""" Rgw admin testing against a running instance """ # The test cases in this file have been annotated for inventory. # To extract the inventory (in csv format) use the command: # # grep '^ *# TESTCASE' | sed 's/^ *# TESTCASE //' # # to run this standalone: # python qa/tasks/radosgw_admin.py [USER] HOSTNAME # import copy import json import logging import time import datetime import Queue import bunch import sys from cStringIO import StringIO import boto.exception import boto.s3.connection import boto.s3.acl from boto.utils import RequestHook import httplib2 import util.rgw as rgw_utils from util.rgw import rgwadmin, get_user_summary, get_user_successful_ops log = logging.getLogger(__name__) def usage_acc_findentry2(entries, user, add=True): for e in entries: if e['user'] == user: return e if not add: return None e = {'user': user, 'buckets': []} entries.append(e) return e def usage_acc_findsum2(summaries, user, add=True): for e in summaries: if e['user'] == user: return e if not add: return None e = {'user': user, 'categories': [], 'total': {'bytes_received': 0, 'bytes_sent': 0, 'ops': 0, 'successful_ops': 0 }} summaries.append(e) return e def usage_acc_update2(x, out, b_in, err): x['bytes_sent'] += b_in x['bytes_received'] += out x['ops'] += 1 if not err: x['successful_ops'] += 1 def usage_acc_validate_fields(r, x, x2, what): q=[] for field in ['bytes_sent', 'bytes_received', 'ops', 'successful_ops']: try: if x2[field] < x[field]: q.append("field %s: %d < %d" % (field, x2[field], x[field])) except Exception as ex: r.append( "missing/bad field " + field + " in " + what + " " + str(ex)) return if len(q) > 0: r.append("incomplete counts in " + what + ": " + ", ".join(q)) class usage_acc: def __init__(self): self.results = {'entries': [], 'summary': []} def findentry(self, user): return usage_acc_findentry2(self.results['entries'], user) def findsum(self, user): return usage_acc_findsum2(self.results['summary'], user) def e2b(self, e, bucket, add=True): for b in e['buckets']: if b['bucket'] == bucket: return b if not add: return None b = {'bucket': bucket, 'categories': []} e['buckets'].append(b) return b def c2x(self, c, cat, add=True): for x in c: if x['category'] == cat: return x if not add: return None x = {'bytes_received': 0, 'category': cat, 'bytes_sent': 0, 'ops': 0, 'successful_ops': 0 } c.append(x) return x def update(self, c, cat, user, out, b_in, err): x = self.c2x(c, cat) usage_acc_update2(x, out, b_in, err) if not err and cat == 'create_bucket' and not x.has_key('owner'): x['owner'] = user def make_entry(self, cat, bucket, user, out, b_in, err): if cat == 'create_bucket' and err: return e = self.findentry(user) b = self.e2b(e, bucket) self.update(b['categories'], cat, user, out, b_in, err) s = self.findsum(user) x = self.c2x(s['categories'], cat) usage_acc_update2(x, out, b_in, err) x = s['total'] usage_acc_update2(x, out, b_in, err) def generate_make_entry(self): return lambda cat,bucket,user,out,b_in,err: self.make_entry(cat, bucket, user, out, b_in, err) def get_usage(self): return self.results def compare_results(self, results): if not results.has_key('entries') or not results.has_key('summary'): return ['Missing entries or summary'] r = [] for e in self.results['entries']: try: e2 = usage_acc_findentry2(results['entries'], e['user'], False) except Exception as ex: r.append("malformed entry looking for user " + e['user'] + " " + str(ex)) break if e2 == None: r.append("missing entry for user " + e['user']) continue for b in e['buckets']: c = b['categories'] if b['bucket'] == 'nosuchbucket': print "got here" try: b2 = self.e2b(e2, b['bucket'], False) if b2 != None: c2 = b2['categories'] except Exception as ex: r.append("malformed entry looking for bucket " + b['bucket'] + " in user " + e['user'] + " " + str(ex)) break if b2 == None: r.append("can't find bucket " + b['bucket'] + " in user " + e['user']) continue for x in c: try: x2 = self.c2x(c2, x['category'], False) except Exception as ex: r.append("malformed entry looking for " + x['category'] + " in bucket " + b['bucket'] + " user " + e['user'] + " " + str(ex)) break usage_acc_validate_fields(r, x, x2, "entry: category " + x['category'] + " bucket " + b['bucket'] + " in user " + e['user']) for s in self.results['summary']: c = s['categories'] try: s2 = usage_acc_findsum2(results['summary'], s['user'], False) except