summaryrefslogtreecommitdiffstats
path: root/test/functional_auth
Commit message (Collapse)AuthorAgeFilesLines
* Add missing middlewares to functest pipelinePrashanth Pai2016-08-092-16/+70
| | | | | | | | Change-Id: I75fe4a12cf3ef5948efd63d78b95bca2e2b1437d Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/14284 Reviewed-by: Thiago da Silva <thiago@redhat.com> Tested-by: Thiago da Silva <thiago@redhat.com>
* Enhance object expirationPrashanth Pai2016-04-151-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change re-introduces object expiration feature with some internal differences from earlier implementation such as: * Creation of zero-byte tracker object is performed directly on the mount point. Earlier HTTP request was sent to object server for the same. This incurred overhead of metadata creation for these zero-byte files which isn't necessarry as all required information is encoded in the path itself. * Crawling of zero-byte tracker objects is done by the object expirer daemon itself and not container server. * Deletion of tracker object is performed by the object expiration daemon directly on mount point. Deletion of actual data object is not carried out by object expiration daemon directly. The object expirer sends a DELETE request to object server which deletes the actual object. This behaviour is not changed. There is no change in behaviour in comparison with older implementation. This is asserted by re-enabling existing functional tests without any changes. Change-Id: I01dc77cc4db3be3147d54e3aa2a19ed182498900 Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/13913 Reviewed-by: Thiago da Silva <thiago@redhat.com> Tested-by: Thiago da Silva <thiago@redhat.com>
* Fix dup fd leakPrashanth Pai2016-03-081-2/+0
| | | | | | | | | | | | A fd was not being closed after it was duplicated. This code path can be easily hit when doing a GET on a file that needs Etag (md5sum) to be recalculated. Change-Id: Ib2e10d990b9b2e1fa85d0079767892de8c8d4eec Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/13593 Reviewed-by: Thiago da Silva <thiago@redhat.com> Tested-by: Thiago da Silva <thiago@redhat.com>
* Rebase to stable/kiloPrashanth Pai2016-03-071-0/+2
| | | | | | | | | | | | | | | | This change ports most of swiftonfile object server fixes and changes into gluster-swift. Storage policy as a feature is not usable here (it doesn't make sense). The hacky way of creating zero byte tracker objects for object expiration has not been ported to this release due to scalability issues and the need to have a separate volume. Change-Id: I17ba27dacea9ac000bdb8934700996e4d17f4251 Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/13269 Reviewed-by: Thiago da Silva <thiago@redhat.com> Tested-by: Thiago da Silva <thiago@redhat.com>
* Update repoThiago da Silva2016-01-0630-830/+109
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a squashed commit imported from this repo: https://github.com/openstack/swiftonfile/tree/icehouse Contains the follwing commits from above mentioned repo: eb50236 Merge "Backport: Fix metadata overall limits bug" into icehouse 79ea52a Backport: Fix metadata overall limits bug bc43f0b Fix inconsistent data being returned on GET ad0bb79 Import HTTPBadRequest from swift's module 74d02e6 Exclude .trashcan dir from container listing b2dbc15 Catch ESTALE in addition to ENOENT 8d60b48 Properly handle read_metadata() exceptions 6762fc6 Fix object server leaking file descriptors 2842e82 Fix API incompatibility in update_metadata() 2beeef6 Merge "Remove swiftkerbauth code" into icehouse 93dbcb5 Update object-expirer.conf with explanations c9d2f09 Merge "Check if /etc/swift exists in ring builder" into icehouse d66c14c Remove swiftkerbauth code 3142ed2 Add object expiration functests 97153d1 Merge "Cleanup functest and undo old patch" into icehouse bc234d0 Remove old travis config file and fix typo 260c8ef Check if /etc/swift exists in ring builder 637dac9 Cleanup functest and undo old patch 051e068 Merge pull request #35 from prashanthpai/backport-1 be104a3 Merge pull request #36 from prashanthpai/backport-2 ff76f42 fix issue with GET on large object (icehouse-backport) 04d0a99 Fix unlink call after successful rename 4c6ca1d updating README file with project name change 10b2680 Merge pull request #18 from thiagol11/icehouse 5bcab8f Updating version on __init__ file 5c2cba2 Merge pull request #15 from thiagol11/update_spec 52b00a8 updating spec file to add dependency on swift icehouse ae7c93b