def test_DELETE(self):
controller = proxy_server.AccountController(self.app, 'AUTH_bob')
req = Request.blank('/v1/AUTH_bob', {})
resp = controller.DELETE(req)
self.assertEqual(resp.status_int, 405)
self.app.allow_account_management = True
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(200, body='')):
controller = proxy_server.AccountController(
self.app, 'AUTH_bob' * 40)
req = Request.blank('/v1/AUTH_bob', {})
resp = controller.DELETE(req)
self.assertEqual(resp.status_int, 200)
controller = proxy_server.AccountController(self.app, 'AUTH_bob' * 40)
req = Request.blank('/v1/AUTH_bob', {}, query_string='test')
resp = controller.DELETE(req)
self.assertEqual(resp.status_int, 400)
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(404, body='')):
req = Request.blank('/v1/AUTH_bob', {'PATH_INFO': '/v1/AUTH_bob'})
resp = controller.DELETE(req)
self.assertEqual(resp.status_int, 404)
def test_stripping_swift_admin_headers(self):
# Verify that a GET/HEAD which receives privileged headers from the
# account server will strip those headers for non-swift_owners
hdrs_ext, hdrs_int = self._make_user_and_sys_acl_headers_data()
headers = {
'x-account-meta-harmless': 'hi mom',
'x-account-meta-temp-url-key': 's3kr1t',
}
controller = proxy_server.AccountController(self.app, 'acct')
for verb in ('GET', 'HEAD'):
for env in ({'swift_owner': True}, {'swift_owner': False}):
req = Request.blank('/v1/acct', environ=env)
controller.GETorHEAD_base = lambda *_: Response(
headers=headers,
environ={
'PATH_INFO': '/acct',
'REQUEST_METHOD': verb,
})
method = getattr(controller, verb)
resp = method(req)
self.assertEqual(resp.headers.get('x-account-meta-harmless'),
'hi mom')
privileged_header_present = ('x-account-meta-temp-url-key'
in resp.headers)
self.assertEqual(privileged_header_present, env['swift_owner'])
def test_sys_meta_headers_PUT(self):
# check that headers in sys meta namespace make it through
# the proxy controller
sys_meta_key = '%stest' % get_sys_meta_prefix('account')
sys_meta_key = sys_meta_key.title()
user_meta_key = 'X-Account-Meta-Test'
# allow PUTs to account...
self.app.allow_account_management = True
controller = proxy_server.AccountController(self.app, 'a')
context = {}
callback = self._make_callback_func(context)
hdrs_in = {
sys_meta_key: 'foo',
user_meta_key: 'bar',
'x-timestamp': '1.0'
}
req = Request.blank('/v1/a', headers=hdrs_in)
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(200, 200, give_connect=callback)):
controller.PUT(req)
self.assertEqual(context['method'], 'PUT')
self.assertTrue(sys_meta_key in context['headers'])
self.assertEqual(context['headers'][sys_meta_key], 'foo')
self.assertTrue(user_meta_key in context['headers'])
self.assertEqual(context['headers'][user_meta_key], 'bar')
self.assertNotEqual(context['headers']['x-timestamp'], '1.0')
def test_PUT_success_cases(self):
controller = proxy_server.AccountController(self.app, 'AUTH_bob')
self.app.allow_account_management = True
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(200, body='')):
req = Request.blank('/v1/AUTH_bob', {'PATH_INFO': '/v1/AUTH_bob'})
resp = controller.PUT(req)
self.assertEqual(resp.status_int, 200)
def test_PUT(self):
controller = proxy_server.AccountController(self.app, 'AUTH_bob')
req = Request.blank('/v1/AUTH_bob', {})
resp = controller.PUT(req)
self.assertEqual(resp.status_int, 405)
self.app.allow_account_management = True
req = Request.blank('/v1/AUTH_bob', {})
with mock.patch('osd.proxyService.controllers.account.check_metadata',
return_value=HTTPBadRequest(request=req)):
resp = controller.PUT(req)
self.assertEqual(resp.status_int, 400)
controller = proxy_server.AccountController(self.app, 'AUTH_bob' * 40)
req = Request.blank('/v1/AUTH_bob', {})
resp = controller.PUT(req)
self.assertEqual(resp.status_int, 400)
def test_account_info_in_response_env(self):
controller = proxy_server.AccountController(self.app, 'AUTH_bob')
