github.com/lfch/etcd-io/tests/v3@v3.0.0-20221004140520-eac99acd3e9d/integration/clientv3/user_test.go (about) 1 // Copyright 2016 The etcd Authors 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package clientv3test 16 17 import ( 18 "context" 19 "testing" 20 "time" 21 22 "github.com/lfch/etcd-io/api/v3/v3rpc/rpctypes" 23 "github.com/lfch/etcd-io/client/v3" 24 integration2 "github.com/lfch/etcd-io/tests/v3/framework/integration" 25 "google.golang.org/grpc" 26 ) 27 28 func TestUserError(t *testing.T) { 29 integration2.BeforeTest(t) 30 31 clus := integration2.NewCluster(t, &integration2.ClusterConfig{Size: 1}) 32 defer clus.Terminate(t) 33 34 authapi := clus.RandClient() 35 36 _, err := authapi.UserAdd(context.TODO(), "foo", "bar") 37 if err != nil { 38 t.Fatal(err) 39 } 40 41 _, err = authapi.UserAdd(context.TODO(), "foo", "bar") 42 if err != rpctypes.ErrUserAlreadyExist { 43 t.Fatalf("expected %v, got %v", rpctypes.ErrUserAlreadyExist, err) 44 } 45 46 _, err = authapi.UserDelete(context.TODO(), "not-exist-user") 47 if err != rpctypes.ErrUserNotFound { 48 t.Fatalf("expected %v, got %v", rpctypes.ErrUserNotFound, err) 49 } 50 51 _, err = authapi.UserGrantRole(context.TODO(), "foo", "test-role-does-not-exist") 52 if err != rpctypes.ErrRoleNotFound { 53 t.Fatalf("expected %v, got %v", rpctypes.ErrRoleNotFound, err) 54 } 55 } 56 57 func TestUserErrorAuth(t *testing.T) { 58 integration2.BeforeTest(t) 59 60 clus := integration2.NewCluster(t, &integration2.ClusterConfig{Size: 1}) 61 defer clus.Terminate(t) 62 63 authapi := clus.RandClient() 64 authSetupRoot(t, authapi.Auth) 65 66 // unauthenticated client 67 if _, err := authapi.UserAdd(context.TODO(), "foo", "bar"); err != rpctypes.ErrUserEmpty { 68 t.Fatalf("expected %v, got %v", rpctypes.ErrUserEmpty, err) 69 } 70 71 // wrong id or password 72 cfg := clientv3.Config{ 73 Endpoints: authapi.Endpoints(), 74 DialTimeout: 5 * time.Second, 75 DialOptions: []grpc.DialOption{grpc.WithBlock()}, 76 } 77 cfg.Username, cfg.Password = "wrong-id", "123" 78 if _, err := integration2.NewClient(t, cfg); err != rpctypes.ErrAuthFailed { 79 t.Fatalf("expected %v, got %v", rpctypes.ErrAuthFailed, err) 80 } 81 cfg.Username, cfg.Password = "root", "wrong-pass" 82 if _, err := integration2.NewClient(t, cfg); err != rpctypes.ErrAuthFailed { 83 t.Fatalf("expected %v, got %v", rpctypes.ErrAuthFailed, err) 84 } 85 86 cfg.Username, cfg.Password = "root", "123" 87 authed, err := integration2.NewClient(t, cfg) 88 if err != nil { 89 t.Fatal(err) 90 } 91 defer authed.Close() 92 93 if _, err := authed.UserList(context.TODO()); err != nil { 94 t.Fatal(err) 95 } 96 } 97 98 func authSetupRoot(t *testing.T, auth clientv3.Auth) { 99 if _, err := auth.UserAdd(context.TODO(), "root", "123"); err != nil { 100 t.Fatal(err) 101 } 102 if _, err := auth.RoleAdd(context.TODO(), "root"); err != nil { 103 t.Fatal(err) 104 } 105 if _, err := auth.UserGrantRole(context.TODO(), "root", "root"); err != nil { 106 t.Fatal(err) 107 } 108 if _, err := auth.AuthEnable(context.TODO()); err != nil { 109 t.Fatal(err) 110 } 111 } 112 113 // Client can connect to etcd even if they supply credentials and the server is in AuthDisable mode. 114 func TestGetTokenWithoutAuth(t *testing.T) { 115 integration2.BeforeTest(t) 116 117 clus := integration2.NewCluster(t, &integration2.ClusterConfig{Size: 2}) 118 defer clus.Terminate(t) 119 120 authapi := clus.RandClient() 121 122 var err error 123 var client *clientv3.Client 124 125 // make sure "auth" was disabled 126 if _, err = authapi.AuthDisable(context.TODO()); err != nil { 127 t.Fatal(err) 128 } 129 130 // "Username" and "Password" must be used 131 cfg := clientv3.Config{ 132 Endpoints: authapi.Endpoints(), 133 DialTimeout: 5 * time.Second, 134 Username: "root", 135 Password: "123", 136 } 137 138 client, err = integration2.NewClient(t, cfg) 139 if err == nil { 140 defer client.Close() 141 } 142 143 switch err { 144 case nil: 145 t.Log("passes as expected") 146 case context.DeadlineExceeded: 147 t.Errorf("not expected result:%v with endpoint:%s", err, authapi.Endpoints()) 148 default: 149 t.Errorf("other errors:%v", err) 150 } 151 }