defer KeepVM.Close()
vols := KeepVM.AllWritable()
- if err := vols[0].Put(TEST_HASH, TEST_BLOCK); err != nil {
+ if err := vols[0].Put(TestHash, TestBlock); err != nil {
t.Error(err)
}
// Create locators for testing.
// Turn on permission settings so we can generate signed locators.
- enforce_permissions = true
- PermissionSecret = []byte(known_key)
- blob_signature_ttl = 300 * time.Second
+ enforcePermissions = true
+ PermissionSecret = []byte(knownKey)
+ blobSignatureTTL = 300 * time.Second
var (
- unsignedLocator = "/" + TEST_HASH
- validTimestamp = time.Now().Add(blob_signature_ttl)
+ unsignedLocator = "/" + TestHash
+ validTimestamp = time.Now().Add(blobSignatureTTL)
expiredTimestamp = time.Now().Add(-time.Hour)
- signedLocator = "/" + SignLocator(TEST_HASH, known_token, validTimestamp)
- expiredLocator = "/" + SignLocator(TEST_HASH, known_token, expiredTimestamp)
+ signedLocator = "/" + SignLocator(TestHash, knownToken, validTimestamp)
+ expiredLocator = "/" + SignLocator(TestHash, knownToken, expiredTimestamp)
)
// -----------------
// Test unauthenticated request with permissions off.
- enforce_permissions = false
+ enforcePermissions = false
// Unauthenticated request, unsigned locator
// => OK
"Unauthenticated request, unsigned locator", http.StatusOK, response)
ExpectBody(t,
"Unauthenticated request, unsigned locator",
- string(TEST_BLOCK),
+ string(TestBlock),
response)
receivedLen := response.Header().Get("Content-Length")
- expectedLen := fmt.Sprintf("%d", len(TEST_BLOCK))
+ expectedLen := fmt.Sprintf("%d", len(TestBlock))
if receivedLen != expectedLen {
t.Errorf("expected Content-Length %s, got %s", expectedLen, receivedLen)
}
// ----------------
// Permissions: on.
- enforce_permissions = true
+ enforcePermissions = true
// Authenticated request, signed locator
// => OK
response = IssueRequest(&RequestTester{
method: "GET",
uri: signedLocator,
- apiToken: known_token,
+ apiToken: knownToken,
})
ExpectStatusCode(t,
"Authenticated request, signed locator", http.StatusOK, response)
ExpectBody(t,
- "Authenticated request, signed locator", string(TEST_BLOCK), response)
+ "Authenticated request, signed locator", string(TestBlock), response)
receivedLen = response.Header().Get("Content-Length")
- expectedLen = fmt.Sprintf("%d", len(TEST_BLOCK))
+ expectedLen = fmt.Sprintf("%d", len(TestBlock))
if receivedLen != expectedLen {
t.Errorf("expected Content-Length %s, got %s", expectedLen, receivedLen)
}
response = IssueRequest(&RequestTester{
method: "GET",
uri: unsignedLocator,
- apiToken: known_token,
+ apiToken: knownToken,
})
ExpectStatusCode(t, "unsigned locator", PermissionError.HTTPCode, response)
response = IssueRequest(&RequestTester{
method: "GET",
uri: expiredLocator,
- apiToken: known_token,
+ apiToken: knownToken,
})
ExpectStatusCode(t,
"Authenticated request, expired locator",
// Unauthenticated request, no server key
// => OK (unsigned response)
- unsignedLocator := "/" + TEST_HASH
+ unsignedLocator := "/" + TestHash
response := IssueRequest(
&RequestTester{
method: "PUT",
uri: unsignedLocator,
- requestBody: TEST_BLOCK,
+ requestBody: TestBlock,
})
ExpectStatusCode(t,
"Unauthenticated request, no server key", http.StatusOK, response)
ExpectBody(t,
"Unauthenticated request, no server key",
- TEST_HASH_PUT_RESPONSE, response)
+ TestHashPutResp, response)
// ------------------
// With a server key.
- PermissionSecret = []byte(known_key)
- blob_signature_ttl = 300 * time.Second
+ PermissionSecret = []byte(knownKey)
+ blobSignatureTTL = 300 * time.Second
// When a permission key is available, the locator returned
// from an authenticated PUT request will be signed.
