c91e2932aa
This patch achieves three interrelated changes 1. an update to the ClientInterface, making it more efficient and consistent with other HTTP libraries. PSR-FIG messages have also been added as separate classes, rather than lumped as one. Guzzle functionality has also been moved to its own namespace; 2. the refactoring of `GuzzleClient` to `GuzzleAdapter`, including relevant changes needed for the interface change (1). We now have ADAPTERS that bridge our interfaces with Guzzle's - making that difference much clearer, extensible, less tightly coupled and less brittle; 3. moving "bad request" error handling into its own dedicated space, based on how the new Adapter functionality (2). Previously the client tried to do all the exception logic - but this is not strictly its responsibility. This logic has been shipped out to a base RequestException which instantiates one of its children exception based on the HTTP status code. Although I have attempted to keep the scope of this patch to a minimum, as granular as possible, because the interface is a core internal API, various other files need to be modified to reflect the change. In terms of the other two changes, these are inextricably linked to the interface change, so cannot be teased out into their own patches. Change-Id: Ibc1b50cec125c11d32ee6e4f0dbb395fcaea864e
216 lines
6.2 KiB
PHP
216 lines
6.2 KiB
PHP
<?php
|
|
/* ============================================================================
|
|
(c) Copyright 2012-2014 Hewlett-Packard Development Company, L.P.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
============================================================================ */
|
|
/**
|
|
* Unit tests for ObjectStorage ACLs.
|
|
*/
|
|
namespace OpenStack\Tests\ObjectStore\v1\Resource;
|
|
|
|
use \OpenStack\ObjectStore\v1\Resource\ACL;
|
|
/**
|
|
* @ingroup Tests
|
|
*/
|
|
class ACLTest extends \OpenStack\Tests\TestCase
|
|
{
|
|
public function testConstructor()
|
|
{
|
|
$acl = new ACL();
|
|
$this->assertEmpty($acl->rules());
|
|
|
|
}
|
|
|
|
public function testAddAccount()
|
|
{
|
|
$acl = new ACL();
|
|
|
|
$acl->addAccount(ACL::READ, 'test');
|
|
|
|
$rules = $acl->rules();
|
|
|
|
$this->assertEquals(1, count($rules));
|
|
|
|
$rule = array_shift($rules);
|
|
|
|
$this->assertEquals(ACL::READ, $rule['mask']);
|
|
$this->assertEquals('test', $rule['account']);
|
|
|
|
// Test with user
|
|
$acl = new ACL();
|
|
$acl->addAccount(ACL::WRITE, 'admin', 'earnie');
|
|
$rules = $acl->rules();
|
|
$rule = array_shift($rules);
|
|
|
|
$this->assertEquals(ACL::WRITE, $rule['mask']);
|
|
$this->assertEquals('admin', $rule['account']);
|
|
$this->assertEquals('earnie', $rule['user']);
|
|
|
|
// Test with multiple users:
|
|
$acl = new ACL();
|
|
$acl->addAccount(ACL::WRITE, 'admin', array('earnie', 'bert'));
|
|
$rules = $acl->rules();
|
|
$rule = array_shift($rules);
|
|
|
|
$this->assertEquals(ACL::WRITE, $rule['mask']);
|
|
$this->assertEquals('admin', $rule['account']);
|
|
$this->assertEquals('earnie', $rule['user'][0]);
|
|
$this->assertEquals('bert', $rule['user'][1]);
|
|
|
|
}
|
|
|
|
public function testAddReferrer()
|
|
{
|
|
$acl = new ACL();
|
|
$acl->addReferrer(ACL::READ, '.example.com');
|
|
$acl->addReferrer(ACL::READ_WRITE, '-bad.example.com');
|
|
|
|
$rules = $acl->rules();
|
|
|
|
$this->assertEquals(2, count($rules));
|
|
|
|
$first = array_shift($rules);
|
|
$this->assertEquals(ACL::READ, $first['mask']);
|
|
$this->assertEquals('.example.com', $first['host']);
|
|
}
|
|
|
|
public function testAllowListings()
|
|
{
|
|
$acl = new ACL();
|
|
$acl->allowListings();
|
|
$rules = $acl->rules();
|
|
|
|
$this->assertEquals(1, count($rules));
|
|
$this->assertTrue($rules[0]['rlistings']);
|
|
$this->assertEquals(ACL::READ, $rules[0]['mask']);
|
|
}
|
|
|
|
public function testHeaders()
|
|
{
|
|
$acl = new ACL();
|
|
$acl->addAccount(ACL::READ_WRITE, 'test');
|
|
|
|
$headers = $acl->headers();
|
|
|
|
$this->assertEquals(2, count($headers));
|
|
$read = $headers[ACL::HEADER_READ];
|
|
$write = $headers[ACL::HEADER_WRITE];
|
|
|
|
$this->assertEquals('test', $read);
|
|
$this->assertEquals('test', $write);
|
|
|
|
// Test hostname rules, which should only appear in READ.
