2021-04-18 12:41:13 -07:00
// Copyright (c) 2015-2021 MinIO, Inc.
//
// This file is part of MinIO Object Storage stack
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
2016-09-09 10:18:38 -07:00
package cmd
import (
"bytes"
"encoding/xml"
2021-11-24 19:01:07 +01:00
"fmt"
2022-09-19 20:05:16 +02:00
"io"
2016-09-09 10:18:38 -07:00
"net/http"
"net/http/httptest"
2016-11-16 09:46:09 -08:00
"strconv"
2016-09-09 10:18:38 -07:00
"testing"
2017-10-31 11:54:32 -07:00
2021-06-01 14:59:40 -07:00
"github.com/minio/minio/internal/auth"
2016-09-09 10:18:38 -07:00
)
2020-06-12 20:04:01 -07:00
// Wrapper for calling RemoveBucket HTTP handler tests for both Erasure multiple disks and single node setup.
2020-03-28 04:52:59 +00:00
func TestRemoveBucketHandler ( t * testing . T ) {
ExecObjectLayerAPITest ( t , testRemoveBucketHandler , [ ] string { "RemoveBucket" } )
}
func testRemoveBucketHandler ( obj ObjectLayer , instanceType , bucketName string , apiRouter http . Handler ,
2022-04-13 12:00:11 -07:00
credentials auth . Credentials , t * testing . T ,
) {
2020-12-26 22:58:06 -08:00
_ , err := obj . PutObject ( GlobalContext , bucketName , "test-object" , mustGetPutObjReader ( t , bytes . NewReader ( [ ] byte { } ) , int64 ( 0 ) , "" , "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" ) , ObjectOptions { } )
2020-03-28 04:52:59 +00:00
// if object upload fails stop the test.
if err != nil {
t . Fatalf ( "Error uploading object: <ERROR> %v" , err )
}
// initialize httptest Recorder, this records any mutations to response writer inside the handler.
rec := httptest . NewRecorder ( )
// construct HTTP request for DELETE bucket.
2020-07-20 12:52:49 -07:00
req , err := newTestSignedRequestV4 ( http . MethodDelete , getBucketLocationURL ( "" , bucketName ) , 0 , nil , credentials . AccessKey , credentials . SecretKey , nil )
2020-03-28 04:52:59 +00:00
if err != nil {
t . Fatalf ( "Test %s: Failed to create HTTP request for RemoveBucketHandler: <ERROR> %v" , instanceType , err )
}
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( rec , req )
switch rec . Code {
case http . StatusOK , http . StatusCreated , http . StatusAccepted , http . StatusNoContent :
t . Fatalf ( "Test %v: expected failure, but succeeded with %v" , instanceType , rec . Code )
}
// Verify response of the V2 signed HTTP request.
// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
recV2 := httptest . NewRecorder ( )
// construct HTTP request for DELETE bucket.
2020-07-20 12:52:49 -07:00
reqV2 , err := newTestSignedRequestV2 ( http . MethodDelete , getBucketLocationURL ( "" , bucketName ) , 0 , nil , credentials . AccessKey , credentials . SecretKey , nil )
2020-03-28 04:52:59 +00:00
if err != nil {
t . Fatalf ( "Test %s: Failed to create HTTP request for RemoveBucketHandler: <ERROR> %v" , instanceType , err )
}
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( recV2 , reqV2 )
switch recV2 . Code {
case http . StatusOK , http . StatusCreated , http . StatusAccepted , http . StatusNoContent :
t . Fatalf ( "Test %v: expected failure, but succeeded with %v" , instanceType , recV2 . Code )
}
}
2020-06-12 20:04:01 -07:00
// Wrapper for calling GetBucketPolicy HTTP handler tests for both Erasure multiple disks and single node setup.
2016-09-09 10:18:38 -07:00
func TestGetBucketLocationHandler ( t * testing . T ) {
2016-10-09 21:51:37 +05:30
ExecObjectLayerAPITest ( t , testGetBucketLocationHandler , [ ] string { "GetBucketLocation" } )
2016-09-09 10:18:38 -07:00
}
2016-10-09 21:51:37 +05:30
func testGetBucketLocationHandler ( obj ObjectLayer , instanceType , bucketName string , apiRouter http . Handler ,
2022-01-02 09:15:06 -08:00
credentials auth . Credentials , t * testing . T ,
) {
2016-09-09 10:18:38 -07:00
// test cases with sample input and expected output.
testCases := [ ] struct {
bucketName string
accessKey string
secretKey string
// expected Response.
expectedRespStatus int
locationResponse [ ] byte
errorResponse APIErrorResponse
shouldPass bool
} {
2016-10-13 21:55:56 +05:30
// Test case - 1.
2016-09-09 10:18:38 -07:00
// Tests for authenticated request and proper response.
{
2016-10-13 21:55:56 +05:30
bucketName : bucketName ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-10-13 21:55:56 +05:30
expectedRespStatus : http . StatusOK ,
locationResponse : [ ] byte ( ` < ? xml version = "1.0" encoding = "UTF-8" ? >
2016-09-09 10:18:38 -07:00
< LocationConstraint xmlns = "http://s3.amazonaws.com/doc/2006-03-01/" > < / LocationConstraint > ` ) ,
2016-10-13 21:55:56 +05:30
errorResponse : APIErrorResponse { } ,
shouldPass : true ,
2016-09-09 10:18:38 -07:00
} ,
2016-10-13 21:55:56 +05:30
// Test case - 2.
// Tests for signature mismatch error.
2016-09-09 10:18:38 -07:00
{
2016-10-13 21:55:56 +05:30
bucketName : bucketName ,
accessKey : "abcd" ,
secretKey : "abcd" ,
expectedRespStatus : http . StatusForbidden ,
locationResponse : [ ] byte ( "" ) ,
errorResponse : APIErrorResponse {
2019-08-06 12:08:58 -07:00
Resource : SlashSeparator + bucketName + SlashSeparator ,
2017-05-24 06:07:52 +03:00
Code : "InvalidAccessKeyId" ,
2020-05-21 09:09:18 -07:00
Message : "The Access Key Id you provided does not exist in our records." ,
2016-09-09 10:18:38 -07:00
} ,
2016-10-13 21:55:56 +05:30
shouldPass : false ,
2016-09-09 10:18:38 -07:00
} ,
}
for i , testCase := range testCases {
2016-10-13 21:55:56 +05:30
if i != 1 {
continue
}
2016-10-11 12:30:02 +05:30
// initialize httptest Recorder, this records any mutations to response writer inside the handler.
2016-09-09 10:18:38 -07:00
rec := httptest . NewRecorder ( )
2016-09-13 19:00:01 -07:00
// construct HTTP request for Get bucket location.
