[#15] Check container name

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
Denis Kirillov 2022-07-07 16:33:36 +03:00 committed by Alex Vanin
parent 9fba8d7f23
commit eab43cea3b
3 changed files with 103 additions and 4 deletions

View file

@ -60,7 +60,7 @@ const (
// tests configuration. // tests configuration.
useWalletConnect = false useWalletConnect = false
useLocalEnvironment = true useLocalEnvironment = false
) )
func TestIntegration(t *testing.T) { func TestIntegration(t *testing.T) {
@ -123,6 +123,7 @@ func runTests(ctx context.Context, t *testing.T, key *keys.PrivateKey, version s
t.Run("rest delete object "+version, func(t *testing.T) { restObjectDelete(ctx, t, clientPool, cnrID) }) t.Run("rest delete object "+version, func(t *testing.T) { restObjectDelete(ctx, t, clientPool, cnrID) })
t.Run("rest search objects "+version, func(t *testing.T) { restObjectsSearch(ctx, t, clientPool, cnrID) }) t.Run("rest search objects "+version, func(t *testing.T) { restObjectsSearch(ctx, t, clientPool, cnrID) })
t.Run("rest put container invalid "+version, func(t *testing.T) { restContainerPutInvalid(ctx, t) })
t.Run("rest put container "+version, func(t *testing.T) { restContainerPut(ctx, t, clientPool) }) t.Run("rest put container "+version, func(t *testing.T) { restContainerPut(ctx, t, clientPool) })
t.Run("rest get container "+version, func(t *testing.T) { restContainerGet(ctx, t, clientPool, cnrID) }) t.Run("rest get container "+version, func(t *testing.T) { restContainerGet(ctx, t, clientPool, cnrID) })
t.Run("rest delete container "+version, func(t *testing.T) { restContainerDelete(ctx, t, clientPool) }) t.Run("rest delete container "+version, func(t *testing.T) { restContainerDelete(ctx, t, clientPool) })
@ -813,6 +814,36 @@ func signTokenWalletConnect(t *testing.T, key *keys.PrivateKey, data []byte) *ha
} }
} }
func restContainerPutInvalid(ctx context.Context, t *testing.T) {
bearer := &models.Bearer{
Container: &models.Rule{
Verb: models.NewVerb(models.VerbPUT),
},
}
httpClient := &http.Client{Timeout: 30 * time.Second}
bearerTokens := makeAuthTokenRequest(ctx, t, []*models.Bearer{bearer}, httpClient)
bearerToken := bearerTokens[0]
reqURL, err := url.Parse(testHost + "/v1/containers")
require.NoError(t, err)
query := reqURL.Query()
query.Add("name-scope-global", "true")
query.Add(walletConnectQuery, strconv.FormatBool(useWalletConnect))
reqURL.RawQuery = query.Encode()
body, err := json.Marshal(&operations.PutContainerBody{ContainerName: "nameWithCapitalLetters"})
require.NoError(t, err)
request, err := http.NewRequest(http.MethodPut, reqURL.String(), bytes.NewReader(body))
require.NoError(t, err)
prepareCommonHeaders(request.Header, bearerToken)
resp := &models.ErrorResponse{}
doRequest(t, httpClient, request, http.StatusBadRequest, resp)
require.Equal(t, int64(0), resp.Code)
require.Equal(t, models.ErrorTypeGW, *resp.Type)
}
func restContainerPut(ctx context.Context, t *testing.T, clientPool *pool.Pool) { func restContainerPut(ctx context.Context, t *testing.T, clientPool *pool.Pool) {
bearer := &models.Bearer{ bearer := &models.Bearer{
Container: &models.Rule{ Container: &models.Rule{

View file

@ -0,0 +1,37 @@
package handlers
import (
"testing"
"github.com/stretchr/testify/require"
)
func TestCheckContainerName(t *testing.T) {
name64 := "container-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
name256 := "container-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
for _, tc := range []struct {
name string
valid bool
}{
{name: "container", valid: true},
{name: "container-name", valid: true},
{name: "container.name", valid: true},
{name: "container2", valid: true},
{name: "2container.name", valid: true},
{name: "containerName", valid: false},
{name: "-container", valid: false},
{name: "container-", valid: false},
{name: "container name", valid: false},
{name: "c", valid: false},
{name: name64 + ".name", valid: false},
{name: name256, valid: false},
} {
err := checkNNSContainerName(tc.name)
if tc.valid {
require.NoError(t, err)
} else {
require.Error(t, err)
}
}
}

View file

@ -341,8 +341,8 @@ func createContainer(ctx context.Context, p *pool.Pool, stoken *session.Token, p
cnr.SetSessionToken(stoken) cnr.SetSessionToken(stoken)
if *params.NameScopeGlobal { // we don't check for nil because there is default false value if *params.NameScopeGlobal { // we don't check for nil because there is default false value
if request.ContainerName == "" { if err = checkNNSContainerName(request.ContainerName); err != nil {
return nil, fmt.Errorf("container name must not be empty to be registered in NNS") return nil, fmt.Errorf("invalid container name: %w", err)
} }
container.SetNativeName(cnr, request.ContainerName) container.SetNativeName(cnr, request.ContainerName)
} }
@ -352,12 +352,43 @@ func createContainer(ctx context.Context, p *pool.Pool, stoken *session.Token, p
cnrID, err := p.PutContainer(ctx, prm) cnrID, err := p.PutContainer(ctx, prm)
if err != nil { if err != nil {
return nil, fmt.Errorf("could put object to neofs: %w", err) return nil, fmt.Errorf("put container: %w", err)
} }
return cnrID, nil return cnrID, nil
} }
func checkNNSContainerName(name string) error {
length := len(name)
if length < 3 || 255 < length {
return fmt.Errorf("invalid length: %d", length)
}
fragments := strings.Split(name, ".")
for _, fragment := range fragments {
fLength := len(fragment)
if fLength < 1 || 63 < fLength {
return fmt.Errorf("invalid fragment length: %d", fLength)
}
if !isAlNum(fragment[0]) || !isAlNum(fragment[fLength-1]) {
return fmt.Errorf("invalid fragment: '%s'", fragment)
}
for i := 1; i < fLength-1; i++ {
if fragment[i] != '-' && !isAlNum(fragment[i]) {
return fmt.Errorf("invalid fragment: '%s'", fragment)
}
}
}
return nil
}
func isAlNum(c uint8) bool {
return c >= 'a' && c <= 'z' || c >= '0' && c <= '9'
}
func prepareSessionToken(bt *BearerToken, isWalletConnect bool) (*session.Token, error) { func prepareSessionToken(bt *BearerToken, isWalletConnect bool) (*session.Token, error) {
data, err := base64.StdEncoding.DecodeString(bt.Token) data, err := base64.StdEncoding.DecodeString(bt.Token)
if err != nil { if err != nil {