ylukoyan/frostfs-testcases
1
0
Fork 0
forked from TrueCloudLab/frostfs-testcases
Code Pull requests Activity
frostfs-testcases/pytest_tests/testsuites/services/http_gate/test_http_bearer.py

88 lines
3.8 KiB
Python
Raw Normal View History

http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
import logging
import allure
import pytest
[#161] Improve logging Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2023-11-29 13:34:59 +00:00
from frostfs_testlib import reporter
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
from frostfs_testlib.cli.frostfs_cli.cli import FrostfsCli
Move shared code to testlib Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2023-05-15 09:59:33 +00:00
from frostfs_testlib.resources.wellknown_acl import PUBLIC_ACL
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
from frostfs_testlib.steps.acl import bearer_token_base64_from_file
Move shared code to testlib Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2023-05-15 09:59:33 +00:00
from frostfs_testlib.steps.cli.container import create_container
from frostfs_testlib.steps.http.http_gate import upload_via_http_gate_curl, verify_object_hash
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
from frostfs_testlib.storage.cluster import Cluster
from frostfs_testlib.storage.dataclasses import ape
Changes for object size usage Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2023-08-02 11:54:03 +00:00
from frostfs_testlib.storage.dataclasses.object_size import ObjectSize
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
from frostfs_testlib.storage.dataclasses.wallet import WalletInfo
Move shared code to testlib Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2023-05-15 09:59:33 +00:00
from frostfs_testlib.testing.cluster_test_base import ClusterTestBase
from frostfs_testlib.utils.file_utils import generate_file
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
from pytest_tests.helpers.bearer_token import create_bearer_token
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
logger = logging.getLogger("NeoLogger")
@pytest.mark.http_gate
Marked HTTP GW cases with PUT call with separate pytest mark
2023-08-08 13:40:00 +00:00
@pytest.mark.http_put
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
class Test_http_bearer(ClusterTestBase):
PLACEMENT_RULE = "REP 2 IN X CBF 1 SELECT 2 FROM * AS X"
@pytest.fixture(scope="class")
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
def user_container(self, frostfs_cli: FrostfsCli, default_wallet: WalletInfo, cluster: Cluster) -> str:
with reporter.step("Create container"):
cid = create_container(default_wallet, self.shell, self.cluster.default_rpc_endpoint, self.PLACEMENT_RULE, PUBLIC_ACL)
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
with reporter.step("Deny PUT via APE rule to container"):
role_condition = ape.Condition.by_role(ape.Role.OWNER)
rule = ape.Rule(ape.Verb.DENY, ape.ObjectOperations.PUT, role_condition)
frostfs_cli.ape_manager.add(
cluster.default_rpc_endpoint, rule.chain_id, target_name=cid, target_type="container", rule=rule.as_string()
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
)
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
with reporter.step("Wait for one block"):
self.wait_for_blocks()
return cid
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
@pytest.fixture(scope="class")
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
def bearer_token(self, frostfs_cli: FrostfsCli, user_container: str, temp_directory: str, cluster: Cluster) -> str:
with reporter.step(f"Create bearer token for {ape.Role.OTHERS} with all operations allowed"):
role_condition = ape.Condition.by_role(ape.Role.OTHERS)
rule = ape.Rule(ape.Verb.ALLOW, ape.ObjectOperations.WILDCARD_ALL, role_condition)
bearer = create_bearer_token(frostfs_cli, temp_directory, user_container, rule, cluster.default_rpc_endpoint)
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
return bearer_token_base64_from_file(bearer)
@allure.title(f"[NEGATIVE] Put object without bearer token for {ape.Role.OTHERS}")
def test_unable_put_without_bearer_token(self, simple_object_size: ObjectSize, user_container: str):
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
upload_via_http_gate_curl(
cid=user_container,
Changes for object size usage Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2023-08-02 11:54:03 +00:00
filepath=generate_file(simple_object_size.value),
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
endpoint=self.cluster.default_http_gate_endpoint,
error_pattern="access to object operation denied",
)
def test_put_with_bearer_when_eacl_restrict(
self,
Changes for object size usage Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2023-08-02 11:54:03 +00:00
object_size: ObjectSize,
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
default_wallet: WalletInfo,
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
user_container: str,
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
bearer_token: str,
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
):
Changes for object size usage Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2023-08-02 11:54:03 +00:00
file_path = generate_file(object_size.value)
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
with reporter.step(f"Put object with bearer token for {ape.Role.OTHERS}, then get and verify hashes"):
headers = [f" -H 'Authorization: Bearer {bearer_token}'"]
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
oid = upload_via_http_gate_curl(
cid=user_container,
filepath=file_path,
endpoint=self.cluster.default_http_gate_endpoint,
headers=headers,
)
Move shared code to testlib Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2023-05-15 09:59:33 +00:00
verify_object_hash(
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
oid=oid,
file_name=file_path,
[#271] Migrate eACL tests to APE Signed-off-by: a.berezin <a.berezin@yadro.com>
2024-07-17 20:56:05 +00:00
wallet=default_wallet,
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
cid=user_container,
shell=self.shell,
nodes=self.cluster.storage_nodes,
[#196] Update curl related function usages Signed-off-by: Andrey Berezin <a.berezin@yadro.com>
2024-02-14 13:20:06 +00:00
request_node=self.cluster.cluster_nodes[0],
http test with bearer token Signed-off-by: Vladislav Karakozov <v.karakozov@yadro.com>
2022-12-29 07:17:51 +00:00
)
Copy permalink