github.com/erriapo/terraform@v0.6.12-0.20160203182612-0340ea72354f/builtin/providers/google/resource_storage_object_acl_test.go (about) 1 package google 2 3 import ( 4 "fmt" 5 "io/ioutil" 6 "math/rand" 7 "testing" 8 "time" 9 10 "github.com/hashicorp/terraform/helper/resource" 11 "github.com/hashicorp/terraform/terraform" 12 13 //"google.golang.org/api/storage/v1" 14 ) 15 16 var tfObjectAcl, errObjectAcl = ioutil.TempFile("", "tf-gce-test") 17 18 func testAclObjectName() string { 19 return fmt.Sprintf("%s-%d", "tf-test-acl-object", 20 rand.New(rand.NewSource(time.Now().UnixNano())).Int()) 21 } 22 23 func TestAccGoogleStorageObjectAcl_basic(t *testing.T) { 24 bucketName := testAclBucketName() 25 objectName := testAclObjectName() 26 objectData := []byte("data data data") 27 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 28 resource.Test(t, resource.TestCase{ 29 PreCheck: func() { 30 if errObjectAcl != nil { 31 panic(errObjectAcl) 32 } 33 testAccPreCheck(t) 34 }, 35 Providers: testAccProviders, 36 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 37 Steps: []resource.TestStep{ 38 resource.TestStep{ 39 Config: testGoogleStorageObjectsAclBasic1(bucketName, objectName), 40 Check: resource.ComposeTestCheckFunc( 41 testAccCheckGoogleStorageObjectAcl(bucketName, 42 objectName, roleEntityBasic1), 43 testAccCheckGoogleStorageObjectAcl(bucketName, 44 objectName, roleEntityBasic2), 45 ), 46 }, 47 }, 48 }) 49 } 50 51 func TestAccGoogleStorageObjectAcl_upgrade(t *testing.T) { 52 bucketName := testAclBucketName() 53 objectName := testAclObjectName() 54 objectData := []byte("data data data") 55 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 56 resource.Test(t, resource.TestCase{ 57 PreCheck: func() { 58 if errObjectAcl != nil { 59 panic(errObjectAcl) 60 } 61 testAccPreCheck(t) 62 }, 63 Providers: testAccProviders, 64 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 65 Steps: []resource.TestStep{ 66 resource.TestStep{ 67 Config: testGoogleStorageObjectsAclBasic1(bucketName, objectName), 68 Check: resource.ComposeTestCheckFunc( 69 testAccCheckGoogleStorageObjectAcl(bucketName, 70 objectName, roleEntityBasic1), 71 testAccCheckGoogleStorageObjectAcl(bucketName, 72 objectName, roleEntityBasic2), 73 ), 74 }, 75 76 resource.TestStep{ 77 Config: testGoogleStorageObjectsAclBasic2(bucketName, objectName), 78 Check: resource.ComposeTestCheckFunc( 79 testAccCheckGoogleStorageObjectAcl(bucketName, 80 objectName, roleEntityBasic2), 81 testAccCheckGoogleStorageObjectAcl(bucketName, 82 objectName, roleEntityBasic3_owner), 83 ), 84 }, 85 86 resource.TestStep{ 87 Config: testGoogleStorageObjectsAclBasicDelete(bucketName, objectName), 88 Check: resource.ComposeTestCheckFunc( 89 testAccCheckGoogleStorageObjectAclDelete(bucketName, 90 objectName, roleEntityBasic1), 91 testAccCheckGoogleStorageObjectAclDelete(bucketName, 92 objectName, roleEntityBasic2), 93 testAccCheckGoogleStorageObjectAclDelete(bucketName, 94 objectName, roleEntityBasic3_reader), 95 ), 96 }, 97 }, 98 }) 99 } 100 101 func TestAccGoogleStorageObjectAcl_downgrade(t *testing.T) { 102 bucketName := testAclBucketName() 103 objectName := testAclObjectName() 104 objectData := []byte("data data data") 105 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 106 resource.Test(t, resource.TestCase{ 107 PreCheck: func() { 108 if errObjectAcl != nil { 109 panic(errObjectAcl) 