Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
moto/tests/test_s3/test_server.py

355 lines
12 KiB
Python
Raw Normal View History

#3667: Update the s3 post functionality to better support success_action_redirect (#3668) * Update the s3 post functionality to better support success_action_redirect - Add the bucket/key values to the redirect url like s3 does, which supports code that relies on the key value being there on the redirect. - Add support for replacing ${filename} in the key value with the actual filename from the form upload. See Issue #3667 * Update s3 tests for changed success_action_redirect behavior - Adds a new test called test_s3_server_post_to_bucket_redirect that tests both the ${filename} replacement and the key/value addition to the redirect query args - Updated the test_creating_presigned_post checks to handle the key/value additions to the redirect url. * Fix test updates to work with python2.7 - remove f-string usage - fix urllib.parse imports to use six Co-authored-by: Wynn Wilkes <wynn@leading2lean.com>
2021-02-10 02:06:03 -07:00
import io
Remove Py2 support (#3915)
2021-07-26 07:40:39 +01:00
from urllib.parse import urlparse, parse_qs
Pylint - Enable more rules on source and tests-directory (#4929)
2022-03-11 20:28:45 -01:00
import sure # noqa # pylint: disable=unused-import
S3: Improve Cors AllowedOrigin behaviour (#6007)
2023-03-03 21:40:55 -01:00
import requests
S3: Allow keynames with spaces (#5701)
2022-11-22 22:41:02 -01:00
import pytest
import xmltodict
Adding server mode
2013-03-05 08:14:43 -05:00
Authenticating to S3 in tests
2017-09-16 06:38:40 -07:00
from flask.testing import FlaskClient
Adding server mode
2013-03-05 08:14:43 -05:00
import moto.server as server
S3: Improve Cors AllowedOrigin behaviour (#6007)
2023-03-03 21:40:55 -01:00
from moto.moto_server.threaded_moto_server import ThreadedMotoServer
Tech debt - remove dead DynamoDB code and add RDS tests (#4136)
2021-08-04 17:24:26 +01:00
from unittest.mock import patch
Adding server mode
2013-03-05 08:14:43 -05:00
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
"""
Adding server mode
2013-03-05 08:14:43 -05:00
Test the different server responses
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
"""
Adding server mode
2013-03-05 08:14:43 -05:00
Authenticating to S3 in tests
2017-09-16 06:38:40 -07:00
class AuthenticatedClient(FlaskClient):
def open(self, *args, **kwargs):
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
kwargs["headers"] = kwargs.get("headers", {})
kwargs["headers"]["Authorization"] = "Any authorization header"
kwargs["content_length"] = 0 # Fixes content-length complaints.
Pylint - run on source directories (abc only for now) (#4647)
2021-12-01 22:06:58 -01:00
return super().open(*args, **kwargs)
Authenticating to S3 in tests
2017-09-16 06:38:40 -07:00
def authenticated_client():
Clean up querystring logic.
2013-12-28 20:15:37 -05:00
backend = server.create_backend_app("s3")
Authenticating to S3 in tests
2017-09-16 06:38:40 -07:00
backend.test_client_class = AuthenticatedClient
return backend.test_client()
Clean up querystring logic.
2013-12-28 20:15:37 -05:00
Authenticating to S3 in tests
2017-09-16 06:38:40 -07:00
def test_s3_server_get():
test_client = authenticated_client()
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
res = test_client.get("/")
Adding server mode
2013-03-05 08:14:43 -05:00
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
res.data.should.contain(b"ListAllMyBucketsResult")
Adding server mode
2013-03-05 08:14:43 -05:00
S3: Allow keynames with spaces (#5701)
2022-11-22 22:41:02 -01:00
@pytest.mark.parametrize("key_name", ["bar_baz", "bar+baz", "baz bar"])
def test_s3_server_bucket_create(key_name):
Authenticating to S3 in tests
2017-09-16 06:38:40 -07:00
test_client = authenticated_client()
Clean up querystring logic.