&RequestTester{
method: "PUT",
uri: unsignedLocator,
- requestBody: TEST_BLOCK,
- apiToken: known_token,
+ requestBody: TestBlock,
+ apiToken: knownToken,
})
ExpectStatusCode(t,
"Authenticated PUT, signed locator, with server key",
http.StatusOK, response)
responseLocator := strings.TrimSpace(response.Body.String())
- if VerifySignature(responseLocator, known_token) != nil {
+ if VerifySignature(responseLocator, knownToken) != nil {
t.Errorf("Authenticated PUT, signed locator, with server key:\n"+
"response '%s' does not contain a valid signature",
responseLocator)
&RequestTester{
method: "PUT",
uri: unsignedLocator,
- requestBody: TEST_BLOCK,
+ requestBody: TestBlock,
})
ExpectStatusCode(t,
http.StatusOK, response)
ExpectBody(t,
"Unauthenticated PUT, unsigned locator, with server key",
- TEST_HASH_PUT_RESPONSE, response)
+ TestHashPutResp, response)
}
func TestPutAndDeleteSkipReadonlyVolumes(t *testing.T) {
defer teardown()
- data_manager_token = "fake-data-manager-token"
+ dataManagerToken = "fake-data-manager-token"
vols := []*MockVolume{CreateMockVolume(), CreateMockVolume()}
vols[0].Readonly = true
KeepVM = MakeRRVolumeManager([]Volume{vols[0], vols[1]})
IssueRequest(
&RequestTester{
method: "PUT",
- uri: "/" + TEST_HASH,
- requestBody: TEST_BLOCK,
+ uri: "/" + TestHash,
+ requestBody: TestBlock,
})
defer func(orig bool) {
- never_delete = orig
- }(never_delete)
- never_delete = false
+ neverDelete = orig
+ }(neverDelete)
+ neverDelete = false
IssueRequest(
&RequestTester{
method: "DELETE",
- uri: "/" + TEST_HASH,
- requestBody: TEST_BLOCK,
- apiToken: data_manager_token,
+ uri: "/" + TestHash,
+ requestBody: TestBlock,
+ apiToken: dataManagerToken,
})
type expect struct {
volnum int
// - authenticated /index/prefix request | superuser
//
// The only /index requests that should succeed are those issued by the
-// superuser. They should pass regardless of the value of enforce_permissions.
+// superuser. They should pass regardless of the value of enforcePermissions.
//
func TestIndexHandler(t *testing.T) {
defer teardown()
defer KeepVM.Close()
vols := KeepVM.AllWritable()
- vols[0].Put(TEST_HASH, TEST_BLOCK)
- vols[1].Put(TEST_HASH_2, TEST_BLOCK_2)
- vols[0].Put(TEST_HASH+".meta", []byte("metadata"))
- vols[1].Put(TEST_HASH_2+".meta", []byte("metadata"))
+ vols[0].Put(TestHash, TestBlock)
+ vols[1].Put(TestHash2, TestBlock2)
+ vols[0].Put(TestHash+".meta", []byte("metadata"))
+ vols[1].Put(TestHash2+".meta", []byte("metadata"))
- data_manager_token = "DATA MANAGER TOKEN"
+ dataManagerToken = "DATA MANAGER TOKEN"
unauthenticatedReq := &RequestTester{
method: "GET",
authenticatedReq := &RequestTester{
method: "GET",
uri: "/index",
- apiToken: known_token,
+ apiToken: knownToken,
}
superuserReq := &RequestTester{
method: "GET",
uri: "/index",
- apiToken: data_manager_token,
+ apiToken: dataManagerToken,
}
unauthPrefixReq := &RequestTester{
method: "GET",
- uri: "/index/" + TEST_HASH[0:3],
+ uri: "/index/" + TestHash[0:3],
}
authPrefixReq := &RequestTester{
method: "GET",
- uri: "/index/" + TEST_HASH[0:3],
- apiToken: known_token,
+ uri: "/index/" + TestHash[0:3],
+ apiToken: knownToken,
}
superuserPrefixReq := &RequestTester{
method: "GET",
- uri: "/index/" + TEST_HASH[0:3],
- apiToken: data_manager_token,
+ uri: "/index/" + TestHash[0:3],
+ apiToken: dataManagerToken,
+ }
+ superuserNoSuchPrefixReq := &RequestTester{
+ method: "GET",
+ uri: "/index/abcd",
+ apiToken: dataManagerToken,
+ }
+ superuserInvalidPrefixReq := &RequestTester{
+ method: "GET",
+ uri: "/index/xyz",
+ apiToken: dataManagerToken,
}
// -------------------------------------------------------------
// Only the superuser should be allowed to issue /index requests.
// ---------------------------
- // enforce_permissions enabled
+ // enforcePermissions enabled
// This setting should not affect tests passing.
