storj/cmd/satellite/testdata.go

// Copyright (C) 2022 Storj Labs, Inc.
// See LICENSE for copying information.

package main

import (
	"context"
	"crypto/sha256"
	"database/sql"
	"encoding/base64"
	"errors"

	"github.com/zeebo/errs"
	"golang.org/x/crypto/bcrypt"

	"storj.io/common/macaroon"
	"storj.io/common/memory"
	"storj.io/common/uuid"
	"storj.io/storj/satellite"
	"storj.io/storj/satellite/console"
	"storj.io/storj/satellite/console/consolewasm"
)

const (
	fullMigration     = "full"
	snapshotMigration = "snapshot"
	testDataCreation  = "testdata"
	noMigration       = "none"
)

var migrationTypes = []string{fullMigration, snapshotMigration, testDataCreation, noMigration}

var (
	projectID = uuid.UUID([16]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1})
	apiKeyID  = uuid.UUID([16]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2})
	head      = []byte{
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3,
	}
	secret = []byte{
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4,
	}
	password = "123a123"
)

// createTestData creates predefined test account to make the integration tests easier.
func createTestData(ctx context.Context, db satellite.DB) error {
	userID, err := uuid.FromString("be041c3c-0658-40d1-8f7c-e70a0a26cc12")
	if err != nil {
		return err
	}

	_, err = db.Console().Users().Get(ctx, userID)
	if errors.Is(err, sql.ErrNoRows) {

		hash, err := bcrypt.GenerateFromPassword([]byte(password), 0)
		if err != nil {
			return err
		}

		_, err = db.Console().Users().Insert(ctx, &console.User{
			ID:                    userID,
			FullName:              "Hiro Protagonist",
			Email:                 "test@storj.io",
			ProjectLimit:          5,
			ProjectStorageLimit:   (memory.GB * 150).Int64(),
			ProjectBandwidthLimit: (memory.GB * 150).Int64(),
			PasswordHash:          hash,
		})
		if err != nil {
			return err
		}

		active := console.Active
		err = db.Console().Users().Update(ctx, userID, console.UpdateUserRequest{
			Status: &active,
		})
		if err != nil {
			return err
		}
	} else if err != nil {
		return err
	}

	_, err = db.Console().Projects().Get(ctx, projectID)
	if errors.Is(err, sql.ErrNoRows) {
		_, err := db.Console().Projects().Insert(ctx, &console.Project{
			ID:      projectID,
			OwnerID: userID,
			Name:    "testproject",
		})
		if err != nil {
			return err
		}
		_, err = db.Console().ProjectMembers().Insert(ctx, userID, projectID)
		if err != nil {
			return err
		}
	} else if err != nil {
		return err
	}

	_, err = db.Console().APIKeys().GetByNameAndProjectID(ctx, "testkey", projectID)
	if errors.Is(err, sql.ErrNoRows) {
		_, err = db.Console().APIKeys().Create(ctx, head, console.APIKeyInfo{
			ID:        apiKeyID,
			ProjectID: projectID,
			Name:      "testkey",
			Secret:    secret,
		})
	} else if err != nil {
		return err
	}
	return err
}

// GetTestApiKey can calculate an access grant for the predefined test users/project.
func GetTestApiKey(satelliteId string) (string, error) {
	key, err := macaroon.FromParts(head, secret)
	if err != nil {
		return "", errs.Wrap(err)
	}

	idHash := sha256.Sum256(projectID[:])
	base64Salt := base64.StdEncoding.EncodeToString(idHash[:])

	accessGrant, err := consolewasm.GenAccessGrant(satelliteId, key.Serialize(), password, base64Salt)
	if err != nil {
		return "", errs.Wrap(err)
	}

	return accessGrant, nil
}
satellite: optional migration for integration tests This patch addresses the following issues: 1. Running full migration in cockroachdb is quite slow. We already have an approach for unit tests to start from the latest snapshot. This patch makes it possible to use it for integrations tests. 2. Migration requires executing a separated command which makes it hard to run application in containerized test environments (like storj-up) or from IDE. This patch introduces a hidden flag to run migration. 3. Test user creation is painful. We do it with calling GraphQL + admin API. Providing an option with testuser makes the integration tests significant more simple (especially as the projectID -> access grant can be predictable) Change-Id: I61010728727b490ea6aac32620f2da0484966727 2022-10-03 14:32:14 +01:00			`// Copyright (C) 2022 Storj Labs, Inc.`
			`// See LICENSE for copying information.`

