satellite/metabase: test CommitObject.DisallowDelete
Change-Id: I4f408dd23ba2875a0aa46fb4dbd494c3c7dbc0af
This commit is contained in:
parent
587fa8fdff
commit
11b083c611
@ -572,7 +572,7 @@ func (db *DB) CommitObject(ctx context.Context, opts CommitObject) (object Objec
|
||||
DisallowDelete: opts.DisallowDelete,
|
||||
}, tx)
|
||||
if err != nil {
|
||||
return Error.Wrap(err)
|
||||
return err
|
||||
}
|
||||
|
||||
nextVersion := opts.Version
|
||||
|
@ -62,7 +62,7 @@ func (db *DB) CommitObjectWithSegments(ctx context.Context, opts CommitObjectWit
|
||||
DisallowDelete: opts.DisallowDelete,
|
||||
}, tx)
|
||||
if err != nil {
|
||||
return Error.Wrap(err)
|
||||
return err
|
||||
}
|
||||
|
||||
segmentsInDatabase, err := fetchSegmentsForCommit(ctx, tx, opts.StreamID)
|
||||
|
@ -271,8 +271,8 @@ func TestCommitObjectWithSegments(t *testing.T) {
|
||||
EncryptedMetadataEncryptedKey: encryptedMetadataKey,
|
||||
DisallowDelete: true,
|
||||
},
|
||||
ErrClass: &metabase.Error,
|
||||
ErrText: "permission denied: no permissions to delete existing object",
|
||||
ErrClass: &metabase.ErrPermissionDenied,
|
||||
ErrText: "no permissions to delete existing object",
|
||||
}.Check(ctx, t, db)
|
||||
|
||||
metabasetest.Verify{
|
||||
|
@ -2236,7 +2236,131 @@ func TestCommitObject(t *testing.T) {
|
||||
}.Check(ctx, t, db)
|
||||
})
|
||||
|
||||
// TODO(ver): tests for DisallowDelete = false/true and ErrPermissionDenied
|
||||
t.Run("disallow delete but nothing to delete", func(t *testing.T) {
|
||||
defer metabasetest.DeleteAll{}.Check(ctx, t, db)
|
||||
|
||||
metabasetest.BeginObjectExactVersion{
|
||||
Opts: metabase.BeginObjectExactVersion{
|
||||
ObjectStream: metabase.ObjectStream{
|
||||
ProjectID: obj.ProjectID,
|
||||
BucketName: obj.BucketName,
|
||||
ObjectKey: obj.ObjectKey,
|
||||
Version: 5,
|
||||
StreamID: obj.StreamID,
|
||||
},
|
||||
Encryption: metabasetest.DefaultEncryption,
|
||||
},
|
||||
}.Check(ctx, t, db)
|
||||
now := time.Now()
|
||||
|
||||
encryptedMetadata := testrand.Bytes(1024)
|
||||
encryptedMetadataNonce := testrand.Nonce()
|
||||
encryptedMetadataKey := testrand.Bytes(265)
|
||||
|
||||
metabasetest.CommitObject{
|
||||
Opts: metabase.CommitObject{
|
||||
ObjectStream: metabase.ObjectStream{
|
||||
ProjectID: obj.ProjectID,
|
||||
BucketName: obj.BucketName,
|
||||
ObjectKey: obj.ObjectKey,
|
||||
Version: 5,
|
||||
StreamID: obj.StreamID,
|
||||
},
|
||||
OverrideEncryptedMetadata: true,
|
||||
EncryptedMetadataNonce: encryptedMetadataNonce[:],
|
||||
EncryptedMetadata: encryptedMetadata,
|
||||
EncryptedMetadataEncryptedKey: encryptedMetadataKey,
|
||||
DisallowDelete: true,
|
||||
},
|
||||
}.Check(ctx, t, db)
|
||||
|
||||
metabasetest.Verify{
|
||||
Objects: []metabase.RawObject{
|
||||
{
|
||||
ObjectStream: metabase.ObjectStream{
|
||||
ProjectID: obj.ProjectID,
|
||||
BucketName: obj.BucketName,
|
||||
ObjectKey: obj.ObjectKey,
|
||||
Version: 5,
|
||||
StreamID: obj.StreamID,
|
||||
},
|
||||
CreatedAt: now,
|
||||
Status: metabase.CommittedUnversioned,
|
||||
|
||||
EncryptedMetadataNonce: encryptedMetadataNonce[:],
