mirrors/versitygw
1
0
Fork 0
mirror of https://github.com/versity/versitygw.git synced 2026-04-27 07:55:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

test: improve file data comparisons for testing

Browse Source
This commit is contained in:
Luke McCrone
2024-08-29 16:58:55 -03:00
parent ddcc62ae0a
commit 2823676aa2
15 changed files with 761 additions and 456 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tests/.env.default
View File

@@ -26,3 +26,4 @@ PASSWORD_ONE=HIJKLMN
USERNAME_TWO=HIJKLMN
PASSWORD_TWO=OPQRSTU
TEST_FILE_FOLDER=$PWD/versity-gwtest-files
REMOVE_TEST_FILE_FOLDER=false

20
tests/commands/get_object.sh
View File

@@ -15,13 +15,13 @@
# under the License.
get_object() {
log 6 "get_object"
record_command "get-object" "client:$1"
if [ $# -ne 4 ]; then
log 2 "get object command requires command type, bucket, key, destination"
return 1
fi
local exit_code=0
local error
if [[ $1 == 's3' ]]; then
get_object_error=$(aws --no-verify-ssl s3 mv "s3://$2/$3" "$4" 2>&1) || exit_code=$?
elif [[ $1 == 's3api' ]] || [[ $1 == 'aws' ]]; then
@@ -37,7 +37,6 @@ get_object() {
log 5 "get object exit code: $exit_code"
if [ $exit_code -ne 0 ]; then
log 2 "error getting object: $get_object_error"
export get_object_error
return 1
fi
return 0
@@ -49,28 +48,35 @@ get_object_with_range() {
log 2 "'get object with range' requires bucket, key, range, outfile"
return 1
fi
error=$(aws --no-verify-ssl s3api get-object --bucket "$1" --key "$2" --range "$3" "$4" 2>&1) || local exit_code=$?
get_object_error=$(aws --no-verify-ssl s3api get-object --bucket "$1" --key "$2" --range "$3" "$4" 2>&1) || local exit_code=$?
if [[ $exit_code -ne 0 ]]; then
log 2 "error getting object with range: $error"
log 2 "error getting object with range: $get_object_error"
return 1
fi
return 0
}
get_object_with_user() {
log 6 "get_object_with_user"
record_command "get-object" "client:$1"
if [ $# -ne 6 ]; then
log 2 "'get object with user' command requires command type, bucket, key, save location, aws ID, aws secret key"
return 1
fi
local exit_code=0
if [[ $1 == 's3api' ]] || [[ $1 == 'aws' ]]; then
if [[ $1 == 's3' ]] || [[ $1 == 's3api' ]] || [[ $1 == 'aws' ]]; then
get_object_error=$(AWS_ACCESS_KEY_ID="$5" AWS_SECRET_ACCESS_KEY="$6" aws --no-verify-ssl s3api get-object --bucket "$2" --key "$3" "$4" 2>&1) || exit_code=$?
elif [[ $1 == "s3cmd" ]]; then
log 5 "s3cmd filename: $3"
get_object_error=$(s3cmd "${S3CMD_OPTS[@]}" --no-check-certificate --access_key="$5" --secret_key="$6" get "s3://$2/$3" "$4" 2>&1) || exit_code=$?
elif [[ $1 == "mc" ]]; then
log 5 "save location: $4"
get_object_error=$(mc --insecure get "$MC_ALIAS/$2/$3" "$4" 2>&1) || exit_code=$?
else
log 2 "'get object with user' command not implemented for '$1'"
log 2 "'get_object_with_user' not implemented for client '$1'"
return 1
fi
log 5 "put object exit code: $exit_code"
log 5 "get object exit code: $exit_code"
if [ $exit_code -ne 0 ]; then
log 2 "error getting object: $get_object_error"
return 1

2
tests/commands/list_buckets.sh
View File

@@ -112,4 +112,4 @@ list_buckets_s3api() {
IFS=$'\n' read -rd '' -a bucket_array <<<"$names"
return 0
}
}

7
tests/setup.sh
View File

@@ -62,6 +62,13 @@ setup() {
# bats teardown function
teardown() {
# shellcheck disable=SC2154
if [ "$REMOVE_TEST_FILE_FOLDER" == "true" ]; then
log 6 "removing test file folder"
if ! error=$(rm -rf "${TEST_FILE_FOLDER:?}" 2>&1); then
log 3 "unable to remove test file folder: $error"
fi
fi
stop_versity
if [[ $LOG_LEVEL -ge 5 ]]; then
end_time=$(date +%s)