110 } 111 testAccPreCheck(t) 112 }, 113 Providers: testAccProviders, 114 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 115 Steps: []resource.TestStep{ 116 resource.TestStep{ 117 Config: testGoogleStorageObjectsAclBasic2(bucketName, objectName), 118 Check: resource.ComposeTestCheckFunc( 119 testAccCheckGoogleStorageObjectAcl(bucketName, 120 objectName, roleEntityBasic2), 121 testAccCheckGoogleStorageObjectAcl(bucketName, 122 objectName, roleEntityBasic3_owner), 123 ), 124 }, 125 126 resource.TestStep{ 127 Config: testGoogleStorageObjectsAclBasic3(bucketName, objectName), 128 Check: resource.ComposeTestCheckFunc( 129 testAccCheckGoogleStorageObjectAcl(bucketName, 130 objectName, roleEntityBasic2), 131 testAccCheckGoogleStorageObjectAcl(bucketName, 132 objectName, roleEntityBasic3_reader), 133 ), 134 }, 135 136 resource.TestStep{ 137 Config: testGoogleStorageObjectsAclBasicDelete(bucketName, objectName), 138 Check: resource.ComposeTestCheckFunc( 139 testAccCheckGoogleStorageObjectAclDelete(bucketName, 140 objectName, roleEntityBasic1), 141 testAccCheckGoogleStorageObjectAclDelete(bucketName, 142 objectName, roleEntityBasic2), 143 testAccCheckGoogleStorageObjectAclDelete(bucketName, 144 objectName, roleEntityBasic3_reader), 145 ), 146 }, 147 }, 148 }) 149 } 150 151 func TestAccGoogleStorageObjectAcl_predefined(t *testing.T) { 152 bucketName := testAclBucketName() 153 objectName := testAclObjectName() 154 objectData := []byte("data data data") 155 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 156 resource.Test(t, resource.TestCase{ 157 PreCheck: func() { 158 if errObjectAcl != nil { 159 panic(errObjectAcl) 160 } 161 testAccPreCheck(t) 162 }, 163 Providers: testAccProviders, 164 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 165 Steps: []resource.TestStep{ 166 resource.TestStep{ 167 Config: testGoogleStorageObjectsAclPredefined(bucketName, objectName), 168 }, 169 }, 170 }) 171 } 172 173 func testAccCheckGoogleStorageObjectAcl(bucket, object, roleEntityS string) resource.TestCheckFunc { 174 return func(s *terraform.State) error { 175 roleEntity, _ := getRoleEntityPair(roleEntityS) 176 config := testAccProvider.Meta().(*Config) 177 178 res, err := config.clientStorage.ObjectAccessControls.Get(bucket, 179 object, roleEntity.Entity).Do() 180 181 if err != nil { 182 return fmt.Errorf("Error retrieving contents of acl for bucket %s: %s", bucket, err) 183 } 184 185 if res.Role != roleEntity.Role { 186 return fmt.Errorf("Error, Role mismatch %s != %s", res.Role, roleEntity.Role) 187 } 188 189 return nil 190 } 191 } 192 193 func testAccCheckGoogleStorageObjectAclDelete(bucket, object, roleEntityS string) resource.TestCheckFunc { 194 return func(s *terraform.State) error { 195 roleEntity, _ := getRoleEntityPair(roleEntityS) 196 config := testAccProvider.Meta().(*Config) 197 198 _, err := config.clientStorage.ObjectAccessControls.Get(bucket, 199 object, roleEntity.Entity).Do() 200 201 if err != nil { 202 return nil 203 } 204 205 return fmt.Errorf("Error, Entity still exists %s", roleEntity.Entity) 206 } 207 } 208 209 func testAccGoogleStorageObjectAclDestroy(s *terraform.State) error { 210 config := testAccProvider.Meta().