2013-12-28 20:15:37 -05:00
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
res = test_client.put("/", "http://foobaz.localhost:5000/")
Adding server mode
2013-03-05 08:14:43 -05:00
res.status_code.should.equal(200)
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
res = test_client.get("/")
res.data.should.contain(b"<Name>foobaz</Name>")
Adding server mode
2013-03-05 08:14:43 -05:00
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
res = test_client.get("/", "http://foobaz.localhost:5000/")
Adding server mode
2013-03-05 08:14:43 -05:00
res.status_code.should.equal(200)
Support Python 3 using six
2014-08-26 13:25:50 -04:00
res.data.should.contain(b"ListBucketResult")
Adding server mode
2013-03-05 08:14:43 -05:00
S3: Allow keynames with spaces (#5701)
2022-11-22 22:41:02 -01:00
res = test_client.put(
f"/{key_name}", "http://foobaz.localhost:5000/", data="test value"
)
res.status_code.should.equal(200)
assert "ETag" in dict(res.headers)
Adding server mode
2013-03-05 08:14:43 -05:00
S3: Allow keynames with spaces (#5701)
2022-11-22 22:41:02 -01:00
res = test_client.get(
"/", "http://foobaz.localhost:5000/", query_string={"prefix": key_name}
)
res.status_code.should.equal(200)
content = xmltodict.parse(res.data)["ListBucketResult"]["Contents"]
# If we receive a dict, we only received one result
# If content is of type list, our call returned multiple results - which is not correct
content.should.be.a(dict)
content["Key"].should.equal(key_name)
S3 list_object_versions - ensure the prefix can contain a plus (#5097)
2022-05-05 11:06:31 +00:00
S3: head_bucket() now returns the region-header (#6107)
2023-03-23 09:13:51 -01:00
res = test_client.head("http://foobaz.localhost:5000")
assert res.status_code == 200
assert res.headers.get("x-amz-bucket-region") == "us-east-1"
S3: Allow keynames with spaces (#5701)
2022-11-22 22:41:02 -01:00
res = test_client.get(f"/{key_name}", "http://foobaz.localhost:5000/")
res.status_code.should.equal(200)
res.data.should.equal(b"test value")
S3: get_object() now returns the AcceptRanges header (#6121)
2023-03-24 10:55:56 -01:00
assert res.headers.get("AcceptRanges") == "bytes"
more s3 tests for posting
2013-05-17 19:41:39 -04:00
Check S3_IGNORE_SUBDOMAIN_BUCKETNAME environment variable (#3796) * Check S3_IGNORE_SUBDOMAIN_BUCKETNAME environment variable * move S3_IGNORE_SUBDOMAIN_BUCKETNAME environment variable to settings
2021-03-26 17:51:19 +01:00
def test_s3_server_ignore_subdomain_for_bucketnames():
Feature: Allow custom endpoints for S3 (#4562)
2021-11-17 20:02:14 -01:00
with patch("moto.settings.S3_IGNORE_SUBDOMAIN_BUCKETNAME", True):
Check S3_IGNORE_SUBDOMAIN_BUCKETNAME environment variable (#3796) * Check S3_IGNORE_SUBDOMAIN_BUCKETNAME environment variable * move S3_IGNORE_SUBDOMAIN_BUCKETNAME environment variable to settings
2021-03-26 17:51:19 +01:00
test_client = authenticated_client()
res = test_client.put("/mybucket", "http://foobaz.localhost:5000/")
res.status_code.should.equal(200)
res.data.should.contain(b"mybucket")
Add failing test for bucket versioning
2015-02-22 22:13:34 +07:00
def test_s3_server_bucket_versioning():
Authenticating to S3 in tests
2017-09-16 06:38:40 -07:00
test_client = authenticated_client()
Add failing test for bucket versioning
2015-02-22 22:13:34 +07:00
Techdebt - Align models-responses integration for all services (#5207)
2022-06-09 17:40:22 +00:00
res = test_client.put("/", "http://foobaz.localhost:5000/")
res.status_code.should.equal(200)
Add failing test for bucket versioning
2015-02-22 22:13:34 +07:00
# Just enough XML to enable versioning
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
body = "<Status>Enabled</Status>"
res = test_client.put("/?versioning", "http://foobaz.localhost:5000", data=body)
Add failing test for bucket versioning
2015-02-22 22:13:34 +07:00
res.status_code.should.equal(200)
more s3 tests for posting
2013-05-17 19:41:39 -04:00
def test_s3_server_post_to_bucket():
Authenticating to S3 in tests
2017-09-16 06:38:40 -07:00
test_client = authenticated_client()
Clean up querystring logic.
