123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176 |
- // Copyright 2016 The etcd Authors
- //
- // Licensed under the Apache License, Version 2.0 (the "License");
- // you may not use this file except in compliance with the License.
- // You may obtain a copy of the License at
- //
- // http://www.apache.org/licenses/LICENSE-2.0
- //
- // Unless required by applicable law or agreed to in writing, software
- // distributed under the License is distributed on an "AS IS" BASIS,
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- // See the License for the specific language governing permissions and
- // limitations under the License.
- package e2e
- import (
- "fmt"
- "math/rand"
- "strings"
- "testing"
- "github.com/coreos/etcd/pkg/testutil"
- )
- func TestV2CurlNoTLS(t *testing.T) { testCurlPutGet(t, &configNoTLS) }
- func TestV2CurlAutoTLS(t *testing.T) { testCurlPutGet(t, &configAutoTLS) }
- func TestV2CurlAllTLS(t *testing.T) { testCurlPutGet(t, &configTLS) }
- func TestV2CurlPeerTLS(t *testing.T) { testCurlPutGet(t, &configPeerTLS) }
- func TestV2CurlClientTLS(t *testing.T) { testCurlPutGet(t, &configClientTLS) }
- func TestV2CurlProxyNoTLS(t *testing.T) { testCurlPutGet(t, &configWithProxy) }
- func TestV2CurlProxyTLS(t *testing.T) { testCurlPutGet(t, &configWithProxyTLS) }
- func TestV2CurlProxyPeerTLS(t *testing.T) { testCurlPutGet(t, &configWithProxyPeerTLS) }
- func TestV2CurlClientBoth(t *testing.T) { testCurlPutGet(t, &configClientBoth) }
- func testCurlPutGet(t *testing.T, cfg *etcdProcessClusterConfig) {
- defer testutil.AfterTest(t)
- // test doesn't use quorum gets, so ensure there are no followers to avoid
- // stale reads that will break the test
- cfg = configStandalone(*cfg)
- epc, err := newEtcdProcessCluster(cfg)
- if err != nil {
- t.Fatalf("could not start etcd process cluster (%v)", err)
- }
- defer func() {
- if err := epc.Close(); err != nil {
- t.Fatalf("error closing etcd processes (%v)", err)
- }
- }()
- var (
- expectPut = `{"action":"set","node":{"key":"/foo","value":"bar","`
- expectGet = `{"action":"get","node":{"key":"/foo","value":"bar","`
- )
- if err := cURLPut(epc, cURLReq{endpoint: "/v2/keys/foo", value: "bar", expected: expectPut}); err != nil {
- t.Fatalf("failed put with curl (%v)", err)
- }
- if err := cURLGet(epc, cURLReq{endpoint: "/v2/keys/foo", expected: expectGet}); err != nil {
- t.Fatalf("failed get with curl (%v)", err)
- }
- if cfg.clientTLS == clientTLSAndNonTLS {
- if err := cURLGet(epc, cURLReq{endpoint: "/v2/keys/foo", expected: expectGet, isTLS: true}); err != nil {
- t.Fatalf("failed get with curl (%v)", err)
- }
- }
- }
- func TestV2CurlIssue5182(t *testing.T) {
- defer testutil.AfterTest(t)
- epc := setupEtcdctlTest(t, &configNoTLS, false)
- defer func() {
- if err := epc.Close(); err != nil {
- t.Fatalf("error closing etcd processes (%v)", err)
- }
- }()
- expectPut := `{"action":"set","node":{"key":"/foo","value":"bar","`
- if err := cURLPut(epc, cURLReq{endpoint: "/v2/keys/foo", value: "bar", expected: expectPut}); err != nil {
- t.Fatal(err)
- }
- expectUserAdd := `{"user":"foo","roles":null}`