199
tests/test_aws_root_inner.sh
View File

@@ -21,14 +21,16 @@ source ./tests/commands/list_parts.sh
test_abort_multipart_upload_aws_root() {
local bucket_file="bucket-file"
create_test_files "$bucket_file"
run create_test_file "$bucket_file"
assert_success
# shellcheck disable=SC2154
run dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1
assert_success "error creating file"
run dd if=/dev/urandom of="$TEST_FILE_FOLDER/$bucket_file" bs=5M count=1
assert_success
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
run_then_abort_multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 || fail "abort failed"
run_then_abort_multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER"/"$bucket_file" 4 || fail "abort failed"
if object_exists "aws" "$BUCKET_ONE_NAME" "$bucket_file"; then
fail "Upload file exists after abort"
@@ -40,15 +42,16 @@ test_abort_multipart_upload_aws_root() {
test_complete_multipart_upload_aws_root() {
local bucket_file="bucket-file"
run create_test_files "$bucket_file"
assert_success
dd if=/dev/urandom of="$TEST_FILE_FOLDER/$bucket_file" bs=5M count=1 || fail "error creating test file"
create_test_files "$bucket_file" || fail "error creating test files"
dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error creating test file"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
setup_bucket "aws" "$BUCKET_ONE_NAME"
multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER"/"$bucket_file" 4 || fail "error performing multipart upload"
multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 || fail "error performing multipart upload"
download_and_compare_file "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder/$bucket_file-copy" || fail "error downloading and comparing file"
download_and_compare_file "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy" || fail "error downloading and comparing file"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_test_files $bucket_file
@@ -75,22 +78,25 @@ test_create_multipart_upload_properties_aws_root() {
later=$(date -d "$now 15 seconds" +"%Y-%m-%dT%H:%M:%S")
fi
create_test_files "$bucket_file" || fail "error creating test file"
dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error creating test file"
run create_test_files "$bucket_file"
assert_success
dd if=/dev/urandom of="$TEST_FILE_FOLDER/$bucket_file" bs=5M count=1 || fail "error creating test file"
delete_bucket_or_contents_if_exists "s3api" "$BUCKET_ONE_NAME" || fail "error deleting bucket, or checking for existence"
run delete_bucket_or_contents_if_exists "s3api" "$BUCKET_ONE_NAME"
assert_success
# in static bucket config, bucket will still exist
bucket_exists "s3api" "$BUCKET_ONE_NAME" || local exists_result=$?
[[ $exists_result -ne 2 ]] || fail "error checking for bucket existence"
if [[ $exists_result -eq 1 ]]; then
create_bucket_object_lock_enabled "$BUCKET_ONE_NAME" || fail "error creating bucket"
run create_bucket_object_lock_enabled "$BUCKET_ONE_NAME"
assert_success
fi
get_object_lock_configuration "$BUCKET_ONE_NAME" || fail "error getting log config"
# shellcheck disable=SC2154
log 5 "LOG CONFIG: $log_config"
log 5 "LATER: $later"
multipart_upload_with_params "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 \
multipart_upload_with_params "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER"/"$bucket_file" 4 \
"$expected_content_type" \
"{\"$expected_meta_key\": \"$expected_meta_val\"}" \
"$expected_hold_status" \
@@ -125,8 +131,8 @@ test_create_multipart_upload_properties_aws_root() {
put_object_legal_hold "$BUCKET_ONE_NAME" "$bucket_file" "OFF" || fail "error disabling legal hold"
head_object "s3api" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error getting metadata"
get_object "s3api" "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder/$bucket_file-copy" || fail "error getting object"
compare_files "$test_file_folder/$bucket_file" "$test_file_folder/$bucket_file-copy" || fail "files not equal"
get_object "s3api" "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy" || fail "error getting object"
compare_files "$TEST_FILE_FOLDER/$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy" || fail "files not equal"
sleep 15
@@ -138,11 +144,14 @@ test_delete_objects_aws_root() {
local object_one="test-file-one"
local object_two="test-file-two"
create_test_files "$object_one" "$object_two" || fail "error creating test files"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_files "$object_one" "$object_two"
assert_success
put_object "s3api" "$test_file_folder"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || fail "error adding object one"
put_object "s3api" "$test_file_folder"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || fail "error adding object two"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
put_object "s3api" "$TEST_FILE_FOLDER"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || fail "error adding object one"
put_object "s3api" "$TEST_FILE_FOLDER"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || fail "error adding object two"
delete_objects "$BUCKET_ONE_NAME" "$object_one" "$object_two" || fail "error deleting objects"
@@ -160,7 +169,8 @@ test_get_bucket_acl_aws_root() {
if [[ $RECREATE_BUCKETS == "false" ]]; then
skip
fi
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
get_bucket_acl "s3api" "$BUCKET_ONE_NAME" || fail "error retreving ACL"
@@ -175,44 +185,48 @@ test_get_bucket_acl_aws_root() {
test_get_object_full_range_aws_root() {
bucket_file="bucket_file"
create_test_files "$bucket_file" || local created=$?
[[ $created -eq 0 ]] || fail "Error creating test files"
echo -n "0123456789" > "$test_file_folder/$bucket_file"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_files "$bucket_file" 0
assert_success
echo -n "0123456789" > "$TEST_FILE_FOLDER/$bucket_file"
put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error putting object"
get_object_with_range "$BUCKET_ONE_NAME" "$bucket_file" "bytes=9-15" "$test_file_folder/$bucket_file-range" || fail "error getting range"
[[ "$(cat "$test_file_folder/$bucket_file-range")" == "9" ]] || fail "byte range not copied properly"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
put_object "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error putting object"
get_object_with_range "$BUCKET_ONE_NAME" "$bucket_file" "bytes=9-15" "$TEST_FILE_FOLDER/$bucket_file-range" || fail "error getting range"
[[ "$(cat "$TEST_FILE_FOLDER/$bucket_file-range")" == "9" ]] || fail "byte range not copied properly"
}
test_get_object_invalid_range_aws_root() {
bucket_file="bucket_file"
run create_test_files "$bucket_file"
assert_success
create_test_files "$bucket_file" || local created=$?
[[ $created -eq 0 ]] || fail "Error creating test files"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
setup_bucket "s3api" "$BUCKET_ONE_NAME"
put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error putting object"
get_object_with_range "$BUCKET_ONE_NAME" "$bucket_file" "bytes=0-0" "$test_file_folder/$bucket_file-range" || local get_result=$?
put_object "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error putting object"
get_object_with_range "$BUCKET_ONE_NAME" "$bucket_file" "bytes=0-0" "$TEST_FILE_FOLDER/$bucket_file-range" || local get_result=$?
[[ $get_result -ne 0 ]] || fail "Get object with zero range returned no error"
}
test_put_object_aws_root() {
bucket_file="bucket_file"
create_test_files "$bucket_file" || local created=$?
[[ $created -eq 0 ]] || fail "Error creating test files"
run create_test_files "$bucket_file"
assert_success
setup_bucket "s3api" "$BUCKET_ONE_NAME"
setup_bucket "s3api" "$BUCKET_TWO_NAME"
put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || local copy_result=$?
[[ $copy_result -eq 0 ]] || fail "Failed to add object to bucket"
copy_error=$(aws --no-verify-ssl s3api copy-object --copy-source "$BUCKET_ONE_NAME/$bucket_file" --key "$bucket_file" --bucket "$BUCKET_TWO_NAME" 2>&1) || local copy_result=$?
[[ $copy_result -eq 0 ]] || fail "Error copying file: $copy_error"
copy_file "s3://$BUCKET_TWO_NAME/$bucket_file" "$test_file_folder/${bucket_file}_copy" || local copy_result=$?
[[ $copy_result -eq 0 ]] || fail "Failed to add object to bucket"
compare_files "$test_file_folder/$bucket_file" "$test_file_folder/${bucket_file}_copy" || local compare_result=$?
[[ $compare_result -eq 0 ]] || file "files don't match"
run setup_buckets "s3api" "$BUCKET_ONE_NAME" "$BUCKET_TWO_NAME"
assert_success
run put_object "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file"
assert_success
run copy_object "s3api" "$BUCKET_ONE_NAME/$bucket_file" "$BUCKET_TWO_NAME" "$bucket_file"
assert_success
run download_and_compare_file "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/${bucket_file}_copy"
assert_success
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_bucket_or_contents "aws" "$BUCKET_TWO_NAME"
@@ -233,16 +247,19 @@ test_create_bucket_invalid_name_aws_root() {
test_get_object_attributes_aws_root() {
bucket_file="bucket_file"
run create_test_file "$bucket_file"
assert_success
create_test_files "$bucket_file" || fail "error creating test files"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "failed to add object to bucket"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
put_object "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "failed to add object to bucket"
get_object_attributes "$BUCKET_ONE_NAME" "$bucket_file" || failed "failed to get object attributes"
# shellcheck disable=SC2154
has_object_size=$(echo "$attributes" | jq -e '.ObjectSize' 2>&1) || fail "error checking for ObjectSize parameters: $has_object_size"
if [[ $has_object_size -eq 0 ]]; then
has_object_size=$(echo "$attributes" | jq 'has("ObjectSize")' 2>&1) || fail "error checking for ObjectSize parameters: $has_object_size"
if [[ $has_object_size == "true" ]]; then
object_size=$(echo "$attributes" | jq -r ".ObjectSize")
[[ $object_size == 0 ]] || fail "Incorrect object size: $object_size"
[[ $object_size == 10 ]] || fail "Incorrect object size: $object_size"
else
fail "ObjectSize parameter missing: $attributes"
fi
@@ -274,8 +291,8 @@ test_get_put_object_legal_hold_aws_root() {
hold_status=$(echo "$legal_hold" | grep -v "InsecureRequestWarning" | jq -r ".LegalHold.Status" 2>&1) || fail "error obtaining hold status: $hold_status"
[[ $hold_status == "ON" ]] || fail "Status should be 'ON', is '$hold_status'"
echo "fdkljafajkfs" > "$test_file_folder/$bucket_file"
if put_object_with_user "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$password"; then
echo "fdkljafajkfs" > "$TEST_FILE_FOLDER/$bucket_file"
if put_object_with_user "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$password"; then
fail "able to overwrite object with hold"
fi
# shellcheck disable=SC2154
@@ -324,8 +341,8 @@ test_get_put_object_retention_aws_root() {
[[ $mode == "GOVERNANCE" ]] || fail "retention mode should be governance, is $mode"
[[ $retain_until_date == "$retention_date"* ]] || fail "retain until date should be $retention_date, is $retain_until_date"
echo "fdkljafajkfs" > "$test_file_folder/$bucket_file"
put_object_with_user "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || local put_result=$?
echo "fdkljafajkfs" > "$TEST_FILE_FOLDER/$bucket_file"
put_object_with_user "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || local put_result=$?
[[ $put_result -ne 0 ]] || fail "able to overwrite object with hold"
# shellcheck disable=SC2154
[[ $put_object_error == *"Object is WORM protected and cannot be overwritten"* ]] || fail "unexpected error message: $error"
@@ -369,7 +386,7 @@ test_retention_bypass_aws_root() {
log 2 "able to delete object despite retention"
return 1
fi
cat <<EOF > "$test_file_folder/$policy_file"
cat <<EOF > "$TEST_FILE_FOLDER/$policy_file"
{
"Version": "2012-10-17",
"Statement": [
@@ -382,18 +399,22 @@ test_retention_bypass_aws_root() {
]
}
EOF
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting bucket policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting bucket policy"
delete_object_bypass_retention "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || fail "error deleting object and bypassing retention"
delete_bucket_or_contents "s3api" "$BUCKET_ONE_NAME"
delete_test_files "$bucket_file" "$policy_file"
}
legal_hold_retention_setup() {
[[ $# -eq 3 ]] || fail "legal hold or retention setup requires username, secret key, bucket file"
assert [ $# -eq 3 ]
run delete_bucket_or_contents_if_exists "s3api" "$BUCKET_ONE_NAME"
assert_success
delete_bucket_or_contents_if_exists "s3api" "$BUCKET_ONE_NAME" || fail "error deleting bucket, or checking for existence"
setup_user "$1" "$2" "user" || fail "error creating user if nonexistent"
create_test_files "$3" || fail "error creating test files"
run create_test_file "$3"
assert_success
#create_bucket "s3api" "$BUCKET_ONE_NAME" || fail "error creating bucket"
if [[ $RECREATE_BUCKETS == "true" ]]; then
@@ -407,22 +428,22 @@ legal_hold_retention_setup() {
# shellcheck disable=SC2154
log 5 "owner: $bucket_owner"
#put_bucket_ownership_controls "$BUCKET_ONE_NAME" "BucketOwnerPreferred" || fail "error putting bucket ownership controls"
put_object_with_user "s3api" "$test_file_folder/$3" "$BUCKET_ONE_NAME" "$3" "$1" "$2" || fail "failed to add object to bucket"
put_object_with_user "s3api" "$TEST_FILE_FOLDER/$3" "$BUCKET_ONE_NAME" "$3" "$1" "$2" || fail "failed to add object to bucket"
}
test_s3api_list_objects_v1_aws_root() {
local object_one="test-file-one"
local object_two="test-file-two"
local object_two_data="test data\n"
create_test_files "$object_one" "$object_two" || local created=$?
[[ $created -eq 0 ]] || fail "Error creating test files"
printf "%s" "$object_two_data" > "$test_file_folder"/"$object_two"
setup_bucket "aws" "$BUCKET_ONE_NAME"
[[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'"
put_object "s3api" "$test_file_folder"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || local copy_result_one=$?
run create_test_files "$object_one" "$object_two"
assert_success
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
put_object "s3api" "$TEST_FILE_FOLDER"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || local copy_result_one=$?
[[ $copy_result_one -eq 0 ]] || fail "Failed to add object $object_one"
put_object "s3api" "$test_file_folder"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || local copy_result_two=$?
put_object "s3api" "$TEST_FILE_FOLDER"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || local copy_result_two=$?
[[ $copy_result_two -eq 0 ]] || fail "Failed to add object $object_two"
list_objects_s3api_v1 "$BUCKET_ONE_NAME"
@@ -430,11 +451,11 @@ test_s3api_list_objects_v1_aws_root() {
key_one=$(echo "$objects" | jq -r '.Contents[0].Key')
[[ $key_one == "$object_one" ]] || fail "Object one mismatch ($key_one, $object_one)"
size_one=$(echo "$objects" | jq -r '.Contents[0].Size')
[[ $size_one -eq 0 ]] || fail "Object one size mismatch ($size_one, 0)"
[[ $size_one -eq 10 ]] || fail "Object one size mismatch ($size_one, 0)"
key_two=$(echo "$objects" | jq -r '.Contents[1].Key')
[[ $key_two == "$object_two" ]] || fail "Object two mismatch ($key_two, $object_two)"
size_two=$(echo "$objects" | jq '.Contents[1].Size')
[[ $size_two -eq ${#object_two_data} ]] || fail "Object two size mismatch ($size_two, ${#object_two_data})"
[[ $size_two -eq 10 ]] || fail "Object two size mismatch ($size_two, 10)"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_test_files "$object_one" "$object_two"
@@ -443,27 +464,26 @@ test_s3api_list_objects_v1_aws_root() {
test_s3api_list_objects_v2_aws_root() {
local object_one="test-file-one"
local object_two="test-file-two"
local object_two_data="test data\n"
run create_test_files "$object_one" "$object_two"
assert_success
create_test_files "$object_one" "$object_two" || local created=$?
[[ $created -eq 0 ]] || fail "Error creating test files"
printf "%s" "$object_two_data" > "$test_file_folder"/"$object_two"
setup_bucket "aws" "$BUCKET_ONE_NAME"
[[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'"
put_object "s3api" "$test_file_folder"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || local copy_object_one=$?
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
put_object "s3api" "$TEST_FILE_FOLDER"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || local copy_object_one=$?
[[ $copy_object_one -eq 0 ]] || fail "Failed to add object $object_one"
put_object "s3api" "$test_file_folder"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || local copy_object_two=$?
put_object "s3api" "$TEST_FILE_FOLDER"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || local copy_object_two=$?
[[ $copy_object_two -eq 0 ]] || fail "Failed to add object $object_two"
list_objects_v2 "$BUCKET_ONE_NAME" || fail "error listing objects (v2)"
key_one=$(echo "$objects" | jq -r '.Contents[0].Key')
[[ $key_one == "$object_one" ]] || fail "Object one mismatch ($key_one, $object_one)"
size_one=$(echo "$objects" | jq -r '.Contents[0].Size')
[[ $size_one -eq 0 ]] || fail "Object one size mismatch ($size_one, 0)"
[[ $size_one -eq 10 ]] || fail "Object one size mismatch ($size_one, 10)"
key_two=$(echo "$objects" | jq -r '.Contents[1].Key')
[[ $key_two == "$object_two" ]] || fail "Object two mismatch ($key_two, $object_two)"
size_two=$(echo "$objects" | jq -r '.Contents[1].Size')
[[ $size_two -eq ${#object_two_data} ]] || fail "Object two size mismatch ($size_two, ${#object_two_data})"
[[ $size_two -eq 10 ]] || fail "Object two size mismatch ($size_two, 10)"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_test_files "$object_one" "$object_two"
@@ -472,11 +492,14 @@ test_s3api_list_objects_v2_aws_root() {
test_multipart_upload_list_parts_aws_root() {
local bucket_file="bucket-file"
create_test_files "$bucket_file" || fail "error creating test file"
dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error creating test file"
setup_bucket "aws" "$BUCKET_ONE_NAME"
run create_test_file "$bucket_file"
assert_success
dd if=/dev/urandom of="$TEST_FILE_FOLDER/$bucket_file" bs=5M count=1 || fail "error filling test file"
start_multipart_upload_and_list_parts "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 || fail "listing multipart upload parts failed"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
start_multipart_upload_and_list_parts "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER"/"$bucket_file" 4 || fail "listing multipart upload parts failed"
declare -a parts_map
# shellcheck disable=SC2154
@@ -506,7 +529,7 @@ test_multipart_upload_list_parts_aws_root() {
[[ ${parts_map[$part_number]} == "$etag" ]] || fail "error: etags don't match (part number: $part_number, etags ${parts_map[$part_number]},$etag)"
done
run_then_abort_multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder/$bucket_file" 4
run_then_abort_multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/$bucket_file" 4
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_test_files $bucket_file
}