- enforce_permissions = true
+ enforcePermissions = true
// unauthenticated /index request
// => UnauthorizedError
response := IssueRequest(unauthenticatedReq)
ExpectStatusCode(t,
- "enforce_permissions on, unauthenticated request",
+ "enforcePermissions on, unauthenticated request",
UnauthorizedError.HTTPCode,
response)
response)
// ----------------------------
- // enforce_permissions disabled
+ // enforcePermissions disabled
// Valid Request should still pass.
- enforce_permissions = false
+ enforcePermissions = false
// superuser /index request
// => OK
http.StatusOK,
response)
- expected := `^` + TEST_HASH + `\+\d+ \d+\n` +
- TEST_HASH_2 + `\+\d+ \d+\n\n$`
+ expected := `^` + TestHash + `\+\d+ \d+\n` +
+ TestHash2 + `\+\d+ \d+\n\n$`
match, _ := regexp.MatchString(expected, response.Body.String())
if !match {
t.Errorf(
http.StatusOK,
response)
- expected = `^` + TEST_HASH + `\+\d+ \d+\n\n$`
+ expected = `^` + TestHash + `\+\d+ \d+\n\n$`
match, _ = regexp.MatchString(expected, response.Body.String())
if !match {
t.Errorf(
"permissions on, superuser /index/prefix request: expected %s, got:\n%s",
expected, response.Body.String())
}
+
+ // superuser /index/{no-such-prefix} request
+ // => OK
+ response = IssueRequest(superuserNoSuchPrefixReq)
+ ExpectStatusCode(t,
+ "permissions on, superuser request",
+ http.StatusOK,
+ response)
+
+ if "\n" != response.Body.String() {
+ t.Errorf("Expected empty response for %s. Found %s", superuserNoSuchPrefixReq.uri, response.Body.String())
+ }
+
+ // superuser /index/{invalid-prefix} request
+ // => StatusBadRequest
+ response = IssueRequest(superuserInvalidPrefixReq)
+ ExpectStatusCode(t,
+ "permissions on, superuser request",
+ http.StatusBadRequest,
+ response)
}
// TestDeleteHandler
defer KeepVM.Close()
vols := KeepVM.AllWritable()
- vols[0].Put(TEST_HASH, TEST_BLOCK)
+ vols[0].Put(TestHash, TestBlock)
- // Explicitly set the blob_signature_ttl to 0 for these
+ // Explicitly set the blobSignatureTTL to 0 for these
// tests, to ensure the MockVolume deletes the blocks
// even though they have just been created.
- blob_signature_ttl = time.Duration(0)
+ blobSignatureTTL = time.Duration(0)
var userToken = "NOT DATA MANAGER TOKEN"
- data_manager_token = "DATA MANAGER TOKEN"
+ dataManagerToken = "DATA MANAGER TOKEN"
- never_delete = false
+ neverDelete = false
unauthReq := &RequestTester{
method: "DELETE",
- uri: "/" + TEST_HASH,
+ uri: "/" + TestHash,
}
userReq := &RequestTester{
method: "DELETE",
- uri: "/" + TEST_HASH,
+ uri: "/" + TestHash,
apiToken: userToken,
}
superuserExistingBlockReq := &RequestTester{
method: "DELETE",
- uri: "/" + TEST_HASH,
- apiToken: data_manager_token,
+ uri: "/" + TestHash,
+ apiToken: dataManagerToken,
}
superuserNonexistentBlockReq := &RequestTester{
method: "DELETE",
- uri: "/" + TEST_HASH_2,
- apiToken: data_manager_token,
+ uri: "/" + TestHash2,
+ apiToken: dataManagerToken,
}
// Unauthenticated request returns PermissionError.
http.StatusNotFound,
response)
- // Authenticated admin request for existing block while never_delete is set.
- never_delete = true
+ // Authenticated admin request for existing block while neverDelete is set.
+ neverDelete = true
response = IssueRequest(superuserExistingBlockReq)
ExpectStatusCode(t,
"authenticated request, existing block, method disabled",
MethodDisabledError.HTTPCode,
response)
- never_delete = false
+ neverDelete = false
// Authenticated admin request for existing block.
response = IssueRequest(superuserExistingBlockReq)
expectedDc, responseDc)
}
// Confirm the block has been deleted
- _, err := vols[0].Get(TEST_HASH)
+ _, err := vols[0].Get(TestHash)
var blockDeleted = os.IsNotExist(err)
if !blockDeleted {
t.Error("superuserExistingBlockReq: block not deleted")
}
- // A DELETE request on a block newer than blob_signature_ttl
+ // A DELETE request on a block newer than blobSignatureTTL
// should return success but leave the block on the volume.
