b579c260ab
We decided that better name for "scope" will be "access". This change refactors cmd part of code but don't touch libuplink. For backward compatibility old configs with "scope" field will be loaded without any issue. Old flag "scope" won't be supported directly from command line. https://storjlabs.atlassian.net/browse/V3-3488 Change-Id: I349d6971c798380d147937c91e887edb5e9ae4aa
81 lines
2.2 KiB
Go
81 lines
2.2 KiB
Go
// Copyright (C) 2019 Storj Labs, Inc.
|
|
// See LICENSE for copying information.
|
|
|
|
package uplink_test
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"storj.io/common/memory"
|
|
"storj.io/common/storj"
|
|
"storj.io/common/testcontext"
|
|
"storj.io/common/testrand"
|
|
"storj.io/storj/lib/uplink"
|
|
"storj.io/storj/private/testplanet"
|
|
)
|
|
|
|
func TestAllowedPathPrefixListing(t *testing.T) {
|
|
testplanet.Run(t, testplanet.Config{
|
|
SatelliteCount: 1, StorageNodeCount: 5, UplinkCount: 1,
|
|
}, func(t *testing.T, ctx *testcontext.Context, planet *testplanet.Planet) {
|
|
testUplink := planet.Uplinks[0]
|
|
testSatellite := planet.Satellites[0]
|
|
err := testUplink.CreateBucket(ctx, testSatellite, "testbucket")
|
|
require.NoError(t, err)
|
|
|
|
err = testUplink.Upload(ctx, testSatellite, "testbucket", "videos/status.mp4", testrand.Bytes(5*memory.KiB))
|
|
require.NoError(t, err)
|
|
|
|
upCfg := &uplink.Config{}
|
|
upCfg.Volatile.TLS.SkipPeerCAWhitelist = true
|
|
|
|
up, err := uplink.NewUplink(ctx, upCfg)
|
|
require.NoError(t, err)
|
|
defer ctx.Check(up.Close)
|
|
|
|
uplinkConfig := testUplink.GetConfig(testSatellite)
|
|
access, err := uplinkConfig.GetAccess()
|
|
require.NoError(t, err)
|
|
|
|
encryptionAccess := access.EncryptionAccess
|
|
func() {
|
|
proj, err := up.OpenProject(ctx, access.SatelliteAddr, access.APIKey)
|
|
require.NoError(t, err)
|
|
defer ctx.Check(proj.Close)
|
|
|
|
bucket, err := proj.OpenBucket(ctx, "testbucket", encryptionAccess)
|
|
require.NoError(t, err)
|
|
defer ctx.Check(bucket.Close)
|
|
|
|
list, err := bucket.ListObjects(ctx, nil)
|
|
require.NoError(t, err)
|
|
require.Equal(t, 1, len(list.Items))
|
|
}()
|
|
|
|
restrictedAPIKey, restrictedEa, err := encryptionAccess.Restrict(access.APIKey, uplink.EncryptionRestriction{
|
|
Bucket: "testbucket",
|
|
PathPrefix: "videos",
|
|
})
|
|
require.NoError(t, err)
|
|
func() {
|
|
proj, err := up.OpenProject(ctx, access.SatelliteAddr, restrictedAPIKey)
|
|
require.NoError(t, err)
|
|
defer ctx.Check(proj.Close)
|
|
|
|
bucket, err := proj.OpenBucket(ctx, "testbucket", restrictedEa)
|
|
require.NoError(t, err)
|
|
defer ctx.Check(bucket.Close)
|
|
|
|
list, err := bucket.ListObjects(ctx, &storj.ListOptions{
|
|
Prefix: "videos",
|
|
Direction: storj.After,
|
|
})
|
|
require.NoError(t, err)
|
|
require.Equal(t, 1, len(list.Items))
|
|
}()
|
|
|
|
})
|
|
}
|