Merge pull request #1208 from versity/test/pre_configured_users

Test/pre configured users
2026-01-04 19:13:57 +00:00 · 2025-04-14 15:02:17 -07:00
parent fe2b66b26d f630392718
commit adadba8fa8
13 changed files with 194 additions and 67 deletions
--- a/.github/workflows/system.yml
+++ b/.github/workflows/system.yml
@@ -173,6 +173,8 @@ jobs:
          COMMAND_LOG: command.log
          TIME_LOG: time.log
          PYTHON_ENV_FOLDER: ${{ github.workspace }}/env
+          AUTOCREATE_USERS: true
+          USER_AUTOCREATION_PREFIX: github-actions-test-
        run: |
          make testbin
          export AWS_ACCESS_KEY_ID=ABCDEFGHIJKLMNOPQRST
--- a/tests/README.md
+++ b/tests/README.md
@@ -110,6 +110,11 @@ A single instance can be run with `docker-compose -f docker-compose-bats.yml up

 **ACL_AWS_ACCESS_KEY_ID**, **ACL_AWS_ACCESS_SECRET_KEY**:  for direct mode, the ID and key for the S3 user in the **ACL_AWS_CANONICAL_ID** account.

+**USER_ID_{role}_{id}**, **USERNAME_{role}_{id}**, **PASSWORD_{role}_{id}**:  for setup_user_v2 non-autocreated users, the format for the user.
+* example:  USER_ID_USER_1={name}:  user ID corresponding to the first user with **user** permissions in the test.
+
+#### 
+
 ### Non-Secret

 **VERSITY_EXE**:  location of the versity executable relative to test folder.
@@ -150,7 +155,7 @@ A single instance can be run with `docker-compose -f docker-compose-bats.yml up

 **COVERAGE_DB**:  database to store client command coverage info and usage counts, if using.

-**USERNAME_ONE**, **PASSWORD_ONE**, **USERNAME_TWO**, **PASSWORD_TWO**:  credentials for users created and tested for non-root user **versitygw** operations.
+**USERNAME_ONE**, **PASSWORD_ONE**, **USERNAME_TWO**, **PASSWORD_TWO**:  credentials for users created and tested for non-root user **versitygw** operations (non-setup_user_v2).

 **TEST_FILE_FOLDER**:  where to put temporary test files.

@@ -166,6 +171,10 @@ A single instance can be run with `docker-compose -f docker-compose-bats.yml up

 **DELETE_BUCKETS_AFTER_TEST**:  whether or not to delete buckets after individual tests, useful for debugging if the post-test bucket state needs to be checked

+**AUTOCREATE_USERS**:  setup_user_v2, whether or not to autocreate users for tests.  If set to **false**, users must be pre-created (see `Secret` section above).
+
+**USER_AUTOCREATION_PREFIX**:  setup_user_v2, if **AUTOCREATE_USERS** is set to **true**, the prefix for the autocreated username. 
+
 ## REST Scripts

 REST scripts are included for calls to S3's REST API in the `./tests/rest_scripts/` folder.  To call a script, the following parameters are needed:
--- a/tests/commands/list_parts.sh
+++ b/tests/commands/list_parts.sh
@@ -19,11 +19,11 @@ list_parts() {
    log 2 "'list-parts' command requires bucket, key, upload ID"
    return 1
  fi
-  record_command "list-parts" "client:s3api"
-  if ! listed_parts=$(send_command aws --no-verify-ssl s3api list-parts --bucket "$1" --key "$2" --upload-id "$3" 2>&1); then
-    log 2 "Error listing multipart upload parts: $listed_parts"
+  if ! list_parts_with_user "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY" "$1" "$2" "$3"; then
+    log 2 "error listing parts with user"
    return 1
  fi
+  return 0
 }

