"bytes"
"encoding/json"
"fmt"
- "github.com/gorilla/mux"
"net/http"
"net/http/httptest"
"os"
// Prepare two test Keep volumes. Our block is stored on the second volume.
KeepVM = MakeTestVolumeManager(2)
- defer KeepVM.Quit()
+ defer KeepVM.Close()
- vols := KeepVM.Volumes()
+ vols := KeepVM.AllWritable()
if err := vols[0].Put(TEST_HASH, TEST_BLOCK); err != nil {
t.Error(err)
}
- // Set up a REST router for testing the handlers.
- rest := MakeRESTRouter()
-
// Create locators for testing.
// Turn on permission settings so we can generate signed locators.
enforce_permissions = true
// Unauthenticated request, unsigned locator
// => OK
- response := IssueRequest(rest,
+ response := IssueRequest(
&RequestTester{
method: "GET",
uri: unsigned_locator,
"Unauthenticated request, unsigned locator",
string(TEST_BLOCK),
response)
- received_xbs := response.Header().Get("X-Block-Size")
- expected_xbs := fmt.Sprintf("%d", len(TEST_BLOCK))
- if received_xbs != expected_xbs {
- t.Errorf("expected X-Block-Size %s, got %s", expected_xbs, received_xbs)
+
+ received_cl := response.Header().Get("Content-Length")
+ expected_cl := fmt.Sprintf("%d", len(TEST_BLOCK))
+ if received_cl != expected_cl {
+ t.Errorf("expected Content-Length %s, got %s", expected_cl, received_cl)
}
// ----------------
// Authenticated request, signed locator
// => OK
- response = IssueRequest(rest, &RequestTester{
+ response = IssueRequest(&RequestTester{
method: "GET",
uri: signed_locator,
api_token: known_token,
"Authenticated request, signed locator", http.StatusOK, response)
ExpectBody(t,
"Authenticated request, signed locator", string(TEST_BLOCK), response)
- received_xbs = response.Header().Get("X-Block-Size")
- expected_xbs = fmt.Sprintf("%d", len(TEST_BLOCK))
- if received_xbs != expected_xbs {
- t.Errorf("expected X-Block-Size %s, got %s", expected_xbs, received_xbs)
+
+ received_cl = response.Header().Get("Content-Length")
+ expected_cl = fmt.Sprintf("%d", len(TEST_BLOCK))
+ if received_cl != expected_cl {
+ t.Errorf("expected Content-Length %s, got %s", expected_cl, received_cl)
}
// Authenticated request, unsigned locator
// => PermissionError
- response = IssueRequest(rest, &RequestTester{
+ response = IssueRequest(&RequestTester{
method: "GET",
uri: unsigned_locator,
api_token: known_token,
// Unauthenticated request, signed locator
// => PermissionError
- response = IssueRequest(rest, &RequestTester{
+ response = IssueRequest(&RequestTester{
method: "GET",
uri: signed_locator,
})
// Authenticated request, expired locator
// => ExpiredError
- response = IssueRequest(rest, &RequestTester{
+ response = IssueRequest(&RequestTester{
method: "GET",
uri: expired_locator,
api_token: known_token,
// Prepare two test Keep volumes.
KeepVM = MakeTestVolumeManager(2)
- defer KeepVM.Quit()
-
- // Set up a REST router for testing the handlers.
- rest := MakeRESTRouter()
+ defer KeepVM.Close()
// --------------
// No server key.