Exception as ex: r.append("malformed summary looking for user " + e['user'] + " " + str(ex)) break if s2 == None: r.append("missing summary for user " + e['user'] + " " + str(ex)) continue try: c2 = s2['categories'] except Exception as ex: r.append("malformed summary missing categories for user " + e['user'] + " " + str(ex)) break for x in c: try: x2 = self.c2x(c2, x['category'], False) except Exception as ex: r.append("malformed summary looking for " + x['category'] + " user " + e['user'] + " " + str(ex)) break usage_acc_validate_fields(r, x, x2, "summary: category " + x['category'] + " in user " + e['user']) x = s['total'] try: x2 = s2['total'] except Exception as ex: r.append("malformed summary looking for totals for user " + e['user'] + " " + str(ex)) break usage_acc_validate_fields(r, x, x2, "summary: totals for user" + e['user']) return r def ignore_this_entry(cat, bucket, user, out, b_in, err): pass class requestlog_queue(): def __init__(self, add): self.q = Queue.Queue(1000) self.adder = add def handle_request_data(self, request, response, error=False): now = datetime.datetime.now() if error: pass elif response.status < 200 or response.status >= 400: error = True self.q.put(bunch.Bunch({'t': now, 'o': request, 'i': response, 'e': error})) def clear(self): with self.q.mutex: self.q.queue.clear() def log_and_clear(self, cat, bucket, user, add_entry = None): while not self.q.empty(): j = self.q.get() bytes_out = 0 if 'Content-Length' in j.o.headers: bytes_out = int(j.o.headers['Content-Length']) bytes_in = 0 if 'content-length' in j.i.msg.dict: bytes_in = int(j.i.msg.dict['content-length']) log.info('RL: %s %s %s bytes_out=%d bytes_in=%d failed=%r' % (cat, bucket, user, bytes_out, bytes_in, j.e)) if add_entry == None: add_entry = self.adder add_entry(cat, bucket, user, bytes_out, bytes_in, j.e) def create_presigned_url(conn, method, bucket_name, key_name, expiration): return conn.generate_url(expires_in=expiration, method=method, bucket=bucket_name, key=key_name, query_auth=True, ) def send_raw_http_request(conn, method, bucket_name, key_name, follow_redirects = False): url = create_presigned_url(conn, method, bucket_name, key_name, 3600) print url h = httplib2.Http() h.follow_redirects = follow_redirects return h.request(url, method) def get_acl(key): """ Helper function to get the xml acl from a key, ensuring that the xml version tag is removed from the acl response """ raw_acl = key.get_xml_acl() def remove_version(string): return string.split( '' )[-1] def remove_newlines(string): return string.strip('\n') return remove_version( remove_newlines(raw_acl) ) def task(ctx, config): """ Test radosgw-admin functionality against a running rgw instance. """ global log assert ctx.rgw.config, \ "radosgw_admin task needs a config passed from the rgw task" config = ctx.rgw.config log.debug('config is: %r', config) clients_from_config = config.keys() # choose first client as default client = clients_from_config[0] # once the client is chosen, pull the host name and assigned port out of # the role_endpoints that were assigned by the rgw task endpoint = ctx.rgw.role_endpoints[client] ## user1='foo' user2='fud' user3='bar' user4='bud' subuser1='foo:foo1' subuser2='foo:foo2' display_name1='Foo' display_name2='Fud' display_name3='Bar' email='foo@foo.com' email2='bar@bar.com' access_key='9te6NH5mcdcq0Tc5i8i1' secret_key='Ny4IOauQoL18Gp2zM7lC1vLmoawgqcYP/YGcWfXu' access_key2='p5YnriCv1nAtykxBrupQ' secret_key2='Q8Tk6Q/27hfbFSYdSkPtUqhqx1GgzvpXa4WARozh' access_key3='NX5QOQKC6BH2IDN8HC7A' secret_key3='LnEsqNNqZIpkzauboDcLXLcYaWwLQ3Kop0zAnKIn' swift_secret1='gpS2G9RREMrnbqlp29PP2D36kgPR1tm72n5fPYfL' swift_secret2='ri2VJQcKSYATOY6uaDUX7pxgkW+W1YmC6OCxPHwy' bucket_name='myfoo' bucket_name2='mybar' # connect to rgw connection = boto.s3.connection.S3Connection( aws_access_key_id=access_key, aws_secret_access_key=secret_key, is_secure=False, port=endpoint.port, host=endpoint.hostname, calling_format=boto.s3.connection.OrdinaryCallingFormat(), ) connection2 = boto.s3.connection.S3Connection( aws_access_key_id=access_key2, aws_secret_access_key=secret_key2, is_secure=False, port=endpoint.port, host=endpoint.hostname, calling_format=boto.s3.connection.OrdinaryCallingFormat(), ) connection3 = boto.s3.connection.S3Connection( aws_access_key_id=access_key3, aws_secret_access_key=secret_key3, is_secure=False, port=endpoint.port, host=endpoint.hostname, calling_format=boto.s3.connection.OrdinaryCallingFormat(), ) acc = usage_acc() rl = requestlog_queue(acc.generate_make_entry()) connection.set_request_hook(rl) connection2.set_request_hook(rl) connection3.set_request_hook(rl) # legend (test cases can be easily grep-ed out) # TESTCASE 'testname','object','method','operation','assertion' # TESTCASE 'usage-show0' 'usage' 'show' 'all usage' 'succeeds' (err, summary0) = rgwadmin(ctx, client, ['usage', 'show'], check_status=True) # TESTCASE 'info-nosuch','user','info','non-existent user','fails' (err, out) = rgwadmin(ctx, client, ['user', 'info', '--uid', user1]) assert err # TESTCASE 'create-ok','user','create','w/all valid info','succeeds' (err, out) = rgwadmin(ctx, client, [ 'user', 'create', '--uid', user1, '--display-name', display_name1, '--email', email, '--access-key', access_key, '--secret', secret_key, '--max-buckets', '4' ], check_status=True) # TESTCASE 'duplicate email','user','create','existing user email','fails' (err, out) = rgwadmin(ctx, client, [ 'user', 'create', '--uid', user2, '--display-name', display_name2, '--email', email, ]) assert err # TESTCASE 'info-existing','user','info','existing user','returns correct info' (err, out) = rgwadmin(ctx, client, ['user', 'info', '--uid', user1], check_status=True) assert out['user_id'] == user1 assert out['email'] == email assert out['display_name'] == display_name1 assert len(out['keys']) == 1 assert out['keys'][0]['access_key'] == access_key assert out['keys'][0]['secret_key'] == secret_key assert not out['suspended'] # TESTCASE 'suspend-ok','user','suspend','active user','succeeds' (err, out) = rgwadmin(ctx, client, ['user', 'suspend', '--uid', user1], check_status=True) # TESTCASE 'suspend-suspended','user','suspend','suspended user','succeeds w/advisory' (err, out) = rgwadmin(ctx, client, ['user', 'info', '--uid', user1], check_status=True) assert out['suspended'] # TESTCASE 're-enable','user','enable','suspended user','succeeds' (err, out) = rgwadmin(ctx, client, ['user', 'enable', '--uid', user1], check_status=True) # TESTCASE 'info-re-enabled','user','info','re-enabled user','no longer suspended' (err, out) = rgwadmin(ctx, client, ['user', 'info', '--uid', user1], check_status=True) assert not out['suspended'] # TESTCASE 'add-keys','key','create','w/valid info','succeeds' (err, out) = rgwadmin(ctx, client, [ 'key', 'create', '--uid', user1, '--access-key', access_key2, '--secret', secret_key2, ], check_status=True) # TESTCASE 'info-new-key','user','info','after key addition','returns all keys' (err, out) = rgwadmin(ctx, client, ['user', 'info', '--uid', user1], check_status=True) assert len(out['keys']) == 2 assert out['keys'][0]['access_key'] == access_key2 or out['keys'][1]['access_key'] == access_key2 assert out['keys'][0]['secret_key'] == secret_key2 or out['keys'][1]['secret_key'] == secret_key2 # TESTCASE 'rm-key','key','rm','newly added key','succeeds, key is removed' (err, out) = rgwadmin(ctx, client, [ 'key', 'rm', '--uid', user1, '--access-key', access_key2, ], check_status=True) assert len(out['keys']) == 1 assert out['keys'][0]['access_key'] == access_key assert out['keys'][0]['secret_key'] == secret_key # TESTCASE 'add-swift-key','key','create','swift key','succeeds' subuser_access = 'full' subuser_perm = 'full-control' (err, out) = rgwadmin(ctx, client, [ 'subuser', 'create', '--subuser', subuser1, '--access', subuser_access ], check_status=True) # TESTCASE 'add-swift-key','key','create','swift key','succeeds' (err, out) = rgwadmin(ctx, client, [ 'subuser', 'modify', '--subuser', subuser1, '--secret', swift_secret1, '--key-type', 'swift', ], check_status=True) # TESTCASE 'subuser-perm-mask', 'subuser', 'info', 'test subuser perm mask durability', 'succeeds' (err, out) = rgwadmin(ctx, client, ['user', 'info', '--uid', user1]) assert out['subusers'][0]['permissions'] == subuser_perm # TESTCASE 'info-swift-key','user','info','after key addition','returns all keys' (err, out) = rgwadmin(ctx, client, ['user', 'info', '--uid', user1], check_status=True) assert len(out['swift_keys']) == 1 assert out['swift_keys'][0]['user'] == subuser1 assert out['swift_keys'][0]['secret_key'] == swift_secret1 # TESTCASE 'add-swift-subuser','key','create','swift