yadro-vavdeev/frostfs-testcases
1
0
Fork 0
forked from TrueCloudLab/frostfs-testcases
Code Pull requests Activity

--lifetime key and ACL fixes for Storage Groups

Browse source 
Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
This commit is contained in:
anastasia prasolova 2022-08-18 16:45:23 +03:00 committed by Anastasia Prasolova
parent e09498bc4e
commit dd19303442
5 changed files with 16 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
robot/resources/lib/python_keywords/storage_group.py
View file

@ -32,7 +32,7 @@ def put_storagegroup(wallet: str, cid: str, objects: list, bearer_token: str = "
cmd = ( cmd = (
f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} ' f'{NEOFS_CLI_EXEC} --rpc-endpoint {NEOFS_ENDPOINT} '
f'--wallet {wallet} --config {wallet_config} ' f'--wallet {wallet} --config {wallet_config} '
f'storagegroup put --cid {cid} ' f'storagegroup put --cid {cid} --lifetime 5 '
f'--members {",".join(objects)} ' f'--members {",".join(objects)} '
f'{"--bearer " + bearer_token if bearer_token else ""}' f'{"--bearer " + bearer_token if bearer_token else ""}'
) )

17
robot/resources/lib/robot/storage_group.robot
View file

@ -76,21 +76,26 @@ Run Storage Group Operations On Other's Behalf In RO Container
Run Storage Group Operations On System's Behalf In RO Container Run Storage Group Operations On System's Behalf In RO Container
[Arguments] ${CID} ${OBJECTS} ${OBJ_COMPLEXITY} [Arguments] ${OWNER_WALLET} ${CID} ${OBJECTS} ${OBJ_COMPLEXITY}
[Documentation] ${CID}: ID of read-only container [Documentation] ${OWNER_WALLET} wallet of container owner
... ${CID}: ID of read-only container
... ${OBJECTS}: list of Object IDs to include into the Storage Group ... ${OBJECTS}: list of Object IDs to include into the Storage Group
... ${OBJ_COMPLEXITY}: [Complex|Simple] ... ${OBJ_COMPLEXITY}: [Complex|Simple]
... ...
... In this keyword we create Storage Group on Inner Ring's key behalf ... We expect that System key is granted to make GET and LIST.
... and include an Object created on behalf of some user. We expect
... that System key is granted to make all operations except DELETE.
Transfer Mainnet Gas ${IR_WALLET_PATH} ${DEPOSIT + 1} wallet_password=${IR_WALLET_PASS} Transfer Mainnet Gas ${IR_WALLET_PATH} ${DEPOSIT + 1} wallet_password=${IR_WALLET_PASS}
NeoFS Deposit ${IR_WALLET_PATH} ${DEPOSIT} wallet_password=${IR_WALLET_PASS} NeoFS Deposit ${IR_WALLET_PATH} ${DEPOSIT} wallet_password=${IR_WALLET_PASS}
${SG} = Put Storagegroup ${IR_WALLET_PATH} ${CID} ${OBJECTS} wallet_config=${IR_WALLET_CONFIG} ${SG} = Put Storagegroup ${OWNER_WALLET} ${CID} ${OBJECTS}
${ERR} = Run Keyword And Expect Error *
... Put Storagegroup ${IR_WALLET_PATH} ${CID} ${OBJECTS} wallet_config=${IR_WALLET_CONFIG}
Should Contain ${ERR} ${PERMISSION_ERROR}
Verify List Storage Group ${IR_WALLET_PATH} ${CID} ${SG} WALLET_CFG=${IR_WALLET_CONFIG} Verify List Storage Group ${IR_WALLET_PATH} ${CID} ${SG} WALLET_CFG=${IR_WALLET_CONFIG}
Verify Get Storage Group ${IR_WALLET_PATH} ${CID} ${SG} ${OBJECTS} ${OBJ_COMPLEXITY} WALLET_CFG=${IR_WALLET_CONFIG} Verify Get Storage Group ${IR_WALLET_PATH} ${CID} ${SG} ${OBJECTS} ${OBJ_COMPLEXITY} WALLET_CFG=${IR_WALLET_CONFIG}
${ERR} = Run Keyword And Expect Error * ${ERR} = Run Keyword And Expect Error *
... Delete Storagegroup ${IR_WALLET_PATH} ${CID} ${SG} wallet_config=${IR_WALLET_CONFIG} ... Delete Storagegroup ${IR_WALLET_PATH} ${CID} ${SG} wallet_config=${IR_WALLET_CONFIG}
Should Contain ${ERR} ${PERMISSION_ERROR} Should Contain ${ERR} ${PERMISSION_ERROR}

2
robot/testsuites/integration/acl/storage_group/basic_private_container_sg.robot
View file

@ -48,4 +48,4 @@ Check Private Container
# In private container, Inner Ring is allowed to read (Storage Group List and Get), # In private container, Inner Ring is allowed to read (Storage Group List and Get),
# so using here keyword for read-only container. # so using here keyword for read-only container.
Run Storage Group Operations On System's Behalf In RO Container Run Storage Group Operations On System's Behalf In RO Container
... ${PRIV_CID} ${OBJECTS} ${COMPLEXITY} ... ${USER_WALLET} ${PRIV_CID} ${OBJECTS} ${COMPLEXITY}

4
robot/testsuites/integration/acl/storage_group/basic_public_container_sg.robot
View file

@ -43,6 +43,6 @@ Check Public Container
Run Storage Group Operations And Expect Success Run Storage Group Operations And Expect Success
... ${WALLET_OTH} ${PUBLIC_CID} ${OBJECTS} ${RUN_TYPE} ... ${WALLET_OTH} ${PUBLIC_CID} ${OBJECTS} ${RUN_TYPE}
# System isn't allowed to DELETE in Public Container # System isn't allowed to PUT and DELETE in Public Container
Run Storage Group Operations On System's Behalf In RO Container Run Storage Group Operations On System's Behalf In RO Container
... ${PUBLIC_CID} ${OBJECTS} ${RUN_TYPE} ... ${USER_WALLET} ${PUBLIC_CID} ${OBJECTS} ${RUN_TYPE}

2
robot/testsuites/integration/acl/storage_group/basic_readonly_container_sg.robot
View file

@ -52,4 +52,4 @@ Check Read-Only Container
... ${USER_WALLET} ${READONLY_CID} ${OBJECTS} ${COMPLEXITY} ... ${USER_WALLET} ${READONLY_CID} ${OBJECTS} ${COMPLEXITY}
Run Storage Group Operations On System's Behalf in RO Container Run Storage Group Operations On System's Behalf in RO Container
... ${READONLY_CID} ${OBJECTS} ${COMPLEXITY} ... ${USER_WALLET} ${READONLY_CID} ${OBJECTS} ${COMPLEXITY}