github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/builtin/providers/google/resource_storage_object_acl_test.go (about) 1 package google 2 3 import ( 4 "fmt" 5 "io/ioutil" 6 "math/rand" 7 "testing" 8 "time" 9 10 "github.com/hashicorp/terraform/helper/resource" 11 "github.com/hashicorp/terraform/terraform" 12 13 //"google.golang.org/api/storage/v1" 14 ) 15 16 var tfObjectAcl, errObjectAcl = ioutil.TempFile("", "tf-gce-test") 17 var testAclObjectName = fmt.Sprintf("%s-%d", "tf-test-acl-object", 18 rand.New(rand.NewSource(time.Now().UnixNano())).Int()) 19 20 func TestAccGoogleStorageObjectAcl_basic(t *testing.T) { 21 objectData := []byte("data data data") 22 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 23 resource.Test(t, resource.TestCase{ 24 PreCheck: func() { 25 if errObjectAcl != nil { 26 panic(errObjectAcl) 27 } 28 testAccPreCheck(t) 29 }, 30 Providers: testAccProviders, 31 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 32 Steps: []resource.TestStep{ 33 resource.TestStep{ 34 Config: testGoogleStorageObjectsAclBasic1, 35 Check: resource.ComposeTestCheckFunc( 36 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 37 testAclObjectName, roleEntityBasic1), 38 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 39 testAclObjectName, roleEntityBasic2), 40 ), 41 }, 42 }, 43 }) 44 } 45 46 func TestAccGoogleStorageObjectAcl_upgrade(t *testing.T) { 47 objectData := []byte("data data data") 48 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 49 resource.Test(t, resource.TestCase{ 50 PreCheck: func() { 51 if errObjectAcl != nil { 52 panic(errObjectAcl) 53 } 54 testAccPreCheck(t) 55 }, 56 Providers: testAccProviders, 57 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 58 Steps: []resource.TestStep{ 59 resource.TestStep{ 60 Config: testGoogleStorageObjectsAclBasic1, 61 Check: resource.ComposeTestCheckFunc( 62 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 63 testAclObjectName, roleEntityBasic1), 64 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 65 testAclObjectName, roleEntityBasic2), 66 ), 67 }, 68 69 resource.TestStep{ 70 Config: testGoogleStorageObjectsAclBasic2, 71 Check: resource.ComposeTestCheckFunc( 72 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 73 testAclObjectName, roleEntityBasic2), 74 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 75 testAclObjectName, roleEntityBasic3_owner), 76 ), 77 }, 78 79 resource.TestStep{ 80 Config: testGoogleStorageObjectsAclBasicDelete, 81 Check: resource.ComposeTestCheckFunc( 82 testAccCheckGoogleStorageObjectAclDelete(testAclBucketName, 83 testAclObjectName, roleEntityBasic1), 84 testAccCheckGoogleStorageObjectAclDelete(testAclBucketName, 85 testAclObjectName, roleEntityBasic2), 86 testAccCheckGoogleStorageObjectAclDelete(testAclBucketName, 87 testAclObjectName, roleEntityBasic3_reader), 88 ), 89 }, 90 }, 91 }) 92 } 93 94 func TestAccGoogleStorageObjectAcl_downgrade(t *testing.T) { 95 objectData := []byte("data data data") 96 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 97 resource.Test(t, resource.TestCase{ 98 PreCheck: func() { 99 if errObjectAcl != nil { 100 panic(errObjectAcl) 101 } 102 testAccPreCheck(t) 103 }, 104 Providers: testAccProviders, 105 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 106 Steps: []resource.TestStep{ 107 resource.TestStep{ 108 Config: testGoogleStorageObjectsAclBasic2, 109 Check: resource.ComposeTestCheckFunc( 110 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 111 testAclObjectName, roleEntityBasic2), 112 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 113 testAclObjectName, roleEntityBasic3_owner), 114 ), 115 }, 116 117 resource.TestStep{ 118 Config: testGoogleStorageObjectsAclBasic3, 119 Check: resource.ComposeTestCheckFunc( 120 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 121 testAclObjectName, roleEntityBasic2), 122 testAccCheckGoogleStorageObjectAcl(testAclBucketName, 123 testAclObjectName, roleEntityBasic3_reader), 124 ), 125 }, 126 127 resource.TestStep{ 128 Config: testGoogleStorageObjectsAclBasicDelete, 129 Check: resource.ComposeTestCheckFunc( 130 testAccCheckGoogleStorageObjectAclDelete(testAclBucketName, 131 testAclObjectName, roleEntityBasic1), 132 testAccCheckGoogleStorageObjectAclDelete(testAclBucketName, 133 testAclObjectName, roleEntityBasic2), 134 testAccCheckGoogleStorageObjectAclDelete(testAclBucketName, 135 testAclObjectName, roleEntityBasic3_reader), 136 ), 137 }, 138 }, 139 }) 140 } 141 142 func TestAccGoogleStorageObjectAcl_predefined(t *testing.T) { 143 objectData := []byte("data data data") 144 ioutil.WriteFile(tfObjectAcl.Name(), objectData, 0644) 145 resource.Test(t, resource.TestCase{ 146 PreCheck: func() { 147 if errObjectAcl != nil { 148 panic(errObjectAcl) 149 } 150 testAccPreCheck(t) 151 }, 152 Providers: testAccProviders, 153 CheckDestroy: testAccGoogleStorageObjectAclDestroy, 154 Steps: []resource.TestStep{ 155 resource.TestStep{ 156 Config: testGoogleStorageObjectsAclPredefined, 157 }, 158 }, 159 }) 160 } 161 162 func testAccCheckGoogleStorageObjectAcl(bucket, object, roleEntityS string) resource.TestCheckFunc { 163 return func(s *terraform.State) error { 164 roleEntity, _ := getRoleEntityPair(roleEntityS) 165 config := testAccProvider.Meta().