- if err := cURLPut(epc, cURLReq{endpoint: "/v2/auth/users/foo", value: `{"user":"foo", "password":"pass"}`, expected: expectUserAdd}); err != nil {
- t.Fatal(err)
- }
- expectRoleAdd := `{"role":"foo","permissions":{"kv":{"read":["/foo/*"],"write":null}}`
- if err := cURLPut(epc, cURLReq{endpoint: "/v2/auth/roles/foo", value: `{"role":"foo", "permissions": {"kv": {"read": ["/foo/*"]}}}`, expected: expectRoleAdd}); err != nil {
- t.Fatal(err)
- }
- expectUserUpdate := `{"user":"foo","roles":["foo"]}`
- if err := cURLPut(epc, cURLReq{endpoint: "/v2/auth/users/foo", value: `{"user": "foo", "grant": ["foo"]}`, expected: expectUserUpdate}); err != nil {
- t.Fatal(err)
- }
- if err := etcdctlUserAdd(epc, "root", "a"); err != nil {
- t.Fatal(err)
- }
- if err := etcdctlAuthEnable(epc); err != nil {
- t.Fatal(err)
- }
- if err := cURLGet(epc, cURLReq{endpoint: "/v2/keys/foo/", username: "root", password: "a", expected: "bar"}); err != nil {
- t.Fatal(err)
- }
- if err := cURLGet(epc, cURLReq{endpoint: "/v2/keys/foo/", username: "foo", password: "pass", expected: "bar"}); err != nil {
- t.Fatal(err)
- }
- if err := cURLGet(epc, cURLReq{endpoint: "/v2/keys/foo/", username: "foo", password: "", expected: "bar"}); err != nil {
- if !strings.Contains(err.Error(), `The request requires user authentication`) {
- t.Fatalf("expected 'The request requires user authentication' error, got %v", err)
- }
- } else {
- t.Fatalf("expected 'The request requires user authentication' error")
- }
- }
- type cURLReq struct {
- username string
- password string
- isTLS bool
- endpoint string
- value string
- expected string
- }
- // cURLPrefixArgs builds the beginning of a curl command for a given key
- // addressed to a random URL in the given cluster.
- func cURLPrefixArgs(clus *etcdProcessCluster, method string, req cURLReq) []string {
- var (
- cmdArgs = []string{"curl"}
- acurl = clus.procs[rand.Intn(clus.cfg.clusterSize)].cfg.acurl
- )
- if req.isTLS {
- if clus.cfg.clientTLS != clientTLSAndNonTLS {
- panic("should not use cURLPrefixArgsUseTLS when serving only TLS or non-TLS")
- }
- cmdArgs = append(cmdArgs, "--cacert", caPath, "--cert", certPath, "--key", privateKeyPath)
- acurl = clus.procs[rand.Intn(clus.cfg.clusterSize)].cfg.acurltls
- } else if clus.cfg.clientTLS == clientTLS {
- cmdArgs = append(cmdArgs, "--cacert", caPath, "--cert", certPath, "--key", privateKeyPath)
- }
- ep := acurl + req.endpoint
- if req.username != "" || req.password != "" {
- cmdArgs = append(cmdArgs, "-L", "-u", fmt.Sprintf("%s:%s", req.username, req.password), ep)
- } else {
- cmdArgs = append(cmdArgs, "-L", ep)
- }
- switch method {
- case "POST", "PUT":
- dt := req.value
- if !strings.HasPrefix(dt, "{") { // for non-JSON value
- dt = "value=" + dt
- }
- cmdArgs = append(cmdArgs, "-X", method, "-d", dt)
- }
- return cmdArgs
- }
- func cURLPost(clus *etcdProcessCluster, req cURLReq) error {
- return spawnWithExpect(cURLPrefixArgs(clus, "POST", req), req.expected)
- }
- func cURLPut(clus *etcdProcessCluster, req cURLReq) error {
- return spawnWithExpect(cURLPrefixArgs(clus, "PUT", req), req.expected)
- }
- func cURLGet(clus *etcdProcessCluster, req cURLReq) error {
- return spawnWithExpect(cURLPrefixArgs(clus, "GET", req), req.expected)
- }
|