s3iam_conf_test.go 3.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. package filer
  2. import (
  3. "bytes"
  4. "testing"
  5. . "github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
  6. "github.com/seaweedfs/seaweedfs/weed/pb/iam_pb"
  7. "github.com/stretchr/testify/assert"
  8. )
  9. func TestS3Conf(t *testing.T) {
  10. s3Conf := &iam_pb.S3ApiConfiguration{
  11. Identities: []*iam_pb.Identity{
  12. {
  13. Name: "some_name",
  14. Credentials: []*iam_pb.Credential{
  15. {
  16. AccessKey: "some_access_key1",
  17. SecretKey: "some_secret_key1",
  18. },
  19. },
  20. Actions: []string{
  21. ACTION_ADMIN,
  22. ACTION_READ,
  23. ACTION_WRITE,
  24. },
  25. },
  26. {
  27. Name: "some_read_only_user",
  28. Credentials: []*iam_pb.Credential{
  29. {
  30. AccessKey: "some_access_key2",
  31. SecretKey: "some_secret_key2",
  32. },
  33. },
  34. Actions: []string{
  35. ACTION_READ,
  36. ACTION_TAGGING,
  37. ACTION_LIST,
  38. },
  39. },
  40. },
  41. }
  42. var buf bytes.Buffer
  43. err := ProtoToText(&buf, s3Conf)
  44. assert.Equal(t, err, nil)
  45. s3ConfSaved := &iam_pb.S3ApiConfiguration{}
  46. err = ParseS3ConfigurationFromBytes(buf.Bytes(), s3ConfSaved)
  47. assert.Equal(t, err, nil)
  48. assert.Equal(t, "some_name", s3ConfSaved.Identities[0].Name)
  49. assert.Equal(t, "some_read_only_user", s3ConfSaved.Identities[1].Name)
  50. assert.Equal(t, "some_access_key1", s3ConfSaved.Identities[0].Credentials[0].AccessKey)
  51. assert.Equal(t, "some_secret_key2", s3ConfSaved.Identities[1].Credentials[0].SecretKey)
  52. }
  53. func TestCheckDuplicateAccessKey(t *testing.T) {
  54. var tests = []struct {
  55. s3cfg *iam_pb.S3ApiConfiguration
  56. err string
  57. }{
  58. {
  59. &iam_pb.S3ApiConfiguration{
  60. Identities: []*iam_pb.Identity{
  61. {
  62. Name: "some_name",
  63. Credentials: []*iam_pb.Credential{
  64. {
  65. AccessKey: "some_access_key1",
  66. SecretKey: "some_secret_key1",
  67. },
  68. },
  69. Actions: []string{
  70. ACTION_ADMIN,
  71. ACTION_READ,
  72. ACTION_WRITE,
  73. },
  74. },
  75. {
  76. Name: "some_read_only_user",
  77. Credentials: []*iam_pb.Credential{
  78. {
  79. AccessKey: "some_access_key2",
  80. SecretKey: "some_secret_key2",
  81. },
  82. },
  83. Actions: []string{
  84. ACTION_READ,
  85. ACTION_TAGGING,
  86. ACTION_LIST,
  87. },
  88. },
  89. },
  90. },
  91. "",
  92. },
  93. {
  94. &iam_pb.S3ApiConfiguration{
  95. Identities: []*iam_pb.Identity{
  96. {
  97. Name: "some_name",
  98. Credentials: []*iam_pb.Credential{
  99. {
  100. AccessKey: "some_access_key1",
  101. SecretKey: "some_secret_key1",
  102. },
  103. },
  104. Actions: []string{
  105. ACTION_ADMIN,
  106. ACTION_READ,
  107. ACTION_WRITE,
  108. },
  109. },
  110. {
  111. Name: "some_name",
  112. Credentials: []*iam_pb.Credential{
  113. {
  114. AccessKey: "some_access_key1",
  115. SecretKey: "some_secret_key1",
  116. },
  117. },
  118. Actions: []string{
  119. ACTION_READ,
  120. ACTION_TAGGING,
  121. ACTION_LIST,
  122. },
  123. },
  124. },
  125. },
  126. "",
  127. },
  128. {
  129. &iam_pb.S3ApiConfiguration{
  130. Identities: []*iam_pb.Identity{
  131. {
  132. Name: "some_name",
  133. Credentials: []*iam_pb.Credential{
  134. {
  135. AccessKey: "some_access_key1",
  136. SecretKey: "some_secret_key1",
  137. },
  138. },
  139. Actions: []string{
  140. ACTION_ADMIN,
  141. ACTION_READ,
  142. ACTION_WRITE,
  143. },
  144. },
  145. {
  146. Name: "some_read_only_user",
  147. Credentials: []*iam_pb.Credential{
  148. {
  149. AccessKey: "some_access_key1",
  150. SecretKey: "some_secret_key1",
  151. },
  152. },
  153. Actions: []string{
  154. ACTION_READ,
  155. ACTION_TAGGING,
  156. ACTION_LIST,
  157. },
  158. },
  159. },
  160. },
  161. "duplicate accessKey[some_access_key1], already configured in user[some_name]",
  162. },
  163. }
  164. for i, test := range tests {
  165. err := CheckDuplicateAccessKey(test.s3cfg)
  166. var errString string
  167. if err == nil {
  168. errString = ""
  169. } else {
  170. errString = err.Error()
  171. }
  172. if errString != test.err {
  173. t.Errorf("[%d]: got: %s expected: %s", i, errString, test.err)
  174. }
  175. }
  176. }