2020-07-20 12:52:49 -07:00
req , err := newTestSignedRequestV4 ( http . MethodGet , getBucketLocationURL ( "" , testCase . bucketName ) , 0 , nil , testCase . accessKey , testCase . secretKey , nil )
2016-09-09 10:18:38 -07:00
if err != nil {
2016-09-13 19:00:01 -07:00
t . Fatalf ( "Test %d: %s: Failed to create HTTP request for GetBucketLocationHandler: <ERROR> %v" , i + 1 , instanceType , err )
2016-09-09 10:18:38 -07:00
}
2016-10-13 21:55:56 +05:30
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
2016-09-09 10:18:38 -07:00
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( rec , req )
if rec . Code != testCase . expectedRespStatus {
t . Errorf ( "Test %d: %s: Expected the response status to be `%d`, but instead found `%d`" , i + 1 , instanceType , testCase . expectedRespStatus , rec . Code )
}
if ! bytes . Equal ( testCase . locationResponse , rec . Body . Bytes ( ) ) && testCase . shouldPass {
2019-02-13 04:59:36 -08:00
t . Errorf ( "Test %d: %s: Expected the response to be `%s`, but instead found `%s`" , i + 1 , instanceType , string ( testCase . locationResponse ) , rec . Body . String ( ) )
2016-09-09 10:18:38 -07:00
}
errorResponse := APIErrorResponse { }
err = xml . Unmarshal ( rec . Body . Bytes ( ) , & errorResponse )
if err != nil && ! testCase . shouldPass {
2019-02-13 04:59:36 -08:00
t . Fatalf ( "Test %d: %s: Unable to marshal response body %s" , i + 1 , instanceType , rec . Body . String ( ) )
2016-09-09 10:18:38 -07:00
}
if errorResponse . Resource != testCase . errorResponse . Resource {
t . Errorf ( "Test %d: %s: Expected the error resource to be `%s`, but instead found `%s`" , i + 1 , instanceType , testCase . errorResponse . Resource , errorResponse . Resource )
}
if errorResponse . Message != testCase . errorResponse . Message {
t . Errorf ( "Test %d: %s: Expected the error message to be `%s`, but instead found `%s`" , i + 1 , instanceType , testCase . errorResponse . Message , errorResponse . Message )
}
if errorResponse . Code != testCase . errorResponse . Code {
t . Errorf ( "Test %d: %s: Expected the error code to be `%s`, but instead found `%s`" , i + 1 , instanceType , testCase . errorResponse . Code , errorResponse . Code )
}
2016-10-13 21:55:56 +05:30
// Verify response of the V2 signed HTTP request.
// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
recV2 := httptest . NewRecorder ( )
// construct HTTP request for PUT bucket policy endpoint.
2020-07-20 12:52:49 -07:00
reqV2 , err := newTestSignedRequestV2 ( http . MethodGet , getBucketLocationURL ( "" , testCase . bucketName ) , 0 , nil , testCase . accessKey , testCase . secretKey , nil )
2016-10-13 21:55:56 +05:30
if err != nil {
t . Fatalf ( "Test %d: %s: Failed to create HTTP request for PutBucketPolicyHandler: <ERROR> %v" , i + 1 , instanceType , err )
}
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( recV2 , reqV2 )
if recV2 . Code != testCase . expectedRespStatus {
t . Errorf ( "Test %d: %s: Expected the response status to be `%d`, but instead found `%d`" , i + 1 , instanceType , testCase . expectedRespStatus , recV2 . Code )
}
errorResponse = APIErrorResponse { }
err = xml . Unmarshal ( recV2 . Body . Bytes ( ) , & errorResponse )
if err != nil && ! testCase . shouldPass {
2019-02-13 04:59:36 -08:00
t . Fatalf ( "Test %d: %s: Unable to marshal response body %s" , i + 1 , instanceType , recV2 . Body . String ( ) )
2016-10-13 21:55:56 +05:30
}
if errorResponse . Resource != testCase . errorResponse . Resource {
t . Errorf ( "Test %d: %s: Expected the error resource to be `%s`, but instead found `%s`" , i + 1 , instanceType , testCase . errorResponse . Resource , errorResponse . Resource )
}
if errorResponse . Message != testCase . errorResponse . Message {
t . Errorf ( "Test %d: %s: Expected the error message to be `%s`, but instead found `%s`" , i + 1 , instanceType , testCase . errorResponse . Message , errorResponse . Message )
}
if errorResponse . Code != testCase . errorResponse . Code {
t . Errorf ( "Test %d: %s: Expected the error code to be `%s`, but instead found `%s`" , i + 1 , instanceType , testCase . errorResponse . Code , errorResponse . Code )
}
2016-09-09 10:18:38 -07:00
}
2016-10-09 21:51:37 +05:30
// Test for Anonymous/unsigned http request.
// ListBucketsHandler doesn't support bucket policies, setting the policies shouldn't make any difference.
2020-07-20 12:52:49 -07:00
anonReq , err := newTestRequest ( http . MethodGet , getBucketLocationURL ( "" , bucketName ) , 0 , nil )
2016-10-09 21:51:37 +05:30
if err != nil {
2019-04-09 11:39:42 -07:00
t . Fatalf ( "MinIO %s: Failed to create an anonymous request." , instanceType )
2016-10-09 21:51:37 +05:30
}
// ExecObjectLayerAPIAnonTest - Calls the HTTP API handler using the anonymous request, validates the ErrAccessDeniedResponse,
// sets the bucket policy using the policy statement generated from `getReadOnlyBucketStatement` so that the
// unsigned request goes through and its validated again.
2018-04-25 04:23:30 +05:30
ExecObjectLayerAPIAnonTest ( t , obj , "TestGetBucketLocationHandler" , bucketName , "" , instanceType , apiRouter , anonReq , getAnonReadOnlyBucketPolicy ( bucketName ) )
2016-10-11 12:30:02 +05:30
// HTTP request for testing when `objectLayer` is set to `nil`.
// There is no need to use an existing bucket and valid input for creating the request
// since the `objectLayer==nil` check is performed before any other checks inside the handlers.
// The only aim is to generate an HTTP request in a way that the relevant/registered end point is evoked/called.
nilBucket := "dummy-bucket"
2020-07-20 12:52:49 -07:00
nilReq , err := newTestRequest ( http . MethodGet , getBucketLocationURL ( "" , nilBucket ) , 0 , nil )
2016-10-11 12:30:02 +05:30
if err != nil {
2019-04-09 11:39:42 -07:00
t . Errorf ( "MinIO %s: Failed to create HTTP request for testing the response when object Layer is set to `nil`." , instanceType )
2016-10-11 12:30:02 +05:30
}
// Executes the object layer set to `nil` test.