// Unauthenticated request, no server key
// => OK (unsigned response)
unsigned_locator := "/" + TEST_HASH
- response := IssueRequest(rest,
+ response := IssueRequest(
&RequestTester{
method: "PUT",
uri: unsigned_locator,
// Authenticated PUT, signed locator
// => OK (signed response)
- response = IssueRequest(rest,
+ response = IssueRequest(
&RequestTester{
method: "PUT",
uri: unsigned_locator,
// Unauthenticated PUT, unsigned locator
// => OK
- response = IssueRequest(rest,
+ response = IssueRequest(
&RequestTester{
method: "PUT",
uri: unsigned_locator,
TEST_HASH_PUT_RESPONSE, response)
}
+func TestPutAndDeleteSkipReadonlyVolumes(t *testing.T) {
+ defer teardown()
+ data_manager_token = "fake-data-manager-token"
+ vols := []*MockVolume{CreateMockVolume(), CreateMockVolume()}
+ vols[0].Readonly = true
+ KeepVM = MakeRRVolumeManager([]Volume{vols[0], vols[1]})
+ defer KeepVM.Close()
+ IssueRequest(
+ &RequestTester{
+ method: "PUT",
+ uri: "/"+TEST_HASH,
+ request_body: TEST_BLOCK,
+ })
+ IssueRequest(
+ &RequestTester{
+ method: "DELETE",
+ uri: "/"+TEST_HASH,
+ request_body: TEST_BLOCK,
+ api_token: data_manager_token,
+ })
+ type expect struct {
+ volnum int
+ method string
+ callcount int
+ }
+ for _, e := range []expect{
+ {0, "Get", 0},
+ {0, "Touch", 0},
+ {0, "Put", 0},
+ {0, "Delete", 0},
+ {1, "Get", 1},
+ {1, "Put", 1},
+ {1, "Delete", 1},
+ } {
+ if calls := vols[e.volnum].CallCount(e.method); calls != e.callcount {
+ t.Errorf("Got %d %s() on vol %d, expect %d", calls, e.method, e.volnum, e.callcount)
+ }
+ }
+}
+
// Test /index requests:
-// - enforce_permissions off | unauthenticated /index request
-// - enforce_permissions off | unauthenticated /index/prefix request
-// - enforce_permissions off | authenticated /index request | non-superuser
-// - enforce_permissions off | authenticated /index/prefix request | non-superuser
-// - enforce_permissions off | authenticated /index request | superuser
-// - enforce_permissions off | authenticated /index/prefix request | superuser
-// - enforce_permissions on | unauthenticated /index request
-// - enforce_permissions on | unauthenticated /index/prefix request
-// - enforce_permissions on | authenticated /index request | non-superuser
-// - enforce_permissions on | authenticated /index/prefix request | non-superuser
-// - enforce_permissions on | authenticated /index request | superuser
-// - enforce_permissions on | authenticated /index/prefix request | superuser
+// - unauthenticated /index request
+// - unauthenticated /index/prefix request
+// - authenticated /index request | non-superuser
+// - authenticated /index/prefix request | non-superuser
+// - authenticated /index request | superuser
+// - authenticated /index/prefix request | superuser
//
// The only /index requests that should succeed are those issued by the
-// superuser when enforce_permissions = true.
+// superuser. They should pass regardless of the value of enforce_permissions.
//
func TestIndexHandler(t *testing.T) {
defer teardown()
// Include multiple blocks on different volumes, and
// some metadata files (which should be omitted from index listings)
KeepVM = MakeTestVolumeManager(2)
- defer KeepVM.Quit()
+ defer KeepVM.Close()
- vols := KeepVM.Volumes()
+ vols := KeepVM.AllWritable()
vols[0].Put(TEST_HASH, TEST_BLOCK)
vols[1].Put(TEST_HASH_2, TEST_BLOCK_2)
vols[0].Put(TEST_HASH+".meta", []byte("metadata"))
vols[1].Put(TEST_HASH_2+".meta", []byte("metadata"))
- // Set up a REST router for testing the handlers.
- rest := MakeRESTRouter()
-
data_manager_token = "DATA MANAGER TOKEN"
unauthenticated_req := &RequestTester{
api_token: data_manager_token,
}
- // ----------------------------
- // enforce_permissions disabled
- // All /index requests should fail.
