"Fossies" - the Fresh Open Source Software Archive 
Member "apache-zookeeper-3.8.1/zookeeper-contrib/zookeeper-contrib-zkperl/t/50_access.t" (25 Jan 2023, 11904 Bytes) of package /linux/misc/apache-zookeeper-3.8.1.tar.gz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style:
standard) with prefixed line numbers.
Alternatively you can here
view or
download the uninterpreted source code file.
See also the last
Fossies "Diffs" side-by-side code changes report for "50_access.t":
3.6.2_vs_3.7.0.
1 # Net::ZooKeeper - Perl extension for Apache ZooKeeper
2 #
3 # Licensed to the Apache Software Foundation (ASF) under one
4 # or more contributor license agreements. See the NOTICE file
5 # distributed with this work for additional information
6 # regarding copyright ownership. The ASF licenses this file
7 # to you under the Apache License, Version 2.0 (the
8 # "License"); you may not use this file except in compliance
9 # with the License. You may obtain a copy of the License at
10 #
11 # http://www.apache.org/licenses/LICENSE-2.0
12 #
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
18
19 use File::Spec;
20 use Test::More tests => 40;
21 use Storable qw(dclone);
22
23 BEGIN { use_ok('Net::ZooKeeper', qw(:all)) };
24
25
26 my $test_dir;
27 (undef, $test_dir, undef) = File::Spec->splitpath($0);
28 require File::Spec->catfile($test_dir, 'util.pl');
29
30 my($hosts, $root_path, $node_path) = zk_test_setup(0);
31
32 my($username, $password, $digest) = zk_acl_test_setup();
33
34
35 SKIP: {
36 my $zkh = Net::ZooKeeper->new($hosts);
37
38 my $path = $zkh->create($node_path, 'foo',
39 'acl' => ZOO_OPEN_ACL_UNSAFE) if (defined($zkh));
40
41 skip 'no connection to ZooKeeper', 36 unless
42 (defined($path) and $path eq $node_path);
43
44
45 ## _zk_acl_constant()
46
47 my $no_read_acl = ZOO_OPEN_ACL_UNSAFE;
48 ok((ref($no_read_acl) eq 'ARRAY' and
49 @{$no_read_acl} == 1 and
50 ref($no_read_acl->[0]) eq 'HASH' and
51 keys(%{$no_read_acl->[0]}) == 3 and
52 $no_read_acl->[0]->{'perms'} == ZOO_PERM_ALL),
53 '_zk_acl_constant(): returned default ACL');
54
55 my $zoo_read_acl_unsafe = ZOO_READ_ACL_UNSAFE;
56 ok((ref($zoo_read_acl_unsafe) eq 'ARRAY' and
57 @{$zoo_read_acl_unsafe} == 1 and
58 ref($zoo_read_acl_unsafe->[0]) eq 'HASH' and
59 keys(%{$zoo_read_acl_unsafe->[0]}) == 3 and
60 $zoo_read_acl_unsafe->[0]->{'perms'} == ZOO_PERM_READ),
61 '_zk_acl_constant(): returned good ACL');
62
63 my $zoo_creator_all_acl = ZOO_CREATOR_ALL_ACL;
64 ok((ref($zoo_creator_all_acl) eq 'ARRAY' and
65 @{$zoo_creator_all_acl} == 1 and
66 ref($zoo_creator_all_acl->[0]) eq 'HASH' and
67 keys(%{$zoo_creator_all_acl->[0]}) == 3 and
68 $zoo_creator_all_acl->[0]->{'perms'} == ZOO_PERM_ALL),
69 '_zk_acl_constant(): returned good ACL');
70
71 $no_read_acl->[0]->{'perms'} &= ~ZOO_PERM_READ;
72 is($no_read_acl->[0]->{'perms'}, ((ZOO_PERM_ALL) & ~ZOO_PERM_READ),
73 'assign: altered default ACL');
74
75 is(ZOO_OPEN_ACL_UNSAFE->[0]->{'perms'}, ZOO_PERM_ALL,
76 '_zk_acl_constant(): returned unaltered default ACL');
77
78 my $copy_no_read_acl = $no_read_acl;
79 is_deeply($copy_no_read_acl, $no_read_acl,
80 'assign: copied default ACL');
81
82 undef $no_read_acl;
83 ok(!defined($no_read_acl),
84 'undef: released original default ACL');
85
86 is($copy_no_read_acl->[0]->{'perms'}, ((ZOO_PERM_ALL) & ~ZOO_PERM_READ),
87 'undef: no change to copied default ACL');
88
89 $no_read_acl = $copy_no_read_acl;
90 is_deeply($no_read_acl, $copy_no_read_acl,
91 'assign: re-copied default ACL');
92
93
94 ## create()
95
96 my $acl_node_path = "$node_path/a1";
97
98 $path = $zkh->create($acl_node_path, 'foo', 'acl' => $no_read_acl);
99 is($path, $acl_node_path,
100 'create(): created node with no-read ACL');
101
102 my $node = $zkh->get($acl_node_path);
103
104 my $skip_acl;