// `ExecObjectLayerAPINilTest` manages the operation.
ExecObjectLayerAPINilTest ( t , nilBucket , "" , instanceType , apiRouter , nilReq )
2016-09-09 10:18:38 -07:00
}
2020-06-12 20:04:01 -07:00
// Wrapper for calling HeadBucket HTTP handler tests for both Erasure multiple disks and single node setup.
2016-09-09 10:18:38 -07:00
func TestHeadBucketHandler ( t * testing . T ) {
2016-10-09 21:51:37 +05:30
ExecObjectLayerAPITest ( t , testHeadBucketHandler , [ ] string { "HeadBucket" } )
2016-09-09 10:18:38 -07:00
}
2016-10-09 21:51:37 +05:30
func testHeadBucketHandler ( obj ObjectLayer , instanceType , bucketName string , apiRouter http . Handler ,
2022-01-02 09:15:06 -08:00
credentials auth . Credentials , t * testing . T ,
) {
2016-09-09 10:18:38 -07:00
// test cases with sample input and expected output.
testCases := [ ] struct {
bucketName string
accessKey string
secretKey string
// expected Response.
expectedRespStatus int
} {
2016-10-13 21:55:56 +05:30
// Test case - 1.
2016-09-09 10:18:38 -07:00
// Bucket exists.
{
bucketName : bucketName ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-09-09 10:18:38 -07:00
expectedRespStatus : http . StatusOK ,
} ,
2016-10-13 21:55:56 +05:30
// Test case - 2.
2016-09-09 10:18:38 -07:00
// Non-existent bucket name.
{
bucketName : "2333" ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-09-09 10:18:38 -07:00
expectedRespStatus : http . StatusNotFound ,
} ,
2016-10-13 21:55:56 +05:30
// Test case - 3.
// Testing for signature mismatch error.
2024-01-17 23:03:17 -08:00
// setting invalid access and secret key.
2016-09-09 10:18:38 -07:00
{
bucketName : bucketName ,
2016-10-13 21:55:56 +05:30
accessKey : "abcd" ,
secretKey : "abcd" ,
2016-09-09 10:18:38 -07:00
expectedRespStatus : http . StatusForbidden ,
} ,
}
for i , testCase := range testCases {
// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
rec := httptest . NewRecorder ( )
2016-09-13 19:00:01 -07:00
// construct HTTP request for HEAD bucket.
2020-07-20 12:52:49 -07:00
req , err := newTestSignedRequestV4 ( http . MethodHead , getHEADBucketURL ( "" , testCase . bucketName ) , 0 , nil , testCase . accessKey , testCase . secretKey , nil )
2016-09-09 10:18:38 -07:00
if err != nil {
2016-09-13 19:00:01 -07:00
t . Fatalf ( "Test %d: %s: Failed to create HTTP request for HeadBucketHandler: <ERROR> %v" , i + 1 , instanceType , err )
2016-09-09 10:18:38 -07:00
}
2016-10-13 21:55:56 +05:30
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
2016-09-09 10:18:38 -07:00
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( rec , req )
if rec . Code != testCase . expectedRespStatus {
t . Errorf ( "Test %d: %s: Expected the response status to be `%d`, but instead found `%d`" , i + 1 , instanceType , testCase . expectedRespStatus , rec . Code )
}
2016-10-13 21:55:56 +05:30
// Verify response the V2 signed HTTP request.
// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
recV2 := httptest . NewRecorder ( )
// construct HTTP request for PUT bucket policy endpoint.
2020-07-20 12:52:49 -07:00
reqV2 , err := newTestSignedRequestV2 ( http . MethodHead , getHEADBucketURL ( "" , testCase . bucketName ) , 0 , nil , testCase . accessKey , testCase . secretKey , nil )
2016-10-13 21:55:56 +05:30
if err != nil {
t . Fatalf ( "Test %d: %s: Failed to create HTTP request for PutBucketPolicyHandler: <ERROR> %v" , i + 1 , instanceType , err )
}
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( recV2 , reqV2 )
if recV2 . Code != testCase . expectedRespStatus {
t . Errorf ( "Test %d: %s: Expected the response status to be `%d`, but instead found `%d`" , i + 1 , instanceType , testCase . expectedRespStatus , recV2 . Code )
}
2016-09-09 10:18:38 -07:00
}
2016-10-09 21:51:37 +05:30
// Test for Anonymous/unsigned http request.
2020-07-20 12:52:49 -07:00
anonReq , err := newTestRequest ( http . MethodHead , getHEADBucketURL ( "" , bucketName ) , 0 , nil )
2016-10-09 21:51:37 +05:30
if err != nil {
2019-04-09 11:39:42 -07:00
t . Fatalf ( "MinIO %s: Failed to create an anonymous request for bucket \"%s\": <ERROR> %v" ,
2016-10-09 21:51:37 +05:30
instanceType , bucketName , err )
}
// ExecObjectLayerAPIAnonTest - Calls the HTTP API handler using the anonymous request, validates the ErrAccessDeniedResponse,
// sets the bucket policy using the policy statement generated from `getReadOnlyBucketStatement` so that the
// unsigned request goes through and its validated again.
2018-04-25 04:23:30 +05:30
ExecObjectLayerAPIAnonTest ( t , obj , "TestHeadBucketHandler" , bucketName , "" , instanceType , apiRouter , anonReq , getAnonReadOnlyBucketPolicy ( bucketName ) )
2016-10-11 12:30:02 +05:30
// HTTP request for testing when `objectLayer` is set to `nil`.
// There is no need to use an existing bucket and valid input for creating the request
// since the `objectLayer==nil` check is performed before any other checks inside the handlers.
// The only aim is to generate an HTTP request in a way that the relevant/registered end point is evoked/called.
nilBucket := "dummy-bucket"
2020-07-20 12:52:49 -07:00
nilReq , err := newTestRequest ( http . MethodHead , getHEADBucketURL ( "" , nilBucket ) , 0 , nil )
2016-10-11 12:30:02 +05:30
if err != nil {
2019-04-09 11:39:42 -07:00
t . Errorf ( "MinIO %s: Failed to create HTTP request for testing the response when object Layer is set to `nil`." , instanceType )
2016-10-11 12:30:02 +05:30
}
// execute the object layer set to `nil` test.
// `ExecObjectLayerAPINilTest` manages the operation.
ExecObjectLayerAPINilTest ( t , nilBucket , "" , instanceType , apiRouter , nilReq )
2016-09-09 10:18:38 -07:00
}
2016-09-13 19:00:01 -07:00
2020-06-12 20:04:01 -07:00
// Wrapper for calling TestListMultipartUploadsHandler tests for both Erasure multiple disks and single node setup.
