Home Explore Help
Register Sign In
publics
/
etcd-io__etcd
0
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
etcd-io__etcd
/
clientv3
/
integration
/
user_test.go

user_test.go 4.2 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154 
  1. // Copyright 2016 The etcd Authors
    2. 

  2. //
    3. 

  3. // Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. // you may not use this file except in compliance with the License.
    5. 

  5. // You may obtain a copy of the License at
    6. 

  6. //
    7. 

  7. //     http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. //
    9. 

  9. // Unless required by applicable law or agreed to in writing, software
    10. 

  10. // distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. // See the License for the specific language governing permissions and
    13. 

  13. // limitations under the License.
    14. 

  14. 

  15. package integration
    16. 

  16. 

  17. import (
    18. 

  18. 	"context"
    19. 

  19. 	"testing"
    20. 

  20. 	"time"
    21. 

  21. 

  22. 	"go.etcd.io/etcd/clientv3"
    23. 

  23. 	"go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes"
    24. 

  24. 	"go.etcd.io/etcd/integration"
    25. 

  25. 	"go.etcd.io/etcd/pkg/testutil"
    26. 

  26. 	"google.golang.org/grpc"
    27. 

  27. )
    28. 

  28. 

  29. func TestUserError(t *testing.T) {
    30. 

  30. 	defer testutil.AfterTest(t)
    31. 

  31. 

  32. 	clus := integration.NewClusterV3(t, &integration.ClusterConfig{Size: 1})
    33. 

  33. 	defer clus.Terminate(t)
    34. 

  34. 

  35. 	authapi := clus.RandClient()
    36. 

  36. 

  37. 	_, err := authapi.UserAdd(context.TODO(), "foo", "bar")
    38. 

  38. 	if err != nil {
    39. 

  39. 		t.Fatal(err)
    40. 

  40. 	}
    41. 

  41. 

  42. 	_, err = authapi.UserAdd(context.TODO(), "foo", "bar")
    43. 

  43. 	if err != rpctypes.ErrUserAlreadyExist {
    44. 

  44. 		t.Fatalf("expected %v, got %v", rpctypes.ErrUserAlreadyExist, err)
    45. 

  45. 	}
    46. 

  46. 

  47. 	_, err = authapi.UserDelete(context.TODO(), "not-exist-user")
    48. 

  48. 	if err != rpctypes.ErrUserNotFound {
    49. 

  49. 		t.Fatalf("expected %v, got %v", rpctypes.ErrUserNotFound, err)
    50. 

  50. 	}
    51. 

  51. 

  52. 	_, err = authapi.UserGrantRole(context.TODO(), "foo", "test-role-does-not-exist")
    53. 

  53. 	if err != rpctypes.ErrRoleNotFound {
    54. 

  54. 		t.Fatalf("expected %v, got %v", rpctypes.ErrRoleNotFound, err)
    55. 

  55. 	}
    56. 

  56. }
    57. 

  57. 

  58. func TestUserErrorAuth(t *testing.T) {
    59. 

  59. 	defer testutil.AfterTest(t)
    60. 

  60. 

  61. 	clus := integration.NewClusterV3(t, &integration.ClusterConfig{Size: 1})
    62. 

  62. 	defer clus.Terminate(t)
    63. 

  63. 

  64. 	authapi := clus.RandClient()
    65. 

  65. 	authSetupRoot(t, authapi.Auth)
    66. 

  66. 

  67. 	// unauthenticated client
    68. 

  68. 	if _, err := authapi.UserAdd(context.TODO(), "foo", "bar"); err != rpctypes.ErrUserNotFound {
    69. 

  69. 		t.Fatalf("expected %v, got %v", rpctypes.ErrUserNotFound, err)
    70. 

  70. 	}
    71. 

  71. 

  72. 	// wrong id or password
    73. 

  73. 	cfg := clientv3.Config{
    74. 

  74. 		Endpoints:   authapi.Endpoints(),
    75. 

  75. 		DialTimeout: 5 * time.Second,
    76. 

  76. 		DialOptions: []grpc.DialOption{grpc.WithBlock()},
    77. 

  77. 	}
    78. 