			`package main`

			`import (`
			`"context"`
{satellite/console,web/satellite}: get project salt from satellite Add getSalt to projects api. Add action, GET_SALT, on Store Projects module to make the api request and return the salt string everywhere in the web app that generates an access grant. The Wasm code which is used to create the access grant has been changed to decode the salt as a base64 encoded string. The names of the function calls in the changed Wasm code have also been changed to ensure that access grant creation fails if JS access grant worker code and Wasm code are not the same version. https://github.com/storj/storj-private/issues/64 Change-Id: Ia2bc4cbadad84b066ca1882b042a3f0bb13c783a 2022-09-13 14:12:14 +01:00			`"crypto/sha256"`
satellite: optional migration for integration tests This patch addresses the following issues: 1. Running full migration in cockroachdb is quite slow. We already have an approach for unit tests to start from the latest snapshot. This patch makes it possible to use it for integrations tests. 2. Migration requires executing a separated command which makes it hard to run application in containerized test environments (like storj-up) or from IDE. This patch introduces a hidden flag to run migration. 3. Test user creation is painful. We do it with calling GraphQL + admin API. Providing an option with testuser makes the integration tests significant more simple (especially as the projectID -> access grant can be predictable) Change-Id: I61010728727b490ea6aac32620f2da0484966727 2022-10-03 14:32:14 +01:00			`"database/sql"`
{satellite/console,web/satellite}: get project salt from satellite Add getSalt to projects api. Add action, GET_SALT, on Store Projects module to make the api request and return the salt string everywhere in the web app that generates an access grant. The Wasm code which is used to create the access grant has been changed to decode the salt as a base64 encoded string. The names of the function calls in the changed Wasm code have also been changed to ensure that access grant creation fails if JS access grant worker code and Wasm code are not the same version. https://github.com/storj/storj-private/issues/64 Change-Id: Ia2bc4cbadad84b066ca1882b042a3f0bb13c783a 2022-09-13 14:12:14 +01:00			`"encoding/base64"`
satellite: optional migration for integration tests This patch addresses the following issues: 1. Running full migration in cockroachdb is quite slow. We already have an approach for unit tests to start from the latest snapshot. This patch makes it possible to use it for integrations tests. 2. Migration requires executing a separated command which makes it hard to run application in containerized test environments (like storj-up) or from IDE. This patch introduces a hidden flag to run migration. 3. Test user creation is painful. We do it with calling GraphQL + admin API. Providing an option with testuser makes the integration tests significant more simple (especially as the projectID -> access grant can be predictable) Change-Id: I61010728727b490ea6aac32620f2da0484966727 2022-10-03 14:32:14 +01:00			`"errors"`

			`"github.com/zeebo/errs"`
			`"golang.org/x/crypto/bcrypt"`

			`"storj.io/common/macaroon"`
			`"storj.io/common/memory"`
			`"storj.io/common/uuid"`
			`"storj.io/storj/satellite"`
			`"storj.io/storj/satellite/console"`
			`"storj.io/storj/satellite/console/consolewasm"`
			`)`

			`const (`
			`fullMigration = "full"`
			`snapshotMigration = "snapshot"`
			`testDataCreation = "testdata"`
			`noMigration = "none"`
			`)`

			`var migrationTypes = []string{fullMigration, snapshotMigration, testDataCreation, noMigration}`

			`var (`
			`projectID = uuid.UUID([16]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1})`
			`apiKeyID = uuid.UUID([16]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2})`
			`head = []byte{`
			`0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,`
			`0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,`
			`0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,`
			`0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3,`
			`}`
			`secret = []byte{`
			`0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,`
			`0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,`
			`0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,`
			`0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4,`
			`}`
			`password = "123a123"`
			`)`