2016-09-13 19:00:01 -07:00
func TestListMultipartUploadsHandler ( t * testing . T ) {
2016-10-09 21:51:37 +05:30
ExecObjectLayerAPITest ( t , testListMultipartUploadsHandler , [ ] string { "ListMultipartUploads" } )
2016-09-13 19:00:01 -07:00
}
// testListMultipartUploadsHandler - Tests validate listing of multipart uploads.
2016-10-09 21:51:37 +05:30
func testListMultipartUploadsHandler ( obj ObjectLayer , instanceType , bucketName string , apiRouter http . Handler ,
2022-01-02 09:15:06 -08:00
credentials auth . Credentials , t * testing . T ,
) {
2016-09-13 19:00:01 -07:00
// Collection of non-exhaustive ListMultipartUploads test cases, valid errors
// and success responses.
testCases := [ ] struct {
// Inputs to ListMultipartUploads.
bucket string
prefix string
keyMarker string
uploadIDMarker string
delimiter string
maxUploads string
2016-10-13 21:55:56 +05:30
accessKey string
secretKey string
2016-09-13 19:00:01 -07:00
expectedRespStatus int
shouldPass bool
} {
2016-10-13 21:55:56 +05:30
// Test case - 1.
// Setting invalid bucket name.
{
bucket : ".test" ,
prefix : "" ,
keyMarker : "" ,
uploadIDMarker : "" ,
delimiter : "" ,
maxUploads : "0" ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2023-07-28 18:49:20 +01:00
expectedRespStatus : http . StatusBadRequest ,
2016-10-13 21:55:56 +05:30
shouldPass : false ,
} ,
// Test case - 2.
// Setting a non-existent bucket.
{
bucket : "volatile-bucket-1" ,
prefix : "" ,
keyMarker : "" ,
uploadIDMarker : "" ,
delimiter : "" ,
maxUploads : "0" ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-10-13 21:55:56 +05:30
expectedRespStatus : http . StatusNotFound ,
shouldPass : false ,
} ,
// Test case -3.
2019-11-19 17:42:27 -08:00
// Delimiter unsupported, but response is empty.
2016-10-13 21:55:56 +05:30
{
bucket : bucketName ,
prefix : "" ,
keyMarker : "" ,
uploadIDMarker : "" ,
delimiter : "-" ,
maxUploads : "0" ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2019-11-19 17:42:27 -08:00
expectedRespStatus : http . StatusOK ,
shouldPass : true ,
2016-10-13 21:55:56 +05:30
} ,
// Test case - 4.
// Setting Invalid prefix and marker combination.
{
bucket : bucketName ,
prefix : "asia" ,
keyMarker : "europe-object" ,
uploadIDMarker : "" ,
delimiter : "" ,
maxUploads : "0" ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-10-13 21:55:56 +05:30
expectedRespStatus : http . StatusNotImplemented ,
shouldPass : false ,
} ,
// Test case - 5.
// Invalid upload id and marker combination.
{
bucket : bucketName ,
prefix : "asia" ,
keyMarker : "asia/europe/" ,
uploadIDMarker : "abc" ,
delimiter : "" ,
maxUploads : "0" ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-10-13 21:55:56 +05:30
expectedRespStatus : http . StatusNotImplemented ,
shouldPass : false ,
} ,
// Test case - 6.
2024-01-17 23:03:17 -08:00
// Setting a negative value to max-uploads parameter, should result in http.StatusBadRequest.
2016-10-13 21:55:56 +05:30
{
bucket : bucketName ,
prefix : "" ,
keyMarker : "" ,
uploadIDMarker : "" ,
delimiter : "" ,
maxUploads : "-1" ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-10-13 21:55:56 +05:30
expectedRespStatus : http . StatusBadRequest ,
shouldPass : false ,
} ,
// Test case - 7.
// Case with right set of parameters,
// should result in success 200OK.
{
bucket : bucketName ,
prefix : "" ,
keyMarker : "" ,
uploadIDMarker : "" ,
2019-08-06 12:08:58 -07:00
delimiter : SlashSeparator ,
2016-10-13 21:55:56 +05:30
maxUploads : "100" ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-10-13 21:55:56 +05:30
expectedRespStatus : http . StatusOK ,
shouldPass : true ,
} ,
// Test case - 8.
// Good case without delimiter.
{
bucket : bucketName ,
prefix : "" ,
keyMarker : "" ,
uploadIDMarker : "" ,
delimiter : "" ,
maxUploads : "100" ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-10-13 21:55:56 +05:30
expectedRespStatus : http . StatusOK ,
shouldPass : true ,
} ,
// Test case - 9.
// Setting Invalid AccessKey and SecretKey to induce and verify Signature Mismatch error.
{
bucket : bucketName ,
prefix : "" ,
keyMarker : "" ,
uploadIDMarker : "" ,
delimiter : "" ,
maxUploads : "100" ,
accessKey : "abcd" ,
secretKey : "abcd" ,
expectedRespStatus : http . StatusForbidden ,
shouldPass : true ,
} ,
2016-09-13 19:00:01 -07:00
}
for i , testCase := range testCases {
// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
rec := httptest . NewRecorder ( )
// construct HTTP request for List multipart uploads endpoint.
u := getListMultipartUploadsURLWithParams ( "" , testCase . bucket , testCase . prefix , testCase . keyMarker , testCase . uploadIDMarker , testCase . delimiter , testCase . maxUploads )
2020-07-20 12:52:49 -07:00
req , gerr := newTestSignedRequestV4 ( http . MethodGet , u , 0 , nil , testCase . accessKey , testCase . secretKey , nil )
2016-09-13 19:00:01 -07:00
if gerr != nil {
t . Fatalf ( "Test %d: %s: Failed to create HTTP request for ListMultipartUploadsHandler: <ERROR> %v" , i + 1 , instanceType , gerr )
}
2016-10-13 21:55:56 +05:30
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
2016-09-13 19:00:01 -07:00
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( rec , req )
if rec . Code != testCase . expectedRespStatus {
t . Errorf ( "Test %d: %s: Expected the response status to be `%d`, but instead found `%d`" , i + 1 , instanceType , testCase . expectedRespStatus , rec . Code )
}
2016-10-13 21:55:56 +05:30
// Verify response the V2 signed HTTP request.
// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
recV2 := httptest . NewRecorder ( )
// construct HTTP request for PUT bucket policy endpoint.
// verify response for V2 signed HTTP request.