sub-user key','succeeds' (err, out) = rgwadmin(ctx, client, [ 'subuser', 'create', '--subuser', subuser2, '--secret', swift_secret2, '--key-type', 'swift', ], check_status=True) # TESTCASE 'info-swift-subuser','user','info','after key addition','returns all sub-users/keys' (err, out) = rgwadmin(ctx, client, ['user', 'info', '--uid', user1], check_status=True) assert len(out['swift_keys']) == 2 assert out['swift_keys'][0]['user'] == subuser2 or out['swift_keys'][1]['user'] == subuser2 assert out['swift_keys'][0]['secret_key'] == swift_secret2 or out['swift_keys'][1]['secret_key'] == swift_secret2 # TESTCASE 'rm-swift-key1','key','rm','subuser','succeeds, one key is removed' (err, out) = rgwadmin(ctx, client, [ 'key', 'rm', '--subuser', subuser1, '--key-type', 'swift', ], check_status=True) assert len(out['swift_keys']) == 1 # TESTCASE 'rm-subuser','subuser','rm','subuser','success, subuser is removed' (err, out) = rgwadmin(ctx, client, [ 'subuser', 'rm', '--subuser', subuser1, ], check_status=True) assert len(out['subusers']) == 1 # TESTCASE 'rm-subuser-with-keys','subuser','rm','subuser','succeeds, second subser and key is removed' (err, out) = rgwadmin(ctx, client, [ 'subuser', 'rm', '--subuser', subuser2, '--key-type', 'swift', '--purge-keys', ], check_status=True) assert len(out['swift_keys']) == 0 assert len(out['subusers']) == 0 # TESTCASE 'bucket-stats','bucket','stats','no session/buckets','succeeds, empty list' (err, out) = rgwadmin(ctx, client, ['bucket', 'stats', '--uid', user1], check_status=True) assert len(out) == 0 # TESTCASE 'bucket-stats2','bucket','stats','no buckets','succeeds, empty list' (err, out) = rgwadmin(ctx, client, ['bucket', 'list', '--uid', user1], check_status=True) assert len(out) == 0 # create a first bucket bucket = connection.create_bucket(bucket_name) rl.log_and_clear("create_bucket", bucket_name, user1) # TESTCASE 'bucket-list','bucket','list','one bucket','succeeds, expected list' (err, out) = rgwadmin(ctx, client, ['bucket', 'list', '--uid', user1], check_status=True) assert len(out) == 1 assert out[0] == bucket_name bucket_list = connection.get_all_buckets() assert len(bucket_list) == 1 assert bucket_list[0].name == bucket_name rl.log_and_clear("list_buckets", '', user1) # TESTCASE 'bucket-list-all','bucket','list','all buckets','succeeds, expected list' (err, out) = rgwadmin(ctx, client, ['bucket', 'list'], check_status=True) assert len(out) >= 1 assert bucket_name in out; # TESTCASE 'max-bucket-limit,'bucket','create','4 buckets','5th bucket fails due to max buckets == 4' bucket2 = connection.create_bucket(bucket_name + '2') rl.log_and_clear("create_bucket", bucket_name + '2', user1) bucket3 = connection.create_bucket(bucket_name + '3') rl.log_and_clear("create_bucket", bucket_name + '3', user1) bucket4 = connection.create_bucket(bucket_name + '4') rl.log_and_clear("create_bucket", bucket_name + '4', user1) # the 5th should fail. failed = False try: connection.create_bucket(bucket_name + '5') except Exception: failed = True assert failed rl.log_and_clear("create_bucket", bucket_name + '5', user1) # delete the buckets bucket2.delete() rl.log_and_clear("delete_bucket", bucket_name + '2', user1) bucket3.delete() rl.log_and_clear("delete_bucket", bucket_name + '3', user1) bucket4.delete() rl.log_and_clear("delete_bucket", bucket_name + '4', user1) # TESTCASE 'bucket-stats3','bucket','stats','new empty bucket','succeeds, empty list' (err, out) = rgwadmin(ctx, client, [ 'bucket', 'stats', '--bucket', bucket_name], check_status=True) assert out['owner'] == user1 bucket_id = out['id'] # TESTCASE 'bucket-stats4','bucket','stats','new empty bucket','succeeds, expected bucket ID' (err, out) = rgwadmin(ctx, client, ['bucket', 'stats', '--uid', user1], check_status=True) assert len(out) == 1 assert out[0]['id'] == bucket_id # does it return the same ID twice in a row? # use some space key = boto.s3.key.Key(bucket) key.set_contents_from_string('one') rl.log_and_clear("put_obj", bucket_name, user1) # TESTCASE 'bucket-stats5','bucket','stats','after creating key','succeeds, lists one non-empty object' (err, out) = rgwadmin(ctx, client, [ 'bucket', 'stats', '--bucket', bucket_name], check_status=True) assert out['id'] == bucket_id assert out['usage']['rgw.main']['num_objects'] == 1 assert out['usage']['rgw.main']['size_kb'] > 0 # reclaim it key.delete() rl.log_and_clear("delete_obj", bucket_name, user1) # TESTCASE 'bucket unlink', 'bucket', 'unlink', 'unlink bucket from user', 'fails', 'access denied error' (err, out) = rgwadmin(ctx, client, ['bucket', 'unlink', '--uid', user1, '--bucket', bucket_name], check_status=True) # create a second user to link the bucket to (err, out) = rgwadmin(ctx, client, [ 'user', 'create', '--uid', user2, '--display-name', display_name2, '--access-key', access_key2, '--secret', secret_key2, '--max-buckets', '1', ], check_status=True) # try creating an object with the first user before the bucket is relinked denied = False key = boto.s3.key.Key(bucket) try: key.set_contents_from_string('two') except boto.exception.S3ResponseError: denied = True assert not denied rl.log_and_clear("put_obj", bucket_name, user1) # delete the object key.delete() rl.log_and_clear("delete_obj", bucket_name, user1) # link the bucket to another user (err, out) = rgwadmin(ctx, client, ['metadata', 'get', 'bucket:{n}'.format(n=bucket_name)], check_status=True) bucket_data = out['data'] assert bucket_data['bucket']['name'] == bucket_name bucket_id = bucket_data['bucket']['bucket_id'] # link the bucket to another user (err, out) = rgwadmin(ctx, client, ['bucket', 'link', '--uid', user2, '--bucket', bucket_name, '--bucket-id', bucket_id], check_status=True) # try to remove user, should fail (has a linked bucket) (err, out) = rgwadmin(ctx, client, ['user', 'rm', '--uid', user2]) assert err # TESTCASE 'bucket unlink', 'bucket', 'unlink', 'unlink bucket from user', 'succeeds, bucket unlinked' (err, out) = rgwadmin(ctx, client, ['bucket', 'unlink', '--uid', user2, '--bucket', bucket_name], check_status=True) # relink the bucket to the first user and delete the second user (err, out) = rgwadmin(ctx, client, ['bucket', 'link', '--uid', user1, '--bucket', bucket_name, '--bucket-id', bucket_id], check_status=True) (err, out) = rgwadmin(ctx, client, ['user', 'rm', '--uid', user2], check_status=True) #TESTCASE 'bucket link', 'bucket', 'tenanted user', 'succeeds' tenant_name = "testx" # create a tenanted user to link the bucket to (err, out) = rgwadmin(ctx, client, [ 'user', 'create', '--tenant', tenant_name, '--uid', 'tenanteduser', '--display-name', 'tenanted-user', '--access-key', access_key2, '--secret', secret_key2, '--max-buckets', '1', ], check_status=True) # link the bucket to a tenanted user (err, out) = rgwadmin(ctx, client, ['bucket', 'link', '--bucket', '/' + bucket_name, '--tenant', tenant_name, '--uid', 'tenanteduser'], check_status=True) # check if the bucket name has tenant/ prefix (err, out) = rgwadmin(ctx, client, ['metadata', 'get', 'bucket:{n}'.format(n= tenant_name + '/' + bucket_name)], check_status=True) bucket_data = out['data'] assert bucket_data['bucket']['name'] == bucket_name assert bucket_data['bucket']['tenant'] == tenant_name # relink the bucket to the first user and delete the tenanted user (err, out) = rgwadmin(ctx, client, ['bucket', 'link', '--bucket', tenant_name + '/' + bucket_name, '--uid', user1], check_status=True) (err, out) = rgwadmin(ctx, client, ['user', 'rm', '--tenant', tenant_name, '--uid', 'tenanteduser'], check_status=True) # TESTCASE 'object-rm', 'object', 'rm', 'remove object', 'succeeds, object is removed' # upload an object object_name = 'four' key = boto.s3.key.Key(bucket, object_name) key.set_contents_from_string(object_name) rl.log_and_clear("put_obj", bucket_name, user1) # fetch it too (for usage stats presently) s = key.get_contents_as_string() rl.log_and_clear("get_obj", bucket_name, user1) assert s == object_name # list bucket too (for usage stats presently) keys = list(bucket.list()) rl.log_and_clear("list_bucket", bucket_name, user1) assert len(keys) == 1 assert keys[0].name == object_name # now delete it (err, out) = rgwadmin(ctx, client, ['object', 'rm', '--bucket', bucket_name, '--object', object_name], check_status=True) # TESTCASE 'bucket-stats6','bucket','stats','after deleting key','succeeds, lists one no objects' (err, out) = rgwadmin(ctx, client, [ 'bucket', 'stats', '--bucket', bucket_name], check_status=True) assert out['id'] == bucket_id assert out['usage']['rgw.main']['num_objects'] == 0 # list log objects # TESTCASE 'log-list','log','list','after activity','succeeds, lists one no objects' (err, out) = rgwadmin(ctx, client, ['log', 