From 03d999f6c847c1005a97b81f755e49c1eb11968e Mon Sep 17 00:00:00 2001 From: "Bala.FA" Date: Fri, 11 Aug 2017 11:15:27 -0700 Subject: [PATCH] Add functional tests for get/set bucket policy API Fixes #598 --- .../java/io/minio/policy/BucketPolicy.java | 4 + functional/FunctionalTest.java | 280 ++++++++++++++++++ 2 files changed, 284 insertions(+) diff --git a/api/src/main/java/io/minio/policy/BucketPolicy.java b/api/src/main/java/io/minio/policy/BucketPolicy.java index 6c269386e..3310bb2bc 100644 --- a/api/src/main/java/io/minio/policy/BucketPolicy.java +++ b/api/src/main/java/io/minio/policy/BucketPolicy.java @@ -387,6 +387,10 @@ public PolicyType getPolicy(String prefix) { boolean objReadOnly = false; boolean objWriteOnly = false; + if (statements == null) { + return PolicyType.NONE; + } + for (Statement s : statements) { Set matchedObjResources = new HashSet(); if (s.resources().contains(objectResource)) { diff --git a/functional/FunctionalTest.java b/functional/FunctionalTest.java index f06fe88ee..4beaba022 100644 --- a/functional/FunctionalTest.java +++ b/functional/FunctionalTest.java @@ -26,6 +26,7 @@ import static java.nio.file.StandardOpenOption.*; import java.nio.file.*; +import java.nio.charset.StandardCharsets; import org.joda.time.DateTime; @@ -39,6 +40,7 @@ import io.minio.*; import io.minio.messages.*; import io.minio.errors.*; +import io.minio.policy.*; public class FunctionalTest { @@ -1394,6 +1396,7 @@ public static void copyObject_test7() throws Exception { System.out.println("Test: copyObject(String bucketName, String objectName, String destBucketName," + "CopyConditions copyConditions) with modified after" + " condition (Negative Case)"); + String objectName = getRandomName(); InputStream is = new ContentInputStream(3 * MB); client.putObject(bucketName, objectName, is, 3 * MB, nullContentType); @@ -1430,6 +1433,7 @@ public static void copyObject_test8() throws Exception { System.out.println("Test: copyObject(String bucketName, String objectName, String destBucketName," + "CopyConditions copyConditions, Map metadata)" + " replace object metadata"); + String objectName = getRandomName(); InputStream is = new ContentInputStream(3 * MB); client.putObject(bucketName, objectName, is, 3 * MB, "application/octet-stream"); @@ -1457,6 +1461,273 @@ public static void copyObject_test8() throws Exception { client.removeBucket(destBucketName); } + /** + * Test: getBucketPolicy(String bucketName, String objectPrefix). + */ + public static void getBucketPolicy_test1() throws Exception { + System.out.println("Test: getBucketPolicy(String bucketName, String objectPrefix)"); + + String objectPrefix = "none-object-prefix"; + client.setBucketPolicy(bucketName, objectPrefix, PolicyType.NONE); + PolicyType type = client.getBucketPolicy(bucketName, objectPrefix); + if (type != PolicyType.NONE) { + throw new Exception("[FAILED] Expected: " + PolicyType.NONE + ", Got: " + type); + } + + objectPrefix = "read-only-object-prefix"; + client.setBucketPolicy(bucketName, objectPrefix, PolicyType.READ_ONLY); + type = client.getBucketPolicy(bucketName, objectPrefix); + if (type != PolicyType.READ_ONLY) { + throw new Exception("[FAILED] Expected: " + PolicyType.READ_ONLY + ", Got: " + type); + } + + objectPrefix = "write-only-object-prefix"; + client.setBucketPolicy(bucketName, objectPrefix, PolicyType.WRITE_ONLY); + type = client.getBucketPolicy(bucketName, objectPrefix); + if (type != PolicyType.WRITE_ONLY) { + throw new Exception("[FAILED] Expected: " + PolicyType.WRITE_ONLY + ", Got: " + type); + } + + objectPrefix = "read-write-object-prefix"; + client.setBucketPolicy(bucketName, objectPrefix, PolicyType.READ_WRITE); + type = client.getBucketPolicy(bucketName, objectPrefix); + if (type != PolicyType.READ_WRITE) { + throw new Exception("[FAILED] Expected: " + PolicyType.READ_WRITE + ", Got: " + type); + } + } + + /** + * Test: None type: setBucketPolicy(String bucketName, String objectPrefix, PolicyType policyType). + */ + public static void setBucketPolicy_test1() throws Exception { + System.out.println("Test: None type: setBucketPolicy(String bucketName, String objectPrefix, " + + "PolicyType policyType)"); + + String objectPrefix = "none"; + client.setBucketPolicy(bucketName, objectPrefix, PolicyType.NONE); + + String objectName = objectPrefix + "/" + getRandomName(); + InputStream is = new ContentInputStream(16); + client.putObject(bucketName, objectName, is, 16, "application/octet-stream"); + is.close(); + + String urlString = client.getObjectUrl(bucketName, objectName); + Request.Builder requestBuilder = new Request.Builder(); + Request request = requestBuilder + .url(HttpUrl.parse(urlString)) + .method("GET", null) + .build(); + OkHttpClient transport = new OkHttpClient(); + Response response = transport.newCall(request).execute(); + + if (response == null) { + throw new Exception("[FAILED] empty response"); + } + + if (response.isSuccessful()) { + throw new Exception("[FAILED] Anonmymous has access for None policy type. Response: " + response); + } + + client.removeObject(bucketName, objectName); + } + + /** + * Test: Read-only type: setBucketPolicy(String bucketName, String objectPrefix, PolicyType policyType). + */ + public static void setBucketPolicy_test2() throws Exception { + System.out.println("Test: Read-only type: setBucketPolicy(String bucketName, String objectPrefix," + + " PolicyType policyType)"); + + String objectPrefix = "read-only"; + client.setBucketPolicy(bucketName, objectPrefix, PolicyType.READ_ONLY); + + String objectName = objectPrefix + "/" + getRandomName(); + byte[] data = "hello, world".getBytes(StandardCharsets.UTF_8); + InputStream is = new ByteArrayInputStream(data); + client.putObject(bucketName, objectName, is, data.length, "application/octet-stream"); + is.close(); + + String urlString = client.getObjectUrl(bucketName, objectName); + Request.Builder requestBuilder = new Request.Builder(); + Request request = requestBuilder + .url(HttpUrl.parse(urlString)) + .method("GET", null) + .build(); + OkHttpClient transport = new OkHttpClient(); + Response response = transport.newCall(request).execute(); + + if (response == null) { + throw new Exception("[FAILED] empty response"); + } + + if (!response.isSuccessful()) { + String errorXml = ""; + + // read entire body stream to string. + Scanner scanner = new Scanner(response.body().charStream()); + scanner.useDelimiter("\\A"); + if (scanner.hasNext()) { + errorXml = scanner.next(); + } + scanner.close(); + response.body().close(); + + throw new Exception("[FAILED] Anonmymous has access for Read-only policy type. Response: " + response + + ", Body = " + errorXml); + } + + byte[] readBytes = readAllBytes(response.body().byteStream()); + response.body().close(); + if (!Arrays.equals(data, readBytes)) { + throw new Exception("Test: Read-only type: setBucketPolicy(String bucketName, String objectPrefix," + + " PolicyType policyType), Error: "); + } + + client.removeObject(bucketName, objectName); + } + + /** + * Test: Write-only type: setBucketPolicy(String bucketName, String objectPrefix, PolicyType policyType). + */ + public static void setBucketPolicy_test3() throws Exception { + System.out.println("Test: Write-only type: setBucketPolicy(String bucketName, String objectPrefix," + + " PolicyType policyType)"); + + String objectPrefix = "write-only"; + client.setBucketPolicy(bucketName, objectPrefix, PolicyType.WRITE_ONLY); + + String objectName = objectPrefix + "/" + getRandomName(); + byte[] data = "hello, world".getBytes(StandardCharsets.UTF_8); + + String urlString = client.getObjectUrl(bucketName, objectName); + Request.Builder requestBuilder = new Request.Builder(); + Request request = requestBuilder + .url(HttpUrl.parse(urlString)) + .method("PUT", RequestBody.create(null, data)) + .build(); + OkHttpClient transport = new OkHttpClient(); + Response response = transport.newCall(request).execute(); + + if (response == null) { + throw new Exception("[FAILED] empty response"); + } + + if (!response.isSuccessful()) { + String errorXml = ""; + + // read entire body stream to string. + Scanner scanner = new