 list_parts_with_user() {
@@ -36,4 +36,7 @@ list_parts_with_user() {
    log 2 "Error listing multipart upload parts: $listed_parts"
    return 1
  fi
+  listed_parts="$(echo -n "$listed_parts" | grep -v "InsecureRequestWarning")"
+  log 5 "listed parts: $listed_parts"
+  return 0
 }
--- a/tests/commands/upload_part.sh
+++ b/tests/commands/upload_part.sh
@@ -19,9 +19,21 @@ upload_part() {
    log 2 "upload multipart part function must have bucket, key, upload ID, file name, part number"
    return 1
  fi
+  if ! upload_part_with_user "$1" "$2" "$3" "$4" "$5" "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY"; then
+    log 2 "error uploading part with user"
+    return 1
+  fi
+  return 0
+}
+
+upload_part_with_user() {
+  if [ $# -ne 7 ]; then
+    log 2 "upload multipart part function must have bucket, key, upload ID, file name, part number, username, password"
+    return 1
+  fi
  local etag_json
  record_command "upload-part" "client:s3api"
-  if ! etag_json=$(send_command aws --no-verify-ssl s3api upload-part --bucket "$1" --key "$2" --upload-id "$3" --part-number "$5" --body "$4-$(($5-1))" 2>&1); then
+  if ! etag_json=$(AWS_ACCESS_KEY_ID="$6" AWS_SECRET_ACCESS_KEY="$7" send_command aws --no-verify-ssl s3api upload-part --bucket "$1" --key "$2" --upload-id "$3" --part-number "$5" --body "$4-$(($5-1))" 2>&1); then
    log 2 "Error uploading part $5: $etag_json"
    return 1
  fi
--- a/tests/setup.sh
+++ b/tests/setup.sh
@@ -83,6 +83,9 @@ teardown() {
  if user_exists "$USERNAME_TWO" && ! delete_user "$USERNAME_TWO"; then
    log 3 "error deleting user $USERNAME_TWO"
  fi
+  if [ "$AUTOCREATE_USERS" == "true" ] && ! delete_autocreated_users; then
+    log 3 "error deleting autocreated users"
+  fi
  if [ "$REMOVE_TEST_FILE_FOLDER" == "true" ]; then
    log 6 "removing test file folder"
    if ! error=$(rm -rf "${TEST_FILE_FOLDER:?}" 2>&1); then
--- a/tests/test_rest.sh
+++ b/tests/test_rest.sh
@@ -230,8 +230,8 @@ test_file="test_file"

  run setup_user_versitygw_or_direct "$USERNAME_ONE" "$PASSWORD_ONE" "user" "$BUCKET_ONE_NAME"
  assert_success
-  log 5 "username: ${lines[0]}"
-  log 5 "password: ${lines[1]}"
+  log 5 "username: ${lines[1]}"
+  log 5 "password: ${lines[2]}"

  sleep 5

--- a/tests/test_s3api_policy_multipart.sh
+++ b/tests/test_s3api_policy_multipart.sh
@@ -24,15 +24,16 @@ test_s3api_policy_abort_multipart_upload() {
  run setup_bucket_and_large_file "$BUCKET_ONE_NAME" "$test_file"
  assert_success

-  run setup_user_versitygw_or_direct "$USERNAME_ONE" "$PASSWORD_ONE" "user" "$BUCKET_ONE_NAME"
+  run setup_user_v2 "user" 1 "$BUCKET_ONE_NAME"
  assert_success
  # shellcheck disable=SC2154
-  username=${lines[0]}
-  password=${lines[1]}
+  user_id=${lines[0]}
+  username=${lines[1]}
+  password=${lines[2]}

  run setup_policy_with_double_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" \
-    "Allow" "$USERNAME_ONE" "s3:PutObject" "arn:aws:s3:::$BUCKET_ONE_NAME/*" \
-    "Deny" "$USERNAME_ONE" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
+    "Allow" "$user_id" "s3:PutObject" "arn:aws:s3:::$BUCKET_ONE_NAME/*" \
+    "Deny" "$user_id" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
  assert_success
  # shellcheck disable=SC2154

@@ -47,7 +48,7 @@ test_s3api_policy_abort_multipart_upload() {
  run check_abort_access_denied "$BUCKET_ONE_NAME" "$test_file" "$upload_id" "$username" "$password"
  assert_success

-  run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
+  run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$user_id" "s3:AbortMultipartUpload" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
  assert_success

  run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file"
@@ -67,17 +68,18 @@ test_s3api_policy_list_multipart_uploads() {
  run setup_bucket_and_large_file "$BUCKET_ONE_NAME" "$test_file"
  assert_success

