Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8907 Commits
33 Branches
301 Tags
191 MiB
Tree: b52ee30fdd
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b52ee30fdd'
${ noResults }
seaweedfs/weed/s3api/s3acl/acl_helper_test.go

220 lines
6.3 KiB
Raw Normal View History

add acl helper functionalities Signed-off-by: changlin.shi <changlin.shi@ly.com>
2 years ago
  1. package s3acl
  3. import (
  4. "github.com/aws/aws-sdk-go/service/s3"
  5. "github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
  6. "github.com/seaweedfs/seaweedfs/weed/s3api/s3account"
  7. "github.com/seaweedfs/seaweedfs/weed/s3api/s3err"
  8. "testing"
  9. )
  11. func TestParseAclHeaders(t *testing.T) {
  12. accountManager := &s3account.AccountManager{
  13. IdNameMapping: map[string]string{
  14. s3account.AccountAdmin.Id: s3account.AccountAdmin.Name,
  15. s3account.AccountAnonymous.Id: s3account.AccountAnonymous.Name,
  16. },
  17. EmailIdMapping: map[string]string{
  18. s3account.AccountAdmin.EmailAddress: s3account.AccountAdmin.Id,
  19. s3account.AccountAnonymous.EmailAddress: s3account.AccountAnonymous.Id,
  20. },
  21. }
  23. //good value
  24. grants := make([]*s3.Grant, 0)
  25. validHeaderValue := `uri="http://acs.amazonaws.com/groups/global/AllUsers", id="anonymous", emailAddress="admin@example.com"`
  26. errCode := ParseCustomAclHeader(validHeaderValue, s3_constants.PermissionFullControl, &grants)
  27. if errCode != s3err.ErrNone {
  28. t.Fatal(errCode)
  29. }
  30. _, errCode = ValidateAndTransferGrants(accountManager, grants)
  31. if errCode != s3err.ErrNone {
  32. t.Fatal(errCode)
  33. }
  35. //bad case: acl header format error
  36. grants = make([]*s3.Grant, 0)
  37. formatErrCase := `uri, id="anonymous", emailAddress="admin@example.com"`
  38. errCode = ParseCustomAclHeader(formatErrCase, s3_constants.PermissionFullControl, &grants)
  39. if errCode != s3err.ErrInvalidRequest {
  40. t.Fatal(errCode)
  41. }
  43. //bad case: email not exists
  44. grants = make([]*s3.Grant, 0)
  45. badCaseOfEmail := `uri="http://acs.amazonaws.com/groups/global/AllUsers", id="anonymous", emailAddress="admin@example1.com"`
  46. errCode = ParseCustomAclHeader(badCaseOfEmail, s3_constants.PermissionFullControl, &grants)
  47. if errCode != s3err.ErrNone {
  48. t.Fatal(errCode)
  49. }
  50. _, errCode = ValidateAndTransferGrants(accountManager, grants)
  51. if errCode != s3err.ErrInvalidRequest {
  52. t.Fatal(errCode)
  53. }
  55. //bad case: account id not exists
  56. grants = make([]*s3.Grant, 0)
  57. badCaseOfAccountId := "uri=\"http://acs.amazonaws.com/groups/global/AllUsers\", id=\"xxxxxx\", emailAddress=\"admin@example.com\""
  58. errCode = ParseCustomAclHeader(badCaseOfAccountId, s3_constants.PermissionFullControl, &grants)
  59. if errCode != s3err.ErrNone {
  60. t.Fatal(errCode)
  61. }
  62. _, errCode = ValidateAndTransferGrants(accountManager, grants)
  63. if errCode != s3err.ErrInvalidRequest {
  64. t.Fatal(errCode)
  65. }
  67. //bad case: group url not valid
  68. grants = make([]*s3.Grant, 0)
  69. badCaseOfURL := "uri=\"http://acs.amazonaws.com/groups/global/AllUsers111xxxx\", id=\"anonymous\", emailAddress=\"admin@example.com\""
  70. errCode = ParseCustomAclHeader(badCaseOfURL, s3_constants.PermissionFullControl, &grants)
  71. if errCode != s3err.ErrNone {
  72. t.Fatal(errCode)
  73. }
  74. _, errCode = ValidateAndTransferGrants(accountManager, grants)
  75. if errCode != s3err.ErrInvalidRequest {
  76. t.Fatal(errCode)
  77. }
  78. }
  80. func TestGrantEquals(t *testing.T) {
  81. testCases := map[bool]bool{
  82. GrantEquals(nil, nil): true,
  84. GrantEquals(&s3.Grant{}, nil): false,
  86. GrantEquals(&s3.Grant{}, &s3.Grant{}): true,
  88. GrantEquals(&s3.Grant{
  89. Permission: &s3_constants.PermissionRead,
