vitalif
/
etcd
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix review 

Signed-off-by: Marcondes Viana <marju10@gmail.com>
storage-doc
Marcondes Viana 2023-04-16 17:40:33 -03:00
parent 8fb839eac1
commit a1a2f43f2f
1 changed files with 189 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

204
server/etcdserver/txn/txn_test.go
View File

@ -159,7 +159,7 @@ func TestCheckTxnAuth(t *testing.T) {
err error
}{
{
name: "Out of range compare is unathorized",
name: "Out of range compare is unauthorized",
txnRequest: &pb.TxnRequest{
Compare: []*pb.Compare{
{
@ -170,6 +170,18 @@ func TestCheckTxnAuth(t *testing.T) {
},
err: auth.ErrPermissionDenied,
},
{
name: "In range compare is authorized",
txnRequest: &pb.TxnRequest{
Compare: []*pb.Compare{
{
Key: []byte("foo"),
},
},
Success: []*pb.RequestOp{},
},
err: nil,
},
{
name: "Nil request range is always authorized",
txnRequest: &pb.TxnRequest{
@ -184,7 +196,7 @@ func TestCheckTxnAuth(t *testing.T) {
err: nil,
},
{
name: "Range request in range is authorised",
name: "Range request in range is authorized",
txnRequest: &pb.TxnRequest{
Success: []*pb.RequestOp{
{
@ -196,11 +208,21 @@ func TestCheckTxnAuth(t *testing.T) {
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestRange{
RequestRange: &pb.RangeRequest{
Key: []byte("foo"),
RangeEnd: []byte("zoo"),
},
},
},
},
},
err: nil,
},
{
name: "Range request out of range is unauthorized",
name: "Range request out of range success case is unauthorized",
txnRequest: &pb.TxnRequest{
Success: []*pb.RequestOp{
{
@ -212,11 +234,47 @@ func TestCheckTxnAuth(t *testing.T) {
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestRange{
RequestRange: &pb.RangeRequest{
Key: []byte("foo"),
RangeEnd: []byte("zoo"),
},
},
},
},
},
err: auth.ErrPermissionDenied,
},
{
name: "Range request out of range failure case is unauthorized",
txnRequest: &pb.TxnRequest{
Success: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestRange{
RequestRange: &pb.RangeRequest{
Key: []byte("foo"),
RangeEnd: []byte("zoo"),
},
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestRange{
RequestRange: &pb.RangeRequest{
Key: []byte("boo"),
RangeEnd: []byte("zoo"),
},
},
},
},
},
err: auth.ErrPermissionDenied,
},
{
name: "Nil Put request is authorized",
name: "Nil Put request is always authorized",
txnRequest: &pb.TxnRequest{
Success: []*pb.RequestOp{
{
@ -240,11 +298,20 @@ func TestCheckTxnAuth(t *testing.T) {
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestPut{
RequestPut: &pb.PutRequest{
Key: []byte("foo"),
},
},
},
},
},
err: nil,
},
{
name: "Put request out of range is unauthorized",
name: "Put request out of range success case is unauthorized",
txnRequest: &pb.TxnRequest{
Success: []*pb.RequestOp{
{
@ -255,6 +322,39 @@ func TestCheckTxnAuth(t *testing.T) {
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestPut{
RequestPut: &pb.PutRequest{
Key: []byte("foo"),
},
},
},
},
},
err: auth.ErrPermissionDenied,
},
{
name: "Put request out of range failure case is unauthorized",
txnRequest: &pb.TxnRequest{
Success: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestPut{
RequestPut: &pb.PutRequest{
Key: []byte("foo"),
},
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestPut{
RequestPut: &pb.PutRequest{
Key: []byte("boo"),
},
},
},
},
},
err: auth.ErrPermissionDenied,
},
@ -272,14 +372,20 @@ func TestCheckTxnAuth(t *testing.T) {
err: nil,
},
{
name: "Authorize delete range in range compare and rerquest",
name: "Delete range request in range is authorized",
txnRequest: &pb.TxnRequest{
Compare: []*pb.Compare{
Success: []*pb.RequestOp{
{
Key: []byte("foo"),
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{
Key: []byte("foo"),
RangeEnd: []byte("zoo"),
PrevKv: true,
},
},
},
},
Success: []*pb.RequestOp{
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{
@ -294,14 +400,48 @@ func TestCheckTxnAuth(t *testing.T) {
err: nil,
},
{
name: "Unauthorize delete range out of range keys",
name: "Delete range request out of range success case is unauthorized",
txnRequest: &pb.TxnRequest{
Compare: []*pb.Compare{
Success: []*pb.RequestOp{
{
Key: []byte("foo"),
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{
Key: []byte("boo"),
RangeEnd: []byte("zoo"),
PrevKv: true,
},
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{
Key: []byte("foo"),
RangeEnd: []byte("zoo"),
PrevKv: true,
},
},
},
},
},
err: auth.ErrPermissionDenied,
},
{
name: "Delete range request out of range failure case is unauthorized",
txnRequest: &pb.TxnRequest{
Success: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{
Key: []byte("foo"),
RangeEnd: []byte("zoo"),
PrevKv: true,
},
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{
@ -316,14 +456,48 @@ func TestCheckTxnAuth(t *testing.T) {
err: auth.ErrPermissionDenied,
},
{
name: "Unauthorize delete range out of range keys and PrevKv false",
name: "Delete range request out of range and PrevKv false success case is unauthorized",
txnRequest: &pb.TxnRequest{
Compare: []*pb.Compare{
Success: []*pb.RequestOp{
{
Key: []byte("foo"),
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{
Key: []byte("boo"),
RangeEnd: []byte("zoo"),
PrevKv: false,
},
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{
Key: []byte("foo"),
RangeEnd: []byte("zoo"),
PrevKv: true,
},
},
},
},
},
err: auth.ErrPermissionDenied,
},
{
name: "Delete range request out of range and PrevKv false failure case is unauthorized",
txnRequest: &pb.TxnRequest{
Success: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{
Key: []byte("foo"),
RangeEnd: []byte("zoo"),
PrevKv: true,
},
},
},
},
Failure: []*pb.RequestOp{
{
Request: &pb.RequestOp_RequestDeleteRange{
RequestDeleteRange: &pb.DeleteRangeRequest{