105 if (defined($node) and $node eq 'foo') {
106 $skip_acl = 1;
107 }
108 elsif(!defined($node) and $zkh->get_error() == ZNOAUTH) {
109 $skip_acl = 0;
110 }
111 else {
112 $skip_acl = -1;
113 diag(sprintf('unable to get node with no-read ACL %s: %d, %s',
114 $acl_node_path, $zkh->get_error(), $!));
115 }
116
117 my $ret = $zkh->delete($acl_node_path);
118 diag(sprintf('unable to delete node with no-read ACL %s: %d, %s',
119 $acl_node_path, $zkh->get_error(), $!)) unless ($ret);
120
121 my $digest_acl = [
122 {
123 'perms' => ZOO_PERM_READ,
124 'scheme' => 'world',
125 'id' => 'anyone'
126 },
127 {
128 'perms' => (ZOO_PERM_WRITE | ZOO_PERM_ADMIN),
129 'scheme' => 'digest',
130 'id' => "$username:$digest"
131 }
132 ];
133
134 $path = $zkh->create($acl_node_path, 'foo', 'acl' => $digest_acl);
135 is($path, $acl_node_path,
136 'create(): created node with digest auth ACL');
137
138 SKIP: {
139 skip 'ZooKeeper skipping ACLs', 1 unless (!$skip_acl);
140
141 my $acl_node_path = "$node_path/a2";
142
143 my $path = $zkh->create($acl_node_path, 'foo', 'acl' => [
144 {
145 'perms' => ZOO_PERM_WRITE,
146 'scheme' => 'foo',
147 'id' => 'bar'
148 }
149 ]);
150 ok((!defined($path) and $zkh->get_error() == ZINVALIDACL and $! eq ''),
151 'create(): undef when attempting to create node with invalid ACL');
152 }
153
154
155 ## get_acl()
156
157 my @acl = ('abc');
158 @acl = $zkh->get_acl($node_path . '/NONE');
159 ok((@acl == 0 and $zkh->get_error() == ZNONODE and $! eq ''),
160 'get_acl(): empty list returned for non-extant node');
161
162 $num_acl_entries = $zkh->get_acl($node_path . '/NONE');
163 ok((!defined($num_acl_entries) and $zkh->get_error() == ZNONODE and
164 $! eq ''),
165 'get_acl(): undef returned for non-extant node');
166
167 # The test is not running as ADMIN, which means that the server
168 # returns "redacted" ACLs (see ZOOKEEPER-1392 and OpCode.getACL in
169 # FinalRequestProcessor). We must do the same for the comparison
170 # to succeed.
171 my $redacted_digest_acl = dclone($digest_acl);
172 $redacted_digest_acl->[1]->{id} =~ s/:.*/:x/;
173
174 @acl = ('abc');
175 @acl = $zkh->get_acl($acl_node_path);
176 is_deeply(\@acl, $redacted_digest_acl,
177 'get_acl(): retrieved digest ACL');
178
179 my $stat = $zkh->stat();
180
181 @acl = ('abc');
182 @acl = $zkh->get_acl($node_path, 'stat' => $stat);
183 is_deeply(\@acl, ZOO_OPEN_ACL_UNSAFE,
184 'get_acl(): retrieved ACL');
185
186 is($stat->{'data_len'}, 3,
187 'get_acl(): retrieved ACL with stat handle');
188
189 SKIP: {
190 skip 'ZooKeeper not skipping ACLs', 3 unless ($skip_acl > 0);
191
192 my $acl_node_path = "$node_path/a2";
193
194 my $path = $zkh->create($acl_node_path, 'foo', 'acl' => []);
195 is($path, $acl_node_path,
196 'create(): created node with empty ACL');
197
198 my @acl = ('abc');
199 @acl = $zkh->get_acl($acl_node_path);
200 ok((@acl == 0 and $zkh->get_error() == ZOK),
201 'get_acl(): retrieved empty ACL');
202
203 my $num_acl_entries = $zkh->get_acl($acl_node_path);
204 ok((defined($num_acl_entries) and $num_acl_entries == 0),
205 'get_acl(): retrieved zero count of ACL entries');
206
207 my $ret = $zkh->delete($acl_node_path);
208 diag(sprintf('unable to delete node with empty ACL %s: %d, %s',
209 $acl_node_path, $zkh->get_error(), $!)) unless ($ret);
210 }
211
212
213 ## set_acl()
214
215 SKIP: {
216 skip 'ZooKeeper skipping ACLs', 2 unless (!$skip_acl);
217
218 my $ret = $zkh->set_acl($acl_node_path, [
219 {
220 'perms' => ZOO_PERM_CREATE,
221 'scheme' => 'foo',
222 'id' => 'bar'
223 }
224 ]);
225 ok((!$ret and $zkh->get_error() == ZINVALIDACL and $! eq ''),
226 'set_acl(): invalid ACL');
227
228 push @{$digest_acl}, {
229 'perms' => (ZOO_PERM_CREATE | ZOO_PERM_DELETE),
230 'scheme' => 'ip',
231 'id' => '0.0.0.0'
232 };
233
234 $ret = $zkh->set_acl($acl_node_path, $digest_acl);