2020-07-20 12:52:49 -07:00
reqV2 , err := newTestSignedRequestV2 ( http . MethodGet , u , 0 , nil , testCase . accessKey , testCase . secretKey , nil )
2016-10-13 21:55:56 +05:30
if err != nil {
t . Fatalf ( "Test %d: %s: Failed to create HTTP request for PutBucketPolicyHandler: <ERROR> %v" , i + 1 , instanceType , err )
}
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( recV2 , reqV2 )
if recV2 . Code != testCase . expectedRespStatus {
t . Errorf ( "Test %d: %s: Expected the response status to be `%d`, but instead found `%d`" , i + 1 , instanceType , testCase . expectedRespStatus , recV2 . Code )
}
2016-09-13 19:00:01 -07:00
}
// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
rec := httptest . NewRecorder ( )
// construct HTTP request for List multipart uploads endpoint.
u := getListMultipartUploadsURLWithParams ( "" , bucketName , "" , "" , "" , "" , "" )
2020-07-20 12:52:49 -07:00
req , err := newTestSignedRequestV4 ( http . MethodGet , u , 0 , nil , "" , "" , nil ) // Generate an anonymous request.
2016-09-13 19:00:01 -07:00
if err != nil {
t . Fatalf ( "Test %s: Failed to create HTTP request for ListMultipartUploadsHandler: <ERROR> %v" , instanceType , err )
}
2016-10-13 21:55:56 +05:30
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
2016-09-13 19:00:01 -07:00
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( rec , req )
if rec . Code != http . StatusForbidden {
t . Errorf ( "Test %s: Expected the response status to be `http.StatusForbidden`, but instead found `%d`" , instanceType , rec . Code )
}
2016-10-09 21:51:37 +05:30
url := getListMultipartUploadsURLWithParams ( "" , testCases [ 6 ] . bucket , testCases [ 6 ] . prefix , testCases [ 6 ] . keyMarker ,
testCases [ 6 ] . uploadIDMarker , testCases [ 6 ] . delimiter , testCases [ 6 ] . maxUploads )
// Test for Anonymous/unsigned http request.
2020-07-20 12:52:49 -07:00
anonReq , err := newTestRequest ( http . MethodGet , url , 0 , nil )
2016-10-09 21:51:37 +05:30
if err != nil {
2019-04-09 11:39:42 -07:00
t . Fatalf ( "MinIO %s: Failed to create an anonymous request for bucket \"%s\": <ERROR> %v" ,
2016-10-09 21:51:37 +05:30
instanceType , bucketName , err )
}
// ExecObjectLayerAPIAnonTest - Calls the HTTP API handler using the anonymous request, validates the ErrAccessDeniedResponse,
// sets the bucket policy using the policy statement generated from `getWriteOnlyBucketStatement` so that the
// unsigned request goes through and its validated again.
2018-04-25 04:23:30 +05:30
ExecObjectLayerAPIAnonTest ( t , obj , "TestListMultipartUploadsHandler" , bucketName , "" , instanceType , apiRouter , anonReq , getAnonWriteOnlyBucketPolicy ( bucketName ) )
2016-10-09 21:51:37 +05:30
2016-10-11 12:30:02 +05:30
// HTTP request for testing when `objectLayer` is set to `nil`.
// There is no need to use an existing bucket and valid input for creating the request
// since the `objectLayer==nil` check is performed before any other checks inside the handlers.
// The only aim is to generate an HTTP request in a way that the relevant/registered end point is evoked/called.
nilBucket := "dummy-bucket"
url = getListMultipartUploadsURLWithParams ( "" , nilBucket , "dummy-prefix" , testCases [ 6 ] . keyMarker ,
testCases [ 6 ] . uploadIDMarker , testCases [ 6 ] . delimiter , testCases [ 6 ] . maxUploads )
2020-07-20 12:52:49 -07:00
nilReq , err := newTestRequest ( http . MethodGet , url , 0 , nil )
2016-10-11 12:30:02 +05:30
if err != nil {
2019-04-09 11:39:42 -07:00
t . Errorf ( "MinIO %s: Failed to create HTTP request for testing the response when object Layer is set to `nil`." , instanceType )
2016-10-11 12:30:02 +05:30
}
// execute the object layer set to `nil` test.
// `ExecObjectLayerAPINilTest` manages the operation.
ExecObjectLayerAPINilTest ( t , nilBucket , "" , instanceType , apiRouter , nilReq )
2016-09-13 19:00:01 -07:00
}
2016-09-14 23:53:42 -07:00
2020-06-12 20:04:01 -07:00
// Wrapper for calling TestListBucketsHandler tests for both Erasure multiple disks and single node setup.
2016-09-14 23:53:42 -07:00
func TestListBucketsHandler ( t * testing . T ) {
2016-10-09 21:51:37 +05:30
ExecObjectLayerAPITest ( t , testListBucketsHandler , [ ] string { "ListBuckets" } )
2016-09-14 23:53:42 -07:00
}
// testListBucketsHandler - Tests validate listing of buckets.
2016-10-09 21:51:37 +05:30
func testListBucketsHandler ( obj ObjectLayer , instanceType , bucketName string , apiRouter http . Handler ,
2022-01-02 09:15:06 -08:00
credentials auth . Credentials , t * testing . T ,
) {
2016-09-14 23:53:42 -07:00
testCases := [ ] struct {
bucketName string
accessKey string
secretKey string
expectedRespStatus int
} {
2016-10-13 21:55:56 +05:30
// Test case - 1.
2016-09-14 23:53:42 -07:00
// Validate a good case request succeeds.
{
bucketName : bucketName ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-09-14 23:53:42 -07:00
expectedRespStatus : http . StatusOK ,
} ,
2016-10-13 21:55:56 +05:30
// Test case - 2.
2024-02-21 22:26:06 -08:00
// Test case with invalid accessKey to produce and validate Signature Mismatch error.
2016-09-14 23:53:42 -07:00
{
bucketName : bucketName ,
2016-10-13 21:55:56 +05:30
accessKey : "abcd" ,
secretKey : "abcd" ,
2016-09-14 23:53:42 -07:00
expectedRespStatus : http . StatusForbidden ,
} ,
}
for i , testCase := range testCases {
// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
rec := httptest . NewRecorder ( )
2020-07-20 12:52:49 -07:00
req , lerr := newTestSignedRequestV4 ( http . MethodGet , getListBucketURL ( "" ) , 0 , nil , testCase . accessKey , testCase . secretKey , nil )
2016-09-14 23:53:42 -07:00
if lerr != nil {
t . Fatalf ( "Test %d: %s: Failed to create HTTP request for ListBucketsHandler: <ERROR> %v" , i + 1 , instanceType , lerr )
}
2016-10-13 21:55:56 +05:30
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
2016-09-14 23:53:42 -07:00
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( rec , req )
if rec . Code != testCase . expectedRespStatus {
t . Errorf ( "Test %d: %s: Expected the response status to be `%d`, but instead found `%d`" , i + 1 , instanceType , testCase . expectedRespStatus , rec . Code )
}
2016-10-13 21:55:56 +05:30
// Verify response of the V2 signed HTTP request.
// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
recV2 := httptest . NewRecorder ( )
// construct HTTP request for PUT bucket policy endpoint.
// verify response for V2 signed HTTP request.
2020-07-20 12:52:49 -07:00
reqV2 , err := newTestSignedRequestV2 ( http . MethodGet , getListBucketURL ( "" ) , 0 , nil , testCase . accessKey , testCase . secretKey , nil )
2016-10-13 21:55:56 +05:30
if err != nil {
t . Fatalf ( "Test %d: %s: Failed to create HTTP request for PutBucketPolicyHandler: <ERROR> %v" , i + 1 , instanceType , err )
}
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
// Call the ServeHTTP to execute the handler.
apiRouter . ServeHTTP ( recV2 , reqV2 )
if recV2 . Code != testCase . expectedRespStatus {
t . Errorf ( "Test %d: %s: Expected the response status to be `%d`, but instead found `%d`" , i + 1 , instanceType , testCase . expectedRespStatus , recV2 . Code )
}
2016-09-14 23:53:42 -07:00
}
2016-10-09 21:51:37 +05:30
// Test for Anonymous/unsigned http request.
// ListBucketsHandler doesn't support bucket policies, setting the policies shouldn't make a difference.
2020-07-20 12:52:49 -07:00
anonReq , err := newTestRequest ( http . MethodGet , getListBucketURL ( "" ) , 0 , nil )
2016-10-09 21:51:37 +05:30
if err != nil {
2019-04-09 11:39:42 -07:00
t . Fatalf ( "MinIO %s: Failed to create an anonymous request." , instanceType )
2016-10-09 21:51:37 +05:30
}
// ExecObjectLayerAPIAnonTest - Calls the HTTP API handler using the anonymous request, validates the ErrAccessDeniedResponse,
// sets the bucket policy using the policy statement generated from `getWriteOnlyObjectStatement` so that the
// unsigned request goes through and its validated again.
2018-04-25 04:23:30 +05:30
ExecObjectLayerAPIAnonTest ( t , obj , "ListBucketsHandler" , "" , "" , instanceType , apiRouter , anonReq , getAnonWriteOnlyBucketPolicy ( "*" ) )
2016-10-11 12:30:02 +05:30
// HTTP request for testing when `objectLayer` is set to `nil`.
// There is no need to use an existing bucket and valid input for creating the request
// since the `objectLayer==nil` check is performed before any other checks inside the handlers.
// The only aim is to generate an HTTP request in a way that the relevant/registered end point is evoked/called.
2020-07-20 12:52:49 -07:00
nilReq , err := newTestRequest ( http . MethodGet , getListBucketURL ( "" ) , 0 , nil )
2016-10-11 12:30:02 +05:30
if err != nil {
2019-04-09 11:39:42 -07:00
t . Errorf ( "MinIO %s: Failed to create HTTP request for testing the response when object Layer is set to `nil`." , instanceType )
2016-10-11 12:30:02 +05:30
}
// execute the object layer set to `nil` test.
// `ExecObjectLayerAPINilTest` manages the operation.
ExecObjectLayerAPINilTest ( t , "" , "" , instanceType , apiRouter , nilReq )
2016-09-14 23:53:42 -07:00
}
2016-11-16 09:46:09 -08:00
2020-06-12 20:04:01 -07:00
// Wrapper for calling DeleteMultipleObjects HTTP handler tests for both Erasure multiple disks and single node setup.
2016-11-16 09:46:09 -08:00
func TestAPIDeleteMultipleObjectsHandler ( t * testing . T ) {
2021-11-24 19:01:07 +01:00
ExecObjectLayerAPITest ( t , testAPIDeleteMultipleObjectsHandler , [ ] string { "DeleteMultipleObjects" , "PutBucketPolicy" } )
2016-11-16 09:46:09 -08:00
}
func testAPIDeleteMultipleObjectsHandler ( obj ObjectLayer , instanceType , bucketName string , apiRouter http . Handler ,
2022-01-02 09:15:06 -08:00
credentials auth . Credentials , t * testing . T ,
) {
2016-11-16 09:46:09 -08:00
var err error
sha256sum := ""
var objectNames [ ] string
for i := 0 ; i < 10 ; i ++ {
2023-05-02 16:09:33 -07:00
contentBytes := [ ] byte ( "hello" )
2016-11-16 09:46:09 -08:00
objectName := "test-object-" + strconv . Itoa ( i )
2023-01-20 16:46:06 +01:00
if i == 0 {
objectName += "/"
2023-05-02 16:09:33 -07:00
contentBytes = [ ] byte { }
2023-01-20 16:46:06 +01:00
}
2016-11-16 09:46:09 -08:00
// uploading the object.
2020-12-26 22:58:06 -08:00
_ , err = obj . PutObject ( GlobalContext , bucketName , objectName , mustGetPutObjReader ( t , bytes . NewReader ( contentBytes ) , int64 ( len ( contentBytes ) ) , "" , sha256sum ) , ObjectOptions { } )
2016-11-16 09:46:09 -08:00
// if object upload fails stop the test.
if err != nil {
t . Fatalf ( "Put Object %d: Error uploading object: <ERROR> %v" , i , err )
}
// object used for the test.
objectNames = append ( objectNames , objectName )
}
2023-05-02 16:09:33 -07:00
contentBytes := [ ] byte ( "hello" )
2021-11-24 19:01:07 +01:00
for _ , name := range [ ] string { "private/object" , "public/object" } {
// Uploading the object with retention enabled
_ , err = obj . PutObject ( GlobalContext , bucketName , name , mustGetPutObjReader ( t , bytes . NewReader ( contentBytes ) , int64 ( len ( contentBytes ) ) , "" , sha256sum ) , ObjectOptions { } )
// if object upload fails stop the test.
