[226] Tests: test for session token for object

A test for session token for object rewritten in pytest. Signed-off-by: Elizaveta Chichindaeva <elizaveta@nspcc.ru>
2022-09-05 12:35:46 +03:00 · 2022-09-05 12:35:46 +03:00 · 92cbc2e11b
commit 92cbc2e11b
parent 3f6ba19a8b
6 changed files with 513 additions and 138 deletions
--- a/pytest_tests/helpers/grpc_responses.py
+++ b/pytest_tests/helpers/grpc_responses.py
@ -9,6 +9,7 @@ CONTAINER_NOT_FOUND = "code = 3072.*message = container not found"
 OBJECT_ACCESS_DENIED = "code = 2048.*message = access to object operation denied"
 OBJECT_NOT_FOUND = "code = 2049.*message = object not found"
 OBJECT_ALREADY_REMOVED = "code = 2052.*message = object already removed"
+SESSION_NOT_FOUND = "code = 4096.*message = session token not found"


 def error_matches_status(error: Exception, status_pattern: str) -> bool:
--- a/pytest_tests/pytest.ini
+++ b/pytest_tests/pytest.ini
@ -17,6 +17,7 @@ markers =
    curl: tests for HTTP gate with curl utility
    long: long tests (with long execution time)
    node_mgmt: neofs control commands
+    session_token: tests for operations with session token
    acl: tests for basic and extended ACL
    storage_group: tests for storage groups
    failover: tests for system recovery after a failure
--- a/pytest_tests/testsuites/conftest.py
+++ b/pytest_tests/testsuites/conftest.py
@ -4,18 +4,25 @@ import re
 import shutil
 from datetime import datetime

-import allure
 import pytest
 import wallet
 from cli_helpers import _cmd_run
 from cli_utils import NeofsAdm, NeofsCli
-from common import (ASSETS_DIR, FREE_STORAGE, INFRASTRUCTURE_TYPE, MAINNET_WALLET_PATH,
-                    NEOFS_NETMAP_DICT)
+from common import (
+    ASSETS_DIR,
+    FREE_STORAGE,
+    INFRASTRUCTURE_TYPE,
+    MAINNET_WALLET_PATH,
+    NEOFS_NETMAP_DICT
+)
 from env_properties import save_env_properties
 from payment_neogo import neofs_deposit, transfer_mainnet_gas
 from python_keywords.node_management import node_healthcheck
 from robot.api import deco
 from service_helper import get_storage_service_helper
+from wallet import init_wallet
+
+import allure


 def robot_keyword_adapter(name=None, tags=(), types=()):
@ -24,28 +31,28 @@ def robot_keyword_adapter(name=None, tags=(), types=()):

 deco.keyword = robot_keyword_adapter

-logger = logging.getLogger('NeoLogger')
+logger = logging.getLogger("NeoLogger")


-@pytest.fixture(scope='session')
+@pytest.fixture(scope="session")
 def cloud_infrastructure_check():
    if INFRASTRUCTURE_TYPE != "CLOUD_VM":
-        pytest.skip('Test only works on SberCloud infrastructure')
+        pytest.skip("Test only works on SberCloud infrastructure")
    yield


-@pytest.fixture(scope='session', autouse=True)
-@allure.title('Check binary versions')
+@pytest.fixture(scope="session", autouse=True)
+@allure.title("Check binary versions")
 def check_binary_versions(request):
    # Collect versions of local binaries
-    binaries = ['neo-go', 'neofs-authmate']
+    binaries = ["neo-go", "neofs-authmate"]
    local_binaries = _get_binaries_version_local(binaries)

    try:
-        local_binaries['neofs-adm'] = NeofsAdm().version.get()
+        local_binaries["neofs-adm"] = NeofsAdm().version.get()
    except RuntimeError:
-        logger.info(f'neofs-adm not installed')
-    local_binaries['neofs-cli'] = NeofsCli().version.get()
+        logger.info(f"neofs-adm not installed")
+    local_binaries["neofs-cli"] = NeofsCli().version.get()

    # Collect versions of remote binaries
    helper = get_storage_service_helper()
@ -53,9 +60,9 @@ def check_binary_versions(request):
    all_binaries = {**local_binaries, **remote_binaries}

    # Get version of aws binary
-    out = _cmd_run('aws --version')
+    out = _cmd_run("aws --version")
    out_lines = out.split("\n")
-    all_binaries["AWS"] = out_lines[0] if out_lines else 'Unknown'
+    all_binaries["AWS"] = out_lines[0] if out_lines else "Unknown"

    save_env_properties(request.config, all_binaries)