2013-12-28 20:15:37 -05:00
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
res = test_client.put("/", "http://tester.localhost:5000/")
more s3 tests for posting
2013-05-17 19:41:39 -04:00
res.status_code.should.equal(200)
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
test_client.post(
"/",
"https://tester.localhost:5000/",
data={"key": "the-key", "file": "nothing"},
)
more s3 tests for posting
2013-05-17 19:41:39 -04:00
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
res = test_client.get("/the-key", "http://tester.localhost:5000/")
more s3 tests for posting
2013-05-17 19:41:39 -04:00
res.status_code.should.equal(200)
Support Python 3 using six
2014-08-26 13:25:50 -04:00
res.data.should.equal(b"nothing")
Require content-length header fixes #908
2017-05-01 12:13:12 -07:00
#3667: Update the s3 post functionality to better support success_action_redirect (#3668) * Update the s3 post functionality to better support success_action_redirect - Add the bucket/key values to the redirect url like s3 does, which supports code that relies on the key value being there on the redirect. - Add support for replacing ${filename} in the key value with the actual filename from the form upload. See Issue #3667 * Update s3 tests for changed success_action_redirect behavior - Adds a new test called test_s3_server_post_to_bucket_redirect that tests both the ${filename} replacement and the key/value addition to the redirect query args - Updated the test_creating_presigned_post checks to handle the key/value additions to the redirect url. * Fix test updates to work with python2.7 - remove f-string usage - fix urllib.parse imports to use six Co-authored-by: Wynn Wilkes <wynn@leading2lean.com>
2021-02-10 02:06:03 -07:00
def test_s3_server_post_to_bucket_redirect():
test_client = authenticated_client()
res = test_client.put("/", "http://tester.localhost:5000/")
res.status_code.should.equal(200)
redirect_base = "https://redirect.com/success/"
filecontent = "nothing"
filename = "test_filename.txt"
res = test_client.post(
"/",
"https://tester.localhost:5000/",
data={
"key": "asdf/the-key/${filename}",
"file": (io.BytesIO(filecontent.encode("utf8")), filename),
"success_action_redirect": redirect_base,
},
)
Techdebt: Replace string-format with f-strings (for tests dirs) (#5678)
2022-11-17 21:41:08 -01:00
real_key = f"asdf/the-key/{filename}"
#3667: Update the s3 post functionality to better support success_action_redirect (#3668) * Update the s3 post functionality to better support success_action_redirect - Add the bucket/key values to the redirect url like s3 does, which supports code that relies on the key value being there on the redirect. - Add support for replacing ${filename} in the key value with the actual filename from the form upload. See Issue #3667 * Update s3 tests for changed success_action_redirect behavior - Adds a new test called test_s3_server_post_to_bucket_redirect that tests both the ${filename} replacement and the key/value addition to the redirect query args - Updated the test_creating_presigned_post checks to handle the key/value additions to the redirect url. * Fix test updates to work with python2.7 - remove f-string usage - fix urllib.parse imports to use six Co-authored-by: Wynn Wilkes <wynn@leading2lean.com>
2021-02-10 02:06:03 -07:00
res.status_code.should.equal(303)
redirect = res.headers["location"]
assert redirect.startswith(redirect_base)
parts = urlparse(redirect)
args = parse_qs(parts.query)
assert args["key"][0] == real_key
assert args["bucket"][0] == "tester"
Techdebt: Replace string-format with f-strings (for tests dirs) (#5678)
2022-11-17 21:41:08 -01:00
res = test_client.get(f"/{real_key}", "http://tester.localhost:5000/")