if err != nil {
t . Fatalf ( "Put Object %s: Error uploading object: <ERROR> %v" , name , err )
}
}
// The following block will create a bucket policy with delete object to 'public/*'. This is
// to test a mixed response of a successful & failure while deleting objects in a single request
policyBytes := [ ] byte ( fmt . Sprintf ( ` { "Id": "Policy1637752602639", "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1637752600730", "Action": "s3:DeleteObject", "Effect": "Allow", "Resource": "arn:aws:s3:::%s/public/*", "Principal": "*"}]} ` , bucketName ) )
rec := httptest . NewRecorder ( )
req , err := newTestSignedRequestV4 ( http . MethodPut , getPutPolicyURL ( "" , bucketName ) , int64 ( len ( policyBytes ) ) , bytes . NewReader ( policyBytes ) ,
credentials . AccessKey , credentials . SecretKey , nil )
if err != nil {
t . Fatalf ( "Failed to create HTTP request for PutBucketPolicyHandler: <ERROR> %v" , err )
}
apiRouter . ServeHTTP ( rec , req )
if rec . Code != http . StatusNoContent {
t . Errorf ( "Expected the response status to be `%d`, but instead found `%d`" , 200 , rec . Code )
}
2020-06-12 20:04:01 -07:00
getObjectToDeleteList := func ( objectNames [ ] string ) ( objectList [ ] ObjectToDelete ) {
2016-11-16 09:46:09 -08:00
for _ , objectName := range objectNames {
2020-06-12 20:04:01 -07:00
objectList = append ( objectList , ObjectToDelete {
2022-01-03 01:28:52 -08:00
ObjectV : ObjectV {
ObjectName : objectName ,
} ,
2020-06-12 20:04:01 -07:00
} )
2016-11-16 09:46:09 -08:00
}
2020-06-12 20:04:01 -07:00
return objectList
2016-11-16 09:46:09 -08:00
}
2020-06-12 20:04:01 -07:00
getDeleteErrorList := func ( objects [ ] ObjectToDelete ) ( deleteErrorList [ ] DeleteError ) {
2017-08-16 05:49:31 +10:00
for _ , obj := range objects {
deleteErrorList = append ( deleteErrorList , DeleteError {
2019-02-12 01:25:52 -08:00
Code : errorCodes [ ErrAccessDenied ] . Code ,
Message : errorCodes [ ErrAccessDenied ] . Description ,
2017-08-16 05:49:31 +10:00
Key : obj . ObjectName ,
} )
}
return deleteErrorList
}
2016-11-16 09:46:09 -08:00
2022-01-03 01:28:52 -08:00
objects := [ ] ObjectToDelete { }
objects = append ( objects , ObjectToDelete {
ObjectV : ObjectV {
ObjectName : "private/object" ,
} ,
} )
objects = append ( objects , ObjectToDelete {
ObjectV : ObjectV {
ObjectName : "public/object" ,
} ,
} )
2016-11-16 09:46:09 -08:00
requestList := [ ] DeleteObjectsRequest {
2020-06-12 20:04:01 -07:00
{ Quiet : false , Objects : getObjectToDeleteList ( objectNames [ : 5 ] ) } ,
{ Quiet : true , Objects : getObjectToDeleteList ( objectNames [ 5 : ] ) } ,
2022-01-03 01:28:52 -08:00
{ Quiet : false , Objects : objects } ,
2016-11-16 09:46:09 -08:00
}
// generate multi objects delete response.
successRequest0 := encodeResponse ( requestList [ 0 ] )
2020-06-12 20:04:01 -07:00
deletedObjects := make ( [ ] DeletedObject , len ( requestList [ 0 ] . Objects ) )
for i := range requestList [ 0 ] . Objects {
2023-05-04 14:43:52 -07:00
var vid string
if isDirObject ( requestList [ 0 ] . Objects [ i ] . ObjectName ) {
2023-06-23 13:26:00 -07:00
vid = ""
2023-05-04 14:43:52 -07:00
}
2020-06-12 20:04:01 -07:00
deletedObjects [ i ] = DeletedObject {
ObjectName : requestList [ 0 ] . Objects [ i ] . ObjectName ,
2023-05-04 14:43:52 -07:00
VersionID : vid ,
2020-06-12 20:04:01 -07:00
}
}
successResponse0 := generateMultiDeleteResponse ( requestList [ 0 ] . Quiet , deletedObjects , nil )
2016-11-16 09:46:09 -08:00
encodedSuccessResponse0 := encodeResponse ( successResponse0 )
successRequest1 := encodeResponse ( requestList [ 1 ] )
2020-06-12 20:04:01 -07:00
deletedObjects = make ( [ ] DeletedObject , len ( requestList [ 1 ] . Objects ) )
2023-05-04 14:43:52 -07:00
for i := range requestList [ 1 ] . Objects {
var vid string
if isDirObject ( requestList [ 0 ] . Objects [ i ] . ObjectName ) {
2023-06-23 13:26:00 -07:00
vid = ""
2023-05-04 14:43:52 -07:00
}
2020-06-12 20:04:01 -07:00
deletedObjects [ i ] = DeletedObject {
ObjectName : requestList [ 1 ] . Objects [ i ] . ObjectName ,
2023-05-04 14:43:52 -07:00
VersionID : vid ,
2020-06-12 20:04:01 -07:00
}
}
successResponse1 := generateMultiDeleteResponse ( requestList [ 1 ] . Quiet , deletedObjects , nil )
2016-11-16 09:46:09 -08:00
encodedSuccessResponse1 := encodeResponse ( successResponse1 )
// generate multi objects delete response for errors.
// errorRequest := encodeResponse(requestList[1])
2020-06-12 20:04:01 -07:00
errorResponse := generateMultiDeleteResponse ( requestList [ 1 ] . Quiet , deletedObjects , nil )
2016-11-16 09:46:09 -08:00
encodedErrorResponse := encodeResponse ( errorResponse )
2017-08-16 05:49:31 +10:00
anonRequest := encodeResponse ( requestList [ 0 ] )
anonResponse := generateMultiDeleteResponse ( requestList [ 0 ] . Quiet , nil , getDeleteErrorList ( requestList [ 0 ] . Objects ) )
encodedAnonResponse := encodeResponse ( anonResponse )
2021-11-24 19:01:07 +01:00
anonRequestWithPartialPublicAccess := encodeResponse ( requestList [ 2 ] )
anonResponseWithPartialPublicAccess := generateMultiDeleteResponse ( requestList [ 2 ] . Quiet ,
[ ] DeletedObject {
{ ObjectName : "public/object" } ,
} ,
[ ] DeleteError {
{
Code : errorCodes [ ErrAccessDenied ] . Code ,
Message : errorCodes [ ErrAccessDenied ] . Description ,
Key : "private/object" ,
} ,
} )
encodedAnonResponseWithPartialPublicAccess := encodeResponse ( anonResponseWithPartialPublicAccess )
2016-11-16 09:46:09 -08:00
testCases := [ ] struct {
bucket string
objects [ ] byte
accessKey string
secretKey string
expectedContent [ ] byte
expectedRespStatus int
} {
2023-01-20 16:46:06 +01:00
// Test case - 0.
2016-11-16 09:46:09 -08:00
// Delete objects with invalid access key.
2023-01-20 16:46:06 +01:00
0 : {
2016-11-16 09:46:09 -08:00
bucket : bucketName ,
objects : successRequest0 ,
accessKey : "Invalid-AccessID" ,
2016-12-26 23:51:23 +05:30
secretKey : credentials . SecretKey ,
2016-11-16 09:46:09 -08:00
expectedContent : nil ,
expectedRespStatus : http . StatusForbidden ,
} ,
2023-01-20 16:46:06 +01:00
// Test case - 1.
2016-11-16 09:46:09 -08:00
// Delete valid objects with quiet flag off.
2023-01-20 16:46:06 +01:00
1 : {
bucket : bucketName ,
objects : successRequest0 ,
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
expectedContent : encodedSuccessResponse0 ,
expectedRespStatus : http . StatusOK ,
} ,
// Test case - 2.
// Delete deleted objects with quiet flag off.
2 : {
2016-11-16 09:46:09 -08:00
bucket : bucketName ,
objects : successRequest0 ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-11-16 09:46:09 -08:00
expectedContent : encodedSuccessResponse0 ,
expectedRespStatus : http . StatusOK ,
} ,
// Test case - 3.
// Delete valid objects with quiet flag on.
2023-01-20 16:46:06 +01:00
3 : {
2016-11-16 09:46:09 -08:00
bucket : bucketName ,
objects : successRequest1 ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-11-16 09:46:09 -08:00
expectedContent : encodedSuccessResponse1 ,
expectedRespStatus : http . StatusOK ,
} ,
// Test case - 4.
// Delete previously deleted objects.
2023-01-20 16:46:06 +01:00
4 : {
2016-11-16 09:46:09 -08:00
bucket : bucketName ,
objects : successRequest1 ,
2016-12-26 23:51:23 +05:30
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
2016-11-16 09:46:09 -08:00
expectedContent : encodedErrorResponse ,
expectedRespStatus : http . StatusOK ,
} ,
2017-08-16 05:49:31 +10:00
// Test case - 5.
// Anonymous user access denied response
2019-04-09 11:39:42 -07:00
// Currently anonymous users cannot delete multiple objects in MinIO server
2023-01-20 16:46:06 +01:00
5 : {
2017-08-16 05:49:31 +10:00
bucket : bucketName ,
objects : anonRequest ,
accessKey : "" ,
secretKey : "" ,
expectedContent : encodedAnonResponse ,
expectedRespStatus : http . StatusOK ,
} ,
2021-11-24 19:01:07 +01:00
// Test case - 6.
// Anonymous user has access to some public folder, issue removing with
// another private object as well
2023-01-20 16:46:06 +01:00
6 : {
2021-11-24 19:01:07 +01:00
bucket : bucketName ,
objects : anonRequestWithPartialPublicAccess ,
accessKey : "" ,
secretKey : "" ,
expectedContent : encodedAnonResponseWithPartialPublicAccess ,
expectedRespStatus : http . StatusOK ,
} ,
2024-02-12 08:46:46 -08:00
// Test case - 7.
// Bucket does not exist.
7 : {
bucket : "unknown-bucket-name" ,
objects : successRequest0 ,
accessKey : credentials . AccessKey ,
secretKey : credentials . SecretKey ,
expectedRespStatus : http . StatusNotFound ,
} ,
2016-11-16 09:46:09 -08:00
}
for i , testCase := range testCases {
var req * http . Request
var actualContent [ ] byte
2017-08-16 05:49:31 +10:00
// Generate a signed or anonymous request based on the testCase
if testCase . accessKey != "" {
2024-02-12 08:46:46 -08:00
req , err = newTestSignedRequestV4 ( http . MethodPost , getDeleteMultipleObjectsURL ( "" , testCase . bucket ) ,
2018-09-20 19:22:09 -07:00
int64 ( len ( testCase . objects ) ) , bytes . NewReader ( testCase . objects ) , testCase . accessKey , testCase . secretKey , nil )
2017-08-16 05:49:31 +10:00
} else {
2024-02-12 08:46:46 -08:00
req , err = newTestRequest ( http . MethodPost , getDeleteMultipleObjectsURL ( "" , testCase . bucket ) ,
2017-08-16 05:49:31 +10:00
int64 ( len ( testCase . objects ) ) , bytes . NewReader ( testCase . objects ) )
}
2016-11-16 09:46:09 -08:00
if err != nil {
t . Fatalf ( "Failed to create HTTP request for DeleteMultipleObjects: <ERROR> %v" , err )
}
rec := httptest . NewRecorder ( )
// Since `apiRouter` satisfies `http.Handler` it has a ServeHTTP to execute the logic of the handler.
// Call the ServeHTTP to executes the registered handler.
apiRouter . ServeHTTP ( rec , req )
// Assert the response code with the expected status.
if rec . Code != testCase . expectedRespStatus {
2023-01-20 16:46:06 +01:00
t . Errorf ( "Test %d: MinIO %s: Expected the response status to be `%d`, but instead found `%d`" , i , instanceType , testCase . expectedRespStatus , rec . Code )
2016-11-16 09:46:09 -08:00
}
// read the response body.
2022-09-19 20:05:16 +02:00
actualContent , err = io . ReadAll ( rec . Body )
2016-11-16 09:46:09 -08:00
if err != nil {
2023-01-20 16:46:06 +01:00
t . Fatalf ( "Test %d : MinIO %s: Failed parsing response body: <ERROR> %v" , i , instanceType , err )
2016-11-16 09:46:09 -08:00
}
// Verify whether the bucket obtained object is same as the one created.
if testCase . expectedContent != nil && ! bytes . Equal ( testCase . expectedContent , actualContent ) {
2020-10-28 09:18:35 -07:00
t . Log ( string ( testCase . expectedContent ) , string ( actualContent ) )
2023-01-20 16:46:06 +01:00
t . Errorf ( "Test %d : MinIO %s: Object content differs from expected value." , i , instanceType )
2016-11-16 09:46:09 -08:00
}
}
// HTTP request to test the case of `objectLayer` being set to `nil`.
// There is no need to use an existing bucket or valid input for creating the request,
// since the `objectLayer==nil` check is performed before any other checks inside the handlers.
// The only aim is to generate an HTTP request in a way that the relevant/registered end point is evoked/called.
// Indicating that all parts are uploaded and initiating completeMultipartUpload.
nilBucket := "dummy-bucket"
nilObject := ""
2020-07-20 12:52:49 -07:00
nilReq , err := newTestSignedRequestV4 ( http . MethodPost , getDeleteMultipleObjectsURL ( "" , nilBucket ) , 0 , nil , "" , "" , nil )
2016-11-16 09:46:09 -08:00
if err != nil {
2019-04-09 11:39:42 -07:00
t . Errorf ( "MinIO %s: Failed to create HTTP request for testing the response when object Layer is set to `nil`." , instanceType )
2016-11-16 09:46:09 -08:00
}
// execute the object layer set to `nil` test.
// `ExecObjectLayerAPINilTest` manages the operation.
ExecObjectLayerAPINilTest ( t , nilBucket , nilObject , instanceType , apiRouter , nilReq )
}