(*Config) 166 167 res, err := config.clientStorage.ObjectAccessControls.Get(bucket, 168 object, roleEntity.Entity).Do() 169 170 if err != nil { 171 return fmt.Errorf("Error retrieving contents of acl for bucket %s: %s", bucket, err) 172 } 173 174 if res.Role != roleEntity.Role { 175 return fmt.Errorf("Error, Role mismatch %s != %s", res.Role, roleEntity.Role) 176 } 177 178 return nil 179 } 180 } 181 182 func testAccCheckGoogleStorageObjectAclDelete(bucket, object, roleEntityS string) resource.TestCheckFunc { 183 return func(s *terraform.State) error { 184 roleEntity, _ := getRoleEntityPair(roleEntityS) 185 config := testAccProvider.Meta().(*Config) 186 187 _, err := config.clientStorage.ObjectAccessControls.Get(bucket, 188 object, roleEntity.Entity).Do() 189 190 if err != nil { 191 return nil 192 } 193 194 return fmt.Errorf("Error, Entity still exists %s", roleEntity.Entity) 195 } 196 } 197 198 func testAccGoogleStorageObjectAclDestroy(s *terraform.State) error { 199 config := testAccProvider.Meta().(*Config) 200 201 for _, rs := range s.RootModule().Resources { 202 if rs.Type != "google_storage_bucket_acl" { 203 continue 204 } 205 206 bucket := rs.Primary.Attributes["bucket"] 207 object := rs.Primary.Attributes["object"] 208 209 _, err := config.clientStorage.ObjectAccessControls.List(bucket, object).Do() 210 211 if err == nil { 212 return fmt.Errorf("Acl for bucket %s still exists", bucket) 213 } 214 } 215 216 return nil 217 } 218 219 var testGoogleStorageObjectsAclBasicDelete = fmt.Sprintf(` 220 resource "google_storage_bucket" "bucket" { 221 name = "%s" 222 } 223 224 resource "google_storage_bucket_object" "object" { 225 name = "%s" 226 bucket = "${google_storage_bucket.bucket.name}" 227 source = "%s" 228 } 229 230 resource "google_storage_object_acl" "acl" { 231 object = "${google_storage_bucket_object.object.name}" 232 bucket = "${google_storage_bucket.bucket.name}" 233 role_entity = [] 234 } 235 `, testAclBucketName, testAclObjectName, tfObjectAcl.Name()) 236 237 var testGoogleStorageObjectsAclBasic1 = fmt.Sprintf(` 238 resource "google_storage_bucket" "bucket" { 239 name = "%s" 240 } 241 242 resource "google_storage_bucket_object" "object" { 243 name = "%s" 244 bucket = "${google_storage_bucket.bucket.name}" 245 source = "%s" 246 } 247 248 resource "google_storage_object_acl" "acl" { 249 object = "${google_storage_bucket_object.object.name}" 250 bucket = "${google_storage_bucket.bucket.name}" 251 role_entity = ["%s", "%s"] 252 } 253 `, testAclBucketName, testAclObjectName, tfObjectAcl.Name(), 254 roleEntityBasic1, roleEntityBasic2) 255 256 var testGoogleStorageObjectsAclBasic2 = fmt.Sprintf(` 257 resource "google_storage_bucket" "bucket" { 258 name = "%s" 259 } 260 261 resource "google_storage_bucket_object" "object" { 262 name = "%s" 263 bucket = "${google_storage_bucket.bucket.name}" 264 source = "%s" 265 } 266 267 resource "google_storage_object_acl" "acl" { 268 object = "${google_storage_bucket_object.object.name}" 269 bucket = "${google_storage_bucket.bucket.name}" 270 role_entity = ["%s", "%s"] 271 } 272 `, testAclBucketName, testAclObjectName, tfObjectAcl.Name(), 273 roleEntityBasic2, roleEntityBasic3_owner) 274 275 var testGoogleStorageObjectsAclBasic3 = fmt.Sprintf(` 276 resource "google_storage_bucket" "bucket" { 277 name = "%s" 278 } 279 280 resource "google_storage_bucket_object" "object" { 281 name = "%s" 282 bucket = "${google_storage_bucket.bucket.name}" 283 source = "%s" 284 } 285 286 resource "google_storage_object_acl" "acl" { 287 object = "${google_storage_bucket_object.object.name}" 288 bucket = "${google_storage_bucket.bucket.name}" 289 role_entity = ["%s", "%s"] 290 } 291 `, testAclBucketName, testAclObjectName, tfObjectAcl.Name(), 292 roleEntityBasic2, roleEntityBasic3_reader) 293 294 var testGoogleStorageObjectsAclPredefined = fmt.Sprintf(` 295 resource "google_storage_bucket" "bucket" { 296 name = "%s" 297 } 298 299 resource "google_storage_bucket_object" "object" { 300 name = "%s" 301 bucket = "${google_storage_bucket.bucket.name}" 302 source = "%s" 303 } 304 305 resource "google_storage_object_acl" "acl" { 306 object = "${google_storage_bucket_object.object.name}" 307 bucket = "${google_storage_bucket.bucket.name}" 308 predefined_acl = "projectPrivate" 309 } 310 `, testAclBucketName, testAclObjectName, tfObjectAcl.Name())