217
tests/test_common.sh
View File

@@ -33,21 +33,33 @@ source ./tests/commands/put_object_tagging.sh
source ./tests/commands/put_object.sh
source ./tests/commands/put_public_access_block.sh
# param: command type
# fail on test failure
test_common_multipart_upload() {
if [[ $# -ne 1 ]]; then
echo "multipart upload command missing command type"
return 1
fi
assert [ $# -eq 1 ]
bucket_file="largefile"
run create_large_file "$bucket_file"
assert_success
create_large_file "$bucket_file" || local created=$?
[[ $created -eq 0 ]] || fail "Error creating test file for multipart upload"
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
setup_bucket "$1" "$BUCKET_ONE_NAME"
[[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'"
if [ "$1" == 's3' ]; then
run copy_file_locally "$TEST_FILE_FOLDER/$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy"
assert_success
fi
put_object "$1" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || local put_result=$?
[[ $put_result -eq 0 ]] || fail "failed to copy file"
run put_object "$1" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file"
assert_success
if [ "$1" == 's3' ]; then
run move_file_locally "$TEST_FILE_FOLDER/$bucket_file-copy" "$TEST_FILE_FOLDER/$bucket_file"
assert_success
fi
run download_and_compare_file "$1" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy"
assert_success
delete_bucket_or_contents "$1" "$BUCKET_ONE_NAME"
delete_test_files $bucket_file
@@ -63,7 +75,8 @@ test_common_create_delete_bucket() {
assert [ $# -eq 1 ]
setup_bucket "$1" "$BUCKET_ONE_NAME"
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
bucket_exists "$1" "$BUCKET_ONE_NAME" || fail "failed bucket existence check"
@@ -74,12 +87,13 @@ test_common_copy_object() {
if [[ $# -ne 1 ]]; then
fail "copy object test requires command type"
fi
local object_name="test-object"
create_test_files "$object_name" || fail "error creating test file"
echo "test data" > "$test_file_folder/$object_name"
setup_bucket "$1" "$BUCKET_ONE_NAME"
setup_bucket "$1" "$BUCKET_TWO_NAME"
local object_name="test-object"
run create_test_file "$object_name"
assert_success
run setup_buckets "$1" "$BUCKET_ONE_NAME" "$BUCKET_TWO_NAME"
assert_success
if [[ $1 == 's3' ]]; then
copy_object "$1" "$test_file_folder/$object_name" "$BUCKET_ONE_NAME" "$object_name" || fail "failed to copy object to bucket one"
@@ -91,70 +105,84 @@ test_common_copy_object() {
else
copy_object "$1" "$BUCKET_ONE_NAME/$object_name" "$BUCKET_TWO_NAME" "$object_name" || fail "object not copied to bucket two"
fi
get_object "$1" "$BUCKET_TWO_NAME" "$object_name" "$test_file_folder/$object_name-copy" || fail "failed to retrieve object"
compare_files "$test_file_folder/$object_name" "$test_file_folder/$object_name-copy" || fail "files not the same"
run download_and_compare_file "$1" "$TEST_FILE_FOLDER/$object_name" "$BUCKET_TWO_NAME" "$object_name" "$TEST_FILE_FOLDER/$object_name-copy"
assert_success
delete_bucket_or_contents "$1" "$BUCKET_ONE_NAME"
delete_bucket_or_contents "$1" "$BUCKET_TWO_NAME"
delete_test_files "$object_name" "$object_name-copy"
}
# param: client
# fail on error
test_common_put_object_with_data() {
if [[ $# -ne 1 ]]; then
fail "put object test requires command type"
fi
assert [ $# -eq 1 ]
local object_name="test-object"
create_test_files "$object_name" || local create_result=$?
[[ $create_result -eq 0 ]] || fail "Error creating test file"
echo "test data" > "$test_file_folder"/"$object_name"
run create_test_file "$object_name"
assert_success
test_common_put_object "$1" "$object_name"
}
# param: client
# fail on error
test_common_put_object_no_data() {
if [[ $# -ne 1 ]]; then
fail "put object test requires command type"
fi
assert [ $# -eq 1 ]
local object_name="test-object"
create_test_files "$object_name" || local create_result=$?
[[ $create_result -eq 0 ]] || fail "Error creating test file"
run create_test_file "$object_name" 0
assert_success
test_common_put_object "$1" "$object_name"
}
# params: client, filename
# fail on test failure
test_common_put_object() {
if [[ $# -ne 2 ]]; then
fail "put object test requires command type, file"
assert [ $# -eq 2 ]
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
# s3 erases file locally, so we need to copy it first
if [ "$1" == 's3' ]; then
run copy_file_locally "$TEST_FILE_FOLDER/$2" "$TEST_FILE_FOLDER/${2}-copy"
assert_success
fi
setup_bucket "$1" "$BUCKET_ONE_NAME"
run put_object "$1" "$test_file_folder/$2" "$BUCKET_ONE_NAME" "$2"
assert_success
put_object "$1" "$test_file_folder/$2" "$BUCKET_ONE_NAME" "$2" || local copy_result=$?
[[ $copy_result -eq 0 ]] || fail "Failed to add object to bucket"
object_exists "$1" "$BUCKET_ONE_NAME" "$2" || local exists_result_one=$?
[[ $exists_result_one -eq 0 ]] || fail "Object not added to bucket"
if [ "$1" == 's3' ]; then
run move_file_locally "$TEST_FILE_FOLDER/${2}-copy" "$TEST_FILE_FOLDER/$2"
assert_success
fi
delete_object "$1" "$BUCKET_ONE_NAME" "$2" || local delete_result=$?
[[ $delete_result -eq 0 ]] || fail "Failed to delete object"
object_exists "$1" "$BUCKET_ONE_NAME" "$2" || local exists_result_two=$?
[[ $exists_result_two -eq 1 ]] || fail "Object not removed from bucket"
run download_and_compare_file "$1" "$TEST_FILE_FOLDER/$2" "$BUCKET_ONE_NAME" "$2" "$TEST_FILE_FOLDER/${2}-copy"
assert_success
run delete_object "$1" "$BUCKET_ONE_NAME" "$2"
assert_success
run object_exists "$1" "$BUCKET_ONE_NAME" "$2"
assert_failure 1
delete_bucket_or_contents "$1" "$BUCKET_ONE_NAME"
delete_test_files "$2"
delete_test_files "$2" "${2}-copy"
}
test_common_put_get_object() {
if [[ $# -ne 1 ]]; then
fail "put, get object test requires command type"
fail "put, get object test requires client"
fi
local object_name="test-object"
run create_test_files "$object_name"
assert_success
create_test_files "$object_name" || fail "error creating test file"
echo "test data" > "$test_file_folder"/"$object_name"
setup_bucket "$1" "$BUCKET_ONE_NAME"
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
if [[ $1 == 's3' ]]; then
copy_object "$1" "$test_file_folder/$object_name" "$BUCKET_ONE_NAME" "$object_name" || fail "failed to add object to bucket"
@@ -163,19 +191,21 @@ test_common_put_get_object() {
fi
object_exists "$1" "$BUCKET_ONE_NAME" "$object_name" || fail "object not added to bucket"
get_object "$1" "$BUCKET_ONE_NAME" "$object_name" "$test_file_folder/${object_name}_copy" || fail "failed to get object"
compare_files "$test_file_folder"/"$object_name" "$test_file_folder/${object_name}_copy" || fail "objects are different"
run download_and_compare_file "$1" "$TEST_FILE_FOLDER/$object_name" "$BUCKET_ONE_NAME" "$object_name" "$TEST_FILE_FOLDER/${2}-copy"
assert_success
delete_bucket_or_contents "$1" "$BUCKET_ONE_NAME"
delete_test_files "$object_name" "${object_name}_copy"
delete_test_files "$object_name" "${object_name}-copy"
}
test_common_get_set_versioning() {
local object_name="test-object"
create_test_files "$object_name" || local create_result=$?
[[ $create_result -eq 0 ]] || fail "Error creating test file"
setup_bucket "$1" "$BUCKET_ONE_NAME"
run create_test_files "$object_name"
assert_success
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
get_bucket_versioning "$1" "$BUCKET_ONE_NAME" || local get_result=$?
[[ $get_result -eq 0 ]] || fail "error getting bucket versioning"
@@ -197,8 +227,8 @@ test_common_list_buckets() {
fail "List buckets test requires one argument"
fi
setup_bucket "$1" "$BUCKET_ONE_NAME"
setup_bucket "$1" "$BUCKET_TWO_NAME"
run setup_buckets "$1" "$BUCKET_ONE_NAME" "$BUCKET_TWO_NAME"
assert_success
list_buckets "$1"
local bucket_one_found=false
@@ -235,10 +265,15 @@ test_common_list_objects() {
object_one="test-file-one"
object_two="test-file-two"
create_test_files $object_one $object_two
run create_test_files $object_one $object_two
assert_success
echo "test data" > "$test_file_folder"/"$object_one"
echo "test data 2" > "$test_file_folder"/"$object_two"
setup_bucket "$1" "$BUCKET_ONE_NAME"
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
put_object "$1" "$test_file_folder"/$object_one "$BUCKET_ONE_NAME" "$object_one" || local result_two=$?
[[ result_two -eq 0 ]] || fail "Error adding object one"
put_object "$1" "$test_file_folder"/$object_two "$BUCKET_ONE_NAME" "$object_two" || local result_three=$?
@@ -272,7 +307,8 @@ test_common_set_get_delete_bucket_tags() {
local key="test_key"
local value="test_value"
setup_bucket "$1" "$BUCKET_ONE_NAME"
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
get_bucket_tagging "$1" "$BUCKET_ONE_NAME" || fail "Error getting bucket tags first time"
@@ -294,7 +330,8 @@ test_common_set_get_delete_bucket_tags() {
[[ $tag_set_key == "$key" ]] || fail "Key mismatch"
[[ $tag_set_value == "$value" ]] || fail "Value mismatch"
fi
delete_bucket_tagging "$1" "$BUCKET_ONE_NAME"
run delete_bucket_tagging "$1" "$BUCKET_ONE_NAME"
assert_success
get_bucket_tagging "$1" "$BUCKET_ONE_NAME" || fail "Error getting bucket tags third time"
@@ -312,8 +349,12 @@ test_common_set_get_object_tags() {
local key="test_key"
local value="test_value"
create_test_files "$bucket_file" || fail "error creating test files"
setup_bucket "$1" "$BUCKET_ONE_NAME"
run create_test_files "$bucket_file"
assert_success
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
put_object "$1" "$test_file_folder"/"$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "Failed to add object to bucket '$BUCKET_ONE_NAME'"
get_object_tagging "$1" "$BUCKET_ONE_NAME" $bucket_file || fail "Error getting object tags"
@@ -350,10 +391,12 @@ test_common_presigned_url_utf8_chars() {
local bucket_file="my-$%^&*;"
local bucket_file_copy="bucket-file-copy"
create_test_files "$bucket_file" || local created=$?
run create_test_file "$bucket_file"
assert_success
dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error creating test file"
setup_bucket "$1" "$BUCKET_ONE_NAME"
[[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'"
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
put_object "$1" "$test_file_folder"/"$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || put_result=$?
[[ $put_result -eq 0 ]] || fail "Failed to add object $bucket_file"
@@ -381,10 +424,12 @@ test_common_list_objects_file_count() {
echo "list objects greater than 1000 missing command type"
return 1
fi
create_test_file_count 1001 || local create_result=$?
[[ $create_result -eq 0 ]] || fail "error creating test files"
setup_bucket "$1" "$BUCKET_ONE_NAME"
[[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'"
run create_test_file_count 1001
assert_success
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
put_object_multiple "$1" "$test_file_folder/file_*" "$BUCKET_ONE_NAME" || local put_result=$?
[[ $put_result -eq 0 ]] || fail "Failed to copy files to bucket"
list_objects "$1" "$BUCKET_ONE_NAME"
@@ -403,9 +448,11 @@ test_common_delete_object_tagging() {
tag_key="key"
tag_value="value"
create_test_files "$bucket_file" || fail "Error creating test files"
run create_test_files "$bucket_file"
assert_success
setup_bucket "$1" "$BUCKET_ONE_NAME"
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
put_object "$1" "$test_file_folder"/"$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "Failed to add object to bucket"
@@ -422,8 +469,11 @@ test_common_delete_object_tagging() {
}
test_common_get_bucket_location() {
[[ $# -eq 1 ]] || fail "test common get bucket location missing command type"
setup_bucket "$1" "$BUCKET_ONE_NAME"
assert [ $# -eq 1 ]
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
get_bucket_location "$1" "$BUCKET_ONE_NAME"
# shellcheck disable=SC2154
[[ $bucket_location == "null" ]] || [[ $bucket_location == "us-east-1" ]] || fail "wrong location: '$bucket_location'"
@@ -434,7 +484,9 @@ test_put_bucket_acl_s3cmd() {
# https://github.com/versity/versitygw/issues/695
skip
fi
setup_bucket "s3cmd" "$BUCKET_ONE_NAME"
run setup_bucket "s3cmd" "$BUCKET_ONE_NAME"
assert_success
put_bucket_ownership_controls "$BUCKET_ONE_NAME" "BucketOwnerPreferred" || fail "error putting bucket ownership controls"
username=$USERNAME_ONE
@@ -482,8 +534,11 @@ test_common_put_bucket_acl() {
# https://github.com/versity/versitygw/issues/716
skip
fi
[[ $# -eq 1 ]] || fail "test common put bucket acl missing command type"
setup_bucket "$1" "$BUCKET_ONE_NAME"
assert [ $# -eq 1 ]
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
put_bucket_ownership_controls "$BUCKET_ONE_NAME" "BucketOwnerPreferred" || fail "error putting bucket ownership controls"
username=$USERNAME_ONE
@@ -566,7 +621,8 @@ test_common_get_put_delete_bucket_policy() {
policy_file="policy_file"
create_test_files "$policy_file" || fail "error creating policy file"
run create_test_file "$policy_file"
assert_success
effect="Allow"
#principal="*"
@@ -593,7 +649,8 @@ test_common_get_put_delete_bucket_policy() {
EOF
log 5 "POLICY: $(cat "$test_file_folder/$policy_file")"
setup_bucket "$1" "$BUCKET_ONE_NAME"
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success
check_for_empty_policy "$1" "$BUCKET_ONE_NAME" || fail "policy not empty"
@@ -629,11 +686,11 @@ EOF
test_common_ls_directory_object() {
test_file="a"
run create_test_files "$test_file"
assert_success "error creating file"
run create_test_file "$test_file" 0
assert_success
run setup_bucket "$1" "$BUCKET_ONE_NAME"
assert_success "error setting up bucket"
assert_success
if [ "$1" == 's3cmd' ]; then
put_object_client="s3api"

