github.com/lfch/etcd-io/tests/v3@v3.0.0-20221004140520-eac99acd3e9d/integration/clientv3/user_test.go

github.com/lfch/etcd-io/tests/v3@v3.0.0-20221004140520-eac99acd3e9d/integration/clientv3/user_test.go (about)

     1  // Copyright 2016 The etcd Authors
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package clientv3test
    16  
    17  import (
    18  	"context"
    19  	"testing"
    20  	"time"
    21  
    22  	"github.com/lfch/etcd-io/api/v3/v3rpc/rpctypes"
    23  	"github.com/lfch/etcd-io/client/v3"
    24  	integration2 "github.com/lfch/etcd-io/tests/v3/framework/integration"
    25  	"google.golang.org/grpc"
    26  )
    27  
    28  func TestUserError(t *testing.T) {
    29  	integration2.BeforeTest(t)
    30  
    31  	clus := integration2.NewCluster(t, &integration2.ClusterConfig{Size: 1})
    32  	defer clus.Terminate(t)
    33  
    34  	authapi := clus.RandClient()
    35  
    36  	_, err := authapi.UserAdd(context.TODO(), "foo", "bar")
    37  	if err != nil {
    38  		t.Fatal(err)
    39  	}
    40  
    41  	_, err = authapi.UserAdd(context.TODO(), "foo", "bar")
    42  	if err != rpctypes.ErrUserAlreadyExist {
    43  		t.Fatalf("expected %v, got %v", rpctypes.ErrUserAlreadyExist, err)
    44  	}
    45  
    46  	_, err = authapi.UserDelete(context.TODO(), "not-exist-user")
    47  	if err != rpctypes.ErrUserNotFound {
    48  		t.Fatalf("expected %v, got %v", rpctypes.ErrUserNotFound, err)
    49  	}
    50  
    51  	_, err = authapi.UserGrantRole(context.TODO(), "foo", "test-role-does-not-exist")
    52  	if err != rpctypes.ErrRoleNotFound {
    53  		t.Fatalf("expected %v, got %v", rpctypes.ErrRoleNotFound, err)
    54  	}
    55  }
    56  
    57  func TestUserErrorAuth(t *testing.T) {
    58  	integration2.BeforeTest(t)
    59  
    60  	clus := integration2.NewCluster(t, &integration2.ClusterConfig{Size: 1})
    61  	defer clus.Terminate(t)
    62  
    63  	authapi := clus.RandClient()
    64  	authSetupRoot(t, authapi.Auth)
    65  
    66  	// unauthenticated client
    67  	if _, err := authapi.UserAdd(context.TODO(), "foo", "bar"); err != rpctypes.ErrUserEmpty {
    68  		t.Fatalf("expected %v, got %v", rpctypes.ErrUserEmpty, err)
    69  	}
    70  
    71  	// wrong id or password
    72  	cfg := clientv3.Config{
    73  		Endpoints:   authapi.Endpoints(),
    74  		DialTimeout: 5 * time.Second,
    75  		DialOptions: []grpc.DialOption{grpc.WithBlock()},
    76  	}
    77  	cfg.Username, cfg.Password = "wrong-id", "123"
    78  	if _, err := integration2.NewClient(t, cfg); err != rpctypes.ErrAuthFailed {
    79  		t.Fatalf("expected %v, got %v", rpctypes.ErrAuthFailed, err)
    80  	}
    81  	cfg.Username, cfg.Password = "root", "wrong-pass"
    82  	if _, err := integration2.NewClient(t, cfg); err != rpctypes.ErrAuthFailed {
    83  		t.Fatalf("expected %v, got %v", rpctypes.ErrAuthFailed, err)
    84  	}
    85  
    86  	cfg.Username, cfg.Password = "root", "123"
    87  	authed, err := integration2.NewClient(t, cfg)
    88  	if err != nil {
    89  		t.Fatal(err)
    90  	}
    91  	defer authed.Close()
    92  
    93  	if _, err := authed.UserList(context.TODO()); err != nil {
    94  		t.Fatal(err)
    95  	}
    96  }
    97  
    98  func authSetupRoot(t *testing.T, auth clientv3.Auth) {
    99  	if _, err := auth.UserAdd(context.TODO(), "root", "123"); err != nil {
   100  		t.Fatal(err)
   101  	}
   102  	if _, err := auth.RoleAdd(context.TODO(), "root"); err != nil {
   103  		t.Fatal(err)
   104  	}
   105  	if _, err := auth.UserGrantRole(context.TODO(), "root", "root"); err != nil {
   106  		t.Fatal(err)
   107  	}
   108  	if _, err := auth.AuthEnable(context.TODO()); err != nil {
   109  		t.Fatal(err)
   110  	}
   111  }
   112  
   113  // Client can connect to etcd even if they supply credentials and the server is in AuthDisable mode.
   114  func TestGetTokenWithoutAuth(t *testing.T) {
   115  	integration2.BeforeTest(t)
   116  
   117  	clus := integration2.NewCluster(t, &integration2.ClusterConfig{Size: 2})
   118  	defer clus.Terminate(t)
   119  
   120  	authapi := clus.RandClient()
   121  
   122  	var err error
   123  	var client *clientv3.Client
   124  
   125  	// make sure "auth" was disabled
   126  	if _, err = authapi.AuthDisable(context.TODO()); err != nil {
   127  		t.Fatal(err)
   128  	}
   129  
   130  	// "Username" and "Password" must be used
   131  	cfg := clientv3.Config{
   132  		Endpoints:   authapi.Endpoints(),
   133  		DialTimeout: 5 * time.Second,
   134  		Username:    "root",
   135  		Password:    "123",
   136  	}
   137  
   138  	client, err = integration2.NewClient(t, cfg)
   139  	if err == nil {
   140  		defer client.Close()
   141  	}
   142  
   143  	switch err {
   144  	case nil:
   145  		t.Log("passes as expected")
   146  	case context.DeadlineExceeded:
   147  		t.Errorf("not expected result:%v with endpoint:%s", err, authapi.Endpoints())
   148  	default:
   149  		t.Errorf("other errors:%v", err)
   150  	}
   151  }