- enforce_permissions = false
-
- // unauthenticated /index request
- // => PermissionError
- response := IssueRequest(rest, unauthenticated_req)
- ExpectStatusCode(t,
- "enforce_permissions off, unauthenticated request",
- PermissionError.HTTPCode,
- response)
-
- // unauthenticated /index/prefix request
- // => PermissionError
- response = IssueRequest(rest, unauth_prefix_req)
- ExpectStatusCode(t,
- "enforce_permissions off, unauthenticated /index/prefix request",
- PermissionError.HTTPCode,
- response)
-
- // authenticated /index request, non-superuser
- // => PermissionError
- response = IssueRequest(rest, authenticated_req)
- ExpectStatusCode(t,
- "enforce_permissions off, authenticated request, non-superuser",
- PermissionError.HTTPCode,
- response)
-
- // authenticated /index/prefix request, non-superuser
- // => PermissionError
- response = IssueRequest(rest, auth_prefix_req)
- ExpectStatusCode(t,
- "enforce_permissions off, authenticated /index/prefix request, non-superuser",
- PermissionError.HTTPCode,
- response)
-
- // authenticated /index request, superuser
- // => PermissionError
- response = IssueRequest(rest, superuser_req)
- ExpectStatusCode(t,
- "enforce_permissions off, superuser request",
- PermissionError.HTTPCode,
- response)
-
- // superuser /index/prefix request
- // => PermissionError
- response = IssueRequest(rest, superuser_prefix_req)
- ExpectStatusCode(t,
- "enforce_permissions off, superuser /index/prefix request",
- PermissionError.HTTPCode,
- response)
+ // -------------------------------------------------------------
+ // Only the superuser should be allowed to issue /index requests.
// ---------------------------
// enforce_permissions enabled
- // Only the superuser should be allowed to issue /index requests.
+ // This setting should not affect tests passing.
enforce_permissions = true
// unauthenticated /index request
- // => PermissionError
- response = IssueRequest(rest, unauthenticated_req)
+ // => UnauthorizedError
+ response := IssueRequest(unauthenticated_req)
ExpectStatusCode(t,
"enforce_permissions on, unauthenticated request",
- PermissionError.HTTPCode,
+ UnauthorizedError.HTTPCode,
response)
// unauthenticated /index/prefix request
- // => PermissionError
- response = IssueRequest(rest, unauth_prefix_req)
+ // => UnauthorizedError
+ response = IssueRequest(unauth_prefix_req)
ExpectStatusCode(t,
"permissions on, unauthenticated /index/prefix request",
- PermissionError.HTTPCode,
+ UnauthorizedError.HTTPCode,
response)
// authenticated /index request, non-superuser
- // => PermissionError
- response = IssueRequest(rest, authenticated_req)
+ // => UnauthorizedError
+ response = IssueRequest(authenticated_req)
ExpectStatusCode(t,
"permissions on, authenticated request, non-superuser",
- PermissionError.HTTPCode,
+ UnauthorizedError.HTTPCode,
response)
// authenticated /index/prefix request, non-superuser
- // => PermissionError
- response = IssueRequest(rest, auth_prefix_req)
+ // => UnauthorizedError
+ response = IssueRequest(auth_prefix_req)
ExpectStatusCode(t,
"permissions on, authenticated /index/prefix request, non-superuser",
- PermissionError.HTTPCode,
+ UnauthorizedError.HTTPCode,
response)
// superuser /index request
// => OK
- response = IssueRequest(rest, superuser_req)
+ response = IssueRequest(superuser_req)
+ ExpectStatusCode(t,
+ "permissions on, superuser request",
+ http.StatusOK,
+ response)
+
+ // ----------------------------
+ // enforce_permissions disabled
+ // Valid Request should still pass.
+ enforce_permissions = false
+
+ // superuser /index request
+ // => OK
+ response = IssueRequest(superuser_req)
ExpectStatusCode(t,
"permissions on, superuser request",
http.StatusOK,
// superuser /index/prefix request
// => OK
- response = IssueRequest(rest, superuser_prefix_req)
+ response = IssueRequest(superuser_prefix_req)
ExpectStatusCode(t,
"permissions on, superuser request",
http.StatusOK,
// Include multiple blocks on different volumes, and
// some metadata files (which should be omitted from index listings)
KeepVM = MakeTestVolumeManager(2)
- defer KeepVM.Quit()
+ defer KeepVM.Close()
- vols := KeepVM.Volumes()
+ vols := KeepVM.AllWritable()
vols[0].Put(TEST_HASH, TEST_BLOCK)
// Explicitly set the permission_ttl to 0 for these
// even though they have just been created.
permission_ttl = time.Duration(0)
- // Set up a REST router for testing the handlers.