|
|
$acl = new ACL();
|
|
$acl->addReferrer(ACL::READ_WRITE, '.example.com');
|
|
$headers = $acl->headers();
|
|
|
|
$this->assertEquals(1, count($headers), print_r($headers, true));
|
|
$read = $headers[ACL::HEADER_READ];
|
|
|
|
$this->assertEquals('.r:.example.com', $read);
|
|
}
|
|
|
|
public function testToString()
|
|
{
|
|
$acl = new ACL();
|
|
$acl->addReferrer(ACL::READ_WRITE, '.example.com');
|
|
|
|
$str = (string) $acl;
|
|
|
|
$this->assertEquals('X-Container-Read: .r:.example.com', $str);
|
|
}
|
|
|
|
public function testMakePublic()
|
|
{
|
|
$acl = (string) ACL::makePublic();
|
|
|
|
$this->assertEquals('X-Container-Read: .r:*,.rlistings', $acl);
|
|
}
|
|
|
|
public function testMakeNonPublic()
|
|
{
|
|
$acl = (string) ACL::makeNonPublic();
|
|
|
|
$this->assertEmpty($acl);
|
|
}
|
|
|
|
public function testNewFromHeaders()
|
|
{
|
|
$headers = array(
|
|
ACL::HEADER_READ => '.r:.example.com,.rlistings,.r:-*.evil.net',
|
|
ACL::HEADER_WRITE => 'testact2, testact3:earnie, .rlistings ',
|
|
);
|
|
|
|
$acl = ACL::newFromHeaders($headers);
|
|
|
|
$rules = $acl->rules();
|
|
|
|
$this->assertEquals(6, count($rules));
|
|
|
|
// Yay, now we get to test each one.
|
|
|
|
$this->assertEquals(ACL::READ, $rules[0]['mask']);
|
|
$this->assertEquals('.example.com', $rules[0]['host']);
|
|
$this->assertTrue($rules[1]['rlistings']);
|
|
$this->assertEquals('-*.evil.net', $rules[2]['host']);
|
|
|
|
$this->assertEquals(ACL::WRITE, $rules[3]['mask']);
|
|
$this->assertEquals('testact2', $rules[3]['account']);
|
|
$this->assertEquals('testact3', $rules[4]['account']);
|
|
$this->assertEquals('earnie', $rules[4]['user']);
|
|
$this->assertTrue($rules[5]['rlistings']);
|
|
|
|
// Final canary:
|
|
$headers = $acl->headers();
|
|
$read = $headers[ACL::HEADER_READ];
|
|
$write = $headers[ACL::HEADER_WRITE];
|
|
|
|
$this->assertEquals('.r:.example.com,.rlistings,.r:-*.evil.net', $read);
|
|
// Note that the spurious .rlistings was removed.
|
|
$this->assertEquals('testact2,testact3:earnie', $write);
|
|
|
|
}
|
|
|
|
public function testIsNonPublic()
|
|
{
|
|
$acl = new ACL();
|
|
|
|
$this->assertTrue($acl->isNonPublic());
|
|
|
|
$acl->addReferrer(ACL::READ, '*.evil.net');
|
|
$this->assertFalse($acl->isNonPublic());
|
|
|
|
$acl = ACL::makeNonPublic();
|
|
$this->assertTrue($acl->isNonPublic());
|
|
}
|
|
|
|
public function testIsPublic()
|
|
{
|
|
$acl = new ACL();
|
|
|
|
$this->assertFalse($acl->isPublic());
|
|
$acl->allowListings();
|
|
$acl->addReferrer(ACL::READ, '*');
|
|
|
|
$this->assertTrue($acl->isPublic());
|
|
|
|
$acl->addAccount(ACL::WRITE, 'foo', 'bar');
|
|
$this->assertTrue($acl->isPublic());
|
|
|
|
$acl = ACL::makePublic();
|
|
$this->assertTrue($acl->isPublic());
|
|
}
|
|
|
|
}
|