github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/google/resource_storage_object_acl_test.go (about) 1 package google 2 3 import ( 4 "fmt" 5 "io/ioutil" 6 "math/rand" 7 "testing" 8 "time" 9 10 "github.com/hashicorp/terraform/helper/resource" 11 "github.com/hashicorp/terraform/terraform" 12 //"google.golang.org/api/storage/v1" 13 ) 14 15 var tfObjectAcl, errObjectAcl = ioutil.TempFile("", "tf-gce-test") 16 17 func testAclObjectName() string { 18 return fmt.Sprintf("%s-%d", "tf-test-acl-object", 19 rand.New(rand.NewSource(time.Now().UnixNano())).Int()) 20 } 21 22 func TestAccGoogleStorageObjectAcl_basic(t *testing.T) { 23 bucketName := testBucketName() 24 objectName := testAclObjectName() 25 objectData := []byte("data data data") 26 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 27 resource.Test(t, resource.TestCase{ 28 PreCheck: func() { 29 if errObjectAcl != nil { 30 panic(errObjectAcl) 31 } 32 testAccPreCheck(t) 33 }, 34 Providers: testAccProviders, 35 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 36 Steps: []resource.TestStep{ 37 resource.TestStep{ 38 Config: testGoogleStorageObjectsAclBasic1(bucketName, objectName), 39 Check: resource.ComposeTestCheckFunc( 40 testAccCheckGoogleStorageObjectAcl(bucketName, 41 objectName, roleEntityBasic1), 42 testAccCheckGoogleStorageObjectAcl(bucketName, 43 objectName, roleEntityBasic2), 44 ), 45 }, 46 }, 47 }) 48 } 49 50 func TestAccGoogleStorageObjectAcl_upgrade(t *testing.T) { 51 bucketName := testBucketName() 52 objectName := testAclObjectName() 53 objectData := []byte("data data data") 54 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 55 resource.Test(t, resource.TestCase{ 56 PreCheck: func() { 57 if errObjectAcl != nil { 58 panic(errObjectAcl) 59 } 60 testAccPreCheck(t) 61 }, 62 Providers: testAccProviders, 63 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 64 Steps: []resource.TestStep{ 65 resource.TestStep{ 66 Config: testGoogleStorageObjectsAclBasic1(bucketName, objectName), 67 Check: resource.ComposeTestCheckFunc( 68 testAccCheckGoogleStorageObjectAcl(bucketName, 69 objectName, roleEntityBasic1), 70 testAccCheckGoogleStorageObjectAcl(bucketName, 71 objectName, roleEntityBasic2), 72 ), 73 }, 74 75 resource.TestStep{ 76 Config: testGoogleStorageObjectsAclBasic2(bucketName, objectName), 77 Check: resource.ComposeTestCheckFunc( 78 testAccCheckGoogleStorageObjectAcl(bucketName, 79 objectName, roleEntityBasic2), 80 testAccCheckGoogleStorageObjectAcl(bucketName, 81 objectName, roleEntityBasic3_owner), 82 ), 83 }, 84 85 resource.TestStep{ 86 Config: testGoogleStorageObjectsAclBasicDelete(bucketName, objectName), 87 Check: resource.ComposeTestCheckFunc( 88 testAccCheckGoogleStorageObjectAclDelete(bucketName, 89 objectName, roleEntityBasic1), 90 testAccCheckGoogleStorageObjectAclDelete(bucketName, 91 objectName, roleEntityBasic2), 92 testAccCheckGoogleStorageObjectAclDelete(bucketName, 93 objectName, roleEntityBasic3_reader), 94 ), 95 }, 96 }, 97 }) 98 } 99 100 func TestAccGoogleStorageObjectAcl_downgrade(t *testing.T) { 101 bucketName := testBucketName() 102 objectName := testAclObjectName() 103 objectData := []byte("data data data") 104 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 105 resource.Test(t, resource.TestCase{ 106 PreCheck: func() { 107 if errObjectAcl != nil { 108 panic(errObjectAcl) 109 } 110 testAccPreCheck(t) 