12
tests/test_mc.sh
View File

@@ -43,7 +43,9 @@ export RUN_MC=true
if [[ $RECREATE_BUCKETS == "false" ]]; then
skip "will not test bucket deletion in static bucket test config"
fi
setup_bucket "mc" "$BUCKET_ONE_NAME"
run setup_bucket "mc" "$BUCKET_ONE_NAME"
assert_success
delete_bucket "mc" "$BUCKET_ONE_NAME" || fail "error deleting bucket"
}
@@ -122,14 +124,18 @@ export RUN_MC=true
}
@test "test_get_bucket_info_mc" {
setup_bucket "mc" "$BUCKET_ONE_NAME"
run setup_bucket "mc" "$BUCKET_ONE_NAME"
assert_success
head_bucket "mc" "$BUCKET_ONE_NAME"
[[ $bucket_info == *"$BUCKET_ONE_NAME"* ]] || fail "failure to retrieve correct bucket info: $bucket_info"
delete_bucket_or_contents "mc" "$BUCKET_ONE_NAME"
}
@test "test_get_bucket_info_doesnt_exist_mc" {
setup_bucket "mc" "$BUCKET_ONE_NAME"
run setup_bucket "mc" "$BUCKET_ONE_NAME"
assert_success
head_bucket "mc" "$BUCKET_ONE_NAME"a || local info_result=$?
[[ $info_result -eq 1 ]] || fail "bucket info for non-existent bucket returned"
[[ $bucket_info == *"does not exist"* ]] || fail "404 not returned for non-existent bucket info"

4
tests/test_s3.sh
View File

@@ -59,7 +59,9 @@ source ./tests/util_file.sh
if [[ $RECREATE_BUCKETS == "false" ]]; then
skip "will not test bucket deletion in static bucket test config"
fi
setup_bucket "s3" "$BUCKET_ONE_NAME"
run setup_bucket "s3" "$BUCKET_ONE_NAME"
assert_success
delete_bucket "s3" "$BUCKET_ONE_NAME" || fail "error deleting bucket"
}

51
tests/test_s3api.sh
View File

@@ -208,8 +208,11 @@ export RUN_USERS=true
abort_all_multipart_uploads "$BUCKET_ONE_NAME" || fail "error aborting all uploads"
fi
create_test_files "$bucket_file_one" "$bucket_file_two" || fail "error creating test files"
setup_bucket "aws" "$BUCKET_ONE_NAME"
run create_test_files "$bucket_file_one" "$bucket_file_two"
assert_success
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
create_and_list_multipart_uploads "$BUCKET_ONE_NAME" "$test_file_folder"/"$bucket_file_one" "$test_file_folder"/"$bucket_file_two" || fail "failed to list multipart uploads"
@@ -232,9 +235,12 @@ export RUN_USERS=true
@test "test-multipart-upload-from-bucket" {
local bucket_file="bucket-file"
create_test_files "$bucket_file" || fail "error creating test files"
run create_test_file "$bucket_file"
assert_success
dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error adding data to test file"
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
multipart_upload_from_bucket "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 || fail "error performing multipart upload"
@@ -247,9 +253,11 @@ export RUN_USERS=true
@test "test_multipart_upload_from_bucket_range_too_large" {
local bucket_file="bucket-file"
run create_large_file "$bucket_file"
assert_success
create_large_file "$bucket_file"
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
multipart_upload_from_bucket_range "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 "bytes=0-1000000000" || local upload_result=$?
[[ $upload_result -eq 1 ]] || fail "multipart upload with overly large range should have failed"
@@ -262,9 +270,11 @@ export RUN_USERS=true
@test "test_multipart_upload_from_bucket_range_valid" {
local bucket_file="bucket-file"
run create_large_file "$bucket_file"
assert_success
create_large_file "$bucket_file"
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
range_max=$((5*1024*1024-1))
multipart_upload_from_bucket_range "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 "bytes=0-$range_max" || fail "upload failure"
@@ -288,10 +298,15 @@ export RUN_USERS=true
@test "test-list-objects-delimiter" {
folder_name="two"
object_name="three"
create_test_folder "$folder_name"
create_test_files "$folder_name"/"$object_name"
setup_bucket "aws" "$BUCKET_ONE_NAME"
run create_test_folder "$folder_name"
assert_success
run create_test_file "$folder_name"/"$object_name"
assert_success
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
put_object "aws" "$test_file_folder/$folder_name/$object_name" "$BUCKET_ONE_NAME" "$folder_name/$object_name" || fail "failed to add object to bucket"
@@ -388,7 +403,9 @@ export RUN_USERS=true
#}
@test "test_head_bucket" {
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
head_bucket "aws" "$BUCKET_ONE_NAME" || fail "error getting bucket info"
log 5 "INFO: $bucket_info"
region=$(echo "$bucket_info" | grep -v "InsecureRequestWarning" | jq -r ".BucketRegion" 2>&1) || fail "error getting bucket region: $region"
@@ -401,7 +418,9 @@ export RUN_USERS=true
}
@test "test_head_bucket_doesnt_exist" {
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
head_bucket "aws" "$BUCKET_ONE_NAME"a || local info_result=$?
[[ $info_result -eq 1 ]] || fail "bucket info for non-existent bucket returned"
[[ $bucket_info == *"404"* ]] || fail "404 not returned for non-existent bucket info"
@@ -413,9 +432,11 @@ export RUN_USERS=true
test_key="x-test-data"
test_value="test-value"
create_test_files "$object_one" || fail "error creating test files"
run create_test_files "$object_one"
assert_success
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
object="$test_file_folder"/"$object_one"
put_object_with_metadata "aws" "$object" "$BUCKET_ONE_NAME" "$object_one" "$test_key" "$test_value" || fail "failed to add object to bucket"

