ft: S3C-2789 putobjectlockconfig func tests

2020-05-19 23:42:26 -07:00
9 changed files with 171 additions and 116 deletions
--- a/tests/functional/aws-node-sdk/lib/utility/assertError.js
+++ b/tests/functional/aws-node-sdk/lib/utility/assertError.js
@ -0,0 +1,18 @@
+const assert = require('assert');
+const { errors } = require('arsenal');
+
+// Check for the expected error response code and status code.
+function assertError(err, expectedErr, cb) {
+    if (expectedErr === null) {
+        assert.strictEqual(err, null, `expected no error but got '${err}'`);
+    } else {
+        assert.strictEqual(err.code, expectedErr, 'incorrect error response ' +
+            `code: should be '${expectedErr}' but got '${err.code}'`);
+        assert.strictEqual(err.statusCode, errors[expectedErr].code,
+            'incorrect error status code: should be 400 but got ' +
+            `'${err.statusCode}'`);
+    }
+    return cb();
+}
+
+module.exports = assertError;
--- a/tests/functional/aws-node-sdk/test/bucket/deleteBucketPolicy.js
+++ b/tests/functional/aws-node-sdk/test/bucket/deleteBucketPolicy.js
@ -1,9 +1,9 @@
 const assert = require('assert');
-const { errors } = require('arsenal');
 const { S3 } = require('aws-sdk');

 const getConfig = require('../support/config');
 const BucketUtility = require('../../lib/utility/bucket-util');
+const assertError = require('../../lib/utility/assertError');

 const bucket = 'deletebucketpolicy-test-bucket';
 const bucketPolicy = {
@ -17,20 +17,6 @@ const bucketPolicy = {
    }],
 };

-// Check for the expected error response code and status code.
-function assertError(err, expectedErr, cb) {
-    if (expectedErr === null) {
-        assert.strictEqual(err, null, `expected no error but got '${err}'`);
-    } else {
-        assert.strictEqual(err.code, expectedErr, 'incorrect error response ' +
-            `code: should be '${expectedErr}' but got '${err.code}'`);
-        assert.strictEqual(err.statusCode, errors[expectedErr].code,
-            'incorrect error status code: should be 400 but got ' +
-            `'${err.statusCode}'`);
-    }
-    cb();
-}
-
 describe('aws-sdk test delete bucket policy', () => {
    let s3;
    let otherAccountS3;
--- a/tests/functional/aws-node-sdk/test/bucket/deleteLifecycle.js
+++ b/tests/functional/aws-node-sdk/test/bucket/deleteLifecycle.js
@ -1,9 +1,9 @@
 const assert = require('assert');
-const { errors } = require('arsenal');
 const { S3 } = require('aws-sdk');

 const getConfig = require('../support/config');
 const BucketUtility = require('../../lib/utility/bucket-util');
+const assertError = require('../../lib/utility/assertError');

 const bucket = 'lifecycledeletetestbucket';
 const basicRule = {
@ -15,20 +15,6 @@ const basicRule = {
    },
 };

-// Check for the expected error response code and status code.
-function assertError(err, expectedErr, cb) {
-    if (expectedErr === null) {
-        assert.strictEqual(err, null, `expected no error but got '${err}'`);
-    } else {
-        assert.strictEqual(err.code, expectedErr, 'incorrect error response ' +
-            `code: should be '${expectedErr}' but got '${err.code}'`);
-        assert.strictEqual(err.statusCode, errors[expectedErr].code,
-            'incorrect error status code: should be 400 but got ' +
-            `'${err.statusCode}'`);
-    }
-    cb();
-}
-
 describe('aws-sdk test delete bucket lifecycle', () => {
    let s3;
    let otherAccountS3;
--- a/tests/functional/aws-node-sdk/test/bucket/getBucketLifecycle.js
+++ b/tests/functional/aws-node-sdk/test/bucket/getBucketLifecycle.js
@ -1,9 +1,9 @@
 const assert = require('assert');
-const { errors } = require('arsenal');
 const { S3 } = require('aws-sdk');

 const getConfig = require('../support/config');
 const BucketUtility = require('../../lib/utility/bucket-util');
+const assertError = require('../../lib/utility/assertError');

 const bucket = 'lifecycletestbucket';
 const lifecycleConfig = {
@ -25,20 +25,6 @@ const expectedConfig = {
    NoncurrentVersionTransitions: [],
 };