111 }, 112 Providers: testAccProviders, 113 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 114 Steps: []resource.TestStep{ 115 resource.TestStep{ 116 Config: testGoogleStorageObjectsAclBasic2(bucketName, objectName), 117 Check: resource.ComposeTestCheckFunc( 118 testAccCheckGoogleStorageObjectAcl(bucketName, 119 objectName, roleEntityBasic2), 120 testAccCheckGoogleStorageObjectAcl(bucketName, 121 objectName, roleEntityBasic3_owner), 122 ), 123 }, 124 125 resource.TestStep{ 126 Config: testGoogleStorageObjectsAclBasic3(bucketName, objectName), 127 Check: resource.ComposeTestCheckFunc( 128 testAccCheckGoogleStorageObjectAcl(bucketName, 129 objectName, roleEntityBasic2), 130 testAccCheckGoogleStorageObjectAcl(bucketName, 131 objectName, roleEntityBasic3_reader), 132 ), 133 }, 134 135 resource.TestStep{ 136 Config: testGoogleStorageObjectsAclBasicDelete(bucketName, objectName), 137 Check: resource.ComposeTestCheckFunc( 138 testAccCheckGoogleStorageObjectAclDelete(bucketName, 139 objectName, roleEntityBasic1), 140 testAccCheckGoogleStorageObjectAclDelete(bucketName, 141 objectName, roleEntityBasic2), 142 testAccCheckGoogleStorageObjectAclDelete(bucketName, 143 objectName, roleEntityBasic3_reader), 144 ), 145 }, 146 }, 147 }) 148 } 149 150 func TestAccGoogleStorageObjectAcl_predefined(t *testing.T) { 151 bucketName := testBucketName() 152 objectName := testAclObjectName() 153 objectData := []byte("data data data") 154 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 155 resource.Test(t, resource.TestCase{ 156 PreCheck: func() { 157 if errObjectAcl != nil { 158 panic(errObjectAcl) 159 } 160 testAccPreCheck(t) 161 }, 162 Providers: testAccProviders, 163 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 164 Steps: []resource.TestStep{ 165 resource.TestStep{ 166 Config: testGoogleStorageObjectsAclPredefined(bucketName, objectName), 167 }, 168 }, 169 }) 170 } 171 172 func testAccCheckGoogleStorageObjectAcl(bucket, object, roleEntityS string) resource.TestCheckFunc { 173 return func(s *terraform.State) error { 174 roleEntity, _ := getRoleEntityPair(roleEntityS) 175 config := testAccProvider.Meta().(*Config) 176 177 res, err := config.clientStorage.ObjectAccessControls.Get(bucket, 178 object, roleEntity.Entity).Do() 179 180 if err != nil { 181 return fmt.Errorf("Error retrieving contents of acl for bucket %s: %s", bucket, err) 182 } 183 184 if res.Role != roleEntity.Role { 185 return fmt.Errorf("Error, Role mismatch %s != %s", res.Role, roleEntity.Role) 186 } 187 188 return nil 189 } 190 } 191 192 func testAccCheckGoogleStorageObjectAclDelete(bucket, object, roleEntityS string) resource.TestCheckFunc { 193 return func(s *terraform.State) error { 194 roleEntity, _ := getRoleEntityPair(roleEntityS) 195 config := testAccProvider.Meta().(*Config) 196 197 _, err := config.clientStorage.ObjectAccessControls.Get(bucket, 198 object, roleEntity.Entity).Do() 199 200 if err != nil { 201 return nil 202 } 203 204 return fmt.Errorf("Error, Entity still exists %s", roleEntity.Entity) 205 } 206 } 207 208 func testAccGoogleStorageObjectAclDestroy(s *terraform.State) error { 209 config := testAccProvider.Meta().