go.etcd.io/etcd@v3.3.27+incompatible/clientv3/integration/user_test.go (about)

     1  // Copyright 2016 The etcd Authors
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package integration
    16  
    17  import (
    18  	"context"
    19  	"testing"
    20  
    21  	"github.com/coreos/etcd/clientv3"
    22  	"github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes"
    23  	"github.com/coreos/etcd/integration"
    24  	"github.com/coreos/etcd/pkg/testutil"
    25  )
    26  
    27  func TestUserError(t *testing.T) {
    28  	defer testutil.AfterTest(t)
    29  
    30  	clus := integration.NewClusterV3(t, &integration.ClusterConfig{Size: 1})
    31  	defer clus.Terminate(t)
    32  
    33  	authapi := clus.RandClient()
    34  
    35  	_, err := authapi.UserAdd(context.TODO(), "foo", "bar")
    36  	if err != nil {
    37  		t.Fatal(err)
    38  	}
    39  
    40  	_, err = authapi.UserAdd(context.TODO(), "foo", "bar")
    41  	if err != rpctypes.ErrUserAlreadyExist {
    42  		t.Fatalf("expected %v, got %v", rpctypes.ErrUserAlreadyExist, err)
    43  	}
    44  
    45  	_, err = authapi.UserDelete(context.TODO(), "not-exist-user")
    46  	if err != rpctypes.ErrUserNotFound {
    47  		t.Fatalf("expected %v, got %v", rpctypes.ErrUserNotFound, err)
    48  	}
    49  
    50  	_, err = authapi.UserGrantRole(context.TODO(), "foo", "test-role-does-not-exist")
    51  	if err != rpctypes.ErrRoleNotFound {
    52  		t.Fatalf("expected %v, got %v", rpctypes.ErrRoleNotFound, err)
    53  	}
    54  }
    55  
    56  func TestUserErrorAuth(t *testing.T) {
    57  	defer testutil.AfterTest(t)
    58  
    59  	clus := integration.NewClusterV3(t, &integration.ClusterConfig{Size: 1})
    60  	defer clus.Terminate(t)
    61  
    62  	authapi := clus.RandClient()
    63  	authSetupRoot(t, authapi.Auth)
    64  
    65  	// unauthenticated client
    66  	if _, err := authapi.UserAdd(context.TODO(), "foo", "bar"); err != rpctypes.ErrUserEmpty {
    67  		t.Fatalf("expected %v, got %v", rpctypes.ErrUserEmpty, err)
    68  	}
    69  
    70  	// wrong id or password
    71  	cfg := clientv3.Config{Endpoints: authapi.Endpoints()}
    72  	cfg.Username, cfg.Password = "wrong-id", "123"
    73  	if _, err := clientv3.New(cfg); err != rpctypes.ErrAuthFailed {
    74  		t.Fatalf("expected %v, got %v", rpctypes.ErrAuthFailed, err)
    75  	}
    76  	cfg.Username, cfg.Password = "root", "wrong-pass"
    77  	if _, err := clientv3.New(cfg); err != rpctypes.ErrAuthFailed {
    78  		t.Fatalf("expected %v, got %v", rpctypes.ErrAuthFailed, err)
    79  	}
    80  
    81  	cfg.Username, cfg.Password = "root", "123"
    82  	authed, err := clientv3.New(cfg)
    83  	if err != nil {
    84  		t.Fatal(err)
    85  	}
    86  	defer authed.Close()
    87  
    88  	if _, err := authed.UserList(context.TODO()); err != nil {
    89  		t.Fatal(err)
    90  	}
    91  }
    92  
    93  func authSetupRoot(t *testing.T, auth clientv3.Auth) {
    94  	if _, err := auth.UserAdd(context.TODO(), "root", "123"); err != nil {
    95  		t.Fatal(err)
    96  	}
    97  	if _, err := auth.RoleAdd(context.TODO(), "root"); err != nil {
    98  		t.Fatal(err)
    99  	}
   100  	if _, err := auth.UserGrantRole(context.TODO(), "root", "root"); err != nil {
   101  		t.Fatal(err)
   102  	}
   103  	if _, err := auth.AuthEnable(context.TODO()); err != nil {
   104  		t.Fatal(err)
   105  	}
   106  }