305
tests/test_s3api_policy.sh
View File

@@ -22,7 +22,8 @@ source ./tests/commands/put_bucket_tagging.sh
test_s3api_policy_invalid_action() {
policy_file="policy_file"
create_test_files "$policy_file" || fail "error creating policy file"
run create_test_file "$policy_file"
assert_success
effect="Allow"
principal="*"
@@ -30,13 +31,14 @@ test_s3api_policy_invalid_action() {
resource="arn:aws:s3:::$BUCKET_ONE_NAME/*"
# shellcheck disable=SC2154
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
check_for_empty_policy "s3api" "$BUCKET_ONE_NAME" || fail "policy not empty"
if put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file"; then
if put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file"; then
fail "put succeeded despite malformed policy"
fi
# shellcheck disable=SC2154
@@ -52,18 +54,20 @@ test_s3api_policy_get_object_with_user() {
test_file="test_file"
log 5 "username: $USERNAME_ONE, password: $PASSWORD_ONE"
create_test_files "$test_file" "$policy_file" || fail "error creating policy file"
echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_file"
run create_test_files "$test_file" "$policy_file"
assert_success
effect="Allow"
principal="$username"
action="s3:GetObject"
resource="arn:aws:s3:::$BUCKET_ONE_NAME/$test_file"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
put_object "s3api" "$test_file_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
put_object "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object"
if ! check_for_empty_policy "s3api" "$BUCKET_ONE_NAME"; then
delete_bucket_policy "s3api" "$BUCKET_ONE_NAME" || fail "error deleting policy"
@@ -71,15 +75,16 @@ test_s3api_policy_get_object_with_user() {
fi
setup_user "$username" "$password" "user" || fail "error creating user"
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password"; then
fail "get object with user succeeded despite lack of permissions"
fi
# shellcheck disable=SC2154
[[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password" || fail "error getting object after permissions"
compare_files "$test_file_folder/$test_file" "$test_file_folder/$test_file-copy" || fail "files not equal"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
run download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password"
assert_success
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
}
@@ -90,9 +95,8 @@ test_s3api_policy_get_object_specific_file() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$policy_file" "$test_file" "$test_file_two" || fail "error creating policy file"
echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_file"
echo "$BATS_TEST_NAME-2" >> "$test_file_folder/$test_file_two"
run create_test_files "$policy_file" "$test_file" "$test_file_two"
assert_success
effect="Allow"
principal="$username"
@@ -101,15 +105,19 @@ test_s3api_policy_get_object_specific_file() {
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
put_object "s3api" "$test_file_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object"
put_object "s3api" "$test_file_folder/$test_file_two" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password" || fail "error getting object after permissions"
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_two" "$test_file_folder/$test_file_two-copy" "$username" "$password"; then
put_object "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object"
put_object "s3api" "$TEST_FILE_FOLDER/$test_file_two" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object"
run download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password"
assert_success
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_two" "$TEST_FILE_FOLDER/$test_file_two-copy" "$username" "$password"; then
fail "get object with user succeeded despite lack of permissions"
fi
# shellcheck disable=SC2154
@@ -124,8 +132,8 @@ test_s3api_policy_get_object_file_wildcard() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$policy_file" "$policy_file_two" "$policy_file_three" || fail "error creating policy file"
echo "$BATS_TEST_NAME" >> "$test_file_folder/$policy_file"
run create_test_files "$policy_file" "$policy_file_two" "$policy_file_three"
assert_success
effect="Allow"
principal="$username"
@@ -134,20 +142,27 @@ test_s3api_policy_get_object_file_wildcard() {
setup_user "$username" "$password" "user" || fail "error creating user account"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
put_object "s3api" "$test_file_folder/$policy_file" "$BUCKET_ONE_NAME" "$policy_file" || fail "error copying object one"
put_object "s3api" "$test_file_folder/$policy_file_two" "$BUCKET_ONE_NAME" "$policy_file_two" || fail "error copying object two"
put_object "s3api" "$test_file_folder/$policy_file_three" "$BUCKET_ONE_NAME" "$policy_file_three" || fail "error copying object three"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$policy_file" "$test_file_folder/$policy_file" "$username" "$password" || fail "error getting object one after permissions"
get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$policy_file_two" "$test_file_folder/$policy_file_two" "$username" "$password" || fail "error getting object two after permissions"
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$policy_file_three" "$test_file_folder/$policy_file_three" "$username" "$password"; then
put_object "s3api" "$TEST_FILE_FOLDER/$policy_file" "$BUCKET_ONE_NAME" "$policy_file" || fail "error copying object one"
put_object "s3api" "$TEST_FILE_FOLDER/$policy_file_two" "$BUCKET_ONE_NAME" "$policy_file_two" || fail "error copying object two"
put_object "s3api" "$TEST_FILE_FOLDER/$policy_file_three" "$BUCKET_ONE_NAME" "$policy_file_three" || fail "error copying object three"
run download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$policy_file" "$BUCKET_ONE_NAME" "$policy_file" "$TEST_FILE_FOLDER/$policy_file-copy" "$username" "$password"
assert_success
run download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$policy_file_two" "$BUCKET_ONE_NAME" "$policy_file_two" "$TEST_FILE_FOLDER/$policy_file_two-copy" "$username" "$password"
assert_success
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$policy_file_three" "$TEST_FILE_FOLDER/$policy_file_three" "$username" "$password"; then
fail "get object three with user succeeded despite lack of permissions"
fi
[[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
}
@@ -158,9 +173,11 @@ test_s3api_policy_get_object_folder_wildcard() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_folder "$test_folder" || fail "error creating test folder"
create_test_files "$test_folder/$test_file" "$policy_file" || fail "error creating policy file, test file"
echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_folder/$test_file"
run create_test_folder "$test_folder"
assert_success
run create_test_files "$test_folder/$test_file" "$policy_file"
assert_success
effect="Allow"
principal="$username"
@@ -170,12 +187,12 @@ test_s3api_policy_get_object_folder_wildcard() {
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
put_object "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" || fail "error copying object to bucket"
put_object "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" || fail "error copying object to bucket"
download_and_compare_file_with_user "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$test_file_folder/$test_file-copy" "$username" "$password" || fail "error downloading and comparing file"
download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password" || fail "error downloading and comparing file"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_test_files "$test_folder/$test_file" "$policy_file"
}
@@ -186,18 +203,22 @@ test_s3api_policy_allow_deny() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$policy_file" "$test_file" || fail "error creating policy file"
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_files "$policy_file" "$test_file"
assert_success
setup_policy_with_double_statement "$test_file_folder/$policy_file" "dummy" \
setup_user "$username" "$password" "user" || fail "error creating user"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
setup_policy_with_double_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" \
"Deny" "$username" "s3:GetObject" "arn:aws:s3:::$BUCKET_ONE_NAME/$test_file" \
"Allow" "$username" "s3:GetObject" "arn:aws:s3:::$BUCKET_ONE_NAME/$test_file"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
put_object "s3api" "$test_file_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object to bucket"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
put_object "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object to bucket"
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password"; then
fail "able to get object despite deny statement"
fi
[[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error"
@@ -213,20 +234,24 @@ test_s3api_policy_deny() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$test_file_one" "$test_file_two" "$policy_file" || fail "error creating policy file, test file"
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_files "$test_file_one" "$test_file_two" "$policy_file"
assert_success
setup_policy_with_double_statement "$test_file_folder/$policy_file" "dummy" \
setup_user "$username" "$password" "user" || fail "error creating user"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
setup_policy_with_double_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" \
"Deny" "$username" "s3:GetObject" "arn:aws:s3:::$BUCKET_ONE_NAME/$test_file_two" \
"Allow" "$username" "s3:GetObject" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
log 5 "Policy: $(cat "$test_file_folder/$policy_file")"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
put_object "s3api" "$test_file_folder/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_one" || fail "error copying object one"
put_object "s3api" "$test_file_folder/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object two"
get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_one" "$test_file_folder/$test_file_one-copy" "$username" "$password" || fail "error getting object"
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_two" "$test_file_folder/$test_file_two-copy" "$username" "$password"; then
log 5 "Policy: $(cat "$TEST_FILE_FOLDER/$policy_file")"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
put_object "s3api" "$TEST_FILE_FOLDER/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_one" || fail "error copying object one"
put_object "s3api" "$TEST_FILE_FOLDER/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object two"
get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_one" "$TEST_FILE_FOLDER/$test_file_one-copy" "$username" "$password" || fail "error getting object"
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_two" "$TEST_FILE_FOLDER/$test_file_two-copy" "$username" "$password"; then
fail "able to get object despite deny statement"
fi
[[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error"
@@ -241,9 +266,11 @@ test_s3api_policy_put_wildcard() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_folder "$test_folder" || fail "error creating test folder"
create_test_files "$test_folder/$test_file" "$policy_file" || fail "error creating policy file, test file"
echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_folder/$test_file"
run create_test_folder "$test_folder"
assert_success
run create_test_files "$test_folder/$test_file" "$policy_file"
assert_success
effect="Allow"
principal="$username"
@@ -253,20 +280,20 @@ test_s3api_policy_put_wildcard() {
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
log 5 "Policy: $(cat "$test_file_folder/$policy_file")"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
if put_object_with_user "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$username" "$password"; then
log 5 "Policy: $(cat "$TEST_FILE_FOLDER/$policy_file")"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
if put_object_with_user "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$username" "$password"; then
fail "able to put object despite not being allowed"
fi
# shellcheck disable=SC2154
[[ "$put_object_error" == *"Access Denied"* ]] || fail "invalid put object error: $put_object_error"
put_object_with_user "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$username" "$password" || fail "error putting file despite policy permissions"
put_object_with_user "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$username" "$password" || fail "error putting file despite policy permissions"
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$test_folder/$test_file-copy" "$username" "$password"; then
fail "able to get object without permissions"
fi
[[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error"
download_and_compare_file "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$test_file_folder/$test_file-copy" || fail "files don't match"
download_and_compare_file "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$TEST_FILE_FOLDER/$test_file-copy" || fail "files don't match"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_test_files "$test_folder/$test_file" "$test_file-copy" "$policy_file"
}
@@ -278,9 +305,8 @@ test_s3api_policy_delete() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$test_file_one" "$test_file_two" "$policy_file" || fail "error creating policy file, test files"
echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_file_one"
echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_file_two"
run create_test_files "$test_file_one" "$test_file_two" "$policy_file"
assert_success
effect="Allow"
principal="$username"
@@ -289,13 +315,15 @@ test_s3api_policy_delete() {
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
log 5 "Policy: $(cat "$test_file_folder/$policy_file")"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
put_object "s3api" "$test_file_folder/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_one" || fail "error copying object one"
put_object "s3api" "$test_file_folder/$test_file_two" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object two"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
log 5 "Policy: $(cat "$TEST_FILE_FOLDER/$policy_file")"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
put_object "s3api" "$TEST_FILE_FOLDER/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_one" || fail "error copying object one"
put_object "s3api" "$TEST_FILE_FOLDER/$test_file_two" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object two"
if delete_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_one" "$username" "$password"; then
fail "able to delete object despite lack of permissions"
fi
@@ -311,7 +339,8 @@ test_s3api_policy_get_bucket_policy() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$policy_file" || fail "error creating policy file, test files"
run create_test_file "$policy_file"
assert_success
effect="Allow"
principal="$username"
@@ -320,19 +349,21 @@ test_s3api_policy_get_bucket_policy() {
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
if get_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password"; then
fail "able to retrieve bucket policy despite lack of permissions"
fi
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
get_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "error getting bucket policy despite permissions"
# shellcheck disable=SC2154
echo "$bucket_policy" > "$test_file_folder/$policy_file-copy"
log 5 "ORIG: $(cat "$test_file_folder/$policy_file")"
log 5 "COPY: $(cat "$test_file_folder/$policy_file-copy")"
compare_files "$test_file_folder/$policy_file" "$test_file_folder/$policy_file-copy" || fail "policies not equal"
echo "$bucket_policy" > "$TEST_FILE_FOLDER/$policy_file-copy"
log 5 "ORIG: $(cat "$TEST_FILE_FOLDER/$policy_file")"
log 5 "COPY: $(cat "$TEST_FILE_FOLDER/$policy_file-copy")"
compare_files "$TEST_FILE_FOLDER/$policy_file" "$TEST_FILE_FOLDER/$policy_file-copy" || fail "policies not equal"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_test_files "$policy_file" "$policy_file-copy"
}
@@ -343,8 +374,11 @@ test_s3api_policy_list_multipart_uploads() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$policy_file" || fail "error creating policy file, test files"
create_large_file "$test_file"
run create_test_file "$policy_file"
assert_success
run create_large_file "$test_file"
assert_success
effect="Allow"
principal="$username"
@@ -352,13 +386,15 @@ test_s3api_policy_list_multipart_uploads() {
resource="arn:aws:s3:::$BUCKET_ONE_NAME"
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
get_bucket_policy "s3api" "$BUCKET_ONE_NAME" || fail "error getting bucket policy"
log 5 "BUCKET POLICY: $bucket_policy"
get_bucket_acl "s3api" "$BUCKET_ONE_NAME" || fail "error getting bucket ACL"
# shellcheck disable=SC2154
log 5 "ACL: $acl"
run setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource"
run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource"
assert_success "failed to set up policy"
run create_multipart_upload "$BUCKET_ONE_NAME" "$test_file"
assert_success "failed to create multipart upload"
@@ -367,7 +403,7 @@ test_s3api_policy_list_multipart_uploads() {
fi
# shellcheck disable=SC2154
[[ "$list_multipart_uploads_error" == *"Access Denied"* ]] || fail "invalid list multipart uploads error: $list_multipart_uploads_error"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
list_multipart_uploads_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "error listing multipart uploads"
# shellcheck disable=SC2154
log 5 "$uploads"
@@ -383,7 +419,8 @@ test_s3api_policy_put_bucket_policy() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$policy_file" || fail "error creating policy file, test files"
run create_test_file "$policy_file" 0
assert_success
effect="Allow"
principal="$username"
@@ -392,21 +429,23 @@ test_s3api_policy_put_bucket_policy() {
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
if put_bucket_policy_with_user "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" "$username" "$password"; then
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
if put_bucket_policy_with_user "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" "$username" "$password"; then
fail "able to retrieve bucket policy despite lack of permissions"
fi
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
setup_policy_with_single_statement "$test_file_folder/$policy_file_two" "dummy" "$effect" "$principal" "s3:GetBucketPolicy" "$resource" || fail "failed to set up policy"
put_bucket_policy_with_user "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file_two" "$username" "$password" || fail "error putting bucket policy despite permissions"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file_two" "dummy" "$effect" "$principal" "s3:GetBucketPolicy" "$resource" || fail "failed to set up policy"
put_bucket_policy_with_user "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file_two" "$username" "$password" || fail "error putting bucket policy despite permissions"
get_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "error getting bucket policy despite permissions"
# shellcheck disable=SC2154
echo "$bucket_policy" > "$test_file_folder/$policy_file-copy"
log 5 "ORIG: $(cat "$test_file_folder/$policy_file_two")"
log 5 "COPY: $(cat "$test_file_folder/$policy_file-copy")"
compare_files "$test_file_folder/$policy_file_two" "$test_file_folder/$policy_file-copy" || fail "policies not equal"
echo "$bucket_policy" > "$TEST_FILE_FOLDER/$policy_file-copy"
log 5 "ORIG: $(cat "$TEST_FILE_FOLDER/$policy_file_two")"
log 5 "COPY: $(cat "$TEST_FILE_FOLDER/$policy_file-copy")"
compare_files "$TEST_FILE_FOLDER/$policy_file_two" "$TEST_FILE_FOLDER/$policy_file-copy" || fail "policies not equal"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_test_files "$policy_file" "$policy_file_two" "$policy_file-copy"
}
@@ -416,7 +455,8 @@ test_s3api_policy_delete_bucket_policy() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$policy_file" || fail "error creating policy file, test files"
run create_test_file "$policy_file" 0
assert_success
effect="Allow"
principal="$username"
@@ -425,12 +465,14 @@ test_s3api_policy_delete_bucket_policy() {
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
if delete_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password"; then
fail "able to delete bucket policy with user $username without right permissions"
fi
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
delete_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "unable to delete bucket policy"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
delete_test_files "$policy_file"
@@ -441,7 +483,8 @@ test_s3api_policy_get_bucket_acl() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$policy_file" || fail "error creating policy file, test files"
run create_test_file "$policy_file" 0
assert_success
effect="Allow"
principal="$username"
@@ -450,12 +493,14 @@ test_s3api_policy_get_bucket_acl() {
setup_user "$username" "$password" "user" || fail "error creating user"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
if get_bucket_acl_with_user "$BUCKET_ONE_NAME" "$username" "$password"; then
fail "user able to get bucket ACLs despite permissions"
fi
setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
get_bucket_acl_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "error getting bucket ACL despite permissions"
}
@@ -464,9 +509,15 @@ test_s3api_policy_abort_multipart_upload() {
test_file="test_file"
username=$USERNAME_ONE
create_test_files "$policy_file" || fail "error creating policy file"
create_large_file "$test_file"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_file "$policy_file"
assert_success
run create_large_file "$test_file"
assert_success
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
if [[ $DIRECT == "true" ]]; then
setup_user_direct "$username" "user" "$BUCKET_ONE_NAME" || fail "error setting up direct user $username"
principal="{\"AWS\": \"arn:aws:iam::$DIRECT_AWS_USER_ID:user/$username\"}"
@@ -480,10 +531,10 @@ test_s3api_policy_abort_multipart_upload() {
principal="\"$username\""
fi
setup_policy_with_double_statement "$test_file_folder/$policy_file" "2012-10-17" \
setup_policy_with_double_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" \
"Allow" "$principal" "s3:PutObject" "arn:aws:s3:::$BUCKET_ONE_NAME/*" \
"Deny" "$principal" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting first policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting first policy"
create_multipart_upload_with_user "$BUCKET_ONE_NAME" "$test_file" "$username" "$password" || fail "error creating multipart upload"
# shellcheck disable=SC2154
@@ -493,9 +544,9 @@ test_s3api_policy_abort_multipart_upload() {
# shellcheck disable=SC2154
[[ "$abort_multipart_upload_error" == *"AccessDenied"* ]] || fail "unexpected abort error: $abort_multipart_upload_error"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "Allow" "$principal" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$principal" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
abort_multipart_upload_with_user "$BUCKET_ONE_NAME" "$test_file" "$upload_id" "$username" "$password" || fail "error aborting multipart upload despite permissions"
delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
@@ -549,11 +600,11 @@ test_s3api_policy_put_bucket_tagging() {
run setup_user "$USERNAME_ONE" "$PASSWORD_ONE" "user"
assert_success "error setting up user"
run setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:PutBucketTagging" "arn:aws:s3:::$BUCKET_ONE_NAME"
run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:PutBucketTagging" "arn:aws:s3:::$BUCKET_ONE_NAME"
assert_success "error setting up policy"
run put_bucket_tagging_with_user "$BUCKET_ONE_NAME" "$tag_key" "$tag_value" "$USERNAME_ONE" "$PASSWORD_ONE"
assert_failure
run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file"
run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file"
assert_success "error putting policy"
run put_bucket_tagging_with_user "$BUCKET_ONE_NAME" "$tag_key" "$tag_value" "$USERNAME_ONE" "$PASSWORD_ONE"
assert_success "unable to put bucket tagging despite user permissions"
@@ -569,20 +620,23 @@ test_s3api_policy_put_acl() {
username=$USERNAME_ONE
password=$PASSWORD_ONE
create_test_files "$policy_file" || fail "error creating policy file"
create_large_file "$test_file"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_file "$policy_file" 0
assert_success
run create_large_file "$test_file"
assert_success
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
put_bucket_ownership_controls "$BUCKET_ONE_NAME" "BucketOwnerPreferred" || fail "error putting bucket ownership controls"
setup_user "$username" "$password" "user" || fail "error setting up user $username"
setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "Allow" "$username" "s3:PutBucketAcl" "arn:aws:s3:::$BUCKET_ONE_NAME"
setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$username" "s3:PutBucketAcl" "arn:aws:s3:::$BUCKET_ONE_NAME"
if [[ $DIRECT == "true" ]]; then
put_public_access_block_enable_public_acls "$BUCKET_ONE_NAME" || fail "error enabling public ACLs"
fi
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy"
put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy"
put_bucket_canned_acl_with_user "$BUCKET_ONE_NAME" "public-read" "$username" "$password" || fail "error putting canned acl"
get_bucket_acl "s3api" "$BUCKET_ONE_NAME" || fail "error getting bucket acl"
@@ -613,12 +667,13 @@ test_s3api_policy_get_bucket_tagging() {
run create_test_files "$policy_file"
assert_success "error creating test files"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
run setup_user "$USERNAME_ONE" "$PASSWORD_ONE" "user"
assert_success "error creating user '$USERNAME_ONE'"
run setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:GetBucketTagging" "arn:aws:s3:::$BUCKET_ONE_NAME"
run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:GetBucketTagging" "arn:aws:s3:::$BUCKET_ONE_NAME"
assert_success "error setting up policy"
run put_bucket_tagging "s3api" "$BUCKET_ONE_NAME" "$tag_key" "$tag_value"
@@ -627,7 +682,7 @@ test_s3api_policy_get_bucket_tagging() {
run get_bucket_tagging_with_user "$USERNAME_ONE" "$PASSWORD_ONE" "$BUCKET_ONE_NAME"
assert_failure
run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file"
run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file"
assert_success "error putting policy"
run get_and_check_bucket_tags_with_user "$USERNAME_ONE" "$PASSWORD_ONE" "$BUCKET_ONE_NAME" "$tag_key" "$tag_value"
assert_success "get and check bucket tags failed"

