@@ -39,6 +39,15 @@ describe('manage nsfs cli bucket flow', () => {
39
39
secret_key : 'G2AYaMpU3zRDcRFWmvzgQr9MoHIAsD+3oEXAMPLE' ,
40
40
} ;
41
41
42
+ const account_defaults2 = {
43
+ name : 'account_test2' ,
44
+ // without new_buckets_path
45
+ uid : 1002 ,
46
+ gid : 1002 ,
47
+ access_key : 'GIGiFAnjaaE7OKD5N8hY' ,
48
+ secret_key : 'G3BYaMpU3zRDcRFWmvzgQr9MoHIAsD+3oEXAMPLE' ,
49
+ } ;
50
+
42
51
const bucket_defaults = {
43
52
name : 'bucket1' ,
44
53
owner : account_defaults . name ,
@@ -56,6 +65,9 @@ describe('manage nsfs cli bucket flow', () => {
56
65
await fs_utils . file_must_exist ( account_path ) ;
57
66
await set_path_permissions_and_owner ( account_path , account_options , 0o700 ) ;
58
67
await exec_manage_cli ( TYPES . ACCOUNT , action , account_options ) ;
68
+ // account add (account 2 without new_buckets_path)
69
+ const account_options2 = { config_root, ...account_defaults2 } ;
70
+ await exec_manage_cli ( TYPES . ACCOUNT , action , account_options2 ) ;
59
71
} ) ;
60
72
61
73
afterEach ( async ( ) => {
@@ -196,6 +208,37 @@ describe('manage nsfs cli bucket flow', () => {
196
208
const res = await exec_manage_cli ( TYPES . BUCKET , action , bucket_options ) ;
197
209
expect ( JSON . parse ( res . stdout ) . error . code ) . toBe ( ManageCLIError . BucketSetForbiddenBucketOwnerIsIAMAccount . code ) ;
198
210
} ) ;
211
+
212
+ it ( 'cli create bucket - with bucket policy (principal by name)' , async ( ) => {
213
+ const action = ACTIONS . ADD ;
214
+ const principal_by_name = account_defaults2 . name ;
215
+ const bucket_policy = generate_s3_policy ( principal_by_name , bucket_defaults . name , [ 's3:*' ] ) . policy ;
216
+ const bucket_policy_string = JSON . stringify ( bucket_policy ) ;
217
+ const bucket_options = { config_root, ...bucket_defaults , bucket_policy : `'${ bucket_policy_string } '` } ; // notice bucket_policy with quotes ('')
218
+ await fs_utils . create_fresh_path ( bucket_options . path ) ;
219
+ await fs_utils . file_must_exist ( bucket_options . path ) ;
220
+ await set_path_permissions_and_owner ( bucket_options . path , account_defaults , 0o700 ) ;
221
+ await exec_manage_cli ( TYPES . BUCKET , action , bucket_options ) ;
222
+ const bucket = await config_fs . get_bucket_by_name ( bucket_defaults . name ) ;
223
+ await assert_bucket ( bucket , bucket_options , config_fs ) ;
224
+ expect ( bucket . s3_policy ) . toStrictEqual ( bucket_policy ) ;
225
+ } ) ;
226
+
227
+ it ( 'cli create bucket - with bucket policy (principal by id)' , async ( ) => {
228
+ const action = ACTIONS . ADD ;
229
+ const account2 = await config_fs . get_account_by_name ( account_defaults2 . name ) ;
230
+ const principal_by_id = account2 . _id ;
231
+ const bucket_policy = generate_s3_policy ( principal_by_id , bucket_defaults . name , [ 's3:*' ] ) . policy ;
232
+ const bucket_policy_string = JSON . stringify ( bucket_policy ) ;
233
+ const bucket_options = { config_root, ...bucket_defaults , bucket_policy : `'${ bucket_policy_string } '` } ; // notice bucket_policy with quotes ('')
234
+ await fs_utils . create_fresh_path ( bucket_options . path ) ;
235
+ await fs_utils . file_must_exist ( bucket_options . path ) ;
