def test_mcg_namespace_object_versions_crd(self, mcg_obj, cld_mgr,
bucket_factory,
bucketclass_dict):
"""
Test object versioning S3 operations on namespace buckets/resources(CRDs).
Validates put, get, delete object version operations
"""
obj_versions = []
version_key = "ObjKey-" + str(uuid.uuid4().hex)
total_versions = 10
aws_s3_resource = boto3.resource(
"s3",
endpoint_url=constants.MCG_NS_AWS_ENDPOINT,
aws_access_key_id=cld_mgr.aws_client.access_key,
aws_secret_access_key=cld_mgr.aws_client.secret_key,
)
ns_buc = bucket_factory(
amount=1,
interface=bucketclass_dict["interface"],
bucketclass=bucketclass_dict,
)[0]
ns_bucket = ns_buc.name
namespace_res = ns_buc.bucketclass.namespacestores[0].uls_name
aws_s3_client = aws_s3_resource.meta.client
# Put, Get bucket versioning and verify
logger.info(
f"Enabling bucket versioning on resource bucket: {namespace_res}")
assert bucket_utils.s3_put_bucket_versioning(
s3_obj=mcg_obj,
bucketname=namespace_res,
status="Enabled",
s3_client=aws_s3_client,
), "Failed: PutBucketVersioning"
get_ver_res = bucket_utils.s3_get_bucket_versioning(
s3_obj=mcg_obj, bucketname=namespace_res, s3_client=aws_s3_client)
logger.info(
f"Get and verify versioning on resource bucket: {namespace_res}")
assert get_ver_res[
"Status"] == "Enabled", "Versioning is not enabled on bucket"
# Put, List, Get, Delete object version operations
for i in range(1, total_versions):
logger.info(f"Writing version {i} of {version_key}")
obj = bucket_utils.s3_put_object(
s3_obj=mcg_obj,
bucketname=ns_bucket,
object_key=version_key,
data=OBJ_DATA,
)
obj_versions.append(obj["VersionId"])
list_ver_resp = bucket_utils.s3_list_object_versions(
s3_obj=mcg_obj, bucketname=ns_bucket)
get_list_and_verify(list_ver_resp, obj_versions, "Versions")
for ver in obj_versions:
assert bucket_utils.s3_get_object(
s3_obj=mcg_obj,
bucketname=ns_bucket,
object_key=version_key,
versionid=ver,
), f"Failed to Read object {ver}"
assert bucket_utils.s3_delete_object(
s3_obj=mcg_obj,
bucketname=ns_bucket,
object_key=version_key,
versionid=ver,
), f"Failed to Delete object with {ver}"
logger.info(f"Get and delete version: {ver} of {namespace_res}")
logger.info(f"Suspending versioning on: {namespace_res}")
assert bucket_utils.s3_put_bucket_versioning(
s3_obj=mcg_obj,
bucketname=namespace_res,
status="Suspended",
s3_client=aws_s3_client,
), "Failed: PutBucketVersioning"
logger.info(f"Verifying versioning is suspended on: {namespace_res}")
get_version_response = bucket_utils.s3_get_bucket_versioning(
s3_obj=mcg_obj, bucketname=namespace_res, s3_client=aws_s3_client)
assert (get_version_response["Status"] == "Suspended"
), "Versioning is not suspended on bucket"
def test_bucket_versioning_and_policies(self, mcg_obj, bucket_factory):
"""
Tests bucket and object versioning on Noobaa buckets and also its related actions
"""
data = "Sample string content to write to a new S3 object"
object_key = "ObjKey-" + str(uuid.uuid4().hex)
object_versions = []
# Creating a OBC user (Account)
obc = bucket_factory(amount=1, interface='OC')
obc_obj = OBC(obc[0].name)
# Admin sets a policy on OBC bucket to allow versioning related actions
bucket_policy_generated = gen_bucket_policy(
user_list=obc_obj.obc_account,
actions_list=bucket_version_action_list,
resources_list=[
obc_obj.bucket_name, f'{obc_obj.bucket_name}/{"*"}'
])
bucket_policy = json.dumps(bucket_policy_generated)
# Creating policy
logger.info(
f'Creating bucket policy on bucket: {obc_obj.bucket_name} by Admin'
)