+  run setup_user_v2 "user" 1 "$BUCKET_ONE_NAME"
+  assert_success
+  user_id=${lines[0]}
+  username=${lines[1]}
+  password=${lines[2]}
+
  effect="Allow"
-  principal="$USERNAME_ONE"
+  principal="$user_id"
  action="s3:ListBucketMultipartUploads"
  resource="arn:aws:s3:::$BUCKET_ONE_NAME"

-  run setup_user_versitygw_or_direct "$USERNAME_ONE" "$PASSWORD_ONE" "user" "$BUCKET_ONE_NAME"
-  assert_success
-  username=${lines[0]}
-  password=${lines[1]}
-
-  run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "dummy" "$effect" "$principal" "$action" "$resource"
+  run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "$effect" "$principal" "$action" "$resource"
  assert_success

  run create_multipart_upload "$BUCKET_ONE_NAME" "$test_file"
@@ -85,7 +87,7 @@ test_s3api_policy_list_multipart_uploads() {

  run list_multipart_uploads_with_user "$BUCKET_ONE_NAME" "$username" "$password"
  assert_failure
-  assert_output -p "Access Denied"
+  assert_output -p "AccessDenied"

  run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file"
  assert_success
@@ -95,6 +97,9 @@ test_s3api_policy_list_multipart_uploads() {
 }

 test_s3api_policy_list_upload_parts() {
+  if [ "$DIRECT" != "true" ]; then
+    skip "https://github.com/versity/versitygw/issues/1202"
+  fi
  policy_file="policy_file"
  test_file="test_file"

@@ -102,17 +107,20 @@ test_s3api_policy_list_upload_parts() {
  assert_success "error creating test files"

  run setup_bucket_and_large_file "$BUCKET_ONE_NAME" "$test_file"
-  assert_success "error setting up bucket"
+  assert_success "error setting up bucket and/or large file"

-  run setup_user "$USERNAME_ONE" "$PASSWORD_ONE" "user"
-  assert_success "error creating user '$USERNAME_ONE'"
+  run setup_user_v2 "user" 1 "$BUCKET_ONE_NAME"
+  assert_success
+  user_id=${lines[0]}
+  username=${lines[1]}
+  password=${lines[2]}

-  run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:PutObject" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
+  run setup_policy_with_single_statement "$TEST_FILE_FOLDER/$policy_file" "2012-10-17" "Allow" "$user_id" "s3:PutObject" "arn:aws:s3:::$BUCKET_ONE_NAME/*"
  assert_success "error setting up policy"

  run put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$policy_file"
  assert_success "error putting policy"

-  run create_upload_and_test_parts_listing "$test_file" "$policy_file"
+  run create_upload_and_test_parts_listing "$test_file" "$TEST_FILE_FOLDER/$policy_file" "$user_id" "$username" "$password"
  assert_success "error creating upload and testing parts listing"
 }
--- a/tests/test_s3api_policy_object.sh
+++ b/tests/test_s3api_policy_object.sh
@@ -301,8 +301,8 @@ test_s3api_policy_put_wildcard() {
  run setup_user_versitygw_or_direct "$USERNAME_ONE" "$PASSWORD_ONE" "user" "$BUCKET_ONE_NAME"
  assert_success
  # shellcheck disable=SC2154
-  username=${lines[0]}
-  password=${lines[1]}
+  username=${lines[1]}
+  password=${lines[2]}

  run setup_bucket_and_file "$BUCKET_ONE_NAME" "$test_folder/$test_file"
  assert_success
--- a/tests/test_user_aws.sh
+++ b/tests/test_user_aws.sh
@@ -52,8 +52,8 @@ export RUN_USERS=true

  run setup_user_versitygw_or_direct "$USERNAME_ONE" "$PASSWORD_ONE" "user" "$BUCKET_ONE_NAME"
  assert_success
-  username=${lines[0]}
-  password=${lines[1]}
+  username=${lines[1]}
+  password=${lines[2]}

  run setup_bucket_and_file "$BUCKET_ONE_NAME" "$test_file"
  assert_success
@@ -76,8 +76,8 @@ export RUN_USERS=true