- rest := MakeRESTRouter()
-
var user_token = "NOT DATA MANAGER TOKEN"
data_manager_token = "DATA MANAGER TOKEN"
// Unauthenticated request returns PermissionError.
var response *httptest.ResponseRecorder
- response = IssueRequest(rest, unauth_req)
+ response = IssueRequest(unauth_req)
ExpectStatusCode(t,
"unauthenticated request",
PermissionError.HTTPCode,
response)
// Authenticated non-admin request returns PermissionError.
- response = IssueRequest(rest, user_req)
+ response = IssueRequest(user_req)
ExpectStatusCode(t,
"authenticated non-admin request",
PermissionError.HTTPCode,
}
var response_dc, expected_dc deletecounter
- response = IssueRequest(rest, superuser_nonexistent_block_req)
+ response = IssueRequest(superuser_nonexistent_block_req)
ExpectStatusCode(t,
"data manager request, nonexistent block",
http.StatusNotFound,
// Authenticated admin request for existing block while never_delete is set.
never_delete = true
- response = IssueRequest(rest, superuser_existing_block_req)
+ response = IssueRequest(superuser_existing_block_req)
ExpectStatusCode(t,
"authenticated request, existing block, method disabled",
MethodDisabledError.HTTPCode,
never_delete = false
// Authenticated admin request for existing block.
- response = IssueRequest(rest, superuser_existing_block_req)
+ response = IssueRequest(superuser_existing_block_req)
ExpectStatusCode(t,
"data manager request, existing block",
http.StatusOK,
vols[0].Put(TEST_HASH, TEST_BLOCK)
permission_ttl = time.Duration(1) * time.Hour
- response = IssueRequest(rest, superuser_existing_block_req)
+ response = IssueRequest(superuser_existing_block_req)
ExpectStatusCode(t,
"data manager request, existing block",
http.StatusOK,
//
// TODO(twp): test concurrency: launch 100 goroutines to update the
// pull list simultaneously. Make sure that none of them return 400
-// Bad Request and that pullmgr.GetList() returns a valid list.
+// Bad Request and that pullq.GetList() returns a valid list.
//
func TestPullHandler(t *testing.T) {
defer teardown()
- // Set up a REST router for testing the handlers.
- rest := MakeRESTRouter()
-
var user_token = "USER TOKEN"
data_manager_token = "DATA MANAGER TOKEN"
+ pullq = NewWorkQueue()
+
good_json := []byte(`[
{
"locator":"locator_with_two_servers",
}
var testcases = []pullTest{
{
- "user token, good request",
+ "Valid pull list from an ordinary user",
RequestTester{"/pull", user_token, "PUT", good_json},
http.StatusUnauthorized,
"Unauthorized\n",
},
{
- "user token, bad request",
+ "Invalid pull request from an ordinary user",
RequestTester{"/pull", user_token, "PUT", bad_json},
http.StatusUnauthorized,
"Unauthorized\n",
},
{
- "data manager token, good request",
+ "Valid pull request from the data manager",
RequestTester{"/pull", data_manager_token, "PUT", good_json},
http.StatusOK,
"Received 3 pull requests\n",
},
{
- "data manager token, bad request",
+ "Invalid pull request from the data manager",
RequestTester{"/pull", data_manager_token, "PUT", bad_json},
http.StatusBadRequest,
"Bad Request\n",
}
for _, tst := range testcases {
- response := IssueRequest(rest, &tst.req)
+ response := IssueRequest(&tst.req)
ExpectStatusCode(t, tst.name, tst.response_code, response)
ExpectBody(t, tst.name, tst.response_body, response)
}
// The Keep pull manager should have received one good list with 3
// requests on it.