- vols[0].Put(TEST_HASH, TEST_BLOCK)
- blob_signature_ttl = time.Hour
+ vols[0].Put(TestHash, TestBlock)
+ blobSignatureTTL = time.Hour
response = IssueRequest(superuserExistingBlockReq)
ExpectStatusCode(t,
expectedDc, responseDc)
}
// Confirm the block has NOT been deleted.
- _, err = vols[0].Get(TEST_HASH)
+ _, err = vols[0].Get(TestHash)
if err != nil {
t.Errorf("testing delete on new block: %s\n", err)
}
defer teardown()
var userToken = "USER TOKEN"
- data_manager_token = "DATA MANAGER TOKEN"
+ dataManagerToken = "DATA MANAGER TOKEN"
pullq = NewWorkQueue()
},
{
"Valid pull request from the data manager",
- RequestTester{"/pull", data_manager_token, "PUT", goodJSON},
+ RequestTester{"/pull", dataManagerToken, "PUT", goodJSON},
http.StatusOK,
"Received 3 pull requests\n",
},
{
"Invalid pull request from the data manager",
- RequestTester{"/pull", data_manager_token, "PUT", badJSON},
+ RequestTester{"/pull", dataManagerToken, "PUT", badJSON},
http.StatusBadRequest,
"",
},
defer teardown()
var userToken = "USER TOKEN"
- data_manager_token = "DATA MANAGER TOKEN"
+ dataManagerToken = "DATA MANAGER TOKEN"
trashq = NewWorkQueue()
},
{
"Valid trash list from the data manager",
- RequestTester{"/trash", data_manager_token, "PUT", goodJSON},
+ RequestTester{"/trash", dataManagerToken, "PUT", goodJSON},
http.StatusOK,
"Received 3 trash requests\n",
},
{
"Invalid trash list from the data manager",
- RequestTester{"/trash", data_manager_token, "PUT", badJSON},
+ RequestTester{"/trash", dataManagerToken, "PUT", badJSON},
http.StatusBadRequest,
"",
},
defer func(orig *bufferPool) {
bufs = orig
}(bufs)
- bufs = newBufferPool(1, BLOCKSIZE)
+ bufs = newBufferPool(1, BlockSize)
ok := make(chan struct{})
go func() {
response := IssueRequest(
&RequestTester{
method: "PUT",
- uri: "/" + TEST_HASH,
- requestBody: TEST_BLOCK,
+ uri: "/" + TestHash,
+ requestBody: TestBlock,
})
ExpectStatusCode(t,
"TestPutNeedsOnlyOneBuffer", http.StatusOK, response)
for i := 0; i < maxBuffers+1; i++ {
// Unauthenticated request, no server key
// => OK (unsigned response)
- unsignedLocator := "/" + TEST_HASH
+ unsignedLocator := "/" + TestHash
response := IssueRequest(
&RequestTester{
method: "PUT",
uri: unsignedLocator,
- requestBody: TEST_BLOCK,
+ requestBody: TestBlock,
})
ExpectStatusCode(t,
"TestPutHandlerBufferleak", http.StatusOK, response)
ExpectBody(t,
"TestPutHandlerBufferleak",
- TEST_HASH_PUT_RESPONSE, response)
+ TestHashPutResp, response)
}
ok <- true
}()
defer KeepVM.Close()
vols := KeepVM.AllWritable()
- if err := vols[0].Put(TEST_HASH, TEST_BLOCK); err != nil {
+ if err := vols[0].Put(TestHash, TestBlock); err != nil {
t.Error(err)
}
for i := 0; i < maxBuffers+1; i++ {
// Unauthenticated request, unsigned locator
// => OK
- unsignedLocator := "/" + TEST_HASH
+ unsignedLocator := "/" + TestHash
response := IssueRequest(
&RequestTester{
method: "GET",
"Unauthenticated request, unsigned locator", http.StatusOK, response)
ExpectBody(t,
"Unauthenticated request, unsigned locator",
- string(TEST_BLOCK),
+ string(TestBlock),
response)
}
ok <- true
case <-ok:
}
}
+
+func TestPutReplicationHeader(t *testing.T) {
+ defer teardown()
+
+ KeepVM = MakeTestVolumeManager(2)
+ defer KeepVM.Close()
+
+ resp := IssueRequest(&RequestTester{
+ method: "PUT",
+ uri: "/" + TestHash,
+ requestBody: TestBlock,
+ })
+ if r := resp.Header().Get("X-Keep-Replicas-Stored"); r != "1" {
+ t.Errorf("Got X-Keep-Replicas-Stored: %q, expected %q", r, "1")
+ }
+}