8
tests/test_s3cmd.sh
View File

@@ -109,14 +109,18 @@ export RUN_USERS=true
}
@test "test_get_bucket_info_s3cmd" {
setup_bucket "s3cmd" "$BUCKET_ONE_NAME"
run setup_bucket "s3cmd" "$BUCKET_ONE_NAME"
assert_success
head_bucket "s3cmd" "$BUCKET_ONE_NAME"
[[ $bucket_info == *"s3://$BUCKET_ONE_NAME"* ]] || fail "failure to retrieve correct bucket info: $bucket_info"
delete_bucket_or_contents "s3cmd" "$BUCKET_ONE_NAME"
}
@test "test_get_bucket_info_doesnt_exist_s3cmd" {
setup_bucket "s3cmd" "$BUCKET_ONE_NAME"
run setup_bucket "s3cmd" "$BUCKET_ONE_NAME"
assert_success
head_bucket "s3cmd" "$BUCKET_ONE_NAME"a || local info_result=$?
[[ $info_result -eq 1 ]] || fail "bucket info for non-existent bucket returned"
[[ $bucket_info == *"404"* ]] || fail "404 not returned for non-existent bucket info"

41
tests/test_user_aws.sh
View File

@@ -49,9 +49,13 @@ export RUN_USERS=true
test_file="test_file"
setup_user "$username" "$password" "user" || fail "error creating user if nonexistent"
create_test_files "$test_file" || fail "error creating test files"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_file "$test_file"
assert_success
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then
fail "able to get object despite not being bucket owner"
fi
@@ -66,9 +70,13 @@ export RUN_USERS=true
test_file="test_file"
setup_user "$username" "$password" "admin" || fail "error creating user if nonexistent"
create_test_files "$test_file" || fail "error creating test files"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_file "$test_file"
assert_success
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then
fail "able to get object despite not being bucket owner"
fi
@@ -83,9 +91,13 @@ export RUN_USERS=true
test_file="test_file"
setup_user "$username" "$password" "user" || fail "error creating user if nonexistent"
create_test_files "$test_file" || fail "error creating test files"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_file "$test_file"
assert_success
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then
fail "able to get object despite not being bucket owner"
fi
@@ -100,9 +112,13 @@ export RUN_USERS=true
test_file="test_file"
setup_user "$username" "$password" "admin" || fail "error creating user if nonexistent"
create_test_file_with_size "$test_file" 10 || fail "error creating test file"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_test_file "$test_file"
assert_success
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
put_object_with_user "s3api" "$test_file_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$username" "$password" || fail "failed to add object to bucket"
get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password" || fail "error getting object"
compare_files "$test_file_folder/$test_file" "$test_file_folder/$test_file-copy" || fail "files don't match"
@@ -122,8 +138,13 @@ export RUN_USERS=true
test_file="test_file"
setup_user "$username" "$password" "user" || fail "error creating user if nonexistent"
create_large_file "$test_file" || fail "error creating test file"
setup_bucket "s3api" "$BUCKET_ONE_NAME"
run create_large_file "$test_file"
assert_success
run setup_bucket "s3api" "$BUCKET_ONE_NAME"
assert_success
change_bucket_owner "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY" "$BUCKET_ONE_NAME" "$username" || fail "error changing bucket ownership"
create_multipart_upload_with_user "$BUCKET_ONE_NAME" "dummy" "$username" "$password" || fail "unable to create multipart upload"
}

12
tests/test_user_common.sh
View File

@@ -37,7 +37,9 @@ test_admin_user() {
fi
create_user_with_user "$admin_username" "$admin_password" "$user_username" "$user_password" "user" || fail "failed to create user '$user_username'"
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
delete_bucket_or_contents_if_exists "aws" "versity-gwtest-admin-bucket"
create_bucket_with_user "aws" "versity-gwtest-admin-bucket" "$admin_username" "$admin_password" || fail "error creating bucket with admin user"
@@ -93,7 +95,9 @@ test_user_user() {
setup_user "$username" "$password" "user" || fail "error setting up user"
delete_bucket_or_contents_if_exists "aws" "versity-gwtest-user-bucket"
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
if create_bucket_with_user "aws" "versity-gwtest-user-bucket" "$username" "$password"; then
fail "creating bucket with 'user' account failed to return error"
@@ -136,7 +140,9 @@ test_userplus_operation() {
delete_bucket_or_contents_if_exists "aws" "versity-gwtest-userplus-bucket"
setup_user "$username" "$password" "userplus" || fail "error creating user '$username'"
setup_bucket "aws" "$BUCKET_ONE_NAME"
run setup_bucket "aws" "$BUCKET_ONE_NAME"
assert_success
create_bucket_with_user "aws" "versity-gwtest-userplus-bucket" "$username" "$password" || fail "error creating bucket with user '$username'"

217
tests/util.sh
View File

@@ -43,26 +43,32 @@ source ./tests/commands/upload_part.sh
source ./tests/util_users.sh
# recursively delete an AWS bucket
# param: bucket name
# param: client, bucket name
# fail if error
delete_bucket_recursive() {
log 6 "delete_bucket_recursive"
assert [ $# -eq 2 ]
if [ $# -ne 2 ]; then
log 2 "'delete_bucket_recursive' requires client, bucket name"
return 1
fi
local exit_code=0
local error
if [[ $1 == 's3' ]]; then
error=$(aws --no-verify-ssl s3 rb s3://"$2" --force 2>&1) || exit_code="$?"
elif [[ $1 == "aws" ]] || [[ $1 == 's3api' ]]; then
delete_bucket_recursive_s3api "$2"
if ! delete_bucket_recursive_s3api "$2"; then
log 2 "error deleting bucket recursively (s3api)"
return 1
fi
return 0
elif [[ $1 == "s3cmd" ]]; then
error=$(s3cmd "${S3CMD_OPTS[@]}" --no-check-certificate rb s3://"$2" --recursive 2>&1) || exit_code="$?"
elif [[ $1 == "mc" ]]; then
error=$(delete_bucket_recursive_mc "$2") || exit_code="$?"
error=$(delete_bucket_recursive_mc "$2" 2>&1) || exit_code="$?"
else
log 2 "invalid command type '$1'"
assert [ 1 ]
log 2 "invalid client '$1'"
return 1
fi
if [ $exit_code -ne 0 ]; then
@@ -70,20 +76,25 @@ delete_bucket_recursive() {
return 0
else
log 2 "error deleting bucket recursively: $error"
assert [ 1 ]
return 1
fi
fi
return 0
}
# params: bucket name
# return 0 for success, 1 for error
add_governance_bypass_policy() {
if [[ $# -ne 1 ]]; then
log 2 "'add governance bypass policy' command requires command ID"
log 2 "'add governance bypass policy' command requires bucket name"
return 1
fi
test_file_folder=$PWD
if [[ -z "$GITHUB_ACTIONS" ]]; then
create_test_file_folder
if ! create_test_file_folder; then
log 2 "error creating test file folder"
return 1
fi
fi
cat <<EOF > "$test_file_folder/policy-bypass-governance.txt"
{
@@ -102,10 +113,14 @@ EOF
log 2 "error putting governance bypass policy"
return 1
fi
return 0
}
log_bucket_policy() {
assert [ $# -eq 1 ]
if [ $# -ne 1 ]; then
log 2 "'log_bucket_policy' requires bucket name"
return
fi
if ! get_bucket_policy "s3api" "$1"; then
log 2 "error getting bucket policy"
return
@@ -183,28 +198,38 @@ check_and_disable_object_lock_config() {
# restore bucket to pre-test state (or prep for deletion)
# param: bucket name
# fail on error
# return 0 on success, 1 on error
clear_bucket_s3api() {
log 6 "clear_bucket_s3api"
assert [ $# -eq 1 ]
if [[ $LOG_LEVEL_INT -ge 5 ]]; then
run log_bucket_policy "$1"
assert_success "error logging bucket policy"
if [ $# -ne 1 ]; then
log 2 "'clear_bucket_s3api' requires bucket name"
return 1
fi
run list_and_delete_objects "$1"
assert_success "error listing and delete objects"
if [[ $LOG_LEVEL_INT -ge 5 ]]; then
if ! log_bucket_policy "$1"; then
log 2 "error logging bucket policy"
return 1
fi
fi
run delete_bucket_policy "s3api" "$1"
assert_success "error deleting bucket policy"
if ! list_and_delete_objects "$1"; then
log 2 "error listing and deleting objects"
return 1
fi
if ! delete_bucket_policy "s3api" "$1"; then
log 2 "error deleting bucket policy"
return 1
fi
#run check_ownership_rule_and_reset_acl "$1"
#assert_success "error checking ownership rule and resetting acl"
run check_and_disable_object_lock_config "$1"
assert_success "error checking and disabling object lock config"
if ! check_and_disable_object_lock_config "$1"; then
log 2 "error checking and disabling object lock config"
return 1
fi
#if ! change_bucket_owner "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY" "$1" "$AWS_ACCESS_KEY_ID"; then
# log 2 "error changing bucket owner back to root"
@@ -281,38 +306,51 @@ log_worm_protection() {
}
# params: bucket name
# fail if unable to delete bucket
# return 0 if able to delete recursively, 1 if not
delete_bucket_recursive_s3api() {
log 6 "delete_bucket_recursive_s3api"
assert [ $# -eq 1 ]
if [ $# -ne 1 ]; then
log 2 "'delete_bucket_recursive_s3api' requires bucket name"
return 1
fi
clear_bucket_s3api "$1"
run delete_bucket 's3api' "$1"
assert_success "error deleting bucket"
if ! clear_bucket_s3api "$1"; then
log 2 "error clearing bucket (s3api)"
return 1
fi
if ! delete_bucket 's3api' "$1"; then
log 2 "error deleting bucket"
return 1
fi
return 0
}
# params: client, bucket name
# fail if error
# return 0 on success, 1 on error
delete_bucket_contents() {
log 6 "delete_bucket_contents"
assert [ $# -eq 2 ]
if [ $# -ne 2 ]; then
log 2 "'delete_bucket_contents' requires client, bucket name"
return 1
fi
local exit_code=0
local error
if [[ $1 == "aws" ]] || [[ $1 == 's3api' ]]; then
clear_bucket_s3api "$2"
return 0
if ! clear_bucket_s3api "$2"; then
log 2 "error clearing bucket (s3api)"
return 1
fi
elif [[ $1 == "s3cmd" ]]; then
delete_bucket_recursive "s3cmd" "$1"
return 0
elif [[ $1 == "mc" ]]; then
delete_bucket_recursive "mc" "$1"
return 0
else
log 2 "unrecognized client: '$1'"
return 1
fi
assert [ 1 ]
return 0
}
# check if bucket exists
@@ -396,57 +434,73 @@ get_object_ownership_rule_and_update_acl() {
}
# params: client, bucket name
# fail if error
# return 0 for success, 1 for error
delete_bucket_or_contents() {
log 6 "delete_bucket_or_contents"
assert [ $# -eq 2 ]
if [ $# -ne 2 ]; then
log 2 "'delete_bucket_or_contents' requires client, bucket name"
return 1
fi
if [[ $RECREATE_BUCKETS == "false" ]]; then
delete_bucket_contents "$1" "$2"
if ! delete_bucket_contents "$1" "$2"; then
log 2 "error deleting bucket contents"
return 1
fi
run delete_bucket_policy "$1" "$2"
assert_success "error deleting bucket policies"
if ! delete_bucket_policy "$1" "$2"; then
log 2 "error deleting bucket policy"
return 1
fi
run get_object_ownership_rule_and_update_acl "$2"
assert_success "error getting object ownership rule and updating acl"
run abort_all_multipart_uploads "$2"
assert_success "error aborting multipart uploads"
if ! get_object_ownership_rule_and_update_acl "$2"; then
log 2 "error getting object ownership rule and updating ACL"
return 1
fi
if ! abort_all_multipart_uploads "$2"; then
log 2 "error aborting all multipart uploads"
return 1
fi
log 5 "bucket contents, policy, ACL deletion success"
return 0
fi
run delete_bucket_recursive "$1" "$2"
assert_success "error with recursive bucket delete"
if ! delete_bucket_recursive "$1" "$2"; then
log 2 "error with recursive bucket delete"
return 1
fi
log 5 "bucket deletion success"
return 0
}
# params: client, bucket name
# fail if unable to delete bucket (RECREATE_BUCKETS=true) or contents (RECREATE_BUCKETS=false)
# return 0 for success, 1 for error
delete_bucket_or_contents_if_exists() {
log 6 "delete_bucket_or_contents_if_exists"
assert [ $# -eq 2 ]
if [ $# -ne 2 ]; then
log 2 "'delete_bucket_or_contents_if_exists' requires client, bucket name"
return 1
fi
if bucket_exists "$1" "$2"; then
delete_bucket_or_contents "$1" "$2"
if ! delete_bucket_or_contents "$1" "$2"; then
log 2 "error deleting bucket and/or contents"
return 1
fi
log 5 "bucket and/or bucket data deletion success"
return 0
fi
if [[ $RECREATE_BUCKETS == "false" ]]; then
log 2 "When RECREATE_BUCKETS isn't set to \"true\", buckets should be pre-created by user"
assert [ 1 ]
fi
return 0
}
# params: client, bucket name(s)
# return 0 for success, 1 for failure
setup_buckets() {
if [ $# -lt 1 ]; then
log 2 "'setup_buckets' command requires bucket names"
if [ $# -lt 2 ]; then
log 2 "'setup_buckets' command requires client, bucket names"
return 1
fi
for name in "$@"; do
if ! setup_bucket "$name"; then
for name in "${@:2}"; do
if ! setup_bucket "$1" "$name"; then
log 2 "error setting up bucket $name"
return 1
fi
@@ -455,36 +509,41 @@ setup_buckets() {
}
# params: client, bucket name
# fail if bucket is not properly set up
# return 0 on successful setup, 1 on error
setup_bucket() {
log 6 "setup_bucket"
assert [ $# -eq 2 ]
if [[ $1 == "s3cmd" ]]; then
log 5 "putting bucket ownership controls"
if bucket_exists "s3cmd" "$2"; then
run put_bucket_ownership_controls "$2" "BucketOwnerPreferred"
assert_success "error putting bucket ownership controls"
fi
if [ $# -ne 2 ]; then
log 2 "'setup_bucket' requires client, bucket name"
return 1
fi
delete_bucket_or_contents_if_exists "$1" "$2"
if ! bucket_exists "$1" "$2" && [[ $RECREATE_BUCKETS == "false" ]]; then
log 2 "When RECREATE_BUCKETS isn't set to \"true\", buckets should be pre-created by user"
return 1
fi
if ! delete_bucket_or_contents_if_exists "$1" "$2"; then
log 2 "error deleting bucket or contents if they exist"
return 1
fi
log 5 "util.setup_bucket: command type: $1, bucket name: $2"
if [[ $RECREATE_BUCKETS == "true" ]]; then
run create_bucket "$1" "$2"
assert_success "error creating bucket"
log 5 "bucket creation success"
if [[ $1 == "s3cmd" ]]; then
log 5 "putting bucket ownership controls"
run put_bucket_ownership_controls "$2" "BucketOwnerPreferred"
assert_success "error putting bucket ownership controls"
if ! create_bucket "$1" "$2"; then
log 2 "error creating bucket"
return 1
fi
else
log 5 "skipping bucket re-creation"
fi
if [[ $1 == "s3cmd" ]]; then
log 5 "putting bucket ownership controls"
if bucket_exists "s3cmd" "$2" && ! put_bucket_ownership_controls "$2" "BucketOwnerPreferred"; then
log 2 "error putting bucket ownership controls"
return 1
fi
fi
return 0
}