			`// createTestData creates predefined test account to make the integration tests easier.`
			`func createTestData(ctx context.Context, db satellite.DB) error {`
			`userID, err := uuid.FromString("be041c3c-0658-40d1-8f7c-e70a0a26cc12")`
			`if err != nil {`
			`return err`
			`}`

			`_, err = db.Console().Users().Get(ctx, userID)`
			`if errors.Is(err, sql.ErrNoRows) {`

			`hash, err := bcrypt.GenerateFromPassword([]byte(password), 0)`
			`if err != nil {`
			`return err`
			`}`

			`_, err = db.Console().Users().Insert(ctx, &console.User{`
			`ID: userID,`
			`FullName: "Hiro Protagonist",`
			`Email: "test@storj.io",`
			`ProjectLimit: 5,`
			`ProjectStorageLimit: (memory.GB * 150).Int64(),`
			`ProjectBandwidthLimit: (memory.GB * 150).Int64(),`
			`PasswordHash: hash,`
			`})`
			`if err != nil {`
			`return err`
			`}`

			`active := console.Active`
			`err = db.Console().Users().Update(ctx, userID, console.UpdateUserRequest{`
			`Status: &active,`
			`})`
			`if err != nil {`
			`return err`
			`}`
			`} else if err != nil {`
			`return err`
			`}`

			`_, err = db.Console().Projects().Get(ctx, projectID)`
			`if errors.Is(err, sql.ErrNoRows) {`
			`_, err := db.Console().Projects().Insert(ctx, &console.Project{`
			`ID: projectID,`
			`OwnerID: userID,`
			`Name: "testproject",`
			`})`
			`if err != nil {`
			`return err`
			`}`
			`_, err = db.Console().ProjectMembers().Insert(ctx, userID, projectID)`
			`if err != nil {`
			`return err`
			`}`
			`} else if err != nil {`
			`return err`
			`}`

			`_, err = db.Console().APIKeys().GetByNameAndProjectID(ctx, "testkey", projectID)`
			`if errors.Is(err, sql.ErrNoRows) {`
			`_, err = db.Console().APIKeys().Create(ctx, head, console.APIKeyInfo{`
			`ID: apiKeyID,`
			`ProjectID: projectID,`
			`Name: "testkey",`
			`Secret: secret,`
			`})`
			`} else if err != nil {`
			`return err`
			`}`
			`return err`
			`}`

			`// GetTestApiKey can calculate an access grant for the predefined test users/project.`
			`func GetTestApiKey(satelliteId string) (string, error) {`
			`key, err := macaroon.FromParts(head, secret)`
			`if err != nil {`
			`return "", errs.Wrap(err)`
			`}`

{satellite/console,web/satellite}: get project salt from satellite Add getSalt to projects api. Add action, GET_SALT, on Store Projects module to make the api request and return the salt string everywhere in the web app that generates an access grant. The Wasm code which is used to create the access grant has been changed to decode the salt as a base64 encoded string. The names of the function calls in the changed Wasm code have also been changed to ensure that access grant creation fails if JS access grant worker code and Wasm code are not the same version. https://github.com/storj/storj-private/issues/64 Change-Id: Ia2bc4cbadad84b066ca1882b042a3f0bb13c783a 2022-09-13 14:12:14 +01:00			`idHash := sha256.Sum256(projectID[:])`
			`base64Salt := base64.StdEncoding.EncodeToString(idHash[:])`

			`accessGrant, err := consolewasm.GenAccessGrant(satelliteId, key.Serialize(), password, base64Salt)`
satellite: optional migration for integration tests This patch addresses the following issues: 1. Running full migration in cockroachdb is quite slow. We already have an approach for unit tests to start from the latest snapshot. This patch makes it possible to use it for integrations tests. 2. Migration requires executing a separated command which makes it hard to run application in containerized test environments (like storj-up) or from IDE. This patch introduces a hidden flag to run migration. 3. Test user creation is painful. We do it with calling GraphQL + admin API. Providing an option with testuser makes the integration tests significant more simple (especially as the projectID -> access grant can be predictable) Change-Id: I61010728727b490ea6aac32620f2da0484966727 2022-10-03 14:32:14 +01:00			`if err != nil {`
			`return "", errs.Wrap(err)`
			`}`

			`return accessGrant, nil`
			`}`