def test_DELETE(self): controller = proxy_server.AccountController(self.app, 'AUTH_bob') req = Request.blank('/v1/AUTH_bob', {}) resp = controller.DELETE(req) self.assertEqual(resp.status_int, 405) self.app.allow_account_management = True with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(200, body='')): controller = proxy_server.AccountController( self.app, 'AUTH_bob' * 40) req = Request.blank('/v1/AUTH_bob', {}) resp = controller.DELETE(req) self.assertEqual(resp.status_int, 200) controller = proxy_server.AccountController(self.app, 'AUTH_bob' * 40) req = Request.blank('/v1/AUTH_bob', {}, query_string='test') resp = controller.DELETE(req) self.assertEqual(resp.status_int, 400) with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(404, body='')): req = Request.blank('/v1/AUTH_bob', {'PATH_INFO': '/v1/AUTH_bob'}) resp = controller.DELETE(req) self.assertEqual(resp.status_int, 404)
def test_stripping_swift_admin_headers(self): # Verify that a GET/HEAD which receives privileged headers from the # account server will strip those headers for non-swift_owners hdrs_ext, hdrs_int = self._make_user_and_sys_acl_headers_data() headers = { 'x-account-meta-harmless': 'hi mom', 'x-account-meta-temp-url-key': 's3kr1t', } controller = proxy_server.AccountController(self.app, 'acct') for verb in ('GET', 'HEAD'): for env in ({'swift_owner': True}, {'swift_owner': False}): req = Request.blank('/v1/acct', environ=env) controller.GETorHEAD_base = lambda *_: Response( headers=headers, environ={ 'PATH_INFO': '/acct', 'REQUEST_METHOD': verb, }) method = getattr(controller, verb) resp = method(req) self.assertEqual(resp.headers.get('x-account-meta-harmless'), 'hi mom') privileged_header_present = ('x-account-meta-temp-url-key' in resp.headers) self.assertEqual(privileged_header_present, env['swift_owner'])
def test_sys_meta_headers_PUT(self): # check that headers in sys meta namespace make it through # the proxy controller sys_meta_key = '%stest' % get_sys_meta_prefix('account') sys_meta_key = sys_meta_key.title() user_meta_key = 'X-Account-Meta-Test' # allow PUTs to account... self.app.allow_account_management = True controller = proxy_server.AccountController(self.app, 'a') context = {} callback = self._make_callback_func(context) hdrs_in = { sys_meta_key: 'foo', user_meta_key: 'bar', 'x-timestamp': '1.0' } req = Request.blank('/v1/a', headers=hdrs_in) with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(200, 200, give_connect=callback)): controller.PUT(req) self.assertEqual(context['method'], 'PUT') self.assertTrue(sys_meta_key in context['headers']) self.assertEqual(context['headers'][sys_meta_key], 'foo') self.assertTrue(user_meta_key in context['headers']) self.assertEqual(context['headers'][user_meta_key], 'bar') self.assertNotEqual(context['headers']['x-timestamp'], '1.0')
def test_PUT_success_cases(self): controller = proxy_server.AccountController(self.app, 'AUTH_bob') self.app.allow_account_management = True with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(200, body='')): req = Request.blank('/v1/AUTH_bob', {'PATH_INFO': '/v1/AUTH_bob'}) resp = controller.PUT(req) self.assertEqual(resp.status_int, 200)
def test_PUT(self): controller = proxy_server.AccountController(self.app, 'AUTH_bob') req = Request.blank('/v1/AUTH_bob', {}) resp = controller.PUT(req) self.assertEqual(resp.status_int, 405) self.app.allow_account_management = True req = Request.blank('/v1/AUTH_bob', {}) with mock.patch('osd.proxyService.controllers.account.check_metadata', return_value=HTTPBadRequest(request=req)): resp = controller.PUT(req) self.assertEqual(resp.status_int, 400) controller = proxy_server.AccountController(self.app, 'AUTH_bob' * 40) req = Request.blank('/v1/AUTH_bob', {}) resp = controller.PUT(req) self.assertEqual(resp.status_int, 400)