'list'], check_status=True) assert len(out) > 0 for obj in out: # TESTCASE 'log-show','log','show','after activity','returns expected info' if obj[:4] == 'meta' or obj[:4] == 'data' or obj[:18] == 'obj_delete_at_hint': continue (err, rgwlog) = rgwadmin(ctx, client, ['log', 'show', '--object', obj], check_status=True) assert len(rgwlog) > 0 # exempt bucket_name2 from checking as it was only used for multi-region tests assert rgwlog['bucket'].find(bucket_name) == 0 or rgwlog['bucket'].find(bucket_name2) == 0 assert rgwlog['bucket'] != bucket_name or rgwlog['bucket_id'] == bucket_id assert rgwlog['bucket_owner'] == user1 or rgwlog['bucket'] == bucket_name + '5' or rgwlog['bucket'] == bucket_name2 for entry in rgwlog['log_entries']: log.debug('checking log entry: ', entry) assert entry['bucket'] == rgwlog['bucket'] possible_buckets = [bucket_name + '5', bucket_name2] user = entry['user'] assert user == user1 or user.endswith('system-user') or \ rgwlog['bucket'] in possible_buckets # TESTCASE 'log-rm','log','rm','delete log objects','succeeds' (err, out) = rgwadmin(ctx, client, ['log', 'rm', '--object', obj], check_status=True) # TODO: show log by bucket+date # TESTCASE 'user-suspend2','user','suspend','existing user','succeeds' (err, out) = rgwadmin(ctx, client, ['user', 'suspend', '--uid', user1], check_status=True) # TESTCASE 'user-suspend3','user','suspend','suspended user','cannot write objects' denied = False try: key = boto.s3.key.Key(bucket) key.set_contents_from_string('five') except boto.exception.S3ResponseError as e: denied = True assert e.status == 403 assert denied rl.log_and_clear("put_obj", bucket_name, user1) # TESTCASE 'user-renable2','user','enable','suspended user','succeeds' (err, out) = rgwadmin(ctx, client, ['user', 'enable', '--uid', user1], check_status=True) # TESTCASE 'user-renable3','user','enable','reenabled user','can write objects' key = boto.s3.key.Key(bucket) key.set_contents_from_string('six') rl.log_and_clear("put_obj", bucket_name, user1) # TESTCASE 'gc-list', 'gc', 'list', 'get list of objects ready for garbage collection' # create an object large enough to be split into multiple parts test_string = 'foo'*10000000 big_key = boto.s3.key.Key(bucket) big_key.set_contents_from_string(test_string) rl.log_and_clear("put_obj", bucket_name, user1) # now delete the head big_key.delete() rl.log_and_clear("delete_obj", bucket_name, user1) # wait a bit to give the garbage collector time to cycle time.sleep(15) (err, out) = rgwadmin(ctx, client, ['gc', 'list']) assert len(out) > 0 # TESTCASE 'gc-process', 'gc', 'process', 'manually collect garbage' (err, out) = rgwadmin(ctx, client, ['gc', 'process'], check_status=True) #confirm (err, out) = rgwadmin(ctx, client, ['gc', 'list']) assert len(out) == 0 # TESTCASE 'rm-user-buckets','user','rm','existing user','fails, still has buckets' (err, out) = rgwadmin(ctx, client, ['user', 'rm', '--uid', user1]) assert err # delete should fail because ``key`` still exists try: bucket.delete() except boto.exception.S3ResponseError as e: assert e.status == 409 rl.log_and_clear("delete_bucket", bucket_name, user1) key.delete() rl.log_and_clear("delete_obj", bucket_name, user1) bucket.delete() rl.log_and_clear("delete_bucket", bucket_name, user1) # TESTCASE 'policy', 'bucket', 'policy', 'get bucket policy', 'returns S3 policy' bucket = connection.create_bucket(bucket_name) rl.log_and_clear("create_bucket", bucket_name, user1) # create an object key = boto.s3.key.Key(bucket) key.set_contents_from_string('seven') rl.log_and_clear("put_obj", bucket_name, user1) # should be private already but guarantee it key.set_acl('private') rl.log_and_clear("put_acls", bucket_name, user1) (err, out) = rgwadmin(ctx, client, ['policy', '--bucket', bucket.name, '--object', key.key], check_status=True, format='xml') acl = get_acl(key) rl.log_and_clear("get_acls", bucket_name, user1) assert acl == out.strip('\n') # add another grantee by making the object public read key.set_acl('public-read') rl.log_and_clear("put_acls", bucket_name, user1) (err, out) = rgwadmin(ctx, client, ['policy', '--bucket', bucket.name, '--object', key.key], check_status=True, format='xml') acl = get_acl(key) rl.log_and_clear("get_acls", bucket_name, user1) assert acl == out.strip('\n') # TESTCASE 'rm-bucket', 'bucket', 'rm', 'bucket with