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(200, body='')):
req = Request.blank('/v1/AUTH_bob', {'PATH_INFO': '/v1/AUTH_bob'})
resp = controller.HEAD(req)
self.assertEqual(2, resp.status_int // 100)
self.assertTrue('swift.account/AUTH_bob' in resp.environ)
self.assertEqual(headers_to_account_info(resp.headers),
resp.environ['swift.account/AUTH_bob'])
def test_add_acls_impossible_cases(self):
# For test coverage: verify that defensive coding does defend, in cases
# that shouldn't arise naturally
# add_acls should do nothing if REQUEST_METHOD isn't HEAD/GET/PUT/POST
resp = Response()
controller = proxy_server.AccountController(self.app, 'a')
resp.environ['PATH_INFO'] = '/a'
resp.environ['REQUEST_METHOD'] = 'OPTIONS'
controller.add_acls_from_sys_metadata(resp)
self.assertEqual(1, len(resp.headers)) # we always get Content-Type
self.assertEqual(2, len(resp.environ))
def test_long_acct_names(self):
long_acct_name = '%sLongAccountName' % ('Very' * (MAX_ANAME_LEN // 4))
controller = proxy_server.AccountController(self.app, long_acct_name)
req = Request.blank('/v1/%s' % long_acct_name)
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(200)):
resp = controller.HEAD(req)
self.assertEquals(400, resp.status_int)
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(200)):
resp = controller.GET(req)
self.assertEquals(400, resp.status_int)
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(200)):
resp = controller.POST(req)
self.assertEquals(400, resp.status_int)
def test_get_node_returning_empty_value(self):
controller = proxy_server.AccountController(self.app, 'AUTH_bob')
req = Request.blank('/v1/a', {})
self.app.account_ring.get_node = mock.MagicMock(return_value=([], '',
'', '',
''))
resp = controller.GET(req)
self.assertEqual(resp.status_int, 500)
resp = controller.HEAD(req)
self.assertEqual(resp.status_int, 500)
self.app.allow_account_management = True
resp = controller.PUT(req)
self.assertEqual(resp.status_int, 500)
resp = controller.DELETE(req)
self.assertEqual(resp.status_int, 500)
resp = controller.POST(req)
self.assertEqual(resp.status_int, 500)
def test_swift_owner(self):
owner_headers = {
'x-account-meta-temp-url-key': 'value',
'x-account-meta-temp-url-key-2': 'value'
}
controller = proxy_server.AccountController(self.app, 'a')
req = Request.blank('/v1/a')
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(200, headers=owner_headers)):
resp = controller.HEAD(req)
self.assertEquals(2, resp.status_int // 100)
for key in owner_headers:
self.assertTrue(key not in resp.headers)
req = Request.blank('/v1/a', environ={'swift_owner': True})
with mock.patch('osd.proxyService.controllers.base.http_connect',
fake_http_connect(200, headers=owner_headers)):
resp = controller.HEAD(req)
self.assertEquals(2, resp.status_int // 100)
for key in owner_headers:
self.assertTrue(key in resp.headers)
def test_account_acl_headers_translated_for_GET_HEAD(self):
# Verify that a GET/HEAD which receives X-Account-Sysmeta-Acl-* headers
# from the account server will remap those headers to X-Account-Acl-*
hdrs_ext, hdrs_int = self._make_user_and_sys_acl_headers_data()
controller = proxy_server.AccountController(self.app, 'acct')
for verb in ('GET', 'HEAD'):
req = Request.blank('/v1/acct', environ={'swift_owner': True})
controller.GETorHEAD_base = lambda *_: Response(
headers=hdrs_int,
environ={
'PATH_INFO': '/acct',
'REQUEST_METHOD': verb,
})
method = getattr(controller, verb)
resp = method(req)
for header, value in hdrs_ext.items():
if value:
self.assertEqual(resp.headers.get(header), value)
else:
# blank ACLs should result in no header
self.assert_(header not in resp.headers)
def test_GETorHEAD(self):
controller = proxy_server.AccountController(self.app, 'AUTH_bob' * 40)
req = Request.blank('/v1/AUTH_bob', {})
resp = controller.GETorHEAD(req)
self.assertEqual(resp.status_int, 400)
"""