  78. 	cfg.Username, cfg.Password = "wrong-id", "123"
    79. 

  79. 	if _, err := clientv3.New(cfg); err != rpctypes.ErrAuthFailed {
    80. 

  80. 		t.Fatalf("expected %v, got %v", rpctypes.ErrAuthFailed, err)
    81. 

  81. 	}
    82. 

  82. 	cfg.Username, cfg.Password = "root", "wrong-pass"
    83. 

  83. 	if _, err := clientv3.New(cfg); err != rpctypes.ErrAuthFailed {
    84. 

  84. 		t.Fatalf("expected %v, got %v", rpctypes.ErrAuthFailed, err)
    85. 

  85. 	}
    86. 

  86. 

  87. 	cfg.Username, cfg.Password = "root", "123"
    88. 

  88. 	authed, err := clientv3.New(cfg)
    89. 

  89. 	if err != nil {
    90. 

  90. 		t.Fatal(err)
    91. 

  91. 	}
    92. 

  92. 	defer authed.Close()
    93. 

  93. 

  94. 	if _, err := authed.UserList(context.TODO()); err != nil {
    95. 

  95. 		t.Fatal(err)
    96. 

  96. 	}
    97. 

  97. }
    98. 

  98. 

  99. func authSetupRoot(t *testing.T, auth clientv3.Auth) {
    100. 

  100. 	if _, err := auth.UserAdd(context.TODO(), "root", "123"); err != nil {
    101. 

  101. 		t.Fatal(err)
    102. 

  102. 	}
    103. 

  103. 	if _, err := auth.RoleAdd(context.TODO(), "root"); err != nil {
    104. 

  104. 		t.Fatal(err)
    105. 

  105. 	}
    106. 

  106. 	if _, err := auth.UserGrantRole(context.TODO(), "root", "root"); err != nil {
    107. 

  107. 		t.Fatal(err)
    108. 

  108. 	}
    109. 

  109. 	if _, err := auth.AuthEnable(context.TODO()); err != nil {
    110. 

  110. 		t.Fatal(err)
    111. 

  111. 	}
    112. 

  112. }
    113. 

  113. 

  114. func TestGetTokenWithoutAuth(t *testing.T) {
    115. 

  115. 	defer testutil.AfterTest(t)
    116. 

  116. 

  117. 	clus := integration.NewClusterV3(t, &integration.ClusterConfig{Size: 10})
    118. 

  118. 	defer clus.Terminate(t)
    119. 

  119. 

  120. 	authapi := clus.RandClient()
    121. 

  121. 

  122. 	var err error
    123. 

  123. 	var client *clientv3.Client
    124. 

  124. 

  125. 	// make sure "auth" was disabled
    126. 

  126. 	if _, err = authapi.AuthDisable(context.TODO()); err != nil {
    127. 

  127. 		t.Fatal(err)
    128. 

  128. 	}
    129. 

  129. 

  130. 	// "Username" and "Password" must be used
    131. 

  131. 	cfg := clientv3.Config{
    132. 

  132. 		Endpoints:   authapi.Endpoints(),
    133. 

  133. 		DialTimeout: 1 * time.Second, // make sure all connection time of connect all endpoint must be more DialTimeout
    134. 

  134. 		Username:    "root",
    135. 

  135. 		Password:    "123",
    136. 

  136. 	}
    137. 

  137. 

  138. 	client, err = clientv3.New(cfg)
    139. 

  139. 	if err == nil {
    140. 

  140. 		defer client.Close()
    141. 

  141. 	}
    142. 

  142. 

  143. 	switch err {
    144. 

  144. 	case nil:
    145. 

  145. 		t.Log("passes as expected, but may be connection time less than DialTimeout")
    146. 

  146. 	case context.DeadlineExceeded:
    147. 

  147. 		t.Errorf("not expected result:%v with endpoint:%s", err, authapi.Endpoints())
    148. 

  148. 	case rpctypes.ErrAuthNotEnabled:
    149. 

  149. 		t.Logf("passes as expected:%v", err)
    150. 

  150. 	default:
    151. 

  151. 		t.Errorf("other errors:%v", err)
    152. 

  152. 	}
    153. 

  153. 

  154. }
    155.