From 11b083c611d98187e9b64a8ddb663be6981531d8 Mon Sep 17 00:00:00 2001 From: Egon Elbre Date: Tue, 21 Nov 2023 17:03:56 +0200 Subject: [PATCH] satellite/metabase: test CommitObject.DisallowDelete Change-Id: I4f408dd23ba2875a0aa46fb4dbd494c3c7dbc0af --- satellite/metabase/commit.go | 2 +- satellite/metabase/commit_object.go | 2 +- satellite/metabase/commit_object_test.go | 4 +- satellite/metabase/commit_test.go | 126 ++++++++++++++++++++++- satellite/metabase/copy_object.go | 2 +- satellite/metabase/move_object.go | 2 +- 6 files changed, 131 insertions(+), 7 deletions(-) diff --git a/satellite/metabase/commit.go b/satellite/metabase/commit.go index fb7763c420c6..64a89dc5140f 100644 --- a/satellite/metabase/commit.go +++ b/satellite/metabase/commit.go @@ -572,7 +572,7 @@ func (db *DB) CommitObject(ctx context.Context, opts CommitObject) (object Objec DisallowDelete: opts.DisallowDelete, }, tx) if err != nil { - return Error.Wrap(err) + return err } nextVersion := opts.Version diff --git a/satellite/metabase/commit_object.go b/satellite/metabase/commit_object.go index cd7784aad048..e4a132914958 100644 --- a/satellite/metabase/commit_object.go +++ b/satellite/metabase/commit_object.go @@ -62,7 +62,7 @@ func (db *DB) CommitObjectWithSegments(ctx context.Context, opts CommitObjectWit DisallowDelete: opts.DisallowDelete, }, tx) if err != nil { - return Error.Wrap(err) + return err } segmentsInDatabase, err := fetchSegmentsForCommit(ctx, tx, opts.StreamID) diff --git a/satellite/metabase/commit_object_test.go b/satellite/metabase/commit_object_test.go index 646af48fbb79..ffc0a27bee6a 100644 --- a/satellite/metabase/commit_object_test.go +++ b/satellite/metabase/commit_object_test.go @@ -271,8 +271,8 @@ func TestCommitObjectWithSegments(t *testing.T) { EncryptedMetadataEncryptedKey: encryptedMetadataKey, DisallowDelete: true, }, - ErrClass: &metabase.Error, - ErrText: "permission denied: no permissions to delete existing object", + ErrClass: &metabase.ErrPermissionDenied, + ErrText: "no permissions to delete existing object", }.Check(ctx, t, db) metabasetest.Verify{ diff --git a/satellite/metabase/commit_test.go b/satellite/metabase/commit_test.go index e941b7abe53e..28e8d2027c10 100644 --- a/satellite/metabase/commit_test.go +++ b/satellite/metabase/commit_test.go @@ -2236,7 +2236,131 @@ func TestCommitObject(t *testing.T) { }.Check(ctx, t, db) }) - // TODO(ver): tests for DisallowDelete = false/true and ErrPermissionDenied + t.Run("disallow delete but nothing to delete", func(t *testing.T) { + defer metabasetest.DeleteAll{}.Check(ctx, t, db) + + metabasetest.BeginObjectExactVersion{ + Opts: metabase.BeginObjectExactVersion{ + ObjectStream: metabase.ObjectStream{ + ProjectID: obj.ProjectID, + BucketName: obj.BucketName, + ObjectKey: obj.ObjectKey, + Version: 5, + StreamID: obj.StreamID, + }, + Encryption: metabasetest.DefaultEncryption, + }, + }.Check(ctx, t, db) + now := time.Now() + + encryptedMetadata := testrand.Bytes(1024) + encryptedMetadataNonce := testrand.Nonce() + encryptedMetadataKey := testrand.Bytes(265) + + metabasetest.CommitObject{ + Opts: metabase.CommitObject{ + ObjectStream: metabase.ObjectStream{ + ProjectID: obj.ProjectID, + BucketName: obj.BucketName, + ObjectKey: obj.ObjectKey, + Version: 5, + StreamID: obj.StreamID, + }, + OverrideEncryptedMetadata: true, + EncryptedMetadataNonce: encryptedMetadataNonce[:], + EncryptedMetadata: encryptedMetadata, + EncryptedMetadataEncryptedKey: encryptedMetadataKey, + DisallowDelete: true, + }, + }.Check(ctx, t, db) + + metabasetest.Verify{ + Objects: []metabase.RawObject{ + { + ObjectStream: metabase.ObjectStream{ + ProjectID: obj.ProjectID, + BucketName: obj.BucketName, + ObjectKey: obj.ObjectKey, + Version: 5, + StreamID: obj.StreamID, + }, + CreatedAt: now, + Status: metabase.CommittedUnversioned, + + EncryptedMetadataNonce: encryptedMetadataNonce[:], + EncryptedMetadata: encryptedMetadata, + EncryptedMetadataEncryptedKey: encryptedMetadataKey, + + Encryption: metabasetest.DefaultEncryption, + }, + }, + }.Check(ctx, t, db) + }) + + t.Run("disallow delete when committing unversioned", func(t *testing.T) { + defer metabasetest.DeleteAll{}.Check(ctx, t, db) + + unversionedStream := obj + unversionedStream.Version = 3 + unversionedObject := metabasetest.CreateObject(ctx, t, db, unversionedStream, 0) + + metabasetest.BeginObjectExactVersion{ + Opts: metabase.BeginObjectExactVersion{ + ObjectStream: metabase.ObjectStream{ + ProjectID: obj.ProjectID, + BucketName: obj.BucketName, + ObjectKey: obj.ObjectKey, + Version: 5, + StreamID: obj.StreamID, + }, + Encryption: metabasetest.DefaultEncryption, + }, + }.Check(ctx, t, db) + now := time.Now() + zombieDeadline := now.Add(24 * time.Hour) + + encryptedMetadata := testrand.Bytes(1024) + encryptedMetadataNonce := testrand.Nonce() + encryptedMetadataKey := testrand.Bytes(265) + + metabasetest.CommitObject{ + Opts: metabase.CommitObject{ + ObjectStream: metabase.ObjectStream{ + ProjectID: obj.ProjectID, + BucketName: obj.BucketName, + ObjectKey: obj.ObjectKey, + Version: 5, + StreamID: obj.StreamID, + }, + EncryptedMetadataNonce: encryptedMetadataNonce[:], + EncryptedMetadata: encryptedMetadata, + EncryptedMetadataEncryptedKey: encryptedMetadataKey, + DisallowDelete: true, + }, + ErrClass: &metabase.ErrPermissionDenied, + ErrText: "no permissions to delete existing object", + }.Check(ctx, t, db) + + metabasetest.Verify{ + Objects: []metabase.RawObject{ + metabase.RawObject(unversionedObject), + { + ObjectStream: metabase.ObjectStream{ + ProjectID: obj.ProjectID, + BucketName: obj.BucketName, + ObjectKey: obj.ObjectKey, + Version: 5, + StreamID: obj.StreamID, + }, + CreatedAt: now, + Status: metabase.Pending, + + Encryption: metabasetest.DefaultEncryption, + ZombieDeletionDeadline: &zombieDeadline, + }, + }, + }.Check(ctx, t, db) + }) t.Run("assign plain_offset", func(t *testing.T) { defer metabasetest.DeleteAll{}.Check(ctx, t, db) diff --git a/satellite/metabase/copy_object.go b/satellite/metabase/copy_object.go index c82023f8f516..0543b6780875 100644 --- a/satellite/metabase/copy_object.go +++ b/satellite/metabase/copy_object.go @@ -244,7 +244,7 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje DisallowDelete: opts.NewDisallowDelete, }, tx) if err != nil { - return Error.Wrap(err) + return err } newStatus := committedWhereVersioned(opts.NewVersioned) diff --git a/satellite/metabase/move_object.go b/satellite/metabase/move_object.go index fa98a4624a3c..73784172bf0d 100644 --- a/satellite/metabase/move_object.go +++ b/satellite/metabase/move_object.go @@ -174,7 +174,7 @@ func (db *DB) FinishMoveObject(ctx context.Context, opts FinishMoveObject) (err DisallowDelete: opts.NewDisallowDelete, }, tx) if err != nil { - return Error.Wrap(err) + return err } var oldStatus ObjectStatus