  run setup_user_versitygw_or_direct "$USERNAME_ONE" "$PASSWORD_ONE" "userplus" "$BUCKET_ONE_NAME"
  assert_success
-  username=${lines[0]}
-  password=${lines[1]}
+  username=${lines[1]}
+  password=${lines[2]}

  run setup_bucket_and_file "$BUCKET_ONE_NAME" "$test_file"
  assert_success
@@ -100,8 +100,8 @@ export RUN_USERS=true

  run setup_user_versitygw_or_direct "$USERNAME_ONE" "$PASSWORD_ONE" "user" "$BUCKET_ONE_NAME"
  assert_success
-  username=${lines[0]}
-  password=${lines[1]}
+  username=${lines[1]}
+  password=${lines[2]}

  run setup_bucket_and_file "$BUCKET_ONE_NAME" "$test_file"
  assert_success
@@ -124,8 +124,8 @@ export RUN_USERS=true

  run setup_user_versitygw_or_direct "$USERNAME_ONE" "$PASSWORD_ONE" "admin" "$BUCKET_ONE_NAME"
  assert_success
-  username=${lines[0]}
-  password=${lines[1]}
+  username=${lines[1]}
+  password=${lines[2]}

  run setup_bucket_and_file "$BUCKET_ONE_NAME" "$test_file"
  assert_success
@@ -152,8 +152,8 @@ export RUN_USERS=true

  run setup_user_versitygw_or_direct "$USERNAME_TWO" "$PASSWORD_TWO" "user" "$BUCKET_ONE_NAME"
  assert_success
-  username=${lines[0]}
-  password=${lines[1]}
+  username=${lines[1]}
+  password=${lines[2]}

  run setup_bucket_and_large_file "$BUCKET_ONE_NAME" "$test_file"
  assert_success
--- a/tests/test_user_common.sh
+++ b/tests/test_user_common.sh
@@ -74,10 +74,14 @@ test_user_user() {
    skip
  fi

-  username="$USERNAME_ONE"
-  password="$PASSWORD_ONE"
+  run setup_user_v2 "user" "1" "$BUCKET_ONE_NAME"
+  assert_success
+  # shellcheck disable=SC2154
+  username="${lines[1]}"
+  password="${lines[2]}"
+  log 5 "username: $username, password: $password"

-  run setup_bucket_and_user "$BUCKET_ONE_NAME" "$username" "$password" "user"
+  run setup_bucket "s3api" "$BUCKET_ONE_NAME"
  assert_success

  if [ "$RECREATE_BUCKETS" == "true" ]; then
@@ -93,15 +97,12 @@ test_user_user() {
  run change_bucket_owner "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY" "$BUCKET_TWO_NAME" "$username"
  assert_success

-  run change_bucket_owner "$username" "$password" "$BUCKET_TWO_NAME" "admin"
+  run change_bucket_owner "$username" "$password" "$BUCKET_TWO_NAME" "$AWS_ACCESS_KEY_ID"
  assert_failure
  assert_output -p "AccessDenied"

  run list_and_check_buckets_omit_without_permission "$username" "$password" "$BUCKET_ONE_NAME" "$BUCKET_TWO_NAME"
  assert_success
-
-  run delete_bucket "s3api" "versity-gwtest-user-bucket"
-  assert_success "failed to delete bucket"
 }

 test_userplus_operation() {
--- a/tests/util/util_acl.sh
+++ b/tests/util/util_acl.sh
@@ -321,7 +321,7 @@ create_versitygw_acl_user_or_get_direct_user() {
  fi
  if [ "$DIRECT" == "true" ]; then
    if [ -z "$AWS_CANONICAL_ID" ] || [ -z "$ACL_AWS_CANONICAL_ID" ] || [ -z "$ACL_AWS_ACCESS_KEY_ID" ] || [ -z "$ACL_AWS_SECRET_ACCESS_KEY" ]; then
-      log 2 "direct ACL calls require the following env vars: ACL_CANONICAL_ID, ACL_AWS_ACCESS_KEY_ID, ACL_AWS_SECRET_ACCESS_KEY"
+      log 2 "direct ACL calls require the following env vars: AWS_CANONICAL_ID, ACL_AWS_CANONICAL_ID, ACL_AWS_ACCESS_KEY_ID, ACL_AWS_SECRET_ACCESS_KEY"
      return 1
    fi
    echo "$AWS_CANONICAL_ID"
--- a/tests/util/util_multipart_before_completion.sh
+++ b/tests/util/util_multipart_before_completion.sh
@@ -15,33 +15,34 @@
 # under the License.