assert put_bucket_policy(mcg_obj, obc_obj.bucket_name,
bucket_policy), "Failed: PutBucketPolicy"
# Getting Policy
logger.info(f'Getting bucket policy on bucket: {obc_obj.bucket_name}')
get_policy = get_bucket_policy(mcg_obj, obc_obj.bucket_name)
logger.info(f"Got bucket policy: {get_policy['Policy']}")
logger.info(
f'Enabling bucket versioning on {obc_obj.bucket_name} using User: {obc_obj.obc_account}'
)
assert s3_put_bucket_versioning(
s3_obj=obc_obj, bucketname=obc_obj.bucket_name,
status="Enabled"), "Failed: PutBucketVersioning"
logger.info(
f'Verifying whether versioning is enabled on bucket: {obc_obj.bucket_name}'
)
assert s3_get_bucket_versioning(
s3_obj=obc_obj,
bucketname=obc_obj.bucket_name), "Failed: GetBucketVersioning"
# Admin modifies the policy to all obc-account to write/read/delete versioned objects
bucket_policy_generated = gen_bucket_policy(
user_list=obc_obj.obc_account,
actions_list=object_version_action_list,
resources_list=[
obc_obj.bucket_name, f'{obc_obj.bucket_name}/{"*"}'
])
bucket_policy = json.dumps(bucket_policy_generated)
logger.info(
f'Creating bucket policy on bucket: {obc_obj.bucket_name} by Admin'
)
assert put_bucket_policy(mcg_obj, obc_obj.bucket_name,
bucket_policy), "Failed: PutBucketPolicy"
# Getting Policy
logger.info(f'Getting bucket policy for bucket: {obc_obj.bucket_name}')
get_policy = get_bucket_policy(mcg_obj, obc_obj.bucket_name)
logger.info(f"Got bucket policy: {get_policy['Policy']}")
for key in range(5):
logger.info(f"Writing {key} version of {object_key}")
obj = s3_put_object(s3_obj=obc_obj,
bucketname=obc_obj.bucket_name,
object_key=object_key,
data=data)
object_versions.append(obj['VersionId'])
for version in object_versions:
logger.info(f"Reading version: {version} of {object_key}")
assert s3_get_object(
s3_obj=obc_obj,
bucketname=obc_obj.bucket_name,
object_key=object_key,
versionid=version), f"Failed: To Read object {version}"
logger.info(f"Deleting version: {version} of {object_key}")
assert s3_delete_object(
s3_obj=obc_obj,
bucketname=obc_obj.bucket_name,
object_key=object_key,
versionid=version), f"Failed: To Delete object with {version}"
bucket_policy_generated = gen_bucket_policy(
user_list=obc_obj.obc_account,
actions_list=['PutBucketVersioning'],
resources_list=[obc_obj.bucket_name])
bucket_policy = json.dumps(bucket_policy_generated)
logger.info(
f'Creating bucket policy on bucket: {obc_obj.bucket_name} by Admin'
)
assert put_bucket_policy(mcg_obj, obc_obj.bucket_name,
bucket_policy), "Failed: PutBucketPolicy"
# Getting Policy
logger.info(f'Getting bucket policy on bucket: {obc_obj.bucket_name}')
get_policy = get_bucket_policy(mcg_obj, obc_obj.bucket_name)
logger.info(f"Got bucket policy: {get_policy['Policy']}")
logger.info(
f"Suspending bucket versioning on {obc_obj.bucket_name} using User: {obc_obj.obc_account}"
)
assert s3_put_bucket_versioning(
s3_obj=obc_obj, bucketname=obc_obj.bucket_name,
status="Suspended"), "Failed: PutBucketVersioning"
# Verifying whether GetBucketVersion action is denied access
logger.info(
f'Verifying whether user: {obc_obj.obc_account} is denied to GetBucketVersion'
)
try:
s3_get_bucket_versioning(s3_obj=obc_obj,
bucketname=obc_obj.bucket_name)
except boto3exception.ClientError as e:
logger.info(e.response)
response = HttpResponseParser(e.response)
if response.error['Code'] == 'AccessDenied':
logger.info('Get Object action has been denied access')
else:
raise UnexpectedBehaviour(
f"{e.response} received invalid error code {response.error['Code']}"
)