Merge pull request #6 from prashanthpai/rebase 191e55b Revert: allow non-root user to run functests cb7e968 Modify unit tests and func tests d23fd1b Sync with OpenStack Swift v1.13.1 b6d1671 Merge pull request #12 from pushpesh/functionalnosetestremove 962622b Merge pull request #8 from thiagol11/update_readme 4560857 Merge pull request #9 from prashanthpai/spec-expirer be0ae7e Minor update 65000f1 Removing functionalnosetests 8ab1069 Fix object-expirer.conf-gluster RPM build error afee30f added new support filesystem section 527b01f updated README.md to Swift-On-File 9a240c7 Merge pull request #3 from thiagol11/add_jenkins_to_travis 34b5a8b removing blank lines 3568b64 fixing missing fi d8f5b0f adding support to run jenkins triggered by travis 6f4a88c Removing functionalnosetests 8041944 Update README.md c015148 Merge pull request #2 from thiagol11/master 3ddd952 fixing travis file to run correct unit test c582669 adding travis status badge to README 8093096 adding py26 unit testing to travis 37835fd trigger travis build cb6332a adding travis ci testing All tests have been run sucessfully against this. tox -e p2p8,py27,functest Change-Id: I096b611da852d3eb3913844034b443b8272c2ac4 Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/13188
* Functional tests for SwiftKerbAuth filter.Chetan Risbud2014-03-149-0/+432
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This provides an infrastructure for swiftkerbauth related functional test cases. More test cases will be added later. Added a section in swiftkerbauth guide about how to run functional tests. test/functional_auth/swiftkerbauth ---------------------------------- A new authentication filter related functional tests and configuration to reside here. The configuration would help setup the environment. All the generic functional tests should run fine with PASSIVE mode of swiftkerbatuh. Please refere to swiftkerbatuh documentation for ACTIVE/PASSIVE mode of working. swiftkerbauth/test_swkrbath_active.py ------------------------------------- This file has all the testcases of active mode of swiftkerbauth. More test cases to be added later. SwiftKerbAuth related test cases are meant to run on the setup where SwiftKerbAuth is setup and installed. Change-Id: Ibc2a3945f5c9b6714475fcec0ee9d153debb48e3 Signed-off-by: Chetan Risbud <crisbud@redhat.com> Reviewed-on: http://review.gluster.org/6925 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* adding error handling to gswauth-cleanup-tokens toolThiago da Silva2014-02-051-6/+2
| | | | | | | | | | | | | | | added input validation for a couple of options and error handling in case a non-existing account name is provided Change-Id: I6d703d584552fc7b7574f34e79ed25a2982b6d5e Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6767 Reviewed-by: Prashanth Pai <ppai@redhat.com> Tested-by: Prashanth Pai <ppai@redhat.com> Reviewed-by: pushpesh sharma <psharma@redhat.com> Tested-by: pushpesh sharma <psharma@redhat.com> Reviewed-by: Chetan Risbud <crisbud@redhat.com>
* Fixes some TCs that assert for response code 403Pushpesh Sharma2014-01-301-15/+13
| | | | | | | | | | | | | For some scenarios although the expected response as per the REST spec is 403, but due to technical limitation/performance improvements it is decided to go with 401.EX:An admin/regular user tries to add a reseller admin user. Change-Id: Ibc280a0be6e5cb81d4d2c46d9a758915ff60ae8f Reviewed-on: http://review.gluster.org/6833 Reviewed-by: Prashanth Pai <ppai@redhat.com> Reviewed-by: Chetan Risbud <crisbud@redhat.com> Tested-by: Chetan Risbud <crisbud@redhat.com>
* Test cases for gswauth-cleanup-tokenPushpesh Sharma2014-01-241-8/+152
| | | | | | | | | | | | This commit creates a new class to validate the cleanup-token & set-account-service CLI utility.This test tries to cover all the psossible values that can be passed as user input valid/invalid. Change-Id: Ia8ca40ca9e63a296b70cb999c6507b7b1ffbdf61 Signed-off-by: Pushpesh Sharma <psharma@redhat.com> Reviewed-on: http://review.gluster.org/6759 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* Provide more generic string in testAssert of some TCsPushpesh Sharma2014-01-211-12/+12
