Skip to content

Commit

Permalink
* fixed ACL tests with IAM user to use bucket owner instead of constr…
Browse files Browse the repository at this point in the history 
…ucting a CanonicalUser based on the access key

* enhanced bucket cleanup for unit tests to detect if object lock is enabled on the bucket and 1) disable legal hold on all versions to delete, 2) set bypass-governance on all delete calls
* ignored testSingleMultipartUploadWithRetention() and testCopyObjectWithLegalHoldON() in encryption client tests, because those operations are not supported in the encryption client
  • Loading branch information
Stu Arnett committed Apr 25, 2022
1 parent 96781eb commit 6d3e22f
Show file tree
Hide file tree
Showing 4 changed files with 30 additions and 12 deletions.
17 changes: 13 additions & 4 deletions src/test/java/com/emc/object/s3/AbstractS3ClientTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,12 +29,12 @@
import com.emc.object.AbstractClientTest;
import com.emc.object.ObjectConfig;
import com.emc.object.Protocol;
import com.emc.object.s3.bean.AbstractVersion;
import com.emc.object.s3.bean.EncodingType;
import com.emc.object.s3.bean.S3Object;
import com.emc.object.s3.bean.*;
import com.emc.object.s3.jersey.S3JerseyClient;
import com.emc.object.s3.request.DeleteObjectRequest;
import com.emc.object.s3.request.ListObjectsRequest;
import com.emc.object.s3.request.ListVersionsRequest;
import com.emc.object.s3.request.SetObjectLegalHoldRequest;
import com.emc.object.util.TestProperties;
import com.emc.rest.smart.LoadBalancer;
import com.emc.rest.smart.ecs.Vdc;
Expand All @@ -55,6 +55,7 @@ public abstract class AbstractS3ClientTest extends AbstractClientTest {
* may be null
*/
protected String ecsVersion;
protected CanonicalUser bucketOwner;

protected abstract S3Client createS3Client() throws Exception;

Expand Down Expand Up @@ -83,14 +84,22 @@ public void shutdownClient() {
@Override
protected void createBucket(String bucketName) throws Exception {
client.createBucket(bucketName);
this.bucketOwner = client.getBucketAcl(bucketName).getOwner();
}

@Override
protected void cleanUpBucket(String bucketName) {
if (client != null && client.bucketExists(bucketName)) {
boolean objectLockEnabled = client.getObjectLockConfiguration(bucketName) != null;
if (client.getBucketVersioning(bucketName).getStatus() != null) {
for (AbstractVersion version : client.listVersions(new ListVersionsRequest(bucketName).withEncodingType(EncodingType.url)).getVersions()) {
client.deleteVersion(bucketName, version.getKey(), version.getVersionId());
DeleteObjectRequest deleteRequest = new DeleteObjectRequest(bucketName, version.getKey()).withVersionId(version.getVersionId());
if (objectLockEnabled) {
client.setObjectLegalHold(new SetObjectLegalHoldRequest(bucketName, version.getKey()).withVersionId(version.getVersionId())
.withLegalHold(new ObjectLockLegalHold().withStatus(ObjectLockLegalHold.Status.OFF)));
deleteRequest.withBypassGovernanceRetention(true);
}
client.deleteObject(deleteRequest);
}
} else {
for (S3Object object : client.listObjects(new ListObjectsRequest(bucketName).withEncodingType(EncodingType.url)).getObjects()) {
Expand Down
10 changes: 10 additions & 0 deletions src/test/java/com/emc/object/s3/S3EncryptionClientBasicTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -562,6 +562,16 @@ public void testExtendObjectRetentionPeriod() {
public void testPreSignedUrlHeaderOverrides() throws Exception {
}

@Ignore
@Override
public void testSingleMultipartUploadWithRetention() {
}

@Ignore
@Override
public void testCopyObjectWithLegalHoldON() {
}

@Override
public void testGetPutDeleteObjectWithTagging() {
// set up env
Expand Down
12 changes: 4 additions & 8 deletions src/test/java/com/emc/object/s3/S3JerseyClientTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2384,11 +2384,9 @@ public void testSetObjectAcl() throws Exception {
String testObject = "/objectPrefix/testObject1";
client.putObject(getTestBucket(), testObject, "Hello ACLs!", "text/plain");

String identity = createS3Config().getIdentity();
CanonicalUser owner = new CanonicalUser(identity, identity);
AccessControlList acl = new AccessControlList();
acl.setOwner(owner);
acl.addGrants(new Grant(owner, Permission.FULL_CONTROL));
acl.setOwner(bucketOwner);
acl.addGrants(new Grant(bucketOwner, Permission.FULL_CONTROL));

client.setObjectAcl(getTestBucket(), testObject, acl);
assertAclEquals(acl, client.getBucketAcl(getTestBucket()));
Expand All @@ -2409,11 +2407,9 @@ public void testSetObjectAclRequestAcl() throws Exception {
String content = "Object Content";
client.putObject(getTestBucket(), testObject, content, "text/plain");

String identity = createS3Config().getIdentity();
CanonicalUser owner = new CanonicalUser(identity, identity);
AccessControlList acl = new AccessControlList();
acl.setOwner(owner);
acl.addGrants(new Grant(owner, Permission.FULL_CONTROL));
acl.setOwner(bucketOwner);
acl.addGrants(new Grant(bucketOwner, Permission.FULL_CONTROL));

SetObjectAclRequest request = new SetObjectAclRequest(getTestBucket(), testObject);
log.debug("JMC calling request.setAcl");
Expand Down
3 changes: 3 additions & 0 deletions src/test/resources/test.properties.template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@ s3.secret_key=<secretkey>
## Endpoint to the S3 Access Point
s3.endpoint=http[s]://<ecshost>[:9020|:9021]

## Specified if the use is an IAM user
s3.iam_user=false


### STS test part, uncomment the following to test STS

Expand Down

0 comments on commit 6d3e22f

Please sign in to comment.