 create_upload_and_test_parts_listing() {
-  if [ $# -ne 2 ]; then
-    log 2 "'create_upload_and_test_parts_listing' requires test file, policy_file"
+  if [ $# -ne 5 ]; then
+    log 2 "'create_upload_and_test_parts_listing' requires test file, policy_file, user id, username, password"
    return 1
  fi
-  if ! create_multipart_upload_with_user "$BUCKET_ONE_NAME" "$1" "$USERNAME_ONE" "$PASSWORD_ONE"; then
+  if ! multipart_upload_before_completion_with_user "$BUCKET_ONE_NAME" "$1" "$TEST_FILE_FOLDER/$1" 4 "$4" "$5"; then
    log 2 "error creating multipart upload with user"
    return 1
  fi

  # shellcheck disable=SC2154
-  if list_parts_with_user "$USERNAME_ONE" "$PASSWORD_ONE" "$BUCKET_ONE_NAME" "$1" "$upload_id"; then
-    log 2 "list parts with user succeeded despite lack of policy permissions"
+  if ! list_parts_with_user "$4" "$5" "$BUCKET_ONE_NAME" "$1" "$upload_id"; then
+    log 2 "list parts with user failed despite initiator request"
    return 1
  fi
-
-  if ! setup_policy_with_single_statement "$TEST_FILE_FOLDER/$2" "2012-10-17" "Allow" "$USERNAME_ONE" "s3:ListMultipartUploadParts" "arn:aws:s3:::$BUCKET_ONE_NAME/*"; then
-    log 2 "error setting up policy"
+  if ! initiator=$(echo -n "$listed_parts" | jq -r '.Initiator.DisplayName' 2>&1); then
+    log 2 "error getting initiator: $initiator"
    return 1
  fi
-
-  if ! put_bucket_policy "s3api" "$BUCKET_ONE_NAME" "$TEST_FILE_FOLDER/$2"; then
-    log 2 "error putting policy"
+  if [ "$initiator" != "$3" ]; then
+    log 2 "expected initator of '$3', was '$initiator'"
    return 1
  fi
-
-  if ! list_parts_with_user "$USERNAME_ONE" "$PASSWORD_ONE" "$BUCKET_ONE_NAME" "$1" "$upload_id"; then
-    log 2 "error listing parts after policy add"
+  if ! part_count=$(echo -n "$listed_parts" | jq -r '.Parts | length' 2>&1); then
+    log 2 "error getting part count: $part_count"
+    return 1
+  fi
+  if [ "$part_count" != "4" ]; then
+    log 2 "expected returned part count of '4', was '$part_count'"
    return 1
  fi
  return 0
@@ -216,12 +217,24 @@ create_and_list_multipart_uploads() {
  return 0
 }

+multipart_upload_before_completion() {
+  if [ $# -ne 4 ]; then
+    log 2 "multipart upload pre-completion requires bucket, key, file, part count"
+    return 1
+  fi
+  if ! multipart_upload_before_completion_with_user "$1" "$2" "$3" "$4" "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY"; then
+    log 2 "error uploading multipart before completion"
+    return 1
+  fi
+  return 0
+}
+
 # perform all parts of a multipart upload before completion command
 # params:  bucket, key, file to split and upload, number of file parts to upload
 # return:  0 for success, 1 for failure
-multipart_upload_before_completion() {
-  if [ $# -ne 4 ]; then
-    log 2 "multipart upload pre-completion command missing bucket, key, file, and/or part count"
+multipart_upload_before_completion_with_user() {
+  if [ $# -ne 6 ]; then
+    log 2 "multipart upload pre-completion command missing bucket, key, file, part count, username, password"
    return 1
  fi