  90. }, &s3.Grant{}): false,
  92. GrantEquals(&s3.Grant{
  93. Permission: &s3_constants.PermissionRead,
  94. }, &s3.Grant{
  95. Permission: &s3_constants.PermissionRead,
  96. }): true,
  98. GrantEquals(&s3.Grant{
  99. Permission: &s3_constants.PermissionRead,
  100. Grantee: &s3.Grantee{},
  101. }, &s3.Grant{
  102. Permission: &s3_constants.PermissionRead,
  103. Grantee: &s3.Grantee{},
  104. }): true,
  106. GrantEquals(&s3.Grant{
  107. Permission: &s3_constants.PermissionRead,
  108. Grantee: &s3.Grantee{
  109. Type: &s3_constants.GrantTypeGroup,
  110. },
  111. }, &s3.Grant{
  112. Permission: &s3_constants.PermissionRead,
  113. Grantee: &s3.Grantee{},
  114. }): false,
  116. //type not present, compare other fields of grant is meaningless
  117. GrantEquals(&s3.Grant{
  118. Permission: &s3_constants.PermissionRead,
  119. Grantee: &s3.Grantee{
  120. ID: &s3account.AccountAdmin.Id,
  121. EmailAddress: &s3account.AccountAdmin.EmailAddress,
  122. },
  123. }, &s3.Grant{
  124. Permission: &s3_constants.PermissionRead,
  125. Grantee: &s3.Grantee{
  126. ID: &s3account.AccountAdmin.Id,
  127. },
  128. }): true,
  130. GrantEquals(&s3.Grant{
  131. Permission: &s3_constants.PermissionRead,
  132. Grantee: &s3.Grantee{
  133. Type: &s3_constants.GrantTypeGroup,
  134. },
  135. }, &s3.Grant{
  136. Permission: &s3_constants.PermissionRead,
  137. Grantee: &s3.Grantee{
  138. Type: &s3_constants.GrantTypeGroup,
  139. },
  140. }): true,
  142. GrantEquals(&s3.Grant{
  143. Permission: &s3_constants.PermissionRead,
  144. Grantee: &s3.Grantee{
  145. Type: &s3_constants.GrantTypeGroup,
  146. URI: &s3_constants.GranteeGroupAllUsers,
  147. },
  148. }, &s3.Grant{
  149. Permission: &s3_constants.PermissionRead,
  150. Grantee: &s3.Grantee{
  151. Type: &s3_constants.GrantTypeGroup,
  152. URI: &s3_constants.GranteeGroupAllUsers,
  153. },
  154. }): true,
  156. GrantEquals(&s3.Grant{
  157. Permission: &s3_constants.PermissionWrite,
  158. Grantee: &s3.Grantee{
  159. Type: &s3_constants.GrantTypeGroup,
  160. URI: &s3_constants.GranteeGroupAllUsers,
  161. },
  162. }, &s3.Grant{
  163. Permission: &s3_constants.PermissionRead,
  164. Grantee: &s3.Grantee{
  165. Type: &s3_constants.GrantTypeGroup,
  166. URI: &s3_constants.GranteeGroupAllUsers,
  167. },
  168. }): false,
  170. GrantEquals(&s3.Grant{
  171. Permission: &s3_constants.PermissionRead,
  172. Grantee: &s3.Grantee{
  173. Type: &s3_constants.GrantTypeGroup,
  174. ID: &s3account.AccountAdmin.Id,
  175. },
  176. }, &s3.Grant{
  177. Permission: &s3_constants.PermissionRead,
  178. Grantee: &s3.Grantee{
  179. Type: &s3_constants.GrantTypeGroup,
  180. ID: &s3account.AccountAdmin.Id,
  181. },
  182. }): true,
  184. GrantEquals(&s3.Grant{
  185. Permission: &s3_constants.PermissionRead,
  186. Grantee: &s3.Grantee{
  187. Type: &s3_constants.GrantTypeGroup,
  188. ID: &s3account.AccountAdmin.Id,
  189. URI: &s3_constants.GranteeGroupAllUsers,
  190. },
  191. }, &s3.Grant{
  192. Permission: &s3_constants.PermissionRead,
  193. Grantee: &s3.Grantee{
  194. Type: &s3_constants.GrantTypeGroup,
  195. ID: &s3account.AccountAdmin.Id,
  196. },
  197. }): false,
  199. GrantEquals(&s3.Grant{
  200. Permission: &s3_constants.PermissionRead,
  201. Grantee: &s3.Grantee{
  202. Type: &s3_constants.GrantTypeGroup,
  203. ID: &s3account.AccountAdmin.Id,
  204. URI: &s3_constants.GranteeGroupAllUsers,
  205. },
  206. }, &s3.Grant{
  207. Permission: &s3_constants.PermissionRead,
  208. Grantee: &s3.Grantee{
  209. Type: &s3_constants.GrantTypeGroup,
  210. URI: &s3_constants.GranteeGroupAllUsers,
  211. },
  212. }): true,
  213. }
  215. for tc, expect := range testCases {
  216. if tc != expect {
  217. t.Fatal("TestGrantEquals not expect!")
  218. }
  219. }
  220. }