| | | | | | | | | | | | | | | CLI test case were failing on RHEL systems as the error string on Fedora19 and RHEL6.4 systems are different however a more gereric string is there on both of the systems and this is about that only. It replaces the 'ECONNREFUSED' & 'No address associated with hostname' with 'Check that the admin_url is valid'.Now the TCs pass on both of the OS. Change-Id: Iff8b2719e8917864ed8f80d961c55a7f9f6fc77b Signed-off-by: Pushpesh Sharma <psharma@redhat.com> Reviewed-on: http://review.gluster.org/6718 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* fix error handing in swauth toolsThiago da Silva2014-01-141-5/+48
| | | | | | | | | | | | | The swauth tools did not handle an invalid admin_url, so it just failed printing the stacktrace, which is not useful to end users. This fix catches the exception and prints an error message that can help user solve the issue. Change-Id: I806c1cf191b5921e904b155f65cdbde5f2aac695 Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6431 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* Fix bug where admin is able to delete reseller_adminThiago da Silva2014-01-101-2/+2
| | | | | | | | | | | | | | | | | Changed the code to only allow the super_admin to delete a reseller_admin. This follows the same logic of user creation, where only the super_admin can create a reseller_admin. Also, took the opportunity to refactor some code and implemented get_user_detail method to remove duplicated code Bug 1260239: https://bugs.launchpad.net/gluster-swift/+bug/1260239 Change-Id: I9e4866cd7ad08698f427846be566ab2364ad4850 Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6516 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* Fix users not able to change their own password/keyPrashanth Pai2014-01-072-8/+75
| | | | | | | | | | | | | | | | | | | | | | | Users were not able to update their own password/key with the update operation resulting in 403 (HTTPForbidden). EXAMPLES: Command to update password/key of regular user: gswauth-add-user -U account1:user1 -K old_pass account1 user1 new_pass Command to update password/key of account admin: gswauth-add-user -U account1:admin -K old_pass -a account1 admin new_pass Command to update password/key of reseller_admin: gswauth-add-user -U account1:radmin -K old_pass -r account1 radmin new_pass BUG: https://bugs.launchpad.net/gluster-swift/+bug/1262227 Change-Id: I604da5aee67099b29541eb7e51a040a041f1961b Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/6650 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* Fixes,TCs for user/account operation by non super_admin usersPushpesh Sharma2014-01-061-96/+394
| | | | | | | | | | | | | | | | | | | This commit does following: 1.New functions in Utils based on CLI 2.Fixes for existing suite 3.Test cases for non super_admin users doing user/account operations I tried to cover most of the possible test cases that can be duducted from the swauth dev guide and swuath user role matrix.These resources can be found here: https://raw.github.com/rbeede/swauth/master/doc/source/Draft%20Security%20Guide/swift_swauth_roles_matrix.png http://gholt.github.io/swauth/dev/ Change-Id: I3267a718e5432cddc751ec53fe9b05ef9061a5e3 Signed-off-by: Pushpesh Sharma <psharma@redhat.com> Reviewed-on: http://review.gluster.org/6537 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* gswauth: Fix 403 being returned instead of 401Prashanth Pai2013-12-182-12/+34
| | | | | | | | | | | | | | | | | | | | - 401(Unauthorized) is to be returned when user credentials are wrong where as 403(Forbidden) is to be returned when user credentials are correct but the user doesn't have the priveleges to carry out the operation. - Also error messages displayed when using swauth-* command line utilities have been updated. Change-Id: I485786896ad14d3263f4325d1857cacc93adab96 Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/6336 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com> Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/6447 Reviewed-by: Thiago Da Silva <thiago@redhat.com> Tested-by: Thiago Da Silva <thiago@redhat.com>
* renaming swauth tools to gswauthThiago da Silva2013-12-061-9/+9
| | | | | | | | | | | | | | | | cli tools for account and user mgmt have been renamed from swauth-* to gswauth-* Updated other configuration and test files accordingly Change-Id: Iced3bb27fbd09da45754ddb264f8fb4528ab423c Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6417 Reviewed-by: pushpesh sharma <psharma@redhat.com> Tested-by: pushpesh sharma <psharma@redhat.com> Reviewed-by: Shilpa MJ <smanjara@redhat.com> Tested-by: Shilpa MJ <smanjara@redhat.com> Reviewed-by: Luis Pabon <lpabon@redhat.com>
* Fix test configuration fileLuis Pabon2013-12-053-1/+16