objects', 'succeeds' bucket = connection.create_bucket(bucket_name) rl.log_and_clear("create_bucket", bucket_name, user1) key_name = ['eight', 'nine', 'ten', 'eleven'] for i in range(4): key = boto.s3.key.Key(bucket) key.set_contents_from_string(key_name[i]) rl.log_and_clear("put_obj", bucket_name, user1) (err, out) = rgwadmin(ctx, client, ['bucket', 'rm', '--bucket', bucket_name, '--purge-objects'], check_status=True) # TESTCASE 'caps-add', 'caps', 'add', 'add user cap', 'succeeds' caps='user=read' (err, out) = rgwadmin(ctx, client, ['caps', 'add', '--uid', user1, '--caps', caps]) assert out['caps'][0]['perm'] == 'read' # TESTCASE 'caps-rm', 'caps', 'rm', 'remove existing cap from user', 'succeeds' (err, out) = rgwadmin(ctx, client, ['caps', 'rm', '--uid', user1, '--caps', caps]) assert not out['caps'] # TESTCASE 'rm-user','user','rm','existing user','fails, still has buckets' bucket = connection.create_bucket(bucket_name) rl.log_and_clear("create_bucket", bucket_name, user1) key = boto.s3.key.Key(bucket) (err, out) = rgwadmin(ctx, client, ['user', 'rm', '--uid', user1]) assert err # TESTCASE 'rm-user2', 'user', 'rm', 'user with data', 'succeeds' bucket = connection.create_bucket(bucket_name) rl.log_and_clear("create_bucket", bucket_name, user1) key = boto.s3.key.Key(bucket) key.set_contents_from_string('twelve') rl.log_and_clear("put_obj", bucket_name, user1) time.sleep(35) # need to wait for all usage data to get flushed, should take up to 30 seconds timestamp = time.time() while time.time() - timestamp <= (2 * 60): # wait up to 20 minutes (err, out) = rgwadmin(ctx, client, ['usage', 'show', '--categories', 'delete_obj']) # one of the operations we did is delete_obj, should be present. if get_user_successful_ops(out, user1) > 0: break time.sleep(1) assert time.time() - timestamp <= (20 * 60) # TESTCASE 'usage-show' 'usage' 'show' 'all usage' 'succeeds' (err, out) = rgwadmin(ctx, client, ['usage', 'show'], check_status=True) assert len(out['entries']) > 0 assert len(out['summary']) > 0 r = acc.compare_results(out) if len(r) != 0: sys.stderr.write(("\n".join(r))+"\n") assert(len(r) == 0) user_summary = get_user_summary(out, user1) total = user_summary['total'] assert total['successful_ops'] > 0 # TESTCASE 'usage-show2' 'usage' 'show' 'user usage' 'succeeds' (err, out) = rgwadmin(ctx, client, ['usage', 'show', '--uid', user1], check_status=True) assert len(out['entries']) > 0 assert len(out['summary']) > 0 user_summary = out['summary'][0] for entry in user_summary['categories']: assert entry['successful_ops'] > 0 assert user_summary['user'] == user1 # TESTCASE 'usage-show3' 'usage' 'show' 'user usage categories' 'succeeds' test_categories = ['create_bucket', 'put_obj', 'delete_obj', 'delete_bucket'] for cat in test_categories: (err, out) = rgwadmin(ctx, client, ['usage', 'show', '--uid', user1, '--categories', cat], check_status=True) assert len(out['summary']) > 0 user_summary = out['summary'][0] assert user_summary['user'] == user1 assert len(user_summary['categories']) == 1 entry = user_summary['categories'][0] assert entry['category'] == cat assert entry['successful_ops'] > 0 # TESTCASE 'user-rename', 'user', 'rename', 'existing user', 'new user', 'succeeds' # create a new user user3 (err, out) = rgwadmin(ctx, client, [ 'user', 'create', '--uid', user3, '--display-name', display_name3, '--access-key', access_key3, '--secret', secret_key3, '--max-buckets', '4' ], check_status=True) # create a bucket bucket = connection3.create_bucket(bucket_name + '6') rl.log_and_clear("create_bucket", bucket_name + '6', user3) # create object object_name1 = 'thirteen' key1 = boto.s3.key.Key(bucket, object_name1) key1.set_contents_from_string(object_name1) rl.log_and_clear("put_obj", bucket_name + '6', user3) # rename user3 (err, out) = rgwadmin(ctx, client, ['user', 'rename', '--uid', user3, '--new-uid', user4], check_status=True) assert out['user_id'] == user4 assert out['keys'][0]['access_key'] == access_key3 assert out['keys'][0]['secret_key'] == secret_key3 time.sleep(5) # get bucket and object to test if user keys are preserved bucket = connection3.get_bucket(bucket_name + '6') s = key1.get_contents_as_string() rl.log_and_clear("get_obj", bucket_name + '6', user4) assert s == object_name1 # TESTCASE 'user-rename', 'user', 'rename', 'existing user', 'another existing