Merge pull request #662 from versity/test_cmdline_policy_multipart

Test cmdline policy multipart
versity · Jul 5, 2024 · 157f22b · 157f22b
2 parents 3673802 + e81fac9
commit 157f22b
Show file tree

Hide file tree

Showing 10 changed files with 500 additions and 212 deletions.
diff --git a/tests/commands/abort_multipart_upload.sh b/tests/commands/abort_multipart_upload.sh
@@ -2,13 +2,24 @@
 
 abort_multipart_upload() {
   if [ $# -ne 3 ]; then
-    echo "command to run abort requires bucket, key, upload ID"
+    log 2 "'abort multipart upload' command requires bucket, key, upload ID"
     return 1
   fi
+  if ! error=$(aws --no-verify-ssl s3api abort-multipart-upload --bucket "$1" --key "$2" --upload-id "$3" 2>&1); then
+    log 2 "Error aborting upload: $error"
+    return 1
+  fi
+  return 0
+}
 
-  error=$(aws --no-verify-ssl s3api abort-multipart-upload --bucket "$1" --key "$2" --upload-id "$3") || local aborted=$?
-  if [[ $aborted -ne 0 ]]; then
-    echo "Error aborting upload: $error"
+abort_multipart_upload_with_user() {
+  if [ $# -ne 5 ]; then
+    log 2 "'abort multipart upload' command requires bucket, key, upload ID, username, password"
+    return 1
+  fi
+  if ! abort_multipart_upload_error=$(AWS_ACCESS_KEY_ID="$4" AWS_SECRET_ACCESS_KEY="$5" aws --no-verify-ssl s3api abort-multipart-upload --bucket "$1" --key "$2" --upload-id "$3" 2>&1); then
+    log 2 "Error aborting upload: $abort_multipart_upload_error"
+    export abort_multipart_upload_error
     return 1
   fi
   return 0

diff --git a/tests/commands/create_multipart_upload.sh b/tests/commands/create_multipart_upload.sh
@@ -9,16 +9,38 @@ create_multipart_upload() {
     return 1
   fi
 
-  local multipart_data
-  multipart_data=$(aws --no-verify-ssl s3api create-multipart-upload --bucket "$1" --key "$2") || local created=$?
-  if [[ $created -ne 0 ]]; then
-    log 2 "Error creating multipart upload: $upload_id"
+  if ! multipart_data=$(aws --no-verify-ssl s3api create-multipart-upload --bucket "$1" --key "$2" 2>&1); then
+    log 2 "Error creating multipart upload: $multipart_data"
     return 1
   fi
 
-  upload_id=$(echo "$multipart_data" | jq '.UploadId')
+  if ! upload_id=$(echo "$multipart_data" | grep -v "InsecureRequestWarning" | jq -r '.UploadId' 2>&1); then
+    log 2 "error parsing upload ID: $upload_id"
+    return 1
+  fi
   upload_id="${upload_id//\"/}"
   export upload_id
+  return 0
+}
+
+create_multipart_upload_with_user() {
+  if [ $# -ne 4 ]; then
+    log 2 "create multipart upload function must have bucket, key, username, password"
+    return 1
+  fi
+
+  if ! multipart_data=$(AWS_ACCESS_KEY_ID="$3" AWS_SECRET_ACCESS_KEY="$4" aws --no-verify-ssl s3api create-multipart-upload --bucket "$1" --key "$2" 2>&1); then
+    log 2 "Error creating multipart upload: $multipart_data"
+    return 1
+  fi
+
+  if ! upload_id=$(echo "$multipart_data" | grep -v "InsecureRequestWarning" | jq -r '.UploadId' 2>&1); then
+    log 2 "error parsing upload ID: $upload_id"
+    return 1
+  fi
+  upload_id="${upload_id//\"/}"
+  export upload_id
+  return 0
 }
 