(*Config) 211 212 for _, rs := range s.RootModule().Resources { 213 if rs.Type != "google_storage_bucket_acl" { 214 continue 215 } 216 217 bucket := rs.Primary.Attributes["bucket"] 218 object := rs.Primary.Attributes["object"] 219 220 _, err := config.clientStorage.ObjectAccessControls.List(bucket, object).Do() 221 222 if err == nil { 223 return fmt.Errorf("Acl for bucket %s still exists", bucket) 224 } 225 } 226 227 return nil 228 } 229 230 func testGoogleStorageObjectsAclBasicDelete(bucketName string, objectName string) string { 231 return fmt.Sprintf(` 232 resource "google_storage_bucket" "bucket" { 233 name = "%s" 234 } 235 236 resource "google_storage_bucket_object" "object" { 237 name = "%s" 238 bucket = "${google_storage_bucket.bucket.name}" 239 source = "%s" 240 } 241 242 resource "google_storage_object_acl" "acl" { 243 object = "${google_storage_bucket_object.object.name}" 244 bucket = "${google_storage_bucket.bucket.name}" 245 role_entity = [] 246 } 247 `, bucketName, objectName, tfObjectAcl.Name()) 248 } 249 250 func testGoogleStorageObjectsAclBasic1(bucketName string, objectName string) string { 251 return fmt.Sprintf(` 252 resource "google_storage_bucket" "bucket" { 253 name = "%s" 254 } 255 256 resource "google_storage_bucket_object" "object" { 257 name = "%s" 258 bucket = "${google_storage_bucket.bucket.name}" 259 source = "%s" 260 } 261 262 resource "google_storage_object_acl" "acl" { 263 object = "${google_storage_bucket_object.object.name}" 264 bucket = "${google_storage_bucket.bucket.name}" 265 role_entity = ["%s", "%s"] 266 } 267 `, bucketName, objectName, tfObjectAcl.Name(), 268 roleEntityBasic1, roleEntityBasic2) 269 } 270 271 func testGoogleStorageObjectsAclBasic2(bucketName string, objectName string) string { 272 return fmt.Sprintf(` 273 resource "google_storage_bucket" "bucket" { 274 name = "%s" 275 } 276 277 resource "google_storage_bucket_object" "object" { 278 name = "%s" 279 bucket = "${google_storage_bucket.bucket.name}" 280 source = "%s" 281 } 282 283 resource "google_storage_object_acl" "acl" { 284 object = "${google_storage_bucket_object.object.name}" 285 bucket = "${google_storage_bucket.bucket.name}" 286 role_entity = ["%s", "%s"] 287 } 288 `, bucketName, objectName, tfObjectAcl.Name(), 289 roleEntityBasic2, roleEntityBasic3_owner) 290 } 291 292 func testGoogleStorageObjectsAclBasic3(bucketName string, objectName string) string { 293 return fmt.Sprintf(` 294 resource "google_storage_bucket" "bucket" { 295 name = "%s" 296 } 297 298 resource "google_storage_bucket_object" "object" { 299 name = "%s" 300 bucket = "${google_storage_bucket.bucket.name}" 301 source = "%s" 302 } 303 304 resource "google_storage_object_acl" "acl" { 305 object = "${google_storage_bucket_object.object.name}" 306 bucket = "${google_storage_bucket.bucket.name}" 307 role_entity = ["%s", "%s"] 308 } 309 `, bucketName, objectName, tfObjectAcl.Name(), 310 roleEntityBasic2, roleEntityBasic3_reader) 311 } 312 313 func testGoogleStorageObjectsAclPredefined(bucketName string, objectName string) string { 314 return fmt.Sprintf(` 315 resource "google_storage_bucket" "bucket" { 316 name = "%s" 317 } 318 319 resource "google_storage_bucket_object" "object" { 320 name = "%s" 321 bucket = "${google_storage_bucket.bucket.name}" 322 source = "%s" 323 } 324 325 resource "google_storage_object_acl" "acl" { 326 object = "${google_storage_bucket_object.object.name}" 327 bucket = "${google_storage_bucket.bucket.name}" 328 predefined_acl = "projectPrivate" 329 } 330 `, bucketName, objectName, tfObjectAcl.Name()) 331 }