@ -63,16 +70,16 @@ def check_binary_versions(request):
 def _get_binaries_version_local(binaries: list) -> dict:
    env_out = {}
    for binary in binaries:
-        out = _cmd_run(f'{binary} --version')
-        version = re.search(r'version[:\s]*(.+)', out, re.IGNORECASE)
-        env_out[binary] = version.group(1).strip() if version else 'Unknown'
+        out = _cmd_run(f"{binary} --version")
+        version = re.search(r"version[:\s]*(.+)", out, re.IGNORECASE)
+        env_out[binary] = version.group(1).strip() if version else "Unknown"
    return env_out


-@pytest.fixture(scope='session')
-@allure.title('Prepare tmp directory')
+@pytest.fixture(scope="session")
+@allure.title("Prepare tmp directory")
 def prepare_tmp_dir():
-    full_path = f'{os.getcwd()}/{ASSETS_DIR}'
+    full_path = f"{os.getcwd()}/{ASSETS_DIR}"
    shutil.rmtree(full_path, ignore_errors=True)
    os.mkdir(full_path)
    yield full_path
@ -99,25 +106,30 @@ def collect_logs(prepare_tmp_dir):
    allure.attach.file(logs_zip_file_path, name="logs.zip", extension="zip")


-@pytest.fixture(scope='session', autouse=True)
-@allure.title('Run health check for all storage nodes')
+@pytest.fixture(scope="session", autouse=True)
+@allure.title("Run health check for all storage nodes")
 def run_health_check(collect_logs):
    failed_nodes = []
    for node_name in NEOFS_NETMAP_DICT.keys():
        health_check = node_healthcheck(node_name)
-        if health_check.health_status != 'READY' or health_check.network_status != 'ONLINE':
+        if (
+            health_check.health_status != "READY"
+            or health_check.network_status != "ONLINE"
+        ):
            failed_nodes.append(node_name)

    if failed_nodes:
-        raise AssertionError(f'Nodes {failed_nodes} are not healthy')
+        raise AssertionError(f"Nodes {failed_nodes} are not healthy")


-@pytest.fixture(scope='session')
-@allure.title('Prepare wallet and deposit')
+@pytest.fixture(scope="session")
+@allure.title("Prepare wallet and deposit")
 def prepare_wallet_and_deposit(prepare_tmp_dir):
    wallet_path, addr, _ = wallet.init_wallet(ASSETS_DIR)
-    logger.info(f'Init wallet: {wallet_path},\naddr: {addr}')
-    allure.attach.file(wallet_path, os.path.basename(wallet_path), allure.attachment_type.JSON)
+    logger.info(f"Init wallet: {wallet_path},\naddr: {addr}")
+    allure.attach.file(
+        wallet_path, os.path.basename(wallet_path), allure.attachment_type.JSON
+    )

