robot
|
Resource common_steps_acl_extended.robot
|
||||||
|
|
Loading…
Reference in a new issue