 create_multipart_upload_params() {

diff --git a/tests/commands/get_bucket_acl.sh b/tests/commands/get_bucket_acl.sh
@@ -19,4 +19,17 @@ get_bucket_acl() {
     return 1
   fi
   export acl
+}
+
+get_bucket_acl_with_user() {
+  if [ $# -ne 3 ]; then
+    log 2 "'get bucket ACL with user' command requires bucket name, username, password"
+    return 1
+  fi
+  if ! bucket_acl=$(AWS_ACCESS_KEY_ID="$2" AWS_SECRET_ACCESS_KEY="$3" aws --no-verify-ssl s3api get-bucket-acl --bucket "$1" 2>&1); then
+    log 2 "error getting bucket ACLs: $bucket_acl"
+    return 1
+  fi
+  export bucket_acl
+  return 0
 }
diff --git a/tests/commands/get_bucket_ownership_controls.sh b/tests/commands/get_bucket_ownership_controls.sh
@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+
+get_bucket_ownership_controls() {
+  if [[ $# -ne 1 ]]; then
+    log 2 "'get bucket ownership controls' command requires bucket name"
+    return 1
+  fi
+
+  if ! raw_bucket_ownership_controls=$(aws --no-verify-ssl s3api get-bucket-ownership-controls --bucket "$1" 2>&1); then
+    log 2 "error getting bucket ownership controls: $raw_bucket_ownership_controls"
+    return 1
+  fi
+
+  log 5 "Raw bucket Ownership Controls:  $raw_bucket_ownership_controls"
+  bucket_ownership_controls=$(echo "$raw_bucket_ownership_controls" | grep -v "InsecureRequestWarning")
+  export bucket_ownership_controls
+  return 0
+}
+
+get_object_ownership_rule() {
+  if [[ $# -ne 1 ]]; then
+    log 2 "'get object ownership rule' command requires bucket name"
+    return 1
+  fi
+  if ! get_bucket_ownership_controls "$1"; then
+    log 2 "error getting bucket ownership controls"
+    return 1
+  fi
+  if ! object_ownership_rule=$(echo "$bucket_ownership_controls" | jq -r ".OwnershipControls.Rules[0].ObjectOwnership" 2>&1); then
+    log 2 "error getting object ownership rule: $object_ownership_rule"
+    return 1
+  fi
+  log 5 "object ownership rule: $object_ownership_rule"
+  export object_ownership_rule
+  return 0
+}
diff --git a/tests/commands/put_bucket_acl.sh b/tests/commands/put_bucket_acl.sh
@@ -29,8 +29,20 @@ put_bucket_canned_acl() {
     return 1
   fi
   if ! error=$(aws --no-verify-ssl s3api put-bucket-acl --bucket "$1" --acl "$2"); then
-    log 2 "error resetting bucket acls: $error"
+    log 2 "error re-setting bucket acls: $error"
     return 1
   fi
   return 0
-}
+}
+
+put_bucket_canned_acl_with_user() {
+  if [[ $# -ne 2 ]]; then
+    log 2 "'put bucket canned acl with user' command requires bucket name, canned ACL, username, password"
+    return 1
+  fi
+  if ! error=$(AWS_ACCESS_KEY_ID="$3" AWS_SECRET_ACCESS_KEY="$4" aws --no-verify-ssl s3api put-bucket-acl --bucket "$1" --acl "$2"); then
+    log 2 "error re-setting bucket acls: $error"
+    return 1
+  fi
+  return 0
+}
diff --git a/tests/env.sh b/tests/env.sh
@@ -56,10 +56,13 @@ check_universal_vars() {
   elif [ -z "$AWS_SECRET_ACCESS_KEY" ]; then
     log 2 "No AWS secret access key set"
     return 1
+  elif [ -z "$AWS_REGION" ]; then
+    log 2 "No AWS region set"
+    return 1
   elif [ -z "$AWS_PROFILE" ]; then
     log 2 "No AWS profile set"
     return 1
-  elif [ -z "$AWS_ENDPOINT_URL" ]; then
+  elif [ "$DIRECT" != "true" ] && [ -z "$AWS_ENDPOINT_URL" ]; then
     log 2 "No AWS endpoint URL set"
     return 1
   elif [[ $RUN_VERSITYGW != "true" ]] && [[ $RUN_VERSITYGW != "false" ]]; then
@@ -78,14 +81,17 @@ check_universal_vars() {
     log 2 "RECREATE_BUCKETS must be 'true' or 'false'"
     return 1
   fi
-  export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_PROFILE AWS_ENDPOINT_URL RUN_VERSITYGW \
+  export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_REGION AWS_PROFILE AWS_ENDPOINT_URL RUN_VERSITYGW \
     BUCKET_ONE_NAME BUCKET_TWO_NAME RECREATE_BUCKETS
   if [[ -n "$TEST_LOG_FILE" ]]; then
     export TEST_LOG_FILE
   fi
   if [[ -n "$VERSITY_LOG_FILE" ]]; then
     export VERSITY_LOG_FILE
   fi
+  if [[ -n "$DIRECT" ]]; then
+    export DIRECT
+  fi
 }
 
 check_versity_vars() {