235 ok((!$ret and $zkh->get_error() == ZNOAUTH and $! eq ''),
236 'set_acl(): ACL unchanged if no auth');
237 }
238
239
240 ## add_auth(), set_acl()
241
242 $ret = $zkh->add_auth('digest', '');
243 ok($ret,
244 'add_auth(): empty digest cert');
245
246 SKIP: {
247 skip 'ZooKeeper skipping ACLs', 1 unless (!$skip_acl);
248
249 my $ret = $zkh->set($acl_node_path, 'foo');
250 ok((!$ret and $zkh->get_error() == ZNOAUTH and $! eq ''),
251 'set(): node value unchanged if no auth');
252 }
253
254 $ret = $zkh->add_auth('digest', "$username:$password");
255 ok($ret,
256 'add_auth(): valid digest cert');
257
258 SKIP: {
259 skip 'ZooKeeper skipping ACLs', 13 unless (!$skip_acl);
260
261 my $ret = $zkh->set($acl_node_path, 'baz');
262 ok($ret,
263 'set(): set node value with auth');
264
265 my $node = $zkh->get($acl_node_path);
266 is($node, 'baz',
267 'get(): retrieved node value with auth');
268
269 $ret = $zkh->set_acl($acl_node_path, $digest_acl);
270 ok($ret,
271 'set_acl(): set digest ACL with auth');
272
273 my $stat = $zkh->stat();
274
275 my @acl = ('abc');
276 @acl = $zkh->get_acl($acl_node_path, 'stat' => $stat);
277 is_deeply(\@acl, $digest_acl,
278 'get_acl(): retrieved digest ACL with auth');
279
280 is($stat->{'data_len'}, 3,
281 'get_acl(): retrieved digest ACL with stat handle and auth');
282
283 SKIP: {
284 skip 'invalid node data', 2 unless ($stat->{'version'} == 1);
285
286 my $ret = $zkh->set_acl($acl_node_path, $digest_acl,
287 'version' => $stat->{'version'});
288 ok($ret,
289 'set_acl(): set digest ACL with matching version with auth');
290
291 $ret = $zkh->set_acl($acl_node_path, $digest_acl,
292 'version' => $stat->{'version'});
293 ok((!$ret and $zkh->get_error() == ZBADVERSION and $! eq ''),
294 'set_acl(): ACL unchanged if non-matching version');
295 }
296
297 my $child_node_path = "$acl_node_path/c1";
298
299 my $path = $zkh->create($child_node_path, 'foo',
300 'acl' => ZOO_OPEN_ACL_UNSAFE);
301 ok((!defined($path) and $zkh->get_error() == ZNOAUTH and $! eq ''),
302 'create(): undef when attempting to create node if no auth');
303
304 $digest_acl->[1]->{'perms'} |= ZOO_PERM_CREATE;
305 $digest_acl->[2]->{'perms'} &= ~ZOO_PERM_CREATE;
306
307 $ret = $zkh->set_acl($acl_node_path, $digest_acl);
308 ok($ret,
309 'set_acl(): set changed digest ACL with auth');
310
311 $path = $zkh->create($child_node_path, 'foo',
312 'acl' => ZOO_OPEN_ACL_UNSAFE);
313 is($path, $child_node_path,
314 'create(): created node with auth');
315
316 $ret = $zkh->delete($child_node_path);
317 ok((!$ret and $zkh->get_error() == ZNOAUTH and $! eq ''),
318 'delete(): no deletion of node if no auth');
319
320 $digest_acl->[1]->{'perms'} |= ZOO_PERM_DELETE;
321 pop @{$digest_acl};
322
323 $ret = $zkh->set_acl($acl_node_path, $digest_acl);
324 ok($ret,
325 'set_acl(): set reduced digest ACL with auth');
326
327 $ret = $zkh->delete($child_node_path);
328 ok($ret,
329 'delete(): deleted node with auth');
330 }
331
332
333 ## cleanup
334
335 $ret = $zkh->delete($acl_node_path);
336 diag(sprintf('unable to delete node with digest auth ACL %s: %d, %s',
337 $acl_node_path, $zkh->get_error(), $!)) unless ($ret);
338
339 $ret = $zkh->delete($node_path);
340 diag(sprintf('unable to delete node %s: %d, %s',
341 $node_path, $zkh->get_error(), $!)) unless ($ret);
342 }
343
344 SKIP: {
345 my $zkh = Net::ZooKeeper->new($hosts);
346
347 my $ret = $zkh->exists($root_path) if (defined($zkh));
348
349 skip 'no connection to ZooKeeper', 1 unless
350 (defined($ret) and $ret);
351
352
353 ## add_auth()
354
355 $ret = $zkh->add_auth('foo', 'bar');
356 my $err = $zkh->get_error();
357 ok((!$ret and
358 ($err == ZAUTHFAILED or
359 $err == ZCONNECTIONLOSS or
360 $err == ZSESSIONEXPIRED)
361 and $! eq ''),
362 'set_acl(): invalid scheme');
363 }
364