#3667: Update the s3 post functionality to better support success_action_redirect (#3668) * Update the s3 post functionality to better support success_action_redirect - Add the bucket/key values to the redirect url like s3 does, which supports code that relies on the key value being there on the redirect. - Add support for replacing ${filename} in the key value with the actual filename from the form upload. See Issue #3667 * Update s3 tests for changed success_action_redirect behavior - Adds a new test called test_s3_server_post_to_bucket_redirect that tests both the ${filename} replacement and the key/value addition to the redirect query args - Updated the test_creating_presigned_post checks to handle the key/value additions to the redirect url. * Fix test updates to work with python2.7 - remove f-string usage - fix urllib.parse imports to use six Co-authored-by: Wynn Wilkes <wynn@leading2lean.com>
2021-02-10 02:06:03 -07:00
res.status_code.should.equal(200)
res.data.should.equal(filecontent.encode("utf8"))
Require content-length header fixes #908
2017-05-01 12:13:12 -07:00
def test_s3_server_post_without_content_length():
Authenticating to S3 in tests
2017-09-16 06:38:40 -07:00
test_client = authenticated_client()
Require content-length header fixes #908
2017-05-01 12:13:12 -07:00
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
res = test_client.put(
"/", "http://tester.localhost:5000/", environ_overrides={"CONTENT_LENGTH": ""}
)
Require content-length header fixes #908
2017-05-01 12:13:12 -07:00
res.status_code.should.equal(411)
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
res = test_client.post(
"/", "https://tester.localhost:5000/", environ_overrides={"CONTENT_LENGTH": ""}
)
Require content-length header fixes #908
2017-05-01 12:13:12 -07:00
res.status_code.should.equal(411)
allow non-ascii characters in request URLs
2017-08-05 20:29:40 +10:00
def test_s3_server_post_unicode_bucket_key():
# Make sure that we can deal with non-ascii characters in request URLs (e.g., S3 object names)
dispatcher = server.DomainDispatcherApplication(server.create_backend_app)
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
backend_app = dispatcher.get_application(
{"HTTP_HOST": "s3.amazonaws.com", "PATH_INFO": "/test-bucket/test-object-てすと"}
)
allow non-ascii characters in request URLs
2017-08-05 20:29:40 +10:00
assert backend_app
Run black on moto & test directories.
2019-10-31 08:44:26 -07:00
backend_app = dispatcher.get_application(
{
"HTTP_HOST": "s3.amazonaws.com",
"PATH_INFO": "/test-bucket/test-object-てすと".encode("utf-8"),
}
)
allow non-ascii characters in request URLs
2017-08-05 20:29:40 +10:00
assert backend_app
Enable CORS from everywhere using flask-cors. (#3316) Co-authored-by: Leo Sutic <leo.sutic@matterport.com>
2020-09-19 11:07:17 +02:00
def test_s3_server_post_cors():
S3: Implement CORS headers in OPTIONS requests (#4497)
2021-10-30 12:02:30 +02:00
"""Test default CORS headers set by flask-cors plugin"""
Enable CORS from everywhere using flask-cors. (#3316) Co-authored-by: Leo Sutic <leo.sutic@matterport.com>
2020-09-19 11:07:17 +02:00
test_client = authenticated_client()
S3: Implement CORS headers in OPTIONS requests (#4497)
2021-10-30 12:02:30 +02:00
# Create the bucket
test_client.put("/", "http://tester.localhost:5000/")
Enable CORS from everywhere using flask-cors. (#3316) Co-authored-by: Leo Sutic <leo.sutic@matterport.com>
2020-09-19 11:07:17 +02:00
preflight_headers = {
"Access-Control-Request-Method": "POST",
"Access-Control-Request-Headers": "origin, x-requested-with",
"Origin": "https://localhost:9000",
}
res = test_client.options(
"/", "http://tester.localhost:5000/", headers=preflight_headers
)
assert res.status_code in [200, 204]
expected_methods = set(["DELETE", "PATCH", "PUT", "GET", "HEAD", "POST", "OPTIONS"])
assert (
set(res.headers["Access-Control-Allow-Methods"].split(", ")) == expected_methods
)
res.headers.should.have.key("Access-Control-Allow-Origin").which.should.equal(
"https://localhost:9000"
)
res.headers.should.have.key("Access-Control-Allow-Headers").which.should.equal(
"origin, x-requested-with"
)
S3: Implement CORS headers in OPTIONS requests (#4497)
2021-10-30 12:02:30 +02:00