236
+ await set_path_permissions_and_owner ( bucket_options . path , account_defaults , 0o700 ) ;
237
+ await exec_manage_cli ( TYPES . BUCKET , action , bucket_options ) ;
238
+ const bucket = await config_fs . get_bucket_by_name ( bucket_defaults . name ) ;
239
+ await assert_bucket ( bucket , bucket_options , config_fs ) ;
240
+ expect ( bucket . s3_policy ) . toStrictEqual ( bucket_policy ) ;
241
+ } ) ;
199
242
} ) ;
200
243
201
244
describe ( 'cli create bucket using from_file' , ( ) => {
@@ -566,6 +609,37 @@ describe('manage nsfs cli bucket flow', () => {
566
609
const res = await exec_manage_cli ( TYPES . BUCKET , action , bucket_options ) ;
567
610
expect ( JSON . parse ( res . stdout ) . error . code ) . toBe ( ManageCLIError . BucketSetForbiddenBucketOwnerIsIAMAccount . code ) ;
568
611
} ) ;
612
+
613
+ it ( 'cli update bucket - with bucket policy (principal by name)' , async ( ) => {
614
+ const action = ACTIONS . UPDATE ;
615
+ const principal_by_name = account_defaults2 . name ;
616
+ const bucket_policy = generate_s3_policy ( principal_by_name , bucket_defaults . name , [ 's3:*' ] ) . policy ;
617
+ const bucket_policy_string = JSON . stringify ( bucket_policy ) ;
618
+ const bucket_options = { config_root, ...bucket_defaults , bucket_policy : `'${ bucket_policy_string } '` } ; // notice bucket_policy with quotes ('')
619
+ await fs_utils . create_fresh_path ( bucket_options . path ) ;
620
+ await fs_utils . file_must_exist ( bucket_options . path ) ;
621
+ await set_path_permissions_and_owner ( bucket_options . path , account_defaults , 0o700 ) ;
622
+ await exec_manage_cli ( TYPES . BUCKET , action , bucket_options ) ;
623
+ const bucket = await config_fs . get_bucket_by_name ( bucket_defaults . name ) ;
624
+ await assert_bucket ( bucket , bucket_options , config_fs ) ;
625
+ expect ( bucket . s3_policy ) . toStrictEqual ( bucket_policy ) ;
626
+ } ) ;
627
+
628
+ it ( 'cli update bucket - with bucket policy (principal by id)' , async ( ) => {
629
+ const action = ACTIONS . UPDATE ;
630
+ const account2 = await config_fs . get_account_by_name ( account_defaults2 . name ) ;
631
+ const principal_by_id = account2 . _id ;
632
+ const bucket_policy = generate_s3_policy ( principal_by_id , bucket_defaults . name , [ 's3:*' ] ) . policy ;
633
+ const bucket_policy_string = JSON . stringify ( bucket_policy ) ;
634
+ const bucket_options = { config_root, ...bucket_defaults , bucket_policy : `'${ bucket_policy_string } '` } ; // notice bucket_policy with quotes ('')
635
+ await fs_utils . create_fresh_path ( bucket_options . path ) ;
636
+ await fs_utils . file_must_exist ( bucket_options . path ) ;
637
+ await set_path_permissions_and_owner ( bucket_options . path , account_defaults , 0o700 ) ;
638
+ await exec_manage_cli ( TYPES . BUCKET , action , bucket_options ) ;
639
+ const bucket = await config_fs . get_bucket_by_name ( bucket_defaults . name ) ;
640
+ await assert_bucket ( bucket , bucket_options , config_fs ) ;
641
+ expect ( bucket . s3_policy ) . toStrictEqual ( bucket_policy ) ;
642
+ } ) ;
569
643
} ) ;
570
644
571
645
describe ( 'cli delete bucket' , ( ) => {
0 commit comments