- var output_list = make([]PullRequest, 3)
for i := 0; i < 3; i++ {
- item := <-pullmgr.NextItem
- if pr, ok := item.(PullRequest); ok {
- output_list[i] = pr
- } else {
+ item := <-pullq.NextItem
+ if _, ok := item.(PullRequest); !ok {
t.Errorf("item %v could not be parsed as a PullRequest", item)
}
}
+
+ expectChannelEmpty(t, pullq.NextItem)
+}
+
+// TestTrashHandler
+//
+// Test cases:
+//
+// Cases tested: syntactically valid and invalid trash lists, from the
+// data manager and from unprivileged users:
+//
+// 1. Valid trash list from an ordinary user
+// (expected result: 401 Unauthorized)
+//
+// 2. Invalid trash list from an ordinary user
+// (expected result: 401 Unauthorized)
+//
+// 3. Valid trash list from the data manager
+// (expected result: 200 OK with request body "Received 3 trash
+// requests"
+//
+// 4. Invalid trash list from the data manager
+// (expected result: 400 Bad Request)
+//
+// Test that in the end, the trash collector received a good list
+// trash list with the expected number of requests.
+//
+// TODO(twp): test concurrency: launch 100 goroutines to update the
+// pull list simultaneously. Make sure that none of them return 400
+// Bad Request and that replica.Dump() returns a valid list.
+//
+func TestTrashHandler(t *testing.T) {
+ defer teardown()
+
+ var user_token = "USER TOKEN"
+ data_manager_token = "DATA MANAGER TOKEN"
+
+ trashq = NewWorkQueue()
+
+ good_json := []byte(`[
+ {
+ "locator":"block1",
+ "block_mtime":1409082153
+ },
+ {
+ "locator":"block2",
+ "block_mtime":1409082153
+ },
+ {
+ "locator":"block3",
+ "block_mtime":1409082153
+ }
+ ]`)
+
+ bad_json := []byte(`I am not a valid JSON string`)
+
+ type trashTest struct {
+ name string
+ req RequestTester
+ response_code int
+ response_body string
+ }
+
+ var testcases = []trashTest{
+ {
+ "Valid trash list from an ordinary user",
+ RequestTester{"/trash", user_token, "PUT", good_json},
+ http.StatusUnauthorized,
+ "Unauthorized\n",
+ },
+ {
+ "Invalid trash list from an ordinary user",
+ RequestTester{"/trash", user_token, "PUT", bad_json},
+ http.StatusUnauthorized,
+ "Unauthorized\n",
+ },
+ {
+ "Valid trash list from the data manager",
+ RequestTester{"/trash", data_manager_token, "PUT", good_json},
+ http.StatusOK,
+ "Received 3 trash requests\n",
+ },
+ {
+ "Invalid trash list from the data manager",
+ RequestTester{"/trash", data_manager_token, "PUT", bad_json},
+ http.StatusBadRequest,
+ "Bad Request\n",
+ },
+ }
+
+ for _, tst := range testcases {
+ response := IssueRequest(&tst.req)
+ ExpectStatusCode(t, tst.name, tst.response_code, response)
+ ExpectBody(t, tst.name, tst.response_body, response)
+ }
+
+ // The trash collector should have received one good list with 3
+ // requests on it.
+ for i := 0; i < 3; i++ {
+ item := <-trashq.NextItem
+ if _, ok := item.(TrashRequest); !ok {
+ t.Errorf("item %v could not be parsed as a TrashRequest", item)
+ }
+ }
+
+ expectChannelEmpty(t, trashq.NextItem)
}
// ====================
// ====================
// IssueTestRequest executes an HTTP request described by rt, to a
-// specified REST router. It returns the HTTP response to the request.
-func IssueRequest(router *mux.Router, rt *RequestTester) *httptest.ResponseRecorder {
+// REST router. It returns the HTTP response to the request.
+func IssueRequest(rt *RequestTester) *httptest.ResponseRecorder {
response := httptest.NewRecorder()
body := bytes.NewReader(rt.request_body)
req, _ := http.NewRequest(rt.method, rt.uri, body)
if rt.api_token != "" {
req.Header.Set("Authorization", "OAuth2 "+rt.api_token)
}
- router.ServeHTTP(response, req)
+ loggingRouter := MakeLoggingRESTRouter()
+ loggingRouter.ServeHTTP(response, req)
return response
}
projects / arvados.git / blobdiff