(*Config) 210 211 for _, rs := range s.RootModule().Resources { 212 if rs.Type != "google_storage_bucket_acl" { 213 continue 214 } 215 216 bucket := rs.Primary.Attributes["bucket"] 217 object := rs.Primary.Attributes["object"] 218 219 _, err := config.clientStorage.ObjectAccessControls.List(bucket, object).Do() 220 221 if err == nil { 222 return fmt.Errorf("Acl for bucket %s still exists", bucket) 223 } 224 } 225 226 return nil 227 } 228 229 func testGoogleStorageObjectsAclBasicDelete(bucketName string, objectName string) string { 230 return fmt.Sprintf(` 231 resource "google_storage_bucket" "bucket" { 232 name = "%s" 233 } 234 235 resource "google_storage_bucket_object" "object" { 236 name = "%s" 237 bucket = "${google_storage_bucket.bucket.name}" 238 source = "%s" 239 } 240 241 resource "google_storage_object_acl" "acl" { 242 object = "${google_storage_bucket_object.object.name}" 243 bucket = "${google_storage_bucket.bucket.name}" 244 role_entity = [] 245 } 246 `, bucketName, objectName, tfObjectAcl.Name()) 247 } 248 249 func testGoogleStorageObjectsAclBasic1(bucketName string, objectName string) string { 250 return fmt.Sprintf(` 251 resource "google_storage_bucket" "bucket" { 252 name = "%s" 253 } 254 255 resource "google_storage_bucket_object" "object" { 256 name = "%s" 257 bucket = "${google_storage_bucket.bucket.name}" 258 source = "%s" 259 } 260 261 resource "google_storage_object_acl" "acl" { 262 object = "${google_storage_bucket_object.object.name}" 263 bucket = "${google_storage_bucket.bucket.name}" 264 role_entity = ["%s", "%s"] 265 } 266 `, bucketName, objectName, tfObjectAcl.Name(), 267 roleEntityBasic1, roleEntityBasic2) 268 } 269 270 func testGoogleStorageObjectsAclBasic2(bucketName string, objectName string) string { 271 return fmt.Sprintf(` 272 resource "google_storage_bucket" "bucket" { 273 name = "%s" 274 } 275 276 resource "google_storage_bucket_object" "object" { 277 name = "%s" 278 bucket = "${google_storage_bucket.bucket.name}" 279 source = "%s" 280 } 281 282 resource "google_storage_object_acl" "acl" { 283 object = "${google_storage_bucket_object.object.name}" 284 bucket = "${google_storage_bucket.bucket.name}" 285 role_entity = ["%s", "%s"] 286 } 287 `, bucketName, objectName, tfObjectAcl.Name(), 288 roleEntityBasic2, roleEntityBasic3_owner) 289 } 290 291 func testGoogleStorageObjectsAclBasic3(bucketName string, objectName string) string { 292 return fmt.Sprintf(` 293 resource "google_storage_bucket" "bucket" { 294 name = "%s" 295 } 296 297 resource "google_storage_bucket_object" "object" { 298 name = "%s" 299 bucket = "${google_storage_bucket.bucket.name}" 300 source = "%s" 301 } 302 303 resource "google_storage_object_acl" "acl" { 304 object = "${google_storage_bucket_object.object.name}" 305 bucket = "${google_storage_bucket.bucket.name}" 306 role_entity = ["%s", "%s"] 307 } 308 `, bucketName, objectName, tfObjectAcl.Name(), 309 roleEntityBasic2, roleEntityBasic3_reader) 310 } 311 312 func testGoogleStorageObjectsAclPredefined(bucketName string, objectName string) string { 313 return fmt.Sprintf(` 314 resource "google_storage_bucket" "bucket" { 315 name = "%s" 316 } 317 318 resource "google_storage_bucket_object" "object" { 319 name = "%s" 320 bucket = "${google_storage_bucket.bucket.name}" 321 source = "%s" 322 } 323 324 resource "google_storage_object_acl" "acl" { 325 object = "${google_storage_bucket_object.object.name}" 326 bucket = "${google_storage_bucket.bucket.name}" 327 predefined_acl = "projectPrivate" 328 } 329 `, bucketName, objectName, tfObjectAcl.Name()) 330 }