-// Check for the expected error response code and status code.
-function assertError(err, expectedErr, cb) {
-    if (expectedErr === null) {
-        assert.strictEqual(err, null, `expected no error but got '${err}'`);
-    } else {
-        assert.strictEqual(err.code, expectedErr, 'incorrect error response ' +
-            `code: should be '${expectedErr}' but got '${err.code}'`);
-        assert.strictEqual(err.statusCode, errors[expectedErr].code,
-            'incorrect error status code: should be 400 but got ' +
-            `'${err.statusCode}'`);
-    }
-    cb();
-}
-
 describe('aws-sdk test get bucket lifecycle', () => {
    let s3;
    let otherAccountS3;
--- a/tests/functional/aws-node-sdk/test/bucket/getBucketPolicy.js
+++ b/tests/functional/aws-node-sdk/test/bucket/getBucketPolicy.js
@ -1,9 +1,9 @@
 const assert = require('assert');
-const { errors } = require('arsenal');
 const { S3 } = require('aws-sdk');

 const getConfig = require('../support/config');
 const BucketUtility = require('../../lib/utility/bucket-util');
+const assertError = require('../../lib/utility/assertError');

 const bucket = 'getbucketpolicy-testbucket';
 const bucketPolicy = {
@ -24,20 +24,6 @@ const expectedPolicy = {
    Resource: `arn:aws:s3:::${bucket}`,
 };

-// Check for the expected error response code and status code.
-function assertError(err, expectedErr, cb) {
-    if (expectedErr === null) {
-        assert.strictEqual(err, null, `expected no error but got '${err}'`);
-    } else {
-        assert.strictEqual(err.code, expectedErr, 'incorrect error response ' +
-            `code: should be '${expectedErr}' but got '${err.code}'`);
-        assert.strictEqual(err.statusCode, errors[expectedErr].code,
-            'incorrect error status code: should be 400 but got ' +
-            `'${err.statusCode}'`);
-    }
-    cb();
-}
-
 describe('aws-sdk test get bucket policy', () => {
    const config = getConfig('default', { signatureVersion: 'v4' });
    const s3 = new S3(config);
--- a/tests/functional/aws-node-sdk/test/bucket/putBucketLifecycle.js
+++ b/tests/functional/aws-node-sdk/test/bucket/putBucketLifecycle.js
@ -1,9 +1,8 @@
-const assert = require('assert');
-const { errors } = require('arsenal');
 const { S3 } = require('aws-sdk');

 const getConfig = require('../support/config');
 const BucketUtility = require('../../lib/utility/bucket-util');
+const assertError = require('../../lib/utility/assertError');

 const bucket = 'lifecycleputtestbucket';
 const basicRule = {
@ -15,20 +14,6 @@ const basicRule = {
    },
 };

-// Check for the expected error response code and status code.
-function assertError(err, expectedErr, cb) {
-    if (expectedErr === null) {
-        assert.strictEqual(err, null, `expected no error but got '${err}'`);
-    } else {
-        assert.strictEqual(err.code, expectedErr, 'incorrect error response ' +
-            `code: should be '${expectedErr}' but got '${err.code}'`);
-        assert.strictEqual(err.statusCode, errors[expectedErr].code,
-            'incorrect error status code: should be  ' +
-            `${errors[expectedErr].code}, but got '${err.statusCode}'`);
-    }
-    cb();
-}
-
 function getLifecycleParams(paramToChange) {
    const newParam = {};
    const lifecycleConfig = {
--- a/tests/functional/aws-node-sdk/test/bucket/putBucketObjectLock.js
+++ b/tests/functional/aws-node-sdk/test/bucket/putBucketObjectLock.js
@ -0,0 +1,141 @@
+const { S3 } = require('aws-sdk');
+
+const getConfig = require('../support/config');
+const BucketUtility = require('../../lib/utility/bucket-util');
+const assertError = require('../../lib/utility/assertError');
+
+const bucket = 'objectlockputtestbucket';
+const basicConfig = {
+    Mode: 'GOVERNANCE',
+    Days: 1,
+};
+
+function getObjectLockParams(paramToChange) {
+    const newParam = {};
+    const objectLockConfig = {
+        ObjectLockEnabled: 'Enabled',
+        Rule: {
+            DefaultRetention: basicConfig,
+        },
+    };
+    if (paramToChange) {
+        if (paramToChange.key === 'DefaultRetention') {
+            objectLockConfig.Rule.DefaultRetention = paramToChange.value;
+        } else if (paramToChange.key === 'Rule') {
+            objectLockConfig.Rule = paramToChange.value;
+        } else {
+            newParam[paramToChange.key] = paramToChange.value;
+            objectLockConfig.Rule.DefaultRetention = Object.assign(
+                {}, basicConfig, newParam);
+        }
+    }
+    return {
+        Bucket: bucket,
+        ObjectLockConfiguration: objectLockConfig,
+    };
+}
+
+describe('aws-sdk test put bucket object lock', () => {
+    let s3;
+    let otherAccountS3;
+
+    before(done => {
+        const config = getConfig('default', { signatureVersion: 'v4' });
+        s3 = new S3(config);
+        otherAccountS3 = new BucketUtility('lisa', {}).s3;
+        return done();
+    });
+
+    it('should return NoSuchBucket error if bucket does not exist', done => {
+        const params = getObjectLockParams();
+        s3.putObjectLockConfiguration(params, err =>
+            assertError(err, 'NoSuchBucket', done));
+    });
+
+    describe('without object lock enabled', () => {
+        beforeEach(done => s3.createBucket({ Bucket: bucket }, done));
+
+        it('should return InvalidBucketState', done => {
+            const params = getObjectLockParams();
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, 'InvalidBucketState', done));
+        });
+    });
+
+    describe('config rules', () => {
+        beforeEach(done => s3.createBucket({
+            Bucket: bucket,
+            ObjectLockEnabledForBucket: true,
+        }, done));
+
+        afterEach(done => s3.deleteBucket({ Bucket: bucket }, done));
+
+        it('should return AccessDenied if user is not bucket owner', done => {
+            const params = getObjectLockParams();
+            otherAccountS3.putObjectLockConfiguration(params,
+                err => assertError(err, 'AccessDenied', done));
+        });
+
+        it('should put object lock configuration on bucket', done => {
+            const params = getObjectLockParams();
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, null, done));
+        });
+
+        it('should not allow object lock config with empty Rule', done => {
+            const params = getObjectLockParams({ key: 'Rule', value: {} });
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, 'MalformedXML', done));
+        });
+
+        it('should not allow object lock config with no DefaultRetention',
+        done => {
+            const params = getObjectLockParams(
+                { key: 'DefaultRetention', value: {} });
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, 'MalformedXML', done));
+        });
+
+        it('should not allow object lock config with empty Mode', done => {
+            const params = getObjectLockParams({ key: 'Mode', value: '' });
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, 'MalformedXML', done));
+        });
+
+        it('should not allow object lock config with invalid Mode',
+        done => {
+            const params =
+                getObjectLockParams({ key: 'Mode', value: 'GOVERPLIANCE' });
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, 'InvalidArgument', done));
+        });
+
+        it('should not allow object lock config with empty Days', done => {
+            const params = getObjectLockParams({ key: 'Days', value: '' });
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, 'MalformedXML', done));
+        });
+
+        it('should not allow object lock config with 0 Days', done => {
+            const params = getObjectLockParams({ key: 'Days', value: 0 });
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, 'MalformedXML', done));
+        });
+
+        it('should not allow object lock config with invalid Days', done => {
+            const params = getObjectLockParams({ key: 'Days', value: 'one' });
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, 'MalformedXML', done));
+        });
+
+        it('should not allow object lock config with both Days and Years',
+        done => {
+            const params = getObjectLockParams({
+                key: 'DefaultRetention',
+                value: { Mode: 'GOVERNANCE', Days: 1, Years: 1 },
+            });
+            s3.putObjectLockConfiguration(params, err =>
+                assertError(err, 'MalformedXML', done));
+        });
+    });
+});
--- a/tests/functional/aws-node-sdk/test/bucket/putBucketPolicy.js
+++ b/tests/functional/aws-node-sdk/test/bucket/putBucketPolicy.js
@ -1,9 +1,8 @@
-const assert = require('assert');
-const { errors } = require('arsenal');
 const { S3 } = require('aws-sdk');

 const getConfig = require('../support/config');
 const BucketUtility = require('../../lib/utility/bucket-util');
+const assertError = require('../../lib/utility/assertError');

 const bucket = 'policyputtestbucket';
 const basicStatement = {
@ -30,20 +29,6 @@ function getPolicyParams(paramToChange) {
    };
 }