def test_account_info_in_response_env(self): controller = proxy_server.AccountController(self.app, 'AUTH_bob') with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(200, body='')): req = Request.blank('/v1/AUTH_bob', {'PATH_INFO': '/v1/AUTH_bob'}) resp = controller.HEAD(req) self.assertEqual(2, resp.status_int // 100) self.assertTrue('swift.account/AUTH_bob' in resp.environ) self.assertEqual(headers_to_account_info(resp.headers), resp.environ['swift.account/AUTH_bob'])
def test_add_acls_impossible_cases(self): # For test coverage: verify that defensive coding does defend, in cases # that shouldn't arise naturally # add_acls should do nothing if REQUEST_METHOD isn't HEAD/GET/PUT/POST resp = Response() controller = proxy_server.AccountController(self.app, 'a') resp.environ['PATH_INFO'] = '/a' resp.environ['REQUEST_METHOD'] = 'OPTIONS' controller.add_acls_from_sys_metadata(resp) self.assertEqual(1, len(resp.headers)) # we always get Content-Type self.assertEqual(2, len(resp.environ))
def test_long_acct_names(self): long_acct_name = '%sLongAccountName' % ('Very' * (MAX_ANAME_LEN // 4)) controller = proxy_server.AccountController(self.app, long_acct_name) req = Request.blank('/v1/%s' % long_acct_name) with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(200)): resp = controller.HEAD(req) self.assertEquals(400, resp.status_int) with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(200)): resp = controller.GET(req) self.assertEquals(400, resp.status_int) with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(200)): resp = controller.POST(req) self.assertEquals(400, resp.status_int)
def test_get_node_returning_empty_value(self): controller = proxy_server.AccountController(self.app, 'AUTH_bob') req = Request.blank('/v1/a', {}) self.app.account_ring.get_node = mock.MagicMock(return_value=([], '', '', '', '')) resp = controller.GET(req) self.assertEqual(resp.status_int, 500) resp = controller.HEAD(req) self.assertEqual(resp.status_int, 500) self.app.allow_account_management = True resp = controller.PUT(req) self.assertEqual(resp.status_int, 500) resp = controller.DELETE(req) self.assertEqual(resp.status_int, 500) resp = controller.POST(req) self.assertEqual(resp.status_int, 500)
def test_swift_owner(self): owner_headers = { 'x-account-meta-temp-url-key': 'value', 'x-account-meta-temp-url-key-2': 'value' } controller = proxy_server.AccountController(self.app, 'a') req = Request.blank('/v1/a') with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(200, headers=owner_headers)): resp = controller.HEAD(req) self.assertEquals(2, resp.status_int // 100) for key in owner_headers: self.assertTrue(key not in resp.headers) req = Request.blank('/v1/a', environ={'swift_owner': True}) with mock.patch('osd.proxyService.controllers.base.http_connect', fake_http_connect(200, headers=owner_headers)): resp = controller.HEAD(req) self.assertEquals(2, resp.status_int // 100) for key in owner_headers: self.assertTrue(key in resp.headers)
def test_account_acl_headers_translated_for_GET_HEAD(self): # Verify that a GET/HEAD which receives X-Account-Sysmeta-Acl-* headers # from the account server will remap those headers to X-Account-Acl-* hdrs_ext, hdrs_int = self._make_user_and_sys_acl_headers_data() controller = proxy_server.AccountController(self.app, 'acct') for verb in ('GET', 'HEAD'): req = Request.blank('/v1/acct', environ={'swift_owner': True}) controller.GETorHEAD_base = lambda *_: Response( headers=hdrs_int, environ={ 'PATH_INFO': '/acct', 'REQUEST_METHOD': verb, }) method = getattr(controller, verb) resp = method(req) for header, value in hdrs_ext.items(): if value: self.assertEqual(resp.headers.get(header), value) else: # blank ACLs should result in no header self.assert_(header not in resp.headers)
def test_GETorHEAD(self): controller = proxy_server.AccountController(self.app, 'AUTH_bob' * 40) req = Request.blank('/v1/AUTH_bob', {}) resp = controller.GETorHEAD(req) self.assertEqual(resp.status_int, 400) """