From 2823676aa2d468ddc2838b574366b733ce372832 Mon Sep 17 00:00:00 2001 From: Luke McCrone Date: Thu, 29 Aug 2024 16:58:55 -0300 Subject: [PATCH] test: improve file data comparisons for testing --- tests/.env.default | 1 + tests/commands/get_object.sh | 20 ++- tests/commands/list_buckets.sh | 2 +- tests/setup.sh | 7 + tests/test_aws_root_inner.sh | 199 +++++++++++---------- tests/test_common.sh | 217 ++++++++++++++--------- tests/test_mc.sh | 12 +- tests/test_s3.sh | 4 +- tests/test_s3api.sh | 51 ++++-- tests/test_s3api_policy.sh | 305 +++++++++++++++++++-------------- tests/test_s3cmd.sh | 8 +- tests/test_user_aws.sh | 41 +++-- tests/test_user_common.sh | 12 +- tests/util.sh | 217 ++++++++++++++--------- tests/util_file.sh | 121 ++++++++----- 15 files changed, 761 insertions(+), 456 deletions(-) diff --git a/tests/.env.default b/tests/.env.default index a223cd0a..1c4c7ed4 100644 --- a/tests/.env.default +++ b/tests/.env.default @@ -26,3 +26,4 @@ PASSWORD_ONE=HIJKLMN USERNAME_TWO=HIJKLMN PASSWORD_TWO=OPQRSTU TEST_FILE_FOLDER=$PWD/versity-gwtest-files +REMOVE_TEST_FILE_FOLDER=false diff --git a/tests/commands/get_object.sh b/tests/commands/get_object.sh index e8936b71..701358fc 100644 --- a/tests/commands/get_object.sh +++ b/tests/commands/get_object.sh @@ -15,13 +15,13 @@ # under the License. get_object() { + log 6 "get_object" record_command "get-object" "client:$1" if [ $# -ne 4 ]; then log 2 "get object command requires command type, bucket, key, destination" return 1 fi local exit_code=0 - local error if [[ $1 == 's3' ]]; then get_object_error=$(aws --no-verify-ssl s3 mv "s3://$2/$3" "$4" 2>&1) || exit_code=$? elif [[ $1 == 's3api' ]] || [[ $1 == 'aws' ]]; then @@ -37,7 +37,6 @@ get_object() { log 5 "get object exit code: $exit_code" if [ $exit_code -ne 0 ]; then log 2 "error getting object: $get_object_error" - export get_object_error return 1 fi return 0 @@ -49,28 +48,35 @@ get_object_with_range() { log 2 "'get object with range' requires bucket, key, range, outfile" return 1 fi - error=$(aws --no-verify-ssl s3api get-object --bucket "$1" --key "$2" --range "$3" "$4" 2>&1) || local exit_code=$? + get_object_error=$(aws --no-verify-ssl s3api get-object --bucket "$1" --key "$2" --range "$3" "$4" 2>&1) || local exit_code=$? if [[ $exit_code -ne 0 ]]; then - log 2 "error getting object with range: $error" + log 2 "error getting object with range: $get_object_error" return 1 fi return 0 } get_object_with_user() { + log 6 "get_object_with_user" record_command "get-object" "client:$1" if [ $# -ne 6 ]; then log 2 "'get object with user' command requires command type, bucket, key, save location, aws ID, aws secret key" return 1 fi local exit_code=0 - if [[ $1 == 's3api' ]] || [[ $1 == 'aws' ]]; then + if [[ $1 == 's3' ]] || [[ $1 == 's3api' ]] || [[ $1 == 'aws' ]]; then get_object_error=$(AWS_ACCESS_KEY_ID="$5" AWS_SECRET_ACCESS_KEY="$6" aws --no-verify-ssl s3api get-object --bucket "$2" --key "$3" "$4" 2>&1) || exit_code=$? + elif [[ $1 == "s3cmd" ]]; then + log 5 "s3cmd filename: $3" + get_object_error=$(s3cmd "${S3CMD_OPTS[@]}" --no-check-certificate --access_key="$5" --secret_key="$6" get "s3://$2/$3" "$4" 2>&1) || exit_code=$? + elif [[ $1 == "mc" ]]; then + log 5 "save location: $4" + get_object_error=$(mc --insecure get "$MC_ALIAS/$2/$3" "$4" 2>&1) || exit_code=$? else - log 2 "'get object with user' command not implemented for '$1'" + log 2 "'get_object_with_user' not implemented for client '$1'" return 1 fi - log 5 "put object exit code: $exit_code" + log 5 "get object exit code: $exit_code" if [ $exit_code -ne 0 ]; then log 2 "error getting object: $get_object_error" return 1 diff --git a/tests/commands/list_buckets.sh b/tests/commands/list_buckets.sh index 0562b8e3..7bc8c0dc 100644 --- a/tests/commands/list_buckets.sh +++ b/tests/commands/list_buckets.sh @@ -112,4 +112,4 @@ list_buckets_s3api() { IFS=$'\n' read -rd '' -a bucket_array <<<"$names" return 0 -} \ No newline at end of file +} diff --git a/tests/setup.sh b/tests/setup.sh index 28949471..9c83cdee 100644 --- a/tests/setup.sh +++ b/tests/setup.sh @@ -62,6 +62,13 @@ setup() { # bats teardown function teardown() { + # shellcheck disable=SC2154 + if [ "$REMOVE_TEST_FILE_FOLDER" == "true" ]; then + log 6 "removing test file folder" + if ! error=$(rm -rf "${TEST_FILE_FOLDER:?}" 2>&1); then + log 3 "unable to remove test file folder: $error" + fi + fi stop_versity if [[ $LOG_LEVEL -ge 5 ]]; then end_time=$(date +%s) diff --git a/tests/test_aws_root_inner.sh b/tests/test_aws_root_inner.sh index 4c6bf85c..3d5fbf91 100755 --- a/tests/test_aws_root_inner.sh +++ b/tests/test_aws_root_inner.sh @@ -21,14 +21,16 @@ source ./tests/commands/list_parts.sh test_abort_multipart_upload_aws_root() { local bucket_file="bucket-file" - create_test_files "$bucket_file" + run create_test_file "$bucket_file" + assert_success # shellcheck disable=SC2154 - run dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 - assert_success "error creating file" + run dd if=/dev/urandom of="$TEST_FILE_FOLDER/$bucket_file" bs=5M count=1 + assert_success - setup_bucket "aws" "$BUCKET_ONE_NAME" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success - run_then_abort_multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 || fail "abort failed" + run_then_abort_multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER"/"$bucket_file" 4 || fail "abort failed" if object_exists "aws" "$BUCKET_ONE_NAME" "$bucket_file"; then fail "Upload file exists after abort" @@ -40,15 +42,16 @@ test_abort_multipart_upload_aws_root() { test_complete_multipart_upload_aws_root() { local bucket_file="bucket-file" + run create_test_files "$bucket_file" + assert_success + dd if=/dev/urandom of="$TEST_FILE_FOLDER/$bucket_file" bs=5M count=1 || fail "error creating test file" - create_test_files "$bucket_file" || fail "error creating test files" - dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error creating test file" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success - setup_bucket "aws" "$BUCKET_ONE_NAME" + multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER"/"$bucket_file" 4 || fail "error performing multipart upload" - multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 || fail "error performing multipart upload" - - download_and_compare_file "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder/$bucket_file-copy" || fail "error downloading and comparing file" + download_and_compare_file "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy" || fail "error downloading and comparing file" delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_test_files $bucket_file @@ -75,22 +78,25 @@ test_create_multipart_upload_properties_aws_root() { later=$(date -d "$now 15 seconds" +"%Y-%m-%dT%H:%M:%S") fi - create_test_files "$bucket_file" || fail "error creating test file" - dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error creating test file" + run create_test_files "$bucket_file" + assert_success + dd if=/dev/urandom of="$TEST_FILE_FOLDER/$bucket_file" bs=5M count=1 || fail "error creating test file" - delete_bucket_or_contents_if_exists "s3api" "$BUCKET_ONE_NAME" || fail "error deleting bucket, or checking for existence" + run delete_bucket_or_contents_if_exists "s3api" "$BUCKET_ONE_NAME" + assert_success # in static bucket config, bucket will still exist bucket_exists "s3api" "$BUCKET_ONE_NAME" || local exists_result=$? [[ $exists_result -ne 2 ]] || fail "error checking for bucket existence" if [[ $exists_result -eq 1 ]]; then - create_bucket_object_lock_enabled "$BUCKET_ONE_NAME" || fail "error creating bucket" + run create_bucket_object_lock_enabled "$BUCKET_ONE_NAME" + assert_success fi get_object_lock_configuration "$BUCKET_ONE_NAME" || fail "error getting log config" # shellcheck disable=SC2154 log 5 "LOG CONFIG: $log_config" log 5 "LATER: $later" - multipart_upload_with_params "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 \ + multipart_upload_with_params "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER"/"$bucket_file" 4 \ "$expected_content_type" \ "{\"$expected_meta_key\": \"$expected_meta_val\"}" \ "$expected_hold_status" \ @@ -125,8 +131,8 @@ test_create_multipart_upload_properties_aws_root() { put_object_legal_hold "$BUCKET_ONE_NAME" "$bucket_file" "OFF" || fail "error disabling legal hold" head_object "s3api" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error getting metadata" - get_object "s3api" "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder/$bucket_file-copy" || fail "error getting object" - compare_files "$test_file_folder/$bucket_file" "$test_file_folder/$bucket_file-copy" || fail "files not equal" + get_object "s3api" "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy" || fail "error getting object" + compare_files "$TEST_FILE_FOLDER/$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy" || fail "files not equal" sleep 15 @@ -138,11 +144,14 @@ test_delete_objects_aws_root() { local object_one="test-file-one" local object_two="test-file-two" - create_test_files "$object_one" "$object_two" || fail "error creating test files" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_files "$object_one" "$object_two" + assert_success - put_object "s3api" "$test_file_folder"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || fail "error adding object one" - put_object "s3api" "$test_file_folder"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || fail "error adding object two" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + + put_object "s3api" "$TEST_FILE_FOLDER"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || fail "error adding object one" + put_object "s3api" "$TEST_FILE_FOLDER"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || fail "error adding object two" delete_objects "$BUCKET_ONE_NAME" "$object_one" "$object_two" || fail "error deleting objects" @@ -160,7 +169,8 @@ test_get_bucket_acl_aws_root() { if [[ $RECREATE_BUCKETS == "false" ]]; then skip fi - setup_bucket "aws" "$BUCKET_ONE_NAME" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success get_bucket_acl "s3api" "$BUCKET_ONE_NAME" || fail "error retreving ACL" @@ -175,44 +185,48 @@ test_get_bucket_acl_aws_root() { test_get_object_full_range_aws_root() { bucket_file="bucket_file" - create_test_files "$bucket_file" || local created=$? - [[ $created -eq 0 ]] || fail "Error creating test files" - echo -n "0123456789" > "$test_file_folder/$bucket_file" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_files "$bucket_file" 0 + assert_success + echo -n "0123456789" > "$TEST_FILE_FOLDER/$bucket_file" - put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error putting object" - get_object_with_range "$BUCKET_ONE_NAME" "$bucket_file" "bytes=9-15" "$test_file_folder/$bucket_file-range" || fail "error getting range" - [[ "$(cat "$test_file_folder/$bucket_file-range")" == "9" ]] || fail "byte range not copied properly" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + + put_object "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error putting object" + get_object_with_range "$BUCKET_ONE_NAME" "$bucket_file" "bytes=9-15" "$TEST_FILE_FOLDER/$bucket_file-range" || fail "error getting range" + [[ "$(cat "$TEST_FILE_FOLDER/$bucket_file-range")" == "9" ]] || fail "byte range not copied properly" } test_get_object_invalid_range_aws_root() { bucket_file="bucket_file" + run create_test_files "$bucket_file" + assert_success - create_test_files "$bucket_file" || local created=$? - [[ $created -eq 0 ]] || fail "Error creating test files" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success - setup_bucket "s3api" "$BUCKET_ONE_NAME" - put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error putting object" - get_object_with_range "$BUCKET_ONE_NAME" "$bucket_file" "bytes=0-0" "$test_file_folder/$bucket_file-range" || local get_result=$? + put_object "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error putting object" + get_object_with_range "$BUCKET_ONE_NAME" "$bucket_file" "bytes=0-0" "$TEST_FILE_FOLDER/$bucket_file-range" || local get_result=$? [[ $get_result -ne 0 ]] || fail "Get object with zero range returned no error" } test_put_object_aws_root() { bucket_file="bucket_file" - create_test_files "$bucket_file" || local created=$? - [[ $created -eq 0 ]] || fail "Error creating test files" + run create_test_files "$bucket_file" + assert_success - setup_bucket "s3api" "$BUCKET_ONE_NAME" - setup_bucket "s3api" "$BUCKET_TWO_NAME" - put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || local copy_result=$? - [[ $copy_result -eq 0 ]] || fail "Failed to add object to bucket" - copy_error=$(aws --no-verify-ssl s3api copy-object --copy-source "$BUCKET_ONE_NAME/$bucket_file" --key "$bucket_file" --bucket "$BUCKET_TWO_NAME" 2>&1) || local copy_result=$? - [[ $copy_result -eq 0 ]] || fail "Error copying file: $copy_error" - copy_file "s3://$BUCKET_TWO_NAME/$bucket_file" "$test_file_folder/${bucket_file}_copy" || local copy_result=$? - [[ $copy_result -eq 0 ]] || fail "Failed to add object to bucket" - compare_files "$test_file_folder/$bucket_file" "$test_file_folder/${bucket_file}_copy" || local compare_result=$? - [[ $compare_result -eq 0 ]] || file "files don't match" + run setup_buckets "s3api" "$BUCKET_ONE_NAME" "$BUCKET_TWO_NAME" + assert_success + + run put_object "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" + assert_success + + run copy_object "s3api" "$BUCKET_ONE_NAME/$bucket_file" "$BUCKET_TWO_NAME" "$bucket_file" + assert_success + + run download_and_compare_file "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/${bucket_file}_copy" + assert_success delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_bucket_or_contents "aws" "$BUCKET_TWO_NAME" @@ -233,16 +247,19 @@ test_create_bucket_invalid_name_aws_root() { test_get_object_attributes_aws_root() { bucket_file="bucket_file" + run create_test_file "$bucket_file" + assert_success - create_test_files "$bucket_file" || fail "error creating test files" - setup_bucket "s3api" "$BUCKET_ONE_NAME" - put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "failed to add object to bucket" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + + put_object "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "failed to add object to bucket" get_object_attributes "$BUCKET_ONE_NAME" "$bucket_file" || failed "failed to get object attributes" # shellcheck disable=SC2154 - has_object_size=$(echo "$attributes" | jq -e '.ObjectSize' 2>&1) || fail "error checking for ObjectSize parameters: $has_object_size" - if [[ $has_object_size -eq 0 ]]; then + has_object_size=$(echo "$attributes" | jq 'has("ObjectSize")' 2>&1) || fail "error checking for ObjectSize parameters: $has_object_size" + if [[ $has_object_size == "true" ]]; then object_size=$(echo "$attributes" | jq -r ".ObjectSize") - [[ $object_size == 0 ]] || fail "Incorrect object size: $object_size" + [[ $object_size == 10 ]] || fail "Incorrect object size: $object_size" else fail "ObjectSize parameter missing: $attributes" fi @@ -274,8 +291,8 @@ test_get_put_object_legal_hold_aws_root() { hold_status=$(echo "$legal_hold" | grep -v "InsecureRequestWarning" | jq -r ".LegalHold.Status" 2>&1) || fail "error obtaining hold status: $hold_status" [[ $hold_status == "ON" ]] || fail "Status should be 'ON', is '$hold_status'" - echo "fdkljafajkfs" > "$test_file_folder/$bucket_file" - if put_object_with_user "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$password"; then + echo "fdkljafajkfs" > "$TEST_FILE_FOLDER/$bucket_file" + if put_object_with_user "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$password"; then fail "able to overwrite object with hold" fi # shellcheck disable=SC2154 @@ -324,8 +341,8 @@ test_get_put_object_retention_aws_root() { [[ $mode == "GOVERNANCE" ]] || fail "retention mode should be governance, is $mode" [[ $retain_until_date == "$retention_date"* ]] || fail "retain until date should be $retention_date, is $retain_until_date" - echo "fdkljafajkfs" > "$test_file_folder/$bucket_file" - put_object_with_user "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || local put_result=$? + echo "fdkljafajkfs" > "$TEST_FILE_FOLDER/$bucket_file" + put_object_with_user "s3api" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || local put_result=$? [[ $put_result -ne 0 ]] || fail "able to overwrite object with hold" # shellcheck disable=SC2154 [[ $put_object_error == *"Object is WORM protected and cannot be overwritten"* ]] || fail "unexpected error message: $error" @@ -369,7 +386,7 @@ test_retention_bypass_aws_root() { log 2 "able to delete object despite retention" return 1 fi - cat < "$test_file_folder/$policy_file" + cat < "$TEST_FILE_FOLDER/$policy_file" { "Version": "2012-10-17", "Statement": [ @@ -382,18 +399,22 @@ test_retention_bypass_aws_root() { ] } EOF - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting bucket policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting bucket policy" delete_object_bypass_retention "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || fail "error deleting object and bypassing retention" delete_bucket_or_contents "s3api" "$BUCKET_ONE_NAME" delete_test_files "$bucket_file" "$policy_file" } legal_hold_retention_setup() { - [[ $# -eq 3 ]] || fail "legal hold or retention setup requires username, secret key, bucket file" + assert [ $# -eq 3 ] + + run delete_bucket_or_contents_if_exists "s3api" "$BUCKET_ONE_NAME" + assert_success - delete_bucket_or_contents_if_exists "s3api" "$BUCKET_ONE_NAME" || fail "error deleting bucket, or checking for existence" setup_user "$1" "$2" "user" || fail "error creating user if nonexistent" - create_test_files "$3" || fail "error creating test files" + + run create_test_file "$3" + assert_success #create_bucket "s3api" "$BUCKET_ONE_NAME" || fail "error creating bucket" if [[ $RECREATE_BUCKETS == "true" ]]; then @@ -407,22 +428,22 @@ legal_hold_retention_setup() { # shellcheck disable=SC2154 log 5 "owner: $bucket_owner" #put_bucket_ownership_controls "$BUCKET_ONE_NAME" "BucketOwnerPreferred" || fail "error putting bucket ownership controls" - put_object_with_user "s3api" "$test_file_folder/$3" "$BUCKET_ONE_NAME" "$3" "$1" "$2" || fail "failed to add object to bucket" + put_object_with_user "s3api" "$TEST_FILE_FOLDER/$3" "$BUCKET_ONE_NAME" "$3" "$1" "$2" || fail "failed to add object to bucket" } test_s3api_list_objects_v1_aws_root() { local object_one="test-file-one" local object_two="test-file-two" - local object_two_data="test data\n" - create_test_files "$object_one" "$object_two" || local created=$? - [[ $created -eq 0 ]] || fail "Error creating test files" - printf "%s" "$object_two_data" > "$test_file_folder"/"$object_two" - setup_bucket "aws" "$BUCKET_ONE_NAME" - [[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'" - put_object "s3api" "$test_file_folder"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || local copy_result_one=$? + run create_test_files "$object_one" "$object_two" + assert_success + + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success + + put_object "s3api" "$TEST_FILE_FOLDER"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || local copy_result_one=$? [[ $copy_result_one -eq 0 ]] || fail "Failed to add object $object_one" - put_object "s3api" "$test_file_folder"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || local copy_result_two=$? + put_object "s3api" "$TEST_FILE_FOLDER"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || local copy_result_two=$? [[ $copy_result_two -eq 0 ]] || fail "Failed to add object $object_two" list_objects_s3api_v1 "$BUCKET_ONE_NAME" @@ -430,11 +451,11 @@ test_s3api_list_objects_v1_aws_root() { key_one=$(echo "$objects" | jq -r '.Contents[0].Key') [[ $key_one == "$object_one" ]] || fail "Object one mismatch ($key_one, $object_one)" size_one=$(echo "$objects" | jq -r '.Contents[0].Size') - [[ $size_one -eq 0 ]] || fail "Object one size mismatch ($size_one, 0)" + [[ $size_one -eq 10 ]] || fail "Object one size mismatch ($size_one, 0)" key_two=$(echo "$objects" | jq -r '.Contents[1].Key') [[ $key_two == "$object_two" ]] || fail "Object two mismatch ($key_two, $object_two)" size_two=$(echo "$objects" | jq '.Contents[1].Size') - [[ $size_two -eq ${#object_two_data} ]] || fail "Object two size mismatch ($size_two, ${#object_two_data})" + [[ $size_two -eq 10 ]] || fail "Object two size mismatch ($size_two, 10)" delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_test_files "$object_one" "$object_two" @@ -443,27 +464,26 @@ test_s3api_list_objects_v1_aws_root() { test_s3api_list_objects_v2_aws_root() { local object_one="test-file-one" local object_two="test-file-two" - local object_two_data="test data\n" + run create_test_files "$object_one" "$object_two" + assert_success - create_test_files "$object_one" "$object_two" || local created=$? - [[ $created -eq 0 ]] || fail "Error creating test files" - printf "%s" "$object_two_data" > "$test_file_folder"/"$object_two" - setup_bucket "aws" "$BUCKET_ONE_NAME" - [[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'" - put_object "s3api" "$test_file_folder"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || local copy_object_one=$? + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success + + put_object "s3api" "$TEST_FILE_FOLDER"/"$object_one" "$BUCKET_ONE_NAME" "$object_one" || local copy_object_one=$? [[ $copy_object_one -eq 0 ]] || fail "Failed to add object $object_one" - put_object "s3api" "$test_file_folder"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || local copy_object_two=$? + put_object "s3api" "$TEST_FILE_FOLDER"/"$object_two" "$BUCKET_ONE_NAME" "$object_two" || local copy_object_two=$? [[ $copy_object_two -eq 0 ]] || fail "Failed to add object $object_two" list_objects_v2 "$BUCKET_ONE_NAME" || fail "error listing objects (v2)" key_one=$(echo "$objects" | jq -r '.Contents[0].Key') [[ $key_one == "$object_one" ]] || fail "Object one mismatch ($key_one, $object_one)" size_one=$(echo "$objects" | jq -r '.Contents[0].Size') - [[ $size_one -eq 0 ]] || fail "Object one size mismatch ($size_one, 0)" + [[ $size_one -eq 10 ]] || fail "Object one size mismatch ($size_one, 10)" key_two=$(echo "$objects" | jq -r '.Contents[1].Key') [[ $key_two == "$object_two" ]] || fail "Object two mismatch ($key_two, $object_two)" size_two=$(echo "$objects" | jq -r '.Contents[1].Size') - [[ $size_two -eq ${#object_two_data} ]] || fail "Object two size mismatch ($size_two, ${#object_two_data})" + [[ $size_two -eq 10 ]] || fail "Object two size mismatch ($size_two, 10)" delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_test_files "$object_one" "$object_two" @@ -472,11 +492,14 @@ test_s3api_list_objects_v2_aws_root() { test_multipart_upload_list_parts_aws_root() { local bucket_file="bucket-file" - create_test_files "$bucket_file" || fail "error creating test file" - dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error creating test file" - setup_bucket "aws" "$BUCKET_ONE_NAME" + run create_test_file "$bucket_file" + assert_success + dd if=/dev/urandom of="$TEST_FILE_FOLDER/$bucket_file" bs=5M count=1 || fail "error filling test file" - start_multipart_upload_and_list_parts "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 || fail "listing multipart upload parts failed" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success + + start_multipart_upload_and_list_parts "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER"/"$bucket_file" 4 || fail "listing multipart upload parts failed" declare -a parts_map # shellcheck disable=SC2154 @@ -506,7 +529,7 @@ test_multipart_upload_list_parts_aws_root() { [[ ${parts_map[$part_number]} == "$etag" ]] || fail "error: etags don't match (part number: $part_number, etags ${parts_map[$part_number]},$etag)" done - run_then_abort_multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder/$bucket_file" 4 + run_then_abort_multipart_upload "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/$bucket_file" 4 delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_test_files $bucket_file } diff --git a/tests/test_common.sh b/tests/test_common.sh index 8e1793ac..91e07746 100644 --- a/tests/test_common.sh +++ b/tests/test_common.sh @@ -33,21 +33,33 @@ source ./tests/commands/put_object_tagging.sh source ./tests/commands/put_object.sh source ./tests/commands/put_public_access_block.sh +# param: command type +# fail on test failure test_common_multipart_upload() { - if [[ $# -ne 1 ]]; then - echo "multipart upload command missing command type" - return 1 - fi + assert [ $# -eq 1 ] + bucket_file="largefile" + run create_large_file "$bucket_file" + assert_success - create_large_file "$bucket_file" || local created=$? - [[ $created -eq 0 ]] || fail "Error creating test file for multipart upload" + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success - setup_bucket "$1" "$BUCKET_ONE_NAME" - [[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'" + if [ "$1" == 's3' ]; then + run copy_file_locally "$TEST_FILE_FOLDER/$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy" + assert_success + fi - put_object "$1" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || local put_result=$? - [[ $put_result -eq 0 ]] || fail "failed to copy file" + run put_object "$1" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" + assert_success + + if [ "$1" == 's3' ]; then + run move_file_locally "$TEST_FILE_FOLDER/$bucket_file-copy" "$TEST_FILE_FOLDER/$bucket_file" + assert_success + fi + + run download_and_compare_file "$1" "$TEST_FILE_FOLDER/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$TEST_FILE_FOLDER/$bucket_file-copy" + assert_success delete_bucket_or_contents "$1" "$BUCKET_ONE_NAME" delete_test_files $bucket_file @@ -63,7 +75,8 @@ test_common_create_delete_bucket() { assert [ $# -eq 1 ] - setup_bucket "$1" "$BUCKET_ONE_NAME" + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success bucket_exists "$1" "$BUCKET_ONE_NAME" || fail "failed bucket existence check" @@ -74,12 +87,13 @@ test_common_copy_object() { if [[ $# -ne 1 ]]; then fail "copy object test requires command type" fi - local object_name="test-object" - create_test_files "$object_name" || fail "error creating test file" - echo "test data" > "$test_file_folder/$object_name" - setup_bucket "$1" "$BUCKET_ONE_NAME" - setup_bucket "$1" "$BUCKET_TWO_NAME" + local object_name="test-object" + run create_test_file "$object_name" + assert_success + + run setup_buckets "$1" "$BUCKET_ONE_NAME" "$BUCKET_TWO_NAME" + assert_success if [[ $1 == 's3' ]]; then copy_object "$1" "$test_file_folder/$object_name" "$BUCKET_ONE_NAME" "$object_name" || fail "failed to copy object to bucket one" @@ -91,70 +105,84 @@ test_common_copy_object() { else copy_object "$1" "$BUCKET_ONE_NAME/$object_name" "$BUCKET_TWO_NAME" "$object_name" || fail "object not copied to bucket two" fi - get_object "$1" "$BUCKET_TWO_NAME" "$object_name" "$test_file_folder/$object_name-copy" || fail "failed to retrieve object" - - compare_files "$test_file_folder/$object_name" "$test_file_folder/$object_name-copy" || fail "files not the same" + run download_and_compare_file "$1" "$TEST_FILE_FOLDER/$object_name" "$BUCKET_TWO_NAME" "$object_name" "$TEST_FILE_FOLDER/$object_name-copy" + assert_success delete_bucket_or_contents "$1" "$BUCKET_ONE_NAME" delete_bucket_or_contents "$1" "$BUCKET_TWO_NAME" delete_test_files "$object_name" "$object_name-copy" } +# param: client +# fail on error test_common_put_object_with_data() { - if [[ $# -ne 1 ]]; then - fail "put object test requires command type" - fi + assert [ $# -eq 1 ] local object_name="test-object" - create_test_files "$object_name" || local create_result=$? - [[ $create_result -eq 0 ]] || fail "Error creating test file" - echo "test data" > "$test_file_folder"/"$object_name" + run create_test_file "$object_name" + assert_success + test_common_put_object "$1" "$object_name" } +# param: client +# fail on error test_common_put_object_no_data() { - if [[ $# -ne 1 ]]; then - fail "put object test requires command type" - fi + assert [ $# -eq 1 ] local object_name="test-object" - create_test_files "$object_name" || local create_result=$? - [[ $create_result -eq 0 ]] || fail "Error creating test file" + run create_test_file "$object_name" 0 + assert_success + test_common_put_object "$1" "$object_name" } +# params: client, filename +# fail on test failure test_common_put_object() { - if [[ $# -ne 2 ]]; then - fail "put object test requires command type, file" + assert [ $# -eq 2 ] + + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success + + # s3 erases file locally, so we need to copy it first + if [ "$1" == 's3' ]; then + run copy_file_locally "$TEST_FILE_FOLDER/$2" "$TEST_FILE_FOLDER/${2}-copy" + assert_success fi - setup_bucket "$1" "$BUCKET_ONE_NAME" + run put_object "$1" "$test_file_folder/$2" "$BUCKET_ONE_NAME" "$2" + assert_success - put_object "$1" "$test_file_folder/$2" "$BUCKET_ONE_NAME" "$2" || local copy_result=$? - [[ $copy_result -eq 0 ]] || fail "Failed to add object to bucket" - object_exists "$1" "$BUCKET_ONE_NAME" "$2" || local exists_result_one=$? - [[ $exists_result_one -eq 0 ]] || fail "Object not added to bucket" + if [ "$1" == 's3' ]; then + run move_file_locally "$TEST_FILE_FOLDER/${2}-copy" "$TEST_FILE_FOLDER/$2" + assert_success + fi - delete_object "$1" "$BUCKET_ONE_NAME" "$2" || local delete_result=$? - [[ $delete_result -eq 0 ]] || fail "Failed to delete object" - object_exists "$1" "$BUCKET_ONE_NAME" "$2" || local exists_result_two=$? - [[ $exists_result_two -eq 1 ]] || fail "Object not removed from bucket" + run download_and_compare_file "$1" "$TEST_FILE_FOLDER/$2" "$BUCKET_ONE_NAME" "$2" "$TEST_FILE_FOLDER/${2}-copy" + assert_success + + run delete_object "$1" "$BUCKET_ONE_NAME" "$2" + assert_success + + run object_exists "$1" "$BUCKET_ONE_NAME" "$2" + assert_failure 1 delete_bucket_or_contents "$1" "$BUCKET_ONE_NAME" - delete_test_files "$2" + delete_test_files "$2" "${2}-copy" } test_common_put_get_object() { if [[ $# -ne 1 ]]; then - fail "put, get object test requires command type" + fail "put, get object test requires client" fi local object_name="test-object" + run create_test_files "$object_name" + assert_success - create_test_files "$object_name" || fail "error creating test file" - echo "test data" > "$test_file_folder"/"$object_name" - - setup_bucket "$1" "$BUCKET_ONE_NAME" + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success if [[ $1 == 's3' ]]; then copy_object "$1" "$test_file_folder/$object_name" "$BUCKET_ONE_NAME" "$object_name" || fail "failed to add object to bucket" @@ -163,19 +191,21 @@ test_common_put_get_object() { fi object_exists "$1" "$BUCKET_ONE_NAME" "$object_name" || fail "object not added to bucket" - get_object "$1" "$BUCKET_ONE_NAME" "$object_name" "$test_file_folder/${object_name}_copy" || fail "failed to get object" - compare_files "$test_file_folder"/"$object_name" "$test_file_folder/${object_name}_copy" || fail "objects are different" + run download_and_compare_file "$1" "$TEST_FILE_FOLDER/$object_name" "$BUCKET_ONE_NAME" "$object_name" "$TEST_FILE_FOLDER/${2}-copy" + assert_success delete_bucket_or_contents "$1" "$BUCKET_ONE_NAME" - delete_test_files "$object_name" "${object_name}_copy" + delete_test_files "$object_name" "${object_name}-copy" } test_common_get_set_versioning() { local object_name="test-object" - create_test_files "$object_name" || local create_result=$? - [[ $create_result -eq 0 ]] || fail "Error creating test file" - setup_bucket "$1" "$BUCKET_ONE_NAME" + run create_test_files "$object_name" + assert_success + + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success get_bucket_versioning "$1" "$BUCKET_ONE_NAME" || local get_result=$? [[ $get_result -eq 0 ]] || fail "error getting bucket versioning" @@ -197,8 +227,8 @@ test_common_list_buckets() { fail "List buckets test requires one argument" fi - setup_bucket "$1" "$BUCKET_ONE_NAME" - setup_bucket "$1" "$BUCKET_TWO_NAME" + run setup_buckets "$1" "$BUCKET_ONE_NAME" "$BUCKET_TWO_NAME" + assert_success list_buckets "$1" local bucket_one_found=false @@ -235,10 +265,15 @@ test_common_list_objects() { object_one="test-file-one" object_two="test-file-two" - create_test_files $object_one $object_two + run create_test_files $object_one $object_two + assert_success + echo "test data" > "$test_file_folder"/"$object_one" echo "test data 2" > "$test_file_folder"/"$object_two" - setup_bucket "$1" "$BUCKET_ONE_NAME" + + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success + put_object "$1" "$test_file_folder"/$object_one "$BUCKET_ONE_NAME" "$object_one" || local result_two=$? [[ result_two -eq 0 ]] || fail "Error adding object one" put_object "$1" "$test_file_folder"/$object_two "$BUCKET_ONE_NAME" "$object_two" || local result_three=$? @@ -272,7 +307,8 @@ test_common_set_get_delete_bucket_tags() { local key="test_key" local value="test_value" - setup_bucket "$1" "$BUCKET_ONE_NAME" + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success get_bucket_tagging "$1" "$BUCKET_ONE_NAME" || fail "Error getting bucket tags first time" @@ -294,7 +330,8 @@ test_common_set_get_delete_bucket_tags() { [[ $tag_set_key == "$key" ]] || fail "Key mismatch" [[ $tag_set_value == "$value" ]] || fail "Value mismatch" fi - delete_bucket_tagging "$1" "$BUCKET_ONE_NAME" + run delete_bucket_tagging "$1" "$BUCKET_ONE_NAME" + assert_success get_bucket_tagging "$1" "$BUCKET_ONE_NAME" || fail "Error getting bucket tags third time" @@ -312,8 +349,12 @@ test_common_set_get_object_tags() { local key="test_key" local value="test_value" - create_test_files "$bucket_file" || fail "error creating test files" - setup_bucket "$1" "$BUCKET_ONE_NAME" + run create_test_files "$bucket_file" + assert_success + + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success + put_object "$1" "$test_file_folder"/"$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "Failed to add object to bucket '$BUCKET_ONE_NAME'" get_object_tagging "$1" "$BUCKET_ONE_NAME" $bucket_file || fail "Error getting object tags" @@ -350,10 +391,12 @@ test_common_presigned_url_utf8_chars() { local bucket_file="my-$%^&*;" local bucket_file_copy="bucket-file-copy" - create_test_files "$bucket_file" || local created=$? + run create_test_file "$bucket_file" + assert_success dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error creating test file" - setup_bucket "$1" "$BUCKET_ONE_NAME" - [[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'" + + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success put_object "$1" "$test_file_folder"/"$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || put_result=$? [[ $put_result -eq 0 ]] || fail "Failed to add object $bucket_file" @@ -381,10 +424,12 @@ test_common_list_objects_file_count() { echo "list objects greater than 1000 missing command type" return 1 fi - create_test_file_count 1001 || local create_result=$? - [[ $create_result -eq 0 ]] || fail "error creating test files" - setup_bucket "$1" "$BUCKET_ONE_NAME" - [[ $result -eq 0 ]] || fail "Failed to create bucket '$BUCKET_ONE_NAME'" + run create_test_file_count 1001 + assert_success + + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success + put_object_multiple "$1" "$test_file_folder/file_*" "$BUCKET_ONE_NAME" || local put_result=$? [[ $put_result -eq 0 ]] || fail "Failed to copy files to bucket" list_objects "$1" "$BUCKET_ONE_NAME" @@ -403,9 +448,11 @@ test_common_delete_object_tagging() { tag_key="key" tag_value="value" - create_test_files "$bucket_file" || fail "Error creating test files" + run create_test_files "$bucket_file" + assert_success - setup_bucket "$1" "$BUCKET_ONE_NAME" + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success put_object "$1" "$test_file_folder"/"$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || fail "Failed to add object to bucket" @@ -422,8 +469,11 @@ test_common_delete_object_tagging() { } test_common_get_bucket_location() { - [[ $# -eq 1 ]] || fail "test common get bucket location missing command type" - setup_bucket "$1" "$BUCKET_ONE_NAME" + assert [ $# -eq 1 ] + + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success + get_bucket_location "$1" "$BUCKET_ONE_NAME" # shellcheck disable=SC2154 [[ $bucket_location == "null" ]] || [[ $bucket_location == "us-east-1" ]] || fail "wrong location: '$bucket_location'" @@ -434,7 +484,9 @@ test_put_bucket_acl_s3cmd() { # https://github.com/versity/versitygw/issues/695 skip fi - setup_bucket "s3cmd" "$BUCKET_ONE_NAME" + run setup_bucket "s3cmd" "$BUCKET_ONE_NAME" + assert_success + put_bucket_ownership_controls "$BUCKET_ONE_NAME" "BucketOwnerPreferred" || fail "error putting bucket ownership controls" username=$USERNAME_ONE @@ -482,8 +534,11 @@ test_common_put_bucket_acl() { # https://github.com/versity/versitygw/issues/716 skip fi - [[ $# -eq 1 ]] || fail "test common put bucket acl missing command type" - setup_bucket "$1" "$BUCKET_ONE_NAME" + assert [ $# -eq 1 ] + + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success + put_bucket_ownership_controls "$BUCKET_ONE_NAME" "BucketOwnerPreferred" || fail "error putting bucket ownership controls" username=$USERNAME_ONE @@ -566,7 +621,8 @@ test_common_get_put_delete_bucket_policy() { policy_file="policy_file" - create_test_files "$policy_file" || fail "error creating policy file" + run create_test_file "$policy_file" + assert_success effect="Allow" #principal="*" @@ -593,7 +649,8 @@ test_common_get_put_delete_bucket_policy() { EOF log 5 "POLICY: $(cat "$test_file_folder/$policy_file")" - setup_bucket "$1" "$BUCKET_ONE_NAME" + run setup_bucket "$1" "$BUCKET_ONE_NAME" + assert_success check_for_empty_policy "$1" "$BUCKET_ONE_NAME" || fail "policy not empty" @@ -629,11 +686,11 @@ EOF test_common_ls_directory_object() { test_file="a" - run create_test_files "$test_file" - assert_success "error creating file" + run create_test_file "$test_file" 0 + assert_success run setup_bucket "$1" "$BUCKET_ONE_NAME" - assert_success "error setting up bucket" + assert_success if [ "$1" == 's3cmd' ]; then put_object_client="s3api" diff --git a/tests/test_mc.sh b/tests/test_mc.sh index 2f6cfc6e..e5cdd970 100755 --- a/tests/test_mc.sh +++ b/tests/test_mc.sh @@ -43,7 +43,9 @@ export RUN_MC=true if [[ $RECREATE_BUCKETS == "false" ]]; then skip "will not test bucket deletion in static bucket test config" fi - setup_bucket "mc" "$BUCKET_ONE_NAME" + run setup_bucket "mc" "$BUCKET_ONE_NAME" + assert_success + delete_bucket "mc" "$BUCKET_ONE_NAME" || fail "error deleting bucket" } @@ -122,14 +124,18 @@ export RUN_MC=true } @test "test_get_bucket_info_mc" { - setup_bucket "mc" "$BUCKET_ONE_NAME" + run setup_bucket "mc" "$BUCKET_ONE_NAME" + assert_success + head_bucket "mc" "$BUCKET_ONE_NAME" [[ $bucket_info == *"$BUCKET_ONE_NAME"* ]] || fail "failure to retrieve correct bucket info: $bucket_info" delete_bucket_or_contents "mc" "$BUCKET_ONE_NAME" } @test "test_get_bucket_info_doesnt_exist_mc" { - setup_bucket "mc" "$BUCKET_ONE_NAME" + run setup_bucket "mc" "$BUCKET_ONE_NAME" + assert_success + head_bucket "mc" "$BUCKET_ONE_NAME"a || local info_result=$? [[ $info_result -eq 1 ]] || fail "bucket info for non-existent bucket returned" [[ $bucket_info == *"does not exist"* ]] || fail "404 not returned for non-existent bucket info" diff --git a/tests/test_s3.sh b/tests/test_s3.sh index b34b0f3e..b6acec32 100755 --- a/tests/test_s3.sh +++ b/tests/test_s3.sh @@ -59,7 +59,9 @@ source ./tests/util_file.sh if [[ $RECREATE_BUCKETS == "false" ]]; then skip "will not test bucket deletion in static bucket test config" fi - setup_bucket "s3" "$BUCKET_ONE_NAME" + run setup_bucket "s3" "$BUCKET_ONE_NAME" + assert_success + delete_bucket "s3" "$BUCKET_ONE_NAME" || fail "error deleting bucket" } diff --git a/tests/test_s3api.sh b/tests/test_s3api.sh index 64b2473f..6392a19e 100755 --- a/tests/test_s3api.sh +++ b/tests/test_s3api.sh @@ -208,8 +208,11 @@ export RUN_USERS=true abort_all_multipart_uploads "$BUCKET_ONE_NAME" || fail "error aborting all uploads" fi - create_test_files "$bucket_file_one" "$bucket_file_two" || fail "error creating test files" - setup_bucket "aws" "$BUCKET_ONE_NAME" + run create_test_files "$bucket_file_one" "$bucket_file_two" + assert_success + + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success create_and_list_multipart_uploads "$BUCKET_ONE_NAME" "$test_file_folder"/"$bucket_file_one" "$test_file_folder"/"$bucket_file_two" || fail "failed to list multipart uploads" @@ -232,9 +235,12 @@ export RUN_USERS=true @test "test-multipart-upload-from-bucket" { local bucket_file="bucket-file" - create_test_files "$bucket_file" || fail "error creating test files" + run create_test_file "$bucket_file" + assert_success dd if=/dev/urandom of="$test_file_folder/$bucket_file" bs=5M count=1 || fail "error adding data to test file" - setup_bucket "aws" "$BUCKET_ONE_NAME" + + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success multipart_upload_from_bucket "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 || fail "error performing multipart upload" @@ -247,9 +253,11 @@ export RUN_USERS=true @test "test_multipart_upload_from_bucket_range_too_large" { local bucket_file="bucket-file" + run create_large_file "$bucket_file" + assert_success - create_large_file "$bucket_file" - setup_bucket "aws" "$BUCKET_ONE_NAME" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success multipart_upload_from_bucket_range "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 "bytes=0-1000000000" || local upload_result=$? [[ $upload_result -eq 1 ]] || fail "multipart upload with overly large range should have failed" @@ -262,9 +270,11 @@ export RUN_USERS=true @test "test_multipart_upload_from_bucket_range_valid" { local bucket_file="bucket-file" + run create_large_file "$bucket_file" + assert_success - create_large_file "$bucket_file" - setup_bucket "aws" "$BUCKET_ONE_NAME" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success range_max=$((5*1024*1024-1)) multipart_upload_from_bucket_range "$BUCKET_ONE_NAME" "$bucket_file" "$test_file_folder"/"$bucket_file" 4 "bytes=0-$range_max" || fail "upload failure" @@ -288,10 +298,15 @@ export RUN_USERS=true @test "test-list-objects-delimiter" { folder_name="two" object_name="three" - create_test_folder "$folder_name" - create_test_files "$folder_name"/"$object_name" - setup_bucket "aws" "$BUCKET_ONE_NAME" + run create_test_folder "$folder_name" + assert_success + + run create_test_file "$folder_name"/"$object_name" + assert_success + + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success put_object "aws" "$test_file_folder/$folder_name/$object_name" "$BUCKET_ONE_NAME" "$folder_name/$object_name" || fail "failed to add object to bucket" @@ -388,7 +403,9 @@ export RUN_USERS=true #} @test "test_head_bucket" { - setup_bucket "aws" "$BUCKET_ONE_NAME" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success + head_bucket "aws" "$BUCKET_ONE_NAME" || fail "error getting bucket info" log 5 "INFO: $bucket_info" region=$(echo "$bucket_info" | grep -v "InsecureRequestWarning" | jq -r ".BucketRegion" 2>&1) || fail "error getting bucket region: $region" @@ -401,7 +418,9 @@ export RUN_USERS=true } @test "test_head_bucket_doesnt_exist" { - setup_bucket "aws" "$BUCKET_ONE_NAME" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success + head_bucket "aws" "$BUCKET_ONE_NAME"a || local info_result=$? [[ $info_result -eq 1 ]] || fail "bucket info for non-existent bucket returned" [[ $bucket_info == *"404"* ]] || fail "404 not returned for non-existent bucket info" @@ -413,9 +432,11 @@ export RUN_USERS=true test_key="x-test-data" test_value="test-value" - create_test_files "$object_one" || fail "error creating test files" + run create_test_files "$object_one" + assert_success - setup_bucket "aws" "$BUCKET_ONE_NAME" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success object="$test_file_folder"/"$object_one" put_object_with_metadata "aws" "$object" "$BUCKET_ONE_NAME" "$object_one" "$test_key" "$test_value" || fail "failed to add object to bucket" diff --git a/tests/test_s3api_policy.sh b/tests/test_s3api_policy.sh index 468eca47..e6b153fb 100644 --- a/tests/test_s3api_policy.sh +++ b/tests/test_s3api_policy.sh @@ -22,7 +22,8 @@ source ./tests/commands/put_bucket_tagging.sh test_s3api_policy_invalid_action() { policy_file="policy_file" - create_test_files "$policy_file" || fail "error creating policy file" + run create_test_file "$policy_file" + assert_success effect="Allow" principal="*" @@ -30,13 +31,14 @@ test_s3api_policy_invalid_action() { resource="arn:aws:s3:::$BUCKET_ONE_NAME/*" # shellcheck disable=SC2154 - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success check_for_empty_policy "s3api" "$BUCKET_ONE_NAME" || fail "policy not empty" - if put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file"; then + if put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file"; then fail "put succeeded despite malformed policy" fi # shellcheck disable=SC2154 @@ -52,18 +54,20 @@ test_s3api_policy_get_object_with_user() { test_file="test_file" log 5 "username: $USERNAME_ONE, password: $PASSWORD_ONE" - create_test_files "$test_file" "$policy_file" || fail "error creating policy file" - echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_file" + run create_test_files "$test_file" "$policy_file" + assert_success effect="Allow" principal="$username" action="s3:GetObject" resource="arn:aws:s3:::$BUCKET_ONE_NAME/$test_file" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" - setup_bucket "s3api" "$BUCKET_ONE_NAME" - put_object "s3api" "$test_file_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + + put_object "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object" if ! check_for_empty_policy "s3api" "$BUCKET_ONE_NAME"; then delete_bucket_policy "s3api" "$BUCKET_ONE_NAME" || fail "error deleting policy" @@ -71,15 +75,16 @@ test_s3api_policy_get_object_with_user() { fi setup_user "$username" "$password" "user" || fail "error creating user" - if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then + if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password"; then fail "get object with user succeeded despite lack of permissions" fi # shellcheck disable=SC2154 [[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" - get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password" || fail "error getting object after permissions" - compare_files "$test_file_folder/$test_file" "$test_file_folder/$test_file-copy" || fail "files not equal" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" + run download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password" + assert_success + delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" } @@ -90,9 +95,8 @@ test_s3api_policy_get_object_specific_file() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$policy_file" "$test_file" "$test_file_two" || fail "error creating policy file" - echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_file" - echo "$BATS_TEST_NAME-2" >> "$test_file_folder/$test_file_two" + run create_test_files "$policy_file" "$test_file" "$test_file_two" + assert_success effect="Allow" principal="$username" @@ -101,15 +105,19 @@ test_s3api_policy_get_object_specific_file() { setup_user "$username" "$password" "user" || fail "error creating user" - setup_bucket "s3api" "$BUCKET_ONE_NAME" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success - put_object "s3api" "$test_file_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object" - put_object "s3api" "$test_file_folder/$test_file_two" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" - get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password" || fail "error getting object after permissions" - if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_two" "$test_file_folder/$test_file_two-copy" "$username" "$password"; then + put_object "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object" + put_object "s3api" "$TEST_FILE_FOLDER/$test_file_two" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object" + + run download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password" + assert_success + + if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_two" "$TEST_FILE_FOLDER/$test_file_two-copy" "$username" "$password"; then fail "get object with user succeeded despite lack of permissions" fi # shellcheck disable=SC2154 @@ -124,8 +132,8 @@ test_s3api_policy_get_object_file_wildcard() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$policy_file" "$policy_file_two" "$policy_file_three" || fail "error creating policy file" - echo "$BATS_TEST_NAME" >> "$test_file_folder/$policy_file" + run create_test_files "$policy_file" "$policy_file_two" "$policy_file_three" + assert_success effect="Allow" principal="$username" @@ -134,20 +142,27 @@ test_s3api_policy_get_object_file_wildcard() { setup_user "$username" "$password" "user" || fail "error creating user account" - setup_bucket "s3api" "$BUCKET_ONE_NAME" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success - put_object "s3api" "$test_file_folder/$policy_file" "$BUCKET_ONE_NAME" "$policy_file" || fail "error copying object one" - put_object "s3api" "$test_file_folder/$policy_file_two" "$BUCKET_ONE_NAME" "$policy_file_two" || fail "error copying object two" - put_object "s3api" "$test_file_folder/$policy_file_three" "$BUCKET_ONE_NAME" "$policy_file_three" || fail "error copying object three" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" - get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$policy_file" "$test_file_folder/$policy_file" "$username" "$password" || fail "error getting object one after permissions" - get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$policy_file_two" "$test_file_folder/$policy_file_two" "$username" "$password" || fail "error getting object two after permissions" - if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$policy_file_three" "$test_file_folder/$policy_file_three" "$username" "$password"; then + put_object "s3api" "$TEST_FILE_FOLDER/$policy_file" "$BUCKET_ONE_NAME" "$policy_file" || fail "error copying object one" + put_object "s3api" "$TEST_FILE_FOLDER/$policy_file_two" "$BUCKET_ONE_NAME" "$policy_file_two" || fail "error copying object two" + put_object "s3api" "$TEST_FILE_FOLDER/$policy_file_three" "$BUCKET_ONE_NAME" "$policy_file_three" || fail "error copying object three" + + run download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$policy_file" "$BUCKET_ONE_NAME" "$policy_file" "$TEST_FILE_FOLDER/$policy_file-copy" "$username" "$password" + assert_success + + run download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$policy_file_two" "$BUCKET_ONE_NAME" "$policy_file_two" "$TEST_FILE_FOLDER/$policy_file_two-copy" "$username" "$password" + assert_success + + if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$policy_file_three" "$TEST_FILE_FOLDER/$policy_file_three" "$username" "$password"; then fail "get object three with user succeeded despite lack of permissions" fi [[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error" + delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" } @@ -158,9 +173,11 @@ test_s3api_policy_get_object_folder_wildcard() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_folder "$test_folder" || fail "error creating test folder" - create_test_files "$test_folder/$test_file" "$policy_file" || fail "error creating policy file, test file" - echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_folder/$test_file" + run create_test_folder "$test_folder" + assert_success + + run create_test_files "$test_folder/$test_file" "$policy_file" + assert_success effect="Allow" principal="$username" @@ -170,12 +187,12 @@ test_s3api_policy_get_object_folder_wildcard() { setup_user "$username" "$password" "user" || fail "error creating user" setup_bucket "s3api" "$BUCKET_ONE_NAME" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" - put_object "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" || fail "error copying object to bucket" + put_object "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" || fail "error copying object to bucket" - download_and_compare_file_with_user "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$test_file_folder/$test_file-copy" "$username" "$password" || fail "error downloading and comparing file" + download_and_compare_file_with_user "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password" || fail "error downloading and comparing file" delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_test_files "$test_folder/$test_file" "$policy_file" } @@ -186,18 +203,22 @@ test_s3api_policy_allow_deny() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$policy_file" "$test_file" || fail "error creating policy file" - setup_user "$username" "$password" "user" || fail "error creating user" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_files "$policy_file" "$test_file" + assert_success - setup_policy_with_double_statement "$test_file_folder/$policy_file" "dummy" \ + setup_user "$username" "$password" "user" || fail "error creating user" + + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + + setup_policy_with_double_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" \ "Deny" "$username" "s3:GetObject" "arn:aws:s3:::$BUCKET_ONE_NAME/$test_file" \ "Allow" "$username" "s3:GetObject" "arn:aws:s3:::$BUCKET_ONE_NAME/$test_file" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" - put_object "s3api" "$test_file_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object to bucket" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" + put_object "s3api" "$TEST_FILE_FOLDER/$test_file" "$BUCKET_ONE_NAME" "$test_file" || fail "error copying object to bucket" - if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then + if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$TEST_FILE_FOLDER/$test_file-copy" "$username" "$password"; then fail "able to get object despite deny statement" fi [[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error" @@ -213,20 +234,24 @@ test_s3api_policy_deny() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$test_file_one" "$test_file_two" "$policy_file" || fail "error creating policy file, test file" - setup_user "$username" "$password" "user" || fail "error creating user" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_files "$test_file_one" "$test_file_two" "$policy_file" + assert_success - setup_policy_with_double_statement "$test_file_folder/$policy_file" "dummy" \ + setup_user "$username" "$password" "user" || fail "error creating user" + + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + + setup_policy_with_double_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" \ "Deny" "$username" "s3:GetObject" "arn:aws:s3:::$BUCKET_ONE_NAME/$test_file_two" \ "Allow" "$username" "s3:GetObject" "arn:aws:s3:::$BUCKET_ONE_NAME/*" - log 5 "Policy: $(cat "$test_file_folder/$policy_file")" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" - put_object "s3api" "$test_file_folder/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_one" || fail "error copying object one" - put_object "s3api" "$test_file_folder/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object two" - get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_one" "$test_file_folder/$test_file_one-copy" "$username" "$password" || fail "error getting object" - if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_two" "$test_file_folder/$test_file_two-copy" "$username" "$password"; then + log 5 "Policy: $(cat "$TEST_FILE_FOLDER/$policy_file")" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" + put_object "s3api" "$TEST_FILE_FOLDER/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_one" || fail "error copying object one" + put_object "s3api" "$TEST_FILE_FOLDER/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object two" + get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_one" "$TEST_FILE_FOLDER/$test_file_one-copy" "$username" "$password" || fail "error getting object" + if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_two" "$TEST_FILE_FOLDER/$test_file_two-copy" "$username" "$password"; then fail "able to get object despite deny statement" fi [[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error" @@ -241,9 +266,11 @@ test_s3api_policy_put_wildcard() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_folder "$test_folder" || fail "error creating test folder" - create_test_files "$test_folder/$test_file" "$policy_file" || fail "error creating policy file, test file" - echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_folder/$test_file" + run create_test_folder "$test_folder" + assert_success + + run create_test_files "$test_folder/$test_file" "$policy_file" + assert_success effect="Allow" principal="$username" @@ -253,20 +280,20 @@ test_s3api_policy_put_wildcard() { setup_user "$username" "$password" "user" || fail "error creating user" setup_bucket "s3api" "$BUCKET_ONE_NAME" - log 5 "Policy: $(cat "$test_file_folder/$policy_file")" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" - if put_object_with_user "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$username" "$password"; then + log 5 "Policy: $(cat "$TEST_FILE_FOLDER/$policy_file")" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" + if put_object_with_user "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$username" "$password"; then fail "able to put object despite not being allowed" fi # shellcheck disable=SC2154 [[ "$put_object_error" == *"Access Denied"* ]] || fail "invalid put object error: $put_object_error" - put_object_with_user "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$username" "$password" || fail "error putting file despite policy permissions" + put_object_with_user "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$username" "$password" || fail "error putting file despite policy permissions" if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$test_folder/$test_file-copy" "$username" "$password"; then fail "able to get object without permissions" fi [[ "$get_object_error" == *"Access Denied"* ]] || fail "invalid get object error: $get_object_error" - download_and_compare_file "s3api" "$test_file_folder/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$test_file_folder/$test_file-copy" || fail "files don't match" + download_and_compare_file "s3api" "$TEST_FILE_FOLDER/$test_folder/$test_file" "$BUCKET_ONE_NAME" "$test_folder/$test_file" "$TEST_FILE_FOLDER/$test_file-copy" || fail "files don't match" delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_test_files "$test_folder/$test_file" "$test_file-copy" "$policy_file" } @@ -278,9 +305,8 @@ test_s3api_policy_delete() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$test_file_one" "$test_file_two" "$policy_file" || fail "error creating