Gargi-jais11 commented on code in PR #9457:
URL: https://github.com/apache/ozone/pull/9457#discussion_r2626430995
##########
hadoop-ozone/integration-test-s3/src/test/java/org/apache/hadoop/ozone/s3/awssdk/v1/AbstractS3SDKV1Tests.java:
##########
@@ -1384,6 +1387,86 @@ public void testPresignedUrlDelete() throws IOException {
}
}
+ @Nested
+ @TestInstance(TestInstance.Lifecycle.PER_CLASS)
+ static class BucketOwnershipLinkBucketTests {
+ private String nonS3VolumeName;
+ private String linkBucketName;
+ private String sourceBucketName;
+ private String danglingSourceBucketName;
+ private String danglingLinkBucketName;
+ private OzoneVolume nonS3Volume;
+ private OzoneVolume s3Volume;
+
+ @BeforeAll
+ public void setup() throws Exception {
+ nonS3VolumeName = randomName("link-vol");
+ linkBucketName = randomName("link-bucket");
+ sourceBucketName = randomName("source");
+ danglingSourceBucketName = randomName("link-source");
+ danglingLinkBucketName = randomName("link-bucket-dangling");
+ try (OzoneClient ozoneClient = cluster.newClient()) {
+ ObjectStore store = ozoneClient.getObjectStore();
+ store.createVolume(nonS3VolumeName);
+ nonS3Volume = store.getVolume(nonS3VolumeName);
+ s3Volume = store.getS3Volume();
+ }
+ }
+
+ @Test
+ public void setBucketVerificationOnLinkBucket() throws Exception {
+ nonS3Volume.createBucket(sourceBucketName);
+ BucketArgs.Builder bb = new BucketArgs.Builder()
+ .setStorageType(StorageType.DEFAULT)
+ .setVersioning(false)
+ .setSourceVolume(nonS3VolumeName)
+ .setSourceBucket(sourceBucketName);
+ s3Volume.createBucket(linkBucketName, bb.build());
+
+ GetBucketAclRequest wrongRequest = new
GetBucketAclRequest(linkBucketName)
+ .withExpectedBucketOwner("wrong-owner");
+ AmazonServiceException wrongOwner =
assertThrows(AmazonServiceException.class,
+ () -> s3Client.getBucketAcl(wrongRequest));
+ assertEquals(403, wrongOwner.getStatusCode());
+ assertEquals("AccessDenied", wrongOwner.getErrorCode());
+
+ Owner owner = s3Client.getBucketAcl(linkBucketName).getOwner();
+ GetBucketAclRequest correctRequest = new
GetBucketAclRequest(linkBucketName)
+ .withExpectedBucketOwner(owner.getDisplayName());
+ assertDoesNotThrow(() -> s3Client.getBucketAcl(correctRequest));
+ }
+
+ @Test
+ public void testDanglingBucket() throws Exception {
+ nonS3Volume.createBucket(danglingSourceBucketName);
+ BucketArgs.Builder bb = new BucketArgs.Builder()
+ .setStorageType(StorageType.DEFAULT)
+ .setVersioning(false)
+ .setSourceVolume(nonS3VolumeName)
+ .setSourceBucket(danglingSourceBucketName);
+ s3Volume.createBucket(danglingLinkBucketName, bb.build());
+
+ nonS3Volume.deleteBucket(danglingSourceBucketName);
+
+ GetBucketAclRequest wrongRequest = new
GetBucketAclRequest(danglingLinkBucketName)
+ .withExpectedBucketOwner("wrong-owner");
+ AmazonServiceException wrongOwner =
assertThrows(AmazonServiceException.class,
+ () -> s3Client.getBucketAcl(wrongRequest));
+ assertEquals(403, wrongOwner.getStatusCode());
Review Comment:
use `HttpURLConnection.HTTP_FORBIDDEN`
##########
hadoop-ozone/integration-test-s3/src/test/java/org/apache/hadoop/ozone/s3/awssdk/v2/AbstractS3SDKV2Tests.java:
##########
@@ -383,6 +387,215 @@ public void testCopyObject() {
assertEquals("\"37b51d194a7513e45b56f6524f2d51f2\"",
copyObjectResponse.copyObjectResult().eTag());