-// Check for the expected error response code and status code.
-function assertError(err, expectedErr, cb) {
-    if (expectedErr === null) {
-        assert.strictEqual(err, null, `expected no error but got '${err}'`);
-    } else {
-        assert.strictEqual(err.code, expectedErr, 'incorrect error response ' +
-            `code: should be '${expectedErr}' but got '${err.code}'`);
-        assert.strictEqual(err.statusCode, errors[expectedErr].code,
-            'incorrect error status code: should be  ' +
-            `${errors[expectedErr].code}, but got '${err.statusCode}'`);
-    }
-    cb();
-}
-
 describe('aws-sdk test put bucket policy', () => {
    let s3;
    let otherAccountS3;
--- a/tests/functional/aws-node-sdk/test/bucket/putBucketReplication.js
+++ b/tests/functional/aws-node-sdk/test/bucket/putBucketReplication.js
@ -1,28 +1,15 @@
 const assert = require('assert');
-const { errors } = require('arsenal');
 const { S3 } = require('aws-sdk');
 const { series } = require('async');

 const getConfig = require('../support/config');
 const replicationUtils = require('../../lib/utility/replication');
 const BucketUtility = require('../../lib/utility/bucket-util');
+const assertError = require('../../lib/utility/assertError');

 const sourceBucket = 'source-bucket';
 const destinationBucket = 'destination-bucket';

-// Check for the expected error response code and status code.
-function assertError(err, expectedErr) {
-    if (expectedErr === null) {
-        assert.strictEqual(err, null, `expected no error but got '${err}'`);
-    } else {
-        assert.strictEqual(err.code, expectedErr, 'incorrect error response ' +
-            `code: should be '${expectedErr}' but got '${err.code}'`);
-        assert.strictEqual(err.statusCode, errors[expectedErr].code,
-            'incorrect error status code: should be 400 but got ' +
-            `'${err.statusCode}'`);
-    }
-}
-
 // Get parameters for putBucketReplication.
 function getReplicationParams(config) {
    return {
@ -77,8 +64,7 @@ describe('aws-node-sdk test putBucketReplication bucket status', () => {
            next => s3.putBucketVersioning(versioningParams, next),
            next => s3.putBucketReplication(replicationParams, next),
        ], err => {
-            assertError(err, expectedErr);
-            return cb();
+            assertError(err, expectedErr, cb);
        });
    }

@ -91,8 +77,7 @@ describe('aws-node-sdk test putBucketReplication bucket status', () => {

    it('should return \'NoSuchBucket\' error if bucket does not exist', done =>
        s3.putBucketReplication(replicationParams, err => {
-            assertError(err, 'NoSuchBucket');
-            return done();
+            assertError(err, 'NoSuchBucket', done);
        }));

    describe('test putBucketReplication bucket versioning status', () => {
@ -111,8 +96,7 @@ describe('aws-node-sdk test putBucketReplication bucket status', () => {

        it('should not put configuration on bucket without versioning', done =>
            s3.putBucketReplication(replicationParams, err => {
-                assertError(err, 'InvalidRequest');
-                return done();
+                assertError(err, 'InvalidRequest', done);
            }));

        it('should not put configuration on bucket with \'Suspended\'' +
@ -129,10 +113,8 @@ describe('aws-node-sdk test putBucketReplication configuration rules', () => {

    function checkError(config, expectedErr, cb) {
        const replicationParams = getReplicationParams(config);
-        s3.putBucketReplication(replicationParams, err => {
-            assertError(err, expectedErr);
-            return cb();
-        });
+        s3.putBucketReplication(replicationParams, err =>
+            assertError(err, expectedErr, cb));
    }

    beforeEach(done => {