|
||||
EncryptedMetadata: encryptedMetadata,
|
||||
EncryptedMetadataEncryptedKey: encryptedMetadataKey,
|
||||
|
||||
Encryption: metabasetest.DefaultEncryption,
|
||||
},
|
||||
},
|
||||
}.Check(ctx, t, db)
|
||||
})
|
||||
|
||||
t.Run("disallow delete when committing unversioned", func(t *testing.T) {
|
||||
defer metabasetest.DeleteAll{}.Check(ctx, t, db)
|
||||
|
||||
unversionedStream := obj
|
||||
unversionedStream.Version = 3
|
||||
unversionedObject := metabasetest.CreateObject(ctx, t, db, unversionedStream, 0)
|
||||
|
||||
metabasetest.BeginObjectExactVersion{
|
||||
Opts: metabase.BeginObjectExactVersion{
|
||||
ObjectStream: metabase.ObjectStream{
|
||||
ProjectID: obj.ProjectID,
|
||||
BucketName: obj.BucketName,
|
||||
ObjectKey: obj.ObjectKey,
|
||||
Version: 5,
|
||||
StreamID: obj.StreamID,
|
||||
},
|
||||
Encryption: metabasetest.DefaultEncryption,
|
||||
},
|
||||
}.Check(ctx, t, db)
|
||||
now := time.Now()
|
||||
zombieDeadline := now.Add(24 * time.Hour)
|
||||
|
||||
encryptedMetadata := testrand.Bytes(1024)
|
||||
encryptedMetadataNonce := testrand.Nonce()
|
||||
encryptedMetadataKey := testrand.Bytes(265)
|
||||
|
||||
metabasetest.CommitObject{
|
||||
Opts: metabase.CommitObject{
|
||||
ObjectStream: metabase.ObjectStream{
|
||||
ProjectID: obj.ProjectID,
|
||||
BucketName: obj.BucketName,
|
||||
ObjectKey: obj.ObjectKey,
|
||||
Version: 5,
|
||||
StreamID: obj.StreamID,
|
||||
},
|
||||
EncryptedMetadataNonce: encryptedMetadataNonce[:],
|
||||
EncryptedMetadata: encryptedMetadata,
|
||||
EncryptedMetadataEncryptedKey: encryptedMetadataKey,
|
||||
DisallowDelete: true,
|
||||
},
|
||||
ErrClass: &metabase.ErrPermissionDenied,
|
||||
ErrText: "no permissions to delete existing object",
|
||||
}.Check(ctx, t, db)
|
||||
|
||||
metabasetest.Verify{
|
||||
Objects: []metabase.RawObject{
|
||||
metabase.RawObject(unversionedObject),
|
||||
{
|
||||
ObjectStream: metabase.ObjectStream{
|
||||
ProjectID: obj.ProjectID,
|
||||
BucketName: obj.BucketName,
|
||||
ObjectKey: obj.ObjectKey,
|
||||
Version: 5,
|
||||
StreamID: obj.StreamID,
|
||||
},
|
||||
CreatedAt: now,
|
||||
Status: metabase.Pending,
|
||||
|
||||
Encryption: metabasetest.DefaultEncryption,
|
||||
ZombieDeletionDeadline: &zombieDeadline,
|
||||
},
|
||||
},
|
||||
}.Check(ctx, t, db)
|
||||
})
|
||||
|
||||
t.Run("assign plain_offset", func(t *testing.T) {
|
||||
defer metabasetest.DeleteAll{}.Check(ctx, t, db)
|
||||
|
@ -244,7 +244,7 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje
|
||||
DisallowDelete: opts.NewDisallowDelete,
|
||||
}, tx)
|
||||
if err != nil {
|
||||
return Error.Wrap(err)
|
||||
return err
|
||||
}
|
||||
|
||||
newStatus := committedWhereVersioned(opts.NewVersioned)
|
||||
|
@ -174,7 +174,7 @@ func (db *DB) FinishMoveObject(ctx context.Context, opts FinishMoveObject) (err
|
||||
DisallowDelete: opts.NewDisallowDelete,
|
||||
}, tx)
|
||||
if err != nil {
|
||||
return Error.Wrap(err)
|
||||
return err
|
||||
}
|
||||
|
||||
var oldStatus ObjectStatus
|
||||
|
Loading…
Reference in New Issue
Block a user