    if not FREE_STORAGE:
        deposit = 30
--- a/pytest_tests/testsuites/session_token/test_object_session_token.py
+++ b/pytest_tests/testsuites/session_token/test_object_session_token.py
@ -0,0 +1,209 @@
+import random
+
+import pytest
+from common import COMPLEX_OBJ_SIZE, NEOFS_NETMAP_DICT, SIMPLE_OBJ_SIZE
+from grpc_responses import SESSION_NOT_FOUND
+from payment_neogo import _address_from_wallet
+from python_keywords.container import create_container
+from python_keywords.neofs_verbs import (
+    delete_object,
+    get_object,
+    get_range,
+    head_object,
+    put_object,
+    search_object,
+)
+from python_keywords.session_token import create_session_token
+from python_keywords.utility_keywords import generate_file
+
+import allure
+
+
+@allure.title("Test Object Operations with Session Token")
+@pytest.mark.session_token
+@pytest.mark.parametrize(
+    "object_size",
+    [SIMPLE_OBJ_SIZE, COMPLEX_OBJ_SIZE],
+    ids=["simple object", "complex object"],
+)
+def test_object_session_token(prepare_wallet_and_deposit, object_size):
+    """
+    Test how operations over objects are executed with a session token
+
+    Steps:
+    1. Create a private container
+    2. Obj operation requests to the node which IS NOT in the container but granted with a session token
+    3. Obj operation requests to the node which IS in the container and NOT granted with a session token
+    4. Obj operation requests to the node which IS NOT in the container and NOT granted with a session token
+    """
+
+    with allure.step("Init wallet"):
+        wallet = prepare_wallet_and_deposit
+        address = _address_from_wallet(wallet, "")
+
+    with allure.step("Nodes Settlements"):
+        (
+            session_token_node_name,
+            container_node_name,
+            noncontainer_node_name,
+        ) = random.sample(list(NEOFS_NETMAP_DICT.keys()), 3)
+        session_token_node = NEOFS_NETMAP_DICT[session_token_node_name]["rpc"]
+        container_node = NEOFS_NETMAP_DICT[container_node_name]["rpc"]
+        noncontainer_node = NEOFS_NETMAP_DICT[noncontainer_node_name]["rpc"]
+
+    with allure.step("Create Session Token"):
+        session_token = create_session_token(address, wallet, rpc=session_token_node)
+
+    with allure.step("Create Private Container"):
+        un_locode = NEOFS_NETMAP_DICT[container_node_name]["UN-LOCODE"]
+        locode = "SPB" if un_locode == "RU LED" else un_locode.split()[1]
+        placement_policy = (
+            f"REP 1 IN LOC_{locode}_PLACE CBF 1 SELECT 1 FROM LOC_{locode} "
+            f'AS LOC_{locode}_PLACE FILTER "UN-LOCODE" '
+            f'EQ "{un_locode}" AS LOC_{locode}'
+        )
+        cid = create_container(wallet, rule=placement_policy)
+
+    with allure.step("Put Objects"):
+        file_path = generate_file(object_size)
+        oid = put_object(wallet=wallet, path=file_path, cid=cid)
+        oid_delete = put_object(wallet=wallet, path=file_path, cid=cid)
+
+    with allure.step("Node not in container but granted a session token"):
+        put_object(
+            wallet=wallet,
+            path=file_path,
+            cid=cid,
+            endpoint=session_token_node,
+            session=session_token,
+        )
+        head_object(
+            wallet=wallet,
+            cid=cid,
+            oid=oid,
+            endpoint=session_token_node,
+            session=session_token,
+        )
+        search_object(
+            wallet=wallet,
+            cid=cid,
+            endpoint=session_token_node,
+            expected_objects_list=[oid],
+            session=session_token,
+        )
+        get_object(
+            wallet=wallet,
+            cid=cid,
+            oid=oid,
+            endpoint=session_token_node,
+            session=session_token,
+        )
+        get_range(
+            wallet=wallet,
+            cid=cid,
+            oid=oid,
+            range_cut="0:256",
+            endpoint=session_token_node,
+            session=session_token,
+        )
+        delete_object(
+            wallet=wallet,
+            cid=cid,
+            oid=oid_delete,
+            endpoint=session_token_node,
+            session=session_token,
+        )
+
+    with allure.step("Node in container and not granted a session token"):
+        with pytest.raises(Exception, match=SESSION_NOT_FOUND):
+            put_object(
+                wallet=wallet,
+                path=file_path,
+                cid=cid,
+                endpoint=container_node,
+                session=session_token,
+            )
+        head_object(
+            wallet=wallet,
+            cid=cid,
+            oid=oid,
+            endpoint=container_node,
+            session=session_token,
+        )
+        search_object(
+            wallet=wallet,
+            cid=cid,
+            endpoint=container_node,
+            expected_objects_list=[oid],
+            session=session_token,
+        )
+        get_object(
+            wallet=wallet,
+            cid=cid,
+            oid=oid,
+            endpoint=container_node,
+            session=session_token,
+        )
+        get_range(
+            wallet=wallet,
+            cid=cid,
+            oid=oid,
+            range_cut="0:256",
+            endpoint=container_node,
+            session=session_token,
+        )
+        with pytest.raises(Exception, match=SESSION_NOT_FOUND):
+            delete_object(
+                wallet=wallet,
+                cid=cid,
+                oid=oid,
+                endpoint=container_node,
+                session=session_token,
+            )
+
+    with allure.step("Node not in container and not granted a session token"):
+        with pytest.raises(Exception, match=SESSION_NOT_FOUND):
+            put_object(
+                wallet=wallet,
+                path=file_path,
+                cid=cid,
+                endpoint=noncontainer_node,
+                session=session_token,
+            )
+        head_object(
+            wallet=wallet,
+            cid=cid,
+            oid=oid,
+            endpoint=noncontainer_node,
+            session=session_token,
+        )
+        search_object(
+            wallet=wallet,
+            cid=cid,
+            endpoint=noncontainer_node,
+            expected_objects_list=[oid],
+            session=session_token,
+        )
+        get_object(
+            wallet=wallet,
+            cid=cid,
+            oid=oid,
+            endpoint=noncontainer_node,
+            session=session_token,
+        )
+        get_range(
+            wallet=wallet,
+            cid=cid,
+            oid=oid,
+            range_cut="0:256",
+            endpoint=noncontainer_node,
+            session=session_token,
+        )
+        with pytest.raises(Exception, match=SESSION_NOT_FOUND):
+            delete_object(
+                wallet=wallet,
+                cid=cid,
+                oid=oid,
+                endpoint=noncontainer_node,
+                session=session_token,
+            )