}
+ @Test
+ public void testPutAndGetObjectTagging() {
+ final String bucketName = getBucketName();
+ final String keyName = getKeyName();
+ final String content = "test content";
+ s3Client.createBucket(b -> b.bucket(bucketName));
+
+ s3Client.putObject(b -> b
+ .bucket(bucketName)
+ .key(keyName),
+ RequestBody.fromString(content));
+
+ List<Tag> tags = Arrays.asList(
+ Tag.builder().key("env").value("test").build(),
+ Tag.builder().key("project").value("ozone").build()
+ );
+
+ s3Client.putObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName)
+ .tagging(Tagging.builder().tagSet(tags).build()));
+
+ GetObjectTaggingResponse getResponse = s3Client.getObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName));
+
+ assertEquals(tags.size(), getResponse.tagSet().size());
+ Map<String, String> tagMap = getResponse.tagSet().stream()
+ .collect(Collectors.toMap(Tag::key, Tag::value));
+ assertEquals("test", tagMap.get("env"));
+ assertEquals("ozone", tagMap.get("project"));
+ }
+
+ @Test
+ public void testDeleteObjectTagging() {
+ final String bucketName = getBucketName();
+ final String keyName = getKeyName();
+ final String content = "test content";
+ s3Client.createBucket(b -> b.bucket(bucketName));
+
+ s3Client.putObject(b -> b
+ .bucket(bucketName)
+ .key(keyName),
+ RequestBody.fromString(content));
+
+ List<Tag> tags = Arrays.asList(
+ Tag.builder().key("temp").value("data").build()
+ );
+
+ s3Client.putObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName)
+ .tagging(Tagging.builder().tagSet(tags).build()));
+
+ GetObjectTaggingResponse beforeDelete = s3Client.getObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName));
+ assertEquals(1, beforeDelete.tagSet().size());
+
+ s3Client.deleteObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName));
+
+ GetObjectTaggingResponse afterDelete = s3Client.getObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName));
+ assertTrue(afterDelete.tagSet().isEmpty());
+ }
+
+ @Test
+ public void testPutObjectTaggingExceedsLimit() {
+ final String bucketName = getBucketName();
+ final String keyName = getKeyName();
+ s3Client.createBucket(b -> b.bucket(bucketName));
+ s3Client.putObject(b -> b.bucket(bucketName).key(keyName),
+ RequestBody.fromString("content"));
+
+ List<Tag> tags = new ArrayList<>();
+ for (int i = 1; i <= 11; i++) {
+ tags.add(Tag.builder().key("key" + i).value("value" + i).build());
+ }
+
+ S3Exception exception = assertThrows(S3Exception.class, () ->
+ s3Client.putObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName)
+ .tagging(Tagging.builder().tagSet(tags).build())));
+ assertEquals(HttpURLConnection.HTTP_BAD_REQUEST, exception.statusCode());
+ }
+
+ @Test
+ public void testPutObjectTaggingReplacesExistingTags() {
+ final String bucketName = getBucketName();
+ final String keyName = getKeyName();
+ s3Client.createBucket(b -> b.bucket(bucketName));
+ s3Client.putObject(b -> b.bucket(bucketName).key(keyName),
+ RequestBody.fromString("content"));
+
+ List<Tag> initialTags = Arrays.asList(
+ Tag.builder().key("tag1").value("value1").build(),
+ Tag.builder().key("tag2").value("value2").build()
+ );
+ s3Client.putObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName)
+ .tagging(Tagging.builder().tagSet(initialTags).build()));
+