Scanner(response.body().charStream()); + scanner.useDelimiter("\\A"); + if (scanner.hasNext()) { + errorXml = scanner.next(); + } + scanner.close(); + response.body().close(); + + throw new Exception("[FAILED] Anonmymous has access for Write-type policy type. Response: " + response + + ", Body = " + errorXml); + } + + InputStream is = client.getObject(bucketName, objectName); + byte[] readBytes = readAllBytes(is); + is.close(); + + if (!Arrays.equals(data, readBytes)) { + throw new Exception("Test: Write-only type: setBucketPolicy(String bucketName, String objectPrefix," + + " PolicyType policyType), Error: "); + } + + client.removeObject(bucketName, objectName); + } + + /** + * Test: Read-write type: setBucketPolicy(String bucketName, String objectPrefix, PolicyType policyType). + */ + public static void setBucketPolicy_test4() throws Exception { + System.out.println("Test: Read-write type: setBucketPolicy(String bucketName, String objectPrefix," + + " PolicyType policyType)"); + + String objectPrefix = "read-write"; + client.setBucketPolicy(bucketName, objectPrefix, PolicyType.READ_WRITE); + + String objectName = objectPrefix + "/" + getRandomName(); + byte[] data = "hello, world".getBytes(StandardCharsets.UTF_8); + + String urlString = client.getObjectUrl(bucketName, objectName); + Request.Builder requestBuilder = new Request.Builder(); + Request request = requestBuilder + .url(HttpUrl.parse(urlString)) + .method("PUT", RequestBody.create(null, data)) + .build(); + OkHttpClient transport = new OkHttpClient(); + Response response = transport.newCall(request).execute(); + + if (response == null) { + throw new Exception("[FAILED] empty response"); + } + + if (!response.isSuccessful()) { + String errorXml = ""; + + // read entire body stream to string. + Scanner scanner = new Scanner(response.body().charStream()); + scanner.useDelimiter("\\A"); + if (scanner.hasNext()) { + errorXml = scanner.next(); + } + scanner.close(); + response.body().close(); + + throw new Exception("[FAILED] Anonmymous has access for Read-write policy type. Response: " + response + + ", Body = " + errorXml); + } + + InputStream is = client.getObject(bucketName, objectName); + byte[] readBytes = readAllBytes(is); + is.close(); + + if (!Arrays.equals(data, readBytes)) { + throw new Exception("Test: Read-write type: setBucketPolicy(String bucketName, String objectPrefix," + + " PolicyType policyType), Error: "); + } + + requestBuilder = new Request.Builder(); + request = requestBuilder + .url(HttpUrl.parse(urlString)) + .method("GET", null) + .build(); + response = transport.newCall(request).execute(); + + if (response == null) { + throw new Exception("[FAILED] empty response"); + } + + if (!response.isSuccessful()) { + String errorXml = ""; + + // read entire body stream to string. + Scanner scanner = new Scanner(response.body().charStream()); + scanner.useDelimiter("\\A"); + if (scanner.hasNext()) { + errorXml = scanner.next(); + } + scanner.close(); + response.body().close(); + + throw new Exception("[FAILED] Anonmymous has access for Read-write policy type. Response: " + response + + ", Body = " + errorXml); + } + + readBytes = readAllBytes(response.body().byteStream()); + response.body().close(); + if (!Arrays.equals(data, readBytes)) { + throw new Exception("Test: Read-write type: setBucketPolicy(String bucketName, String objectPrefix," + + " PolicyType policyType), Error: "); + } + + client.removeObject(bucketName, objectName); + } + /** * Test: setBucketNotification(String bucketName, NotificationConfiguration notificationConfiguration). */ @@ -1676,6 +1947,13 @@ public static void runTests() throws Exception { copyObject_test7(); copyObject_test8(); + getBucketPolicy_test1(); + + setBucketPolicy_test1(); + setBucketPolicy_test2(); + setBucketPolicy_test3(); + setBucketPolicy_test4(); + threadedPutObject(); teardown(); @@ -1709,6 +1987,8 @@ public static void runFastTests() throws Exception { presignedPutObject_test1(); presignedPostPolicy_test(); copyObject_test1(); + getBucketPolicy_test1(); + setBucketPolicy_test4(); teardown(); }