@@ -230,7 +243,7 @@ multipart_upload_before_completion() {
    return 1
  fi

-  if ! create_multipart_upload "$1" "$2"; then
+  if ! create_multipart_upload_with_user "$1" "$2" "$5" "$6"; then
    log 2 "error creating multpart upload"
    return 1
  fi
@@ -238,7 +251,7 @@ multipart_upload_before_completion() {
  parts="["
  for ((i = 1; i <= $4; i++)); do
    # shellcheck disable=SC2154
-    if ! upload_part "$1" "$2" "$upload_id" "$3" "$i"; then
+    if ! upload_part_with_user "$1" "$2" "$upload_id" "$3" "$i" "$5" "$6"; then
      log 2 "error uploading part $i"
      return 1
    fi
--- a/tests/util/util_users.sh
+++ b/tests/util/util_users.sh
@@ -47,7 +47,7 @@ setup_user_direct() {
    fi
  fi
  if ! create_user_direct "$1" "$2" "$3"; then
-    log 2 "error creating user"
+    log 2 "error creating direct user"
    return 1
  fi
  return 0
@@ -65,12 +65,14 @@ setup_user_versitygw_or_direct() {
      return 1
    fi
    echo "$1"
+    echo "$1"
    echo "$2"
  else
    if ! setup_user_direct "$1" "$3" "$4"; then
      log 2 "error setting up direct user"
      return 1
    fi
+    echo "$1"
    echo "$key_id"
    echo "$secret_key"
  fi
@@ -84,7 +86,7 @@ create_user_versitygw() {
    return 1
  fi
  if ! create_user_with_user "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY" "$1" "$2" "$3"; then
-    log 2 "error creating user"
+    log 2 "error creating versitygw user"
    return 1
  fi
  return 0
@@ -473,4 +475,78 @@ verify_user_cant_get_object() {
    return 1
  fi
  return 0
+}
+
+get_username_and_password() {
+  if [ $# -ne 3 ]; then
+    log 2 "'get_username_and_password' requires role, number, bucket name"
+    return 1
+  fi
+  if [ "$AUTOCREATE_USERS" == "true" ]; then
+    # NOTE:  for direct users, username and password will be replaced by key ID, secret key
+    user_id="${USER_AUTOCREATION_PREFIX}$2"
+    username="$user_id"
+    password="abc123-${1}-${2}"
+  else
+    uppercase_role=$(echo "$1" | tr '[:lower:]' '[:upper:]')
+    user_id_var="USER_ID_${uppercase_role}_${2}"
+    user_id=${!user_id_var}
+    if [ "$user_id" == "" ]; then
+      log 2 "test requires env param $user_id_var"
+      return 1
+    fi
+    username_var="USERNAME_${uppercase_role}_${2}"
+    username=${!username_var}
+    if [ "$username" == "" ]; then
+      log 2 "test requires env param $username_var"
+      return 1
+    fi
+    password_var="PASSWORD_${uppercase_role}_${2}"
+    password=${!password_var}
+    if [ "$password" == "" ]; then
+      log 2 "test requires env param $password_var"
+      return 1
+    fi
+  fi
+  return 0
+}
+
+delete_autocreated_users() {
+  if [ "$USER_AUTOCREATION_PREFIX" == "" ]; then
+    log 5 "USER_AUTOCREATION_PREFIX must be defined to delete autocreated users"
+    return 0
+  fi
+  list_users
+  for user in "${parsed_users[@]}"; do
+    if [[ "$user" == "$USER_AUTOCREATION_PREFIX"* ]]; then
+      log 5 "matched user: $user"
+      if ! delete_user "$user"; then
+        log 2 "error deleting autocreated user"
+        return 1
+      fi
+      log 5 "user deletion success"
+    fi
+  done
+}
+
+setup_user_v2() {
+  if [ $# -ne 3 ]; then
+    log 2 "'setup_user_v2' requires role, number, bucket name"
+    return 1
+  fi
+  if ! get_username_and_password "$1" "$2" "$3"; then
+    log 2 "error getting username and password"
+    return 1
+  fi
+  if [ "$AUTOCREATE_USERS" == "true" ]; then
+    if ! setup_user_versitygw_or_direct "$username" "$password" "$1" "$3"; then
+      log 2 "error setting up user"
+      return 1
+    fi
+  else
+    echo "$user_id"
+    echo "$username"
+    echo "$password"
+  fi
+  return 0
 }