+ List<Tag> replacementTags = Arrays.asList(
+ Tag.builder().key("tag3").value("value3").build()
+ );
+ s3Client.putObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName)
+ .tagging(Tagging.builder().tagSet(replacementTags).build()));
+
+ GetObjectTaggingResponse response = s3Client.getObjectTagging(b -> b
+ .bucket(bucketName)
+ .key(keyName));
+ assertEquals(1, response.tagSet().size());
+ Map<String, String> tagMap = response.tagSet().stream()
+ .collect(Collectors.toMap(Tag::key, Tag::value));
+ assertEquals("value3", tagMap.get("tag3"));
+ assertFalse(tagMap.containsKey("tag1"));
+ assertFalse(tagMap.containsKey("tag2"));
+ }
+
+ private static String repeatChar(char c, int count) {
+ StringBuilder sb = new StringBuilder(count);
+ for (int i = 0; i < count; i++) {
+ sb.append(c);
+ }
+ return sb.toString();
+ }
+
+ private static Stream<Arguments> invalidTagConstraintsProvider() {
+ return Stream.of(
+ Arguments.of(
+ Arrays.asList(Tag.builder().key(repeatChar('a',
129)).value("value").build()),
+ 400
+ ),
+ Arguments.of(
+ Arrays.asList(Tag.builder().key("valid-key").value(repeatChar('b',
257)).build()),
+ 400
+ ),
+ Arguments.of(
+
Arrays.asList(Tag.builder().key("t$ag@#invalid").value("value").build()),
+ 400
+ ),
+ Arguments.of(
+
Arrays.asList(Tag.builder().key("aws:test").value("value").build()),
+ 400
Review Comment:
Use `HTTP_BAD_REQUEST` in this Parameterised test.
##########
hadoop-ozone/integration-test-s3/src/test/java/org/apache/hadoop/ozone/s3/awssdk/v1/AbstractS3SDKV1Tests.java:
##########
@@ -1384,6 +1387,86 @@ public void testPresignedUrlDelete() throws IOException {
}
}
+ @Nested
+ @TestInstance(TestInstance.Lifecycle.PER_CLASS)
+ static class BucketOwnershipLinkBucketTests {
+ private String nonS3VolumeName;
+ private String linkBucketName;
+ private String sourceBucketName;
+ private String danglingSourceBucketName;
+ private String danglingLinkBucketName;
+ private OzoneVolume nonS3Volume;
+ private OzoneVolume s3Volume;
+
+ @BeforeAll
+ public void setup() throws Exception {
+ nonS3VolumeName = randomName("link-vol");
+ linkBucketName = randomName("link-bucket");
+ sourceBucketName = randomName("source");
+ danglingSourceBucketName = randomName("link-source");
+ danglingLinkBucketName = randomName("link-bucket-dangling");
+ try (OzoneClient ozoneClient = cluster.newClient()) {
+ ObjectStore store = ozoneClient.getObjectStore();
+ store.createVolume(nonS3VolumeName);
+ nonS3Volume = store.getVolume(nonS3VolumeName);
+ s3Volume = store.getS3Volume();
+ }
+ }
+
+ @Test
+ public void setBucketVerificationOnLinkBucket() throws Exception {
+ nonS3Volume.createBucket(sourceBucketName);
+ BucketArgs.Builder bb = new BucketArgs.Builder()
+ .setStorageType(StorageType.DEFAULT)
+ .setVersioning(false)
+ .setSourceVolume(nonS3VolumeName)
+ .setSourceBucket(sourceBucketName);
+ s3Volume.createBucket(linkBucketName, bb.build());
+
+ GetBucketAclRequest wrongRequest = new
GetBucketAclRequest(linkBucketName)
+ .withExpectedBucketOwner("wrong-owner");
+ AmazonServiceException wrongOwner =
assertThrows(AmazonServiceException.class,
+ () -> s3Client.getBucketAcl(wrongRequest));
+ assertEquals(403, wrongOwner.getStatusCode());
Review Comment:
Use `HttpURLConnection.HTTP_FORBIDDEN`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