def test_s3_server_post_cors_exposed_header():
"""Test that we can override default CORS headers with custom bucket rules"""
Admin: Update Docs to point to getmoto (#5826)
2023-01-07 11:35:14 +00:00
# github.com/getmoto/moto/issues/4220
S3: Implement CORS headers in OPTIONS requests (#4497)
2021-10-30 12:02:30 +02:00
cors_config_payload = """<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://example.org</AllowedOrigin>
<AllowedMethod>HEAD</AllowedMethod>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
<ExposeHeader>ETag</ExposeHeader>
<MaxAgeSeconds>3000</MaxAgeSeconds>
</CORSRule>
</CORSConfiguration>
"""
test_client = authenticated_client()
preflight_headers = {
"Access-Control-Request-Method": "POST",
"Access-Control-Request-Headers": "origin, x-requested-with",
S3: Improve Cors AllowedOrigin behaviour (#6007)
2023-03-03 21:40:55 -01:00
"Origin": "https://example.org",
S3: Implement CORS headers in OPTIONS requests (#4497)
2021-10-30 12:02:30 +02:00
}
# Returns 403 on non existing bucket
preflight_response = test_client.options(
"/", "http://testcors.localhost:5000/", headers=preflight_headers
)
assert preflight_response.status_code == 403
# Create the bucket
test_client.put("/", "http://testcors.localhost:5000/")
res = test_client.put(
"/?cors", "http://testcors.localhost:5000", data=cors_config_payload
)
assert res.status_code == 200
cors_res = test_client.get("/?cors", "http://testcors.localhost:5000")
assert b"<ExposedHeader>ETag</ExposedHeader>" in cors_res.data
add back OPTIONS key response after implementing CORS in #4497 (#4528)
2021-11-05 14:19:06 +01:00
# Test OPTIONS bucket response and key response
for key_name in ("/", "/test"):
preflight_response = test_client.options(
key_name, "http://testcors.localhost:5000/", headers=preflight_headers
)
assert preflight_response.status_code == 200
expected_cors_headers = {
"Access-Control-Allow-Methods": "HEAD, GET, PUT, POST, DELETE",
"Access-Control-Allow-Origin": "https://example.org",
"Access-Control-Allow-Headers": "*",
"Access-Control-Expose-Headers": "ETag",
"Access-Control-Max-Age": "3000",
}
for header_name, header_value in expected_cors_headers.items():
assert header_name in preflight_response.headers
assert preflight_response.headers[header_name] == header_value
S3: Improve Cors AllowedOrigin behaviour (#6007)
2023-03-03 21:40:55 -01:00
def test_s3_server_post_cors_multiple_origins():
"""Test that Moto only responds with the Origin that we that hosts the server"""
# github.com/getmoto/moto/issues/6003
cors_config_payload = """<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://example.org</AllowedOrigin>
<AllowedOrigin>https://localhost:6789</AllowedOrigin>
<AllowedMethod>POST</AllowedMethod>
</CORSRule>
</CORSConfiguration>
"""
thread = ThreadedMotoServer(port="6789", verbose=False)
thread.start()
# Create the bucket
requests.put("http://testcors.localhost:6789/")
requests.put("http://testcors.localhost:6789/?cors", data=cors_config_payload)
# Test only our requested origin is returned
preflight_response = requests.options(
"http://testcors.localhost:6789/test",
headers={
"Access-Control-Request-Method": "POST",
"Origin": "https://localhost:6789",
},
)
assert preflight_response.status_code == 200
assert (
preflight_response.headers["Access-Control-Allow-Origin"]
== "https://localhost:6789"
)
assert preflight_response.content == b""
# Verify a request with unknown origin fails
preflight_response = requests.options(
"http://testcors.localhost:6789/test",
headers={
"Access-Control-Request-Method": "POST",
"Origin": "https://unknown.host",
},
)
assert preflight_response.status_code == 403
assert b"<Code>AccessForbidden</Code>" in preflight_response.content
# Verify we can use a wildcard anywhere in the origin
cors_config_payload = """<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><CORSRule>
<AllowedOrigin>https://*.google.com</AllowedOrigin>
<AllowedMethod>POST</AllowedMethod>
</CORSRule></CORSConfiguration>"""
requests.put("http://testