Skip to content

CLDSRV-761: Add tests for bucketDeleteRateLimit #5999

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: improvement/CLDSRV-759/GetBucketRateLimit
Choose a base branch
from
Open

CLDSRV-761: Add tests for bucketDeleteRateLimit #5999

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
65 changes: 65 additions & 0 deletions tests/functional/aws-node-sdk/test/bucket/deleteBucketRateLimit.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
const AWS = require('aws-sdk');
const S3 = AWS.S3;
const assert = require('assert');
const getConfig = require('../support/config');
const { sendRateLimitRequest, skipIfRateLimitDisabled } = require('../rateLimit/tooling');

const bucket = 'deleteratelimitestbucket';
const nonExistentBucket = 'deleteratelimitestnonexistentbucket';

skipIfRateLimitDisabled('Test delete bucket rate limit', () => {
let s3;

before(() => {
const config = getConfig('lisa', { signatureVersion: 'v4' });
s3 = new S3(config);
AWS.config.update(config);
});

beforeEach(done => s3.createBucket({ Bucket: bucket }, done));

afterEach(done => s3.deleteBucket({ Bucket: bucket }, done));

it('should delete the bucket rate limit config', async () => {
try {
// First set a rate limit config
const rateLimitConfig = { RequestsPerSecond: 150 };
await sendRateLimitRequest('PUT', '127.0.0.1:8000',
`/${bucket}/?rate-limit`, JSON.stringify(rateLimitConfig));

// Then delete it
await sendRateLimitRequest('DELETE', '127.0.0.1:8000',
`/${bucket}/?rate-limit`);

// Verify it's deleted
try {
await sendRateLimitRequest('GET', '127.0.0.1:8000',
`/${bucket}/?rate-limit`);
assert.fail('Expected NoSuchRateLimitConfig error');
} catch (err) {
assert.strictEqual(err.Error.Code[0], 'NoSuchRateLimitConfig');
}
} catch (err) {
assert.ifError(err);
}
});

it('should not return an error even if no rate limit config exists', async () => {
try {
await sendRateLimitRequest('DELETE', '127.0.0.1:8000',
`/${bucket}/?rate-limit`);
assert.ok(true);
} catch (err) {
assert.ifError(err);
}
});

it('should return NoSuchBucket error when bucket does not exist', async () => {
try {
await sendRateLimitRequest('DELETE', '127.0.0.1:8000',
`/${nonExistentBucket}/?rate-limit`);
} catch (err) {
assert.strictEqual(err.Error.Code[0], 'NoSuchBucket');
}
});
});
172 changes: 172 additions & 0 deletions tests/unit/api/bucketDeleteRateLimit.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,172 @@
const assert = require('assert');
const sinon = require('sinon');
const { bucketPut } = require('../../../lib/api/bucketPut');
const { cleanup, DummyRequestLogger, makeAuthInfo } = require('../helpers');
const bucketDeleteRateLimit = require('../../../lib/api/bucketDeleteRateLimit');
const bucketPutRateLimit = require('../../../lib/api/bucketPutRateLimit');
const bucketGetRateLimit = require('../../../lib/api/bucketGetRateLimit');
const { config } = require('../../../lib/Config');
const AuthInfo = require('arsenal').auth.AuthInfo;
const metadata = require('../../../lib/metadata/wrapper');

const log = new DummyRequestLogger();
const bucketName = 'bucketname';
const serviceUserArn = 'arn:aws:iam::123456789012:user/rate-limit-service';

const rateLimitServiceAuthInfo = new AuthInfo({
canonicalID: '79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be',
shortid: '123456789012',
email: '[email protected]',
accountDisplayName: 'rateLimitServiceDisplayName',
arn: serviceUserArn,
});

const regularAuthInfo = makeAuthInfo('accessKey1');

const bucketPutReq = {
bucketName,
headers: {
host: `${bucketName}.s3.amazonaws.com`,
},
url: '/',
actionImplicitDenies: false,
};

function getRateLimitDeleteRequest(bucketName) {
return {
bucketName,
headers: {
host: `${bucketName}.s3.amazonaws.com`,
origin: 'http://example.com',
},
url: '/?rate-limit',
method: 'DELETE',
actionImplicitDenies: false,
};
}

function getRateLimitPutRequest(bucketName, configJson) {
return {
bucketName,
headers: {
host: `${bucketName}.s3.amazonaws.com`,
},
url: '/?rate-limit',
method: 'PUT',
post: JSON.stringify(configJson),
actionImplicitDenies: false,
};
}

describe('bucketDeleteRateLimit API', () => {
let sandbox;

beforeEach(() => {
sandbox = sinon.createSandbox();
sandbox.stub(config, 'rateLimiting').value({
serviceUserArn,
});
});

afterEach(() => {
sandbox.restore();
cleanup();
});

it('should return AccessDenied error if user is not a rate limit service user', done => {
bucketPut(regularAuthInfo, bucketPutReq, log, err => {
assert.ifError(err);
const deleteRequest = getRateLimitDeleteRequest(bucketName);
bucketDeleteRateLimit(regularAuthInfo, deleteRequest, log, err => {
assert.strictEqual(err.is.AccessDenied, true);
done();
});
});
});

it('should return NoSuchBucket error if bucket does not exist', done => {
const deleteRequest = getRateLimitDeleteRequest('nonexistent-bucket');
bucketDeleteRateLimit(rateLimitServiceAuthInfo, deleteRequest, log, err => {
assert(err, 'should return an error');
assert.strictEqual(err.is.NoSuchBucket, true);
done();
});
});

it('should not return an error even if no rate limit config exists', done => {
bucketPut(regularAuthInfo, bucketPutReq, log, err => {
assert.ifError(err);
const deleteRequest = getRateLimitDeleteRequest(bucketName);
bucketDeleteRateLimit(rateLimitServiceAuthInfo, deleteRequest, log, err => {
assert.ifError(err);
done();
});
});
});
});

describe('bucketDeleteRateLimit API with existing rate limit config', () => {
let sandbox;

beforeEach(() => {
sandbox = sinon.createSandbox();
sandbox.stub(config, 'rateLimiting').value({
serviceUserArn,
});
});

afterEach(() => {
sandbox.restore();
cleanup();
});

it('should delete bucket rate limit configuration', done => {
bucketPut(regularAuthInfo, bucketPutReq, log, err => {
assert.ifError(err);
const rateLimitConfig = { RequestsPerSecond: 100 };
const putRequest = getRateLimitPutRequest(bucketName, rateLimitConfig);
bucketPutRateLimit(rateLimitServiceAuthInfo, putRequest, log, err => {
assert.ifError(err);
const deleteRequest = getRateLimitDeleteRequest(bucketName);
bucketDeleteRateLimit(rateLimitServiceAuthInfo, deleteRequest, log, err => {
assert.ifError(err);
return metadata.getBucket(bucketName, log, (err, bucket) => {
assert.ifError(err);
const bucketRateLimitConfig = bucket.getRateLimitConfiguration();
assert.strictEqual(bucketRateLimitConfig, undefined);
done();
});
});
});
});
});

it('should delete rate limit configuration and verify via bucketGetRateLimit', done => {
bucketPut(regularAuthInfo, bucketPutReq, log, err => {
assert.ifError(err);
const rateLimitConfig = { RequestsPerSecond: 150 };
const putRequest = getRateLimitPutRequest(bucketName, rateLimitConfig);
bucketPutRateLimit(rateLimitServiceAuthInfo, putRequest, log, err => {
assert.ifError(err);
const deleteRequest = getRateLimitDeleteRequest(bucketName);
bucketDeleteRateLimit(rateLimitServiceAuthInfo, deleteRequest, log, err => {
assert.ifError(err);
const getRequest = {
bucketName,
headers: {
host: `${bucketName}.s3.amazonaws.com`,
},
url: '/?rate-limit',
method: 'GET',
actionImplicitDenies: false,
};
bucketGetRateLimit(rateLimitServiceAuthInfo, getRequest, log, err => {
assert(err, 'should return an error');
assert.strictEqual(err.is.NoSuchRateLimitConfig, true);
done();
});
});
});
});
});
});
Loading