121
tests/util_file.sh
View File

@@ -18,11 +18,11 @@ source ./tests/logger.sh
# create a test file and export folder. do so in temp folder
# params: filenames
# return 0 for success, 1 for failure
# fail if error
create_test_files() {
log 6 "create_test_files"
if [ $# -lt 1 ]; then
log 2 "'create_test_files' requires minimum of one file name"
log 2 "'create_test_files' requires file names"
return 1
fi
#test_file_folder=$PWD
@@ -42,43 +42,42 @@ create_test_files() {
return 0
}
# params: filename, size (optional, defaults to 10)
create_test_file() {
if [ $# -ne 1 ]; then
log 2 "'create_test_file' requires name"
if [[ ( $# -lt 1 ) || ( $# -gt 2 ) ]]; then
log 2 "'create_test_file' requires filename, size (optional)"
return 1
fi
if [[ -e "$TEST_FILE_FOLDER/$name" ]]; then
if ! error=$(rm "$TEST_FILE_FOLDER/$name" 2>&1); then
log 2 "error removing old test file: $error"
if [[ -e "$TEST_FILE_FOLDER/$1" ]]; then
if ! error=$(rm "$TEST_FILE_FOLDER/$1" 2>&1); then
log 2 "error removing existing file: $error"
return 1
fi
fi
if ! error=$(touch "$TEST_FILE_FOLDER/$name"); then
log 2 "error creating new test file: $error"
return 1
fi
return 0
}
create_test_file_with_size() {
if [ $# -ne 2 ]; then
log 2 "'create test file with size' function requires name, size"
return 1
fi
if ! create_test_file_folder "$1"; then
log 2 "error creating test file"
return 1
fi
if ! error=$(dd if=/dev/urandom of="$TEST_FILE_FOLDER"/"$1" bs=1 count="$2" 2>&1); then
log 2 "error writing file data: $error"
if ! error=$(touch "$TEST_FILE_FOLDER/$1"); then
log 2 "error creating new file: $error"
return 1
fi
if [ -z "$2" ]; then
file_size=10
else
file_size="$2"
fi
if [ "$file_size" -eq 0 ]; then
return 0
fi
if ! error=$(dd if=/dev/urandom of="$TEST_FILE_FOLDER/$1" bs=1 count="$file_size" 2>&1); then
log 2 "error adding data to file: $error"
return 1
fi
return 0
}
# params: folder name
# fail if error
create_test_folder() {
if [ $# -lt 1 ]; then
log 2 "'create_test_folder' command requires at least one folder"
log 2 "'create_test_folder' requires folder names"
return 1
fi
#test_file_folder=$PWD
@@ -89,8 +88,8 @@ create_test_folder() {
fi
fi
for name in "$@"; do
if ! error=$(run mkdir -p "$TEST_FILE_FOLDER"/"$name" 2>&1); then
log 2 "error creating test folder $name: $error"
if ! error=$(mkdir -p "$TEST_FILE_FOLDER"/"$name" 2>&1); then
log 2 "error creating folder $name: $error"
return 1
fi
done
@@ -161,13 +160,13 @@ compare_files() {
return 1
}
# return 0 on success, 1 on failure
# return 0 on success, 1 on error
create_test_file_folder() {
log 6 "create_test_file_folder"
if ! error=$(mkdir -p "$TEST_FILE_FOLDER" 2>&1); then
# shellcheck disable=SC2035
if [[ "$error" != *"File exists"* ]]; then
log 2 "error creating test file folder: $error"
log 2 "error making test file folder: $error"
return 1
fi
fi
@@ -177,44 +176,47 @@ create_test_file_folder() {
# generate 160MB file
# input: filename
# return 0 on success, 1 on failure
# fail on error
create_large_file() {
log 6 "create_large_file"
if [ $# -ne 1 ]; then
log 2 "'create_large_file' requires filename"
log 2 "'create_large_file' requires file name"
return 1
fi
#test_file_folder=$PWD/versity-gwtest-files
if [[ -z "$GITHUB_ACTIONS" ]]; then
if ! create_test_file_folder; then
log 2 "error creating test file"
log 2 "error creating test file folder"
return 1
fi
fi
filesize=$((160*1024*1024))
if ! error=$(dd if=/dev/urandom of="$TEST_FILE_FOLDER"/"$1" bs=1024 count=$((filesize/1024)) 2>&1); then
log 2 "error creating large file: $error"
log 2 "error adding data to large file: $error"
return 1
fi
return 0
}
# param: number of files
# fail on error
create_test_file_count() {
if [[ $# -ne 1 ]]; then
echo "create test file count function missing bucket name, count"
if [ $# -ne 1 ]; then
log 2 "'create_test_file_count' requires number of files"
return 1
fi
#test_file_folder=$PWD
if [[ -z "$GITHUB_ACTIONS" ]]; then
create_test_file_folder
if ! create_test_file_folder; then
log 2 "error creating test file folder"
return 1
fi
fi
local touch_result
for ((i=1;i<=$1;i++)) {
error=$(touch "$TEST_FILE_FOLDER/file_$i") || touch_result=$?
if [[ $touch_result -ne 0 ]]; then
echo "error creating file_$i: $error"
if ! error=$(touch "$TEST_FILE_FOLDER/file_$i" 2>&1); then
log 2 "error creating file_$i: $error"
return 1
fi
}
@@ -227,6 +229,7 @@ create_test_file_count() {
}
download_and_compare_file() {
log 6 "download_and_compare_file"
if [[ $# -ne 5 ]]; then
log 2 "'download and compare file' requires command type, original file, bucket, key, local file"
return 1
@@ -236,6 +239,7 @@ download_and_compare_file() {
}
download_and_compare_file_with_user() {
log 6 "download_and_compare_file_with_user"
if [[ $# -ne 7 ]]; then
log 2 "'download and compare file with user' command requires command type, original file, bucket, key, local file, user, password"
return 1
@@ -245,9 +249,42 @@ download_and_compare_file_with_user() {
return 1
fi
log 5 "files: $2, $5"
if ! compare_files "$2" "$5"; then
#if [ "$1" == 'mc' ]; then
# file_to_compare="$5/$(basename "$2")"
#else
file_to_compare="$5"
#fi
if ! compare_files "$2" "$file_to_compare"; then
log 2 "files don't match"
return 1
fi
return 0
}
# params: src, dst
# fail if error
copy_file_locally() {
if [ $# -ne 2 ]; then
log 2 "'copy_file_locally' requires src, dst"
return 1
fi
if ! error=$(cp "$1" "$2" 2>&1); then
log 2 "error copying file: $error"
return 1
fi
return 0
}
# params: src, dst
# fail if error
move_file_locally() {
if [ $# -ne 2 ]; then
log 2 "'move_file_locally' requires src, dst"
return 1
fi
if ! error=$(mv "$1" "$2" 2>&1); then
log 2 "error moving file: $error"
return 1
fi
return 0
}