| | | | | | | | | | | | | All the configuration files were missing settings used when gluster-swift is installed Change-Id: I4ff877241a5965f2b0359e0549629614596045bb Signed-off-by: Luis Pabon <lpabon@redhat.com> Reviewed-on: http://review.gluster.org/6430 Reviewed-by: Thiago Da Silva <thiago@redhat.com> Reviewed-by: Prashanth Pai <ppai@redhat.com> Reviewed-by: pushpesh sharma <psharma@redhat.com> Tested-by: pushpesh sharma <psharma@redhat.com>
* adding tabular output to swauth-listThiago da Silva2013-11-271-2/+15
| | | | | | | | | | | | swauth-list now shows lists of accounts, users and groups in a tabular format (default). JSON and plain-text options are still available Change-Id: I897009f5f6c05aa4c14e306bb6ad35234e993fcd Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6347 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* Functional Tests for gswauth_cliPushpesh Sharma2013-11-202-0/+250
| | | | | | | | | | | | | | | | | | | | | | | This test suite plans to tests following gswauth commands:- 1. swauth-prep 2. swauth-add-account 3. swauth-delete-account 4. swauth-add-user 5. swauth-delete-user 6. swauth-set-account-service 7. swauth-cleanup-tokens 8. swauth-list It uses 'commands' python module to execute gswauthcommands, and capture the status and output of commands followed by asserts to verify if the captured status and output is same as expected ones.This initial draft has tests for first 1-5 commands. Change-Id: I8591884e87c6ffd88446aacd04a1db2daab2d189 Signed-off-by: Pushpesh Sharma <psharma@redhat.com> Reviewed-on: http://review.gluster.org/6277 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* renaming instances of swauth to gswauthThiago da Silva2013-11-132-6/+6
| | | | | | | | | | | changed code where appropriate to gswauth instead of swauth Change-Id: Iadcec4f379fae3f063379b4899797b375290cc7b Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6226 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* new gswauth functional testsThiago da Silva2013-11-101-8/+120
| | | | | | | | | | | New tests around account and user modifications Testing password changes and invalid admin rights Change-Id: I2e867c2bb3ed10f375cc3f20fa66506e2cdd96e6 Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6223 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* make gluster volume name configurableThiago da Silva2013-11-051-0/+1
| | | | | | | | | | | | changed code to look at configuration file for the metadata gluster volume name. The default is still gsmetadata Change-Id: I9bf74b9566ea1c9716c42f7ced0f999e02824868 Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6225 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* Keystone Functional TestsLuis Pabon2013-11-047-0/+358
| | | | | | | | | | | | | | Functional tests using OpenStack Keystone Authentication. Tests require the following: 1. Keystone server is running locally 2. Keystone server has been setup according to the test.conf 3. /mnt/gluster-object has the directories setup Change-Id: I460471e549da91366cb817916ed5293c7e7adda4 Signed-off-by: Luis Pabon <lpabon@redhat.com> Reviewed-on: http://review.gluster.org/6218 Reviewed-by: Peter Portante <pportant@redhat.com> Tested-by: Peter Portante <pportant@redhat.com>
* additional gswauth functional testsThiago da Silva2013-11-041-11/+55
| | | | | | | | | | | These tests cover account registration and de-registration user creation/delete, and listing of both account and user Change-Id: Ie622daccfc8e2d2fb45565952a99d7d832ce1189 Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6212 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* first gswauth functional testsThiago da Silva2013-10-3011-0/+457
| | | | | | | | | | | | | | | | commiting first gswauth functional tests. Currently there are two tests, to create account and to create an user. Each test is self contained in that it goes through the process of creating and deleting accounts and users as needed. More tests will be added shortly. Change-Id: I26d577790aed8c79c9de11f224516423e9769962 Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6188 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
* moving functional tests to prepare for auth testsThiago da Silva2013-10-258-0/+353
moved the actual tests to generic folder and created an auth dir that will contain specific tests and configuration files for each authentication service Change-Id: I80debb917a53c3f56629b92cf5e7157da916d223 Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6140 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>