user', 'fails' # create a new user user2 (err, out) = rgwadmin(ctx, client, [ 'user', 'create', '--uid', user2, '--display-name', display_name2, '--access-key', access_key2, '--secret', secret_key2, '--max-buckets', '4' ], check_status=True) # create a bucket bucket = connection2.create_bucket(bucket_name + '7') rl.log_and_clear("create_bucket", bucket_name + '7', user2) # create object object_name2 = 'fourteen' key2 = boto.s3.key.Key(bucket, object_name2) key2.set_contents_from_string(object_name2) rl.log_and_clear("put_obj", bucket_name + '7', user2) (err, out) = rgwadmin(ctx, client, ['user', 'rename', '--uid', user4, '--new-uid', user2]) assert err # test if user 2 and user4 can still access their bucket and objects after rename fails bucket = connection3.get_bucket(bucket_name + '6') s = key1.get_contents_as_string() rl.log_and_clear("get_obj", bucket_name + '6', user4) assert s == object_name1 bucket = connection2.get_bucket(bucket_name + '7') s = key2.get_contents_as_string() rl.log_and_clear("get_obj", bucket_name + '7', user2) assert s == object_name2 (err, out) = rgwadmin(ctx, client, ['user', 'rm', '--uid', user4, '--purge-data' ], check_status=True) (err, out) = rgwadmin(ctx, client, ['user', 'rm', '--uid', user2, '--purge-data' ], check_status=True) time.sleep(5) # should be all through with connection. (anything using connection # should be BEFORE the usage stuff above.) rl.log_and_clear("(before-close)", '-', '-', ignore_this_entry) connection.close() connection = None # the usage flush interval is 30 seconds, wait that much an then some # to make sure everything has been flushed time.sleep(35) # TESTCASE 'usage-trim' 'usage' 'trim' 'user usage' 'succeeds, usage removed' (err, out) = rgwadmin(ctx, client, ['usage', 'trim', '--uid', user1], check_status=True) (err, out) = rgwadmin(ctx, client, ['usage', 'show', '--uid', user1], check_status=True) assert len(out['entries']) == 0 assert len(out['summary']) == 0 (err, out) = rgwadmin(ctx, client, ['user', 'rm', '--uid', user1, '--purge-data' ], check_status=True) # TESTCASE 'rm-user3','user','rm','deleted user','fails' (err, out) = rgwadmin(ctx, client, ['user', 'info', '--uid', user1]) assert err # TESTCASE 'zone-info', 'zone', 'get', 'get zone info', 'succeeds, has default placement rule' # (err, out) = rgwadmin(ctx, client, ['zone', 'get','--rgw-zone','default']) orig_placement_pools = len(out['placement_pools']) # removed this test, it is not correct to assume that zone has default placement, it really # depends on how we set it up before # # assert len(out) > 0 # assert len(out['placement_pools']) == 1 # default_rule = out['placement_pools'][0] # assert default_rule['key'] == 'default-placement' rule={'key': 'new-placement', 'val': {'data_pool': '.rgw.buckets.2', 'index_pool': '.rgw.buckets.index.2'}} out['placement_pools'].append(rule) (err, out) = rgwadmin(ctx, client, ['zone', 'set'], stdin=StringIO(json.dumps(out)), check_status=True) (err, out) = rgwadmin(ctx, client, ['zone', 'get']) assert len(out) > 0 assert len(out['placement_pools']) == orig_placement_pools + 1 zonecmd = ['zone', 'placement', 'rm', '--rgw-zone', 'default', '--placement-id', 'new-placement'] (err, out) = rgwadmin(ctx, client, zonecmd, check_status=True) # TESTCASE 'zonegroup-info', 'zonegroup', 'get', 'get zonegroup info', 'succeeds' (err, out) = rgwadmin(ctx, client, ['zonegroup', 'get'], check_status=True) import sys from tasks.radosgw_admin import task from teuthology.config import config from teuthology.orchestra import cluster, remote import argparse; def main(): if len(sys.argv) == 3: user = sys.argv[1] + "@" host = sys.argv[2] elif len(sys.argv) == 2: user = "" host = sys.argv[1] else: sys.stderr.write("usage: radosgw_admin.py [user] host\n") exit(1) client0 = remote.Remote(user + host) ctx = config ctx.cluster=cluster.Cluster(remotes=[(client0, [ 'ceph.client.rgw.%s' % (host), ]),]) ctx.rgw = argparse.Namespace() endpoints = {} endpoints['ceph.client.rgw.%s' % host] = (host, 80) ctx.rgw.role_endpoints = endpoints ctx.rgw.realm = None ctx.rgw.regions = {'region0': { 'api name': 'api1', 'is master': True, 'master zone': 'r0z0', 'zones': ['r0z0', 'r0z1'] }} ctx.rgw.config = {'ceph.client.rgw.%s' % host: {'system user': {'name': '%s-system-user' % host}}} task(config, None) exit() if __name__ == '__main__': main()