policy file, test files" - echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_file_one" - echo "$BATS_TEST_NAME" >> "$test_file_folder/$test_file_two" + run create_test_files "$test_file_one" "$test_file_two" "$policy_file" + assert_success effect="Allow" principal="$username" @@ -289,13 +315,15 @@ test_s3api_policy_delete() { setup_user "$username" "$password" "user" || fail "error creating user" - setup_bucket "s3api" "$BUCKET_ONE_NAME" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" - log 5 "Policy: $(cat "$test_file_folder/$policy_file")" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success - put_object "s3api" "$test_file_folder/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_one" || fail "error copying object one" - put_object "s3api" "$test_file_folder/$test_file_two" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object two" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + log 5 "Policy: $(cat "$TEST_FILE_FOLDER/$policy_file")" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" + + put_object "s3api" "$TEST_FILE_FOLDER/$test_file_one" "$BUCKET_ONE_NAME" "$test_file_one" || fail "error copying object one" + put_object "s3api" "$TEST_FILE_FOLDER/$test_file_two" "$BUCKET_ONE_NAME" "$test_file_two" || fail "error copying object two" if delete_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file_one" "$username" "$password"; then fail "able to delete object despite lack of permissions" fi @@ -311,7 +339,8 @@ test_s3api_policy_get_bucket_policy() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$policy_file" || fail "error creating policy file, test files" + run create_test_file "$policy_file" + assert_success effect="Allow" principal="$username" @@ -320,19 +349,21 @@ test_s3api_policy_get_bucket_policy() { setup_user "$username" "$password" "user" || fail "error creating user" - setup_bucket "s3api" "$BUCKET_ONE_NAME" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" if get_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password"; then fail "able to retrieve bucket policy despite lack of permissions" fi - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" get_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "error getting bucket policy despite permissions" # shellcheck disable=SC2154 - echo "$bucket_policy" > "$test_file_folder/$policy_file-copy" - log 5 "ORIG: $(cat "$test_file_folder/$policy_file")" - log 5 "COPY: $(cat "$test_file_folder/$policy_file-copy")" - compare_files "$test_file_folder/$policy_file" "$test_file_folder/$policy_file-copy" || fail "policies not equal" + echo "$bucket_policy" > "$TEST_FILE_FOLDER/$policy_file-copy" + log 5 "ORIG: $(cat "$TEST_FILE_FOLDER/$policy_file")" + log 5 "COPY: $(cat "$TEST_FILE_FOLDER/$policy_file-copy")" + compare_files "$TEST_FILE_FOLDER/$policy_file" "$TEST_FILE_FOLDER/$policy_file-copy" || fail "policies not equal" delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_test_files "$policy_file" "$policy_file-copy" } @@ -343,8 +374,11 @@ test_s3api_policy_list_multipart_uploads() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$policy_file" || fail "error creating policy file, test files" - create_large_file "$test_file" + run create_test_file "$policy_file" + assert_success + + run create_large_file "$test_file" + assert_success effect="Allow" principal="$username" @@ -352,13 +386,15 @@ test_s3api_policy_list_multipart_uploads() { resource="arn:aws:s3:::$BUCKET_ONE_NAME" setup_user "$username" "$password" "user" || fail "error creating user" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + get_bucket_policy "s3api" "$BUCKET_ONE_NAME" || fail "error getting bucket policy" log 5 "BUCKET POLICY: $bucket_policy" get_bucket_acl "s3api" "$BUCKET_ONE_NAME" || fail "error getting bucket ACL" # shellcheck disable=SC2154 log 5 "ACL: $acl" - run setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" + run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" assert_success "failed to set up policy" run create_multipart_upload "$BUCKET_ONE_NAME" "$test_file" assert_success "failed to create multipart upload" @@ -367,7 +403,7 @@ test_s3api_policy_list_multipart_uploads() { fi # shellcheck disable=SC2154 [[ "$list_multipart_uploads_error" == *"Access Denied"* ]] || fail "invalid list multipart uploads error: $list_multipart_uploads_error" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" list_multipart_uploads_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "error listing multipart uploads" # shellcheck disable=SC2154 log 5 "$uploads" @@ -383,7 +419,8 @@ test_s3api_policy_put_bucket_policy() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$policy_file" || fail "error creating policy file, test files" + run create_test_file "$policy_file" 0 + assert_success effect="Allow" principal="$username" @@ -392,21 +429,23 @@ test_s3api_policy_put_bucket_policy() { setup_user "$username" "$password" "user" || fail "error creating user" - setup_bucket "s3api" "$BUCKET_ONE_NAME" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" - if put_bucket_policy_with_user "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" "$username" "$password"; then + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + if put_bucket_policy_with_user "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" "$username" "$password"; then fail "able to retrieve bucket policy despite lack of permissions" fi - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" - setup_policy_with_single_statement "$test_file_folder/$policy_file_two" "dummy" "$effect" "$principal" "s3:GetBucketPolicy" "$resource" || fail "failed to set up policy" - put_bucket_policy_with_user "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file_two" "$username" "$password" || fail "error putting bucket policy despite permissions" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file_two" "dummy" "$effect" "$principal" "s3:GetBucketPolicy" "$resource" || fail "failed to set up policy" + put_bucket_policy_with_user "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file_two" "$username" "$password" || fail "error putting bucket policy despite permissions" get_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "error getting bucket policy despite permissions" # shellcheck disable=SC2154 - echo "$bucket_policy" > "$test_file_folder/$policy_file-copy" - log 5 "ORIG: $(cat "$test_file_folder/$policy_file_two")" - log 5 "COPY: $(cat "$test_file_folder/$policy_file-copy")" - compare_files "$test_file_folder/$policy_file_two" "$test_file_folder/$policy_file-copy" || fail "policies not equal" + echo "$bucket_policy" > "$TEST_FILE_FOLDER/$policy_file-copy" + log 5 "ORIG: $(cat "$TEST_FILE_FOLDER/$policy_file_two")" + log 5 "COPY: $(cat "$TEST_FILE_FOLDER/$policy_file-copy")" + compare_files "$TEST_FILE_FOLDER/$policy_file_two" "$TEST_FILE_FOLDER/$policy_file-copy" || fail "policies not equal" delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_test_files "$policy_file" "$policy_file_two" "$policy_file-copy" } @@ -416,7 +455,8 @@ test_s3api_policy_delete_bucket_policy() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$policy_file" || fail "error creating policy file, test files" + run create_test_file "$policy_file" 0 + assert_success effect="Allow" principal="$username" @@ -425,12 +465,14 @@ test_s3api_policy_delete_bucket_policy() { setup_user "$username" "$password" "user" || fail "error creating user" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + if delete_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password"; then fail "able to delete bucket policy with user $username without right permissions" fi - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" delete_bucket_policy_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "unable to delete bucket policy" delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" delete_test_files "$policy_file" @@ -441,7 +483,8 @@ test_s3api_policy_get_bucket_acl() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$policy_file" || fail "error creating policy file, test files" + run create_test_file "$policy_file" 0 + assert_success effect="Allow" principal="$username" @@ -450,12 +493,14 @@ test_s3api_policy_get_bucket_acl() { setup_user "$username" "$password" "user" || fail "error creating user" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + if get_bucket_acl_with_user "$BUCKET_ONE_NAME" "$username" "$password"; then fail "user able to get bucket ACLs despite permissions" fi - setup_policy_with_single_statement "$test_file_folder/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource" || fail "failed to set up policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" get_bucket_acl_with_user "$BUCKET_ONE_NAME" "$username" "$password" || fail "error getting bucket ACL despite permissions" } @@ -464,9 +509,15 @@ test_s3api_policy_abort_multipart_upload() { test_file="test_file" username=$USERNAME_ONE - create_test_files "$policy_file" || fail "error creating policy file" - create_large_file "$test_file" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_file "$policy_file" + assert_success + + run create_large_file "$test_file" + assert_success + + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + if [[ $DIRECT == "true" ]]; then setup_user_direct "$username" "user" "$BUCKET_ONE_NAME" || fail "error setting up direct user $username" principal="{\"AWS\": \"arn:aws:iam::$DIRECT_AWS_USER_ID:user/$username\"}" @@ -480,10 +531,10 @@ test_s3api_policy_abort_multipart_upload() { principal="\"$username\"" fi - setup_policy_with_double_statement "$test_file_folder/$policy_file" "2012-10-17" \ + setup_policy_with_double_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" \ "Allow" "$principal" "s3:PutObject" "arn:aws:s3:::$BUCKET_ONE_NAME/*" \ "Deny" "$principal" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting first policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting first policy" create_multipart_upload_with_user "$BUCKET_ONE_NAME" "$test_file" "$username" "$password" || fail "error creating multipart upload" # shellcheck disable=SC2154 @@ -493,9 +544,9 @@ test_s3api_policy_abort_multipart_upload() { # shellcheck disable=SC2154 [[ "$abort_multipart_upload_error" == *"AccessDenied"* ]] || fail "unexpected abort error: $abort_multipart_upload_error" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "Allow" "$principal" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$principal" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*" - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" abort_multipart_upload_with_user "$BUCKET_ONE_NAME" "$test_file" "$upload_id" "$username" "$password" || fail "error aborting multipart upload despite permissions" delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME" @@ -549,11 +600,11 @@ test_s3api_policy_put_bucket_tagging() { run setup_user "$USERNAME_ONE" "$PASSWORD_ONE" "user" assert_success "error setting up user" - run setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:PutBucketTagging" "arn:aws:s3:::$BUCKET_ONE_NAME" + run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:PutBucketTagging" "arn:aws:s3:::$BUCKET_ONE_NAME" assert_success "error setting up policy" run put_bucket_tagging_with_user "$BUCKET_ONE_NAME" "$tag_key" "$tag_value" "$USERNAME_ONE" "$PASSWORD_ONE" assert_failure - run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" + run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" assert_success "error putting policy" run put_bucket_tagging_with_user "$BUCKET_ONE_NAME" "$tag_key" "$tag_value" "$USERNAME_ONE" "$PASSWORD_ONE" assert_success "unable to put bucket tagging despite user permissions" @@ -569,20 +620,23 @@ test_s3api_policy_put_acl() { username=$USERNAME_ONE password=$PASSWORD_ONE - create_test_files "$policy_file" || fail "error creating policy file" - create_large_file "$test_file" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_file "$policy_file" 0 + assert_success + run create_large_file "$test_file" + assert_success + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success put_bucket_ownership_controls "$BUCKET_ONE_NAME" "BucketOwnerPreferred" || fail "error putting bucket ownership controls" setup_user "$username" "$password" "user" || fail "error setting up user $username" - setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "Allow" "$username" "s3:PutBucketAcl" "arn:aws:s3:::$BUCKET_ONE_NAME" + setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$username" "s3:PutBucketAcl" "arn:aws:s3:::$BUCKET_ONE_NAME" if [[ $DIRECT == "true" ]]; then put_public_access_block_enable_public_acls "$BUCKET_ONE_NAME" || fail "error enabling public ACLs" fi - put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" || fail "error putting policy" + put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" || fail "error putting policy" put_bucket_canned_acl_with_user "$BUCKET_ONE_NAME" "public-read" "$username" "$password" || fail "error putting canned acl" get_bucket_acl "s3api" "$BUCKET_ONE_NAME" || fail "error getting bucket acl" @@ -613,12 +667,13 @@ test_s3api_policy_get_bucket_tagging() { run create_test_files "$policy_file" assert_success "error creating test files" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success run setup_user "$USERNAME_ONE" "$PASSWORD_ONE" "user" assert_success "error creating user '$USERNAME_ONE'" - run setup_policy_with_single_statement "$test_file_folder/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:GetBucketTagging" "arn:aws:s3:::$BUCKET_ONE_NAME" + run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:GetBucketTagging" "arn:aws:s3:::$BUCKET_ONE_NAME" assert_success "error setting up policy" run put_bucket_tagging "s3api" "$BUCKET_ONE_NAME" "$tag_key" "$tag_value" @@ -627,7 +682,7 @@ test_s3api_policy_get_bucket_tagging() { run get_bucket_tagging_with_user "$USERNAME_ONE" "$PASSWORD_ONE" "$BUCKET_ONE_NAME" assert_failure - run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$test_file_folder/$policy_file" + run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file" assert_success "error putting policy" run get_and_check_bucket_tags_with_user "$USERNAME_ONE" "$PASSWORD_ONE" "$BUCKET_ONE_NAME" "$tag_key" "$tag_value" assert_success "get and check bucket tags failed" diff --git a/tests/test_s3cmd.sh b/tests/test_s3cmd.sh index c0f451f8..a29ae9bf 100755 --- a/tests/test_s3cmd.sh +++ b/tests/test_s3cmd.sh @@ -109,14 +109,18 @@ export RUN_USERS=true } @test "test_get_bucket_info_s3cmd" { - setup_bucket "s3cmd" "$BUCKET_ONE_NAME" + run setup_bucket "s3cmd" "$BUCKET_ONE_NAME" + assert_success + head_bucket "s3cmd" "$BUCKET_ONE_NAME" [[ $bucket_info == *"s3://$BUCKET_ONE_NAME"* ]] || fail "failure to retrieve correct bucket info: $bucket_info" delete_bucket_or_contents "s3cmd" "$BUCKET_ONE_NAME" } @test "test_get_bucket_info_doesnt_exist_s3cmd" { - setup_bucket "s3cmd" "$BUCKET_ONE_NAME" + run setup_bucket "s3cmd" "$BUCKET_ONE_NAME" + assert_success + head_bucket "s3cmd" "$BUCKET_ONE_NAME"a || local info_result=$? [[ $info_result -eq 1 ]] || fail "bucket info for non-existent bucket returned" [[ $bucket_info == *"404"* ]] || fail "404 not returned for non-existent bucket info" diff --git a/tests/test_user_aws.sh b/tests/test_user_aws.sh index e58c3b2a..c9b967ab 100755 --- a/tests/test_user_aws.sh +++ b/tests/test_user_aws.sh @@ -49,9 +49,13 @@ export RUN_USERS=true test_file="test_file" setup_user "$username" "$password" "user" || fail "error creating user if nonexistent" - create_test_files "$test_file" || fail "error creating test files" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_file "$test_file" + assert_success + + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then fail "able to get object despite not being bucket owner" fi @@ -66,9 +70,13 @@ export RUN_USERS=true test_file="test_file" setup_user "$username" "$password" "admin" || fail "error creating user if nonexistent" - create_test_files "$test_file" || fail "error creating test files" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_file "$test_file" + assert_success + + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then fail "able to get object despite not being bucket owner" fi @@ -83,9 +91,13 @@ export RUN_USERS=true test_file="test_file" setup_user "$username" "$password" "user" || fail "error creating user if nonexistent" - create_test_files "$test_file" || fail "error creating test files" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_file "$test_file" + assert_success + + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + if get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password"; then fail "able to get object despite not being bucket owner" fi @@ -100,9 +112,13 @@ export RUN_USERS=true test_file="test_file" setup_user "$username" "$password" "admin" || fail "error creating user if nonexistent" - create_test_file_with_size "$test_file" 10 || fail "error creating test file" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + run create_test_file "$test_file" + assert_success + + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + put_object_with_user "s3api" "$test_file_folder/$test_file" "$BUCKET_ONE_NAME" "$test_file" "$username" "$password" || fail "failed to add object to bucket" get_object_with_user "s3api" "$BUCKET_ONE_NAME" "$test_file" "$test_file_folder/$test_file-copy" "$username" "$password" || fail "error getting object" compare_files "$test_file_folder/$test_file" "$test_file_folder/$test_file-copy" || fail "files don't match" @@ -122,8 +138,13 @@ export RUN_USERS=true test_file="test_file" setup_user "$username" "$password" "user" || fail "error creating user if nonexistent" - create_large_file "$test_file" || fail "error creating test file" - setup_bucket "s3api" "$BUCKET_ONE_NAME" + + run create_large_file "$test_file" + assert_success + + run setup_bucket "s3api" "$BUCKET_ONE_NAME" + assert_success + change_bucket_owner "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY" "$BUCKET_ONE_NAME" "$username" || fail "error changing bucket ownership" create_multipart_upload_with_user "$BUCKET_ONE_NAME" "dummy" "$username" "$password" || fail "unable to create multipart upload" } diff --git a/tests/test_user_common.sh b/tests/test_user_common.sh index 82dd4c04..c3fb0c77 100755 --- a/tests/test_user_common.sh +++ b/tests/test_user_common.sh @@ -37,7 +37,9 @@ test_admin_user() { fi create_user_with_user "$admin_username" "$admin_password" "$user_username" "$user_password" "user" || fail "failed to create user '$user_username'" - setup_bucket "aws" "$BUCKET_ONE_NAME" + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success + delete_bucket_or_contents_if_exists "aws" "versity-gwtest-admin-bucket" create_bucket_with_user "aws" "versity-gwtest-admin-bucket" "$admin_username" "$admin_password" || fail "error creating bucket with admin user" @@ -93,7 +95,9 @@ test_user_user() { setup_user "$username" "$password" "user" || fail "error setting up user" delete_bucket_or_contents_if_exists "aws" "versity-gwtest-user-bucket" - setup_bucket "aws" "$BUCKET_ONE_NAME" + + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success if create_bucket_with_user "aws" "versity-gwtest-user-bucket" "$username" "$password"; then fail "creating bucket with 'user' account failed to return error" @@ -136,7 +140,9 @@ test_userplus_operation() { delete_bucket_or_contents_if_exists "aws" "versity-gwtest-userplus-bucket" setup_user "$username" "$password" "userplus" || fail "error creating user '$username'" - setup_bucket "aws" "$BUCKET_ONE_NAME" + + run setup_bucket "aws" "$BUCKET_ONE_NAME" + assert_success create_bucket_with_user "aws" "versity-gwtest-userplus-bucket" "$username" "$password" || fail "error creating bucket with user '$username'" diff --git a/tests/util.sh b/tests/util.sh index 097e913e..7709660c 100644 --- a/tests/util.sh +++ b/tests/util.sh @@ -43,26 +43,32 @@ source ./tests/commands/upload_part.sh source ./tests/util_users.sh # recursively delete an AWS bucket -# param: bucket name +# param: client, bucket name # fail if error delete_bucket_recursive() { log 6 "delete_bucket_recursive" - assert [ $# -eq 2 ] + if [ $# -ne 2 ]; then + log 2 "'delete_bucket_recursive' requires client, bucket name" + return 1 + fi local exit_code=0 local error if [[ $1 == 's3' ]]; then error=$(aws --no-verify-ssl s3 rb s3://"$2" --force 2>&1) || exit_code="$?" elif [[ $1 == "aws" ]] || [[ $1 == 's3api' ]]; then - delete_bucket_recursive_s3api "$2" + if ! delete_bucket_recursive_s3api "$2"; then + log 2 "error deleting bucket recursively (s3api)" + return 1 + fi return 0 elif [[ $1 == "s3cmd" ]]; then error=$(s3cmd "${S3CMD_OPTS[@]}" --no-check-certificate rb s3://"$2" --recursive 2>&1) || exit_code="$?" elif [[ $1 == "mc" ]]; then - error=$(delete_bucket_recursive_mc "$2") || exit_code="$?" + error=$(delete_bucket_recursive_mc "$2" 2>&1) || exit_code="$?" else - log 2 "invalid command type '$1'" - assert [ 1 ] + log 2 "invalid client '$1'" + return 1 fi if [ $exit_code -ne 0 ]; then @@ -70,20 +76,25 @@ delete_bucket_recursive() { return 0 else log 2 "error deleting bucket recursively: $error" - assert [ 1 ] + return 1 fi fi return 0 } +# params: bucket name +# return 0 for success, 1 for error add_governance_bypass_policy() { if [[ $# -ne 1 ]]; then - log 2 "'add governance bypass policy' command requires command ID" + log 2 "'add governance bypass policy' command requires bucket name" return 1 fi test_file_folder=$PWD if [[ -z "$GITHUB_ACTIONS" ]]; then - create_test_file_folder + if ! create_test_file_folder; then + log 2 "error creating test file folder" + return 1 + fi fi cat < "$test_file_folder/policy-bypass-governance.txt" { @@ -102,10 +113,14 @@ EOF log 2 "error putting governance bypass policy" return 1 fi + return 0 } log_bucket_policy() { - assert [ $# -eq 1 ] + if [ $# -ne 1 ]; then + log 2 "'log_bucket_policy' requires bucket name" + return + fi if ! get_bucket_policy "s3api" "$1"; then log 2 "error getting bucket policy" return @@ -183,28 +198,38 @@ check_and_disable_object_lock_config() { # restore bucket to pre-test state (or prep for deletion) # param: bucket name -# fail on error +# return 0 on success, 1 on error clear_bucket_s3api() { log 6 "clear_bucket_s3api" - - assert [ $# -eq 1 ] - - if [[ $LOG_LEVEL_INT -ge 5 ]]; then - run log_bucket_policy "$1" - assert_success "error logging bucket policy" + if [ $# -ne 1 ]; then + log 2 "'clear_bucket_s3api' requires bucket name" + return 1 fi - run list_and_delete_objects "$1" - assert_success "error listing and delete objects" + if [[ $LOG_LEVEL_INT -ge 5 ]]; then + if ! log_bucket_policy "$1"; then + log 2 "error logging bucket policy" + return 1 + fi + fi - run delete_bucket_policy "s3api" "$1" - assert_success "error deleting bucket policy" + if ! list_and_delete_objects "$1"; then + log 2 "error listing and deleting objects" + return 1 + fi + + if ! delete_bucket_policy "s3api" "$1"; then + log 2 "error deleting bucket policy" + return 1 + fi #run check_ownership_rule_and_reset_acl "$1" #assert_success "error checking ownership rule and resetting acl" - run check_and_disable_object_lock_config "$1" - assert_success "error checking and disabling object lock config" + if ! check_and_disable_object_lock_config "$1"; then + log 2 "error checking and disabling object lock config" + return 1 + fi #if ! change_bucket_owner "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY" "$1" "$AWS_ACCESS_KEY_ID"; then # log 2 "error changing bucket owner back to root" @@ -281,38 +306,51 @@ log_worm_protection() { } # params: bucket name -# fail if unable to delete bucket +# return 0 if able to delete recursively, 1 if not delete_bucket_recursive_s3api() { log 6 "delete_bucket_recursive_s3api" - assert [ $# -eq 1 ] + if [ $# -ne 1 ]; then + log 2 "'delete_bucket_recursive_s3api' requires bucket name" + return 1 + fi - clear_bucket_s3api "$1" - - run delete_bucket 's3api' "$1" - assert_success "error deleting bucket" + if ! clear_bucket_s3api "$1"; then + log 2 "error clearing bucket (s3api)" + return 1 + fi + if ! delete_bucket 's3api' "$1"; then + log 2 "error deleting bucket" + return 1 + fi return 0 } # params: client, bucket name -# fail if error +# return 0 on success, 1 on error delete_bucket_contents() { log 6 "delete_bucket_contents" - assert [ $# -eq 2 ] + if [ $# -ne 2 ]; then + log 2 "'delete_bucket_contents' requires client, bucket name" + return 1 + fi local exit_code=0 local error if [[ $1 == "aws" ]] || [[ $1 == 's3api' ]]; then - clear_bucket_s3api "$2" - return 0 + if ! clear_bucket_s3api "$2"; then + log 2 "error clearing bucket (s3api)" + return 1 + fi elif [[ $1 == "s3cmd" ]]; then delete_bucket_recursive "s3cmd" "$1" - return 0 elif [[ $1 == "mc" ]]; then delete_bucket_recursive "mc" "$1" - return 0 + else + log 2 "unrecognized client: '$1'" + return 1 fi - assert [ 1 ] + return 0 } # check if bucket exists @@ -396,57 +434,73 @@ get_object_ownership_rule_and_update_acl() { } # params: client, bucket name -# fail if error +# return 0 for success, 1 for error delete_bucket_or_contents() { log 6 "delete_bucket_or_contents" - assert [ $# -eq 2 ] + if [ $# -ne 2 ]; then + log 2 "'delete_bucket_or_contents' requires client, bucket name" + return 1 + fi if [[ $RECREATE_BUCKETS == "false" ]]; then - delete_bucket_contents "$1" "$2" + if ! delete_bucket_contents "$1" "$2"; then + log 2 "error deleting bucket contents" + return 1 + fi - run delete_bucket_policy "$1" "$2" - assert_success "error deleting bucket policies" + if ! delete_bucket_policy "$1" "$2"; then + log 2 "error deleting bucket policy" + return 1 + fi - run get_object_ownership_rule_and_update_acl "$2" - assert_success "error getting object ownership rule and updating acl" - - run abort_all_multipart_uploads "$2" - assert_success "error aborting multipart uploads" + if ! get_object_ownership_rule_and_update_acl "$2"; then + log 2 "error getting object ownership rule and updating ACL" + return 1 + fi + if ! abort_all_multipart_uploads "$2"; then + log 2 "error aborting all multipart uploads" + return 1 + fi log 5 "bucket contents, policy, ACL deletion success" return 0 fi - run delete_bucket_recursive "$1" "$2" - assert_success "error with recursive bucket delete" + if ! delete_bucket_recursive "$1" "$2"; then + log 2 "error with recursive bucket delete" + return 1 + fi log 5 "bucket deletion success" return 0 } # params: client, bucket name -# fail if unable to delete bucket (RECREATE_BUCKETS=true) or contents (RECREATE_BUCKETS=false) +# return 0 for success, 1 for error delete_bucket_or_contents_if_exists() { log 6 "delete_bucket_or_contents_if_exists" - - assert [ $# -eq 2 ] + if [ $# -ne 2 ]; then + log 2 "'delete_bucket_or_contents_if_exists' requires client, bucket name" + return 1 + fi if bucket_exists "$1" "$2"; then - delete_bucket_or_contents "$1" "$2" + if ! delete_bucket_or_contents "$1" "$2"; then + log 2 "error deleting bucket and/or contents" + return 1 + fi log 5 "bucket and/or bucket data deletion success" return 0 fi - if [[ $RECREATE_BUCKETS == "false" ]]; then - log 2 "When RECREATE_BUCKETS isn't set to \"true\", buckets should be pre-created by user" - assert [ 1 ] - fi return 0 } +# params: client, bucket name(s) +# return 0 for success, 1 for failure setup_buckets() { - if [ $# -lt 1 ]; then - log 2 "'setup_buckets' command requires bucket names" + if [ $# -lt 2 ]; then + log 2 "'setup_buckets' command requires client, bucket names" return 1 fi - for name in "$@"; do - if ! setup_bucket "$name"; then + for name in "${@:2}"; do + if ! setup_bucket "$1" "$name"; then log 2 "error setting up bucket $name" return 1 fi @@ -455,36 +509,41 @@ setup_buckets() { } # params: client, bucket name -# fail if bucket is not properly set up +# return 0 on successful setup, 1 on error setup_bucket() { log 6 "setup_bucket" - - assert [ $# -eq 2 ] - - if [[ $1 == "s3cmd" ]]; then - log 5 "putting bucket ownership controls" - if bucket_exists "s3cmd" "$2"; then - run put_bucket_ownership_controls "$2" "BucketOwnerPreferred" - assert_success "error putting bucket ownership controls" - fi + if [ $# -ne 2 ]; then + log 2 "'setup_bucket' requires client, bucket name" + return 1 fi - delete_bucket_or_contents_if_exists "$1" "$2" + if ! bucket_exists "$1" "$2" && [[ $RECREATE_BUCKETS == "false" ]]; then + log 2 "When RECREATE_BUCKETS isn't set to \"true\", buckets should be pre-created by user" + return 1 + fi + + if ! delete_bucket_or_contents_if_exists "$1" "$2"; then + log 2 "error deleting bucket or contents if they exist" + return 1 + fi log 5 "util.setup_bucket: command type: $1, bucket name: $2" if [[ $RECREATE_BUCKETS == "true" ]]; then - run create_bucket "$1" "$2" - assert_success "error creating bucket" - log 5 "bucket creation success" - - if [[ $1 == "s3cmd" ]]; then - log 5 "putting bucket ownership controls" - run put_bucket_ownership_controls "$2" "BucketOwnerPreferred" - assert_success "error putting bucket ownership controls" + if ! create_bucket "$1" "$2"; then + log 2 "error creating bucket" + return 1 fi else log 5 "skipping bucket re-creation" fi + + if [[ $1 == "s3cmd" ]]; then + log 5 "putting bucket ownership controls" + if bucket_exists "s3cmd" "$2" && ! put_bucket_ownership_controls "$2" "BucketOwnerPreferred"; then + log 2 "error putting bucket ownership controls" + return 1 + fi + fi return 0 } diff --git a/tests/util_file.sh b/tests/util_file.sh index 0ba1e6bf..34fe3251 100644 --- a/tests/util_file.sh +++ b/tests/util_file.sh @@ -18,11 +18,11 @@ source ./tests/logger.sh # create a test file and export folder. do so in temp folder # params: filenames -# return 0 for success, 1 for failure +# fail if error create_test_files() { log 6 "create_test_files" if [ $# -lt 1 ]; then - log 2 "'create_test_files' requires minimum of one file name" + log 2 "'create_test_files' requires file names" return 1 fi #test_file_folder=$PWD @@ -42,43 +42,42 @@ create_test_files() { return 0 } +# params: filename, size (optional, defaults to 10) create_test_file() { - if [ $# -ne 1 ]; then - log 2 "'create_test_file' requires name" + if [[ ( $# -lt 1 ) || ( $# -gt 2 ) ]]; then + log 2 "'create_test_file' requires filename, size (optional)" return 1 fi - if [[ -e "$TEST_FILE_FOLDER/$name" ]]; then - if ! error=$(rm "$TEST_FILE_FOLDER/$name" 2>&1); then - log 2 "error removing old test file: $error" + if [[ -e "$TEST_FILE_FOLDER/$1" ]]; then + if ! error=$(rm "$TEST_FILE_FOLDER/$1" 2>&1); then + log 2 "error removing existing file: $error" return 1 fi fi - if ! error=$(touch "$TEST_FILE_FOLDER/$name"); then - log 2 "error creating new test file: $error" - return 1 - fi - return 0 -} - -create_test_file_with_size() { - if [ $# -ne 2 ]; then - log 2 "'create test file with size' function requires name, size" - return 1 - fi - if ! create_test_file_folder "$1"; then - log 2 "error creating test file" - return 1 - fi - if ! error=$(dd if=/dev/urandom of="$TEST_FILE_FOLDER"/"$1" bs=1 count="$2" 2>&1); then - log 2 "error writing file data: $error" + if ! error=$(touch "$TEST_FILE_FOLDER/$1"); then + log 2 "error creating new file: $error" + return 1 + fi + if [ -z "$2" ]; then + file_size=10 + else + file_size="$2" + fi + if [ "$file_size" -eq 0 ]; then + return 0 + fi + if ! error=$(dd if=/dev/urandom of="$TEST_FILE_FOLDER/$1" bs=1 count="$file_size" 2>&1); then + log 2 "error adding data to file: $error" return 1 fi return 0 } +# params: folder name +# fail if error create_test_folder() { if [ $# -lt 1 ]; then - log 2 "'create_test_folder' command requires at least one folder" + log 2 "'create_test_folder' requires folder names" return 1 fi #test_file_folder=$PWD @@ -89,8 +88,8 @@ create_test_folder() { fi fi for name in "$@"; do - if ! error=$(run mkdir -p "$TEST_FILE_FOLDER"/"$name" 2>&1); then - log 2 "error creating test folder $name: $error" + if ! error=$(mkdir -p "$TEST_FILE_FOLDER"/"$name" 2>&1); then + log 2 "error creating folder $name: $error" return 1 fi done @@ -161,13 +160,13 @@ compare_files() { return 1 } -# return 0 on success, 1 on failure +# return 0 on success, 1 on error create_test_file_folder() { log 6 "create_test_file_folder" if ! error=$(mkdir -p "$TEST_FILE_FOLDER" 2>&1); then # shellcheck disable=SC2035 if [[ "$error" != *"File exists"* ]]; then - log 2 "error creating test file folder: $error" + log 2 "error making test file folder: $error" return 1 fi fi @@ -177,44 +176,47 @@ create_test_file_folder() { # generate 160MB file # input: filename -# return 0 on success, 1 on failure +# fail on error create_large_file() { log 6 "create_large_file" if [ $# -ne 1 ]; then - log 2 "'create_large_file' requires filename" + log 2 "'create_large_file' requires file name" return 1 fi #test_file_folder=$PWD/versity-gwtest-files if [[ -z "$GITHUB_ACTIONS" ]]; then if ! create_test_file_folder; then - log 2 "error creating test file" + log 2 "error creating test file folder" return 1 fi fi filesize=$((160*1024*1024)) if ! error=$(dd if=/dev/urandom of="$TEST_FILE_FOLDER"/"$1" bs=1024 count=$((filesize/1024)) 2>&1); then - log 2 "error creating large file: $error" + log 2 "error adding data to large file: $error" return 1 fi return 0 } +# param: number of files +# fail on error create_test_file_count() { - if [[ $# -ne 1 ]]; then - echo "create test file count function missing bucket name, count" + if [ $# -ne 1 ]; then + log 2 "'create_test_file_count' requires number of files" return 1 fi #test_file_folder=$PWD if [[ -z "$GITHUB_ACTIONS" ]]; then - create_test_file_folder + if ! create_test_file_folder; then + log 2 "error creating test file folder" + return 1 + fi fi - local touch_result for ((i=1;i<=$1;i++)) { - error=$(touch "$TEST_FILE_FOLDER/file_$i") || touch_result=$? - if [[ $touch_result -ne 0 ]]; then - echo "error creating file_$i: $error" + if ! error=$(touch "$TEST_FILE_FOLDER/file_$i" 2>&1); then + log 2 "error creating file_$i: $error" return 1 fi } @@ -227,6 +229,7 @@ create_test_file_count() { } download_and_compare_file() { + log 6 "download_and_compare_file" if [[ $# -ne 5 ]]; then log 2 "'download and compare file' requires command type, original file, bucket, key, local file" return 1 @@ -236,6 +239,7 @@ download_and_compare_file() { } download_and_compare_file_with_user() { + log 6 "download_and_compare_file_with_user" if [[ $# -ne 7 ]]; then log 2 "'download and compare file with user' command requires command type, original file, bucket, key, local file, user, password" return 1 @@ -245,9 +249,42 @@ download_and_compare_file_with_user() { return 1 fi log 5 "files: $2, $5" - if ! compare_files "$2" "$5"; then + #if [ "$1" == 'mc' ]; then + # file_to_compare="$5/$(basename "$2")" + #else + file_to_compare="$5" + #fi + if ! compare_files "$2" "$file_to_compare"; then log 2 "files don't match" return 1 fi return 0 } + +# params: src, dst +# fail if error +copy_file_locally() { + if [ $# -ne 2 ]; then + log 2 "'copy_file_locally' requires src, dst" + return 1 + fi + if ! error=$(cp "$1" "$2" 2>&1); then + log 2 "error copying file: $error" + return 1 + fi + return 0 +} + +# params: src, dst +# fail if error +move_file_locally() { + if [ $# -ne 2 ]; then + log 2 "'move_file_locally' requires src, dst" + return 1 + fi + if ! error=$(mv "$1" "$2" 2>&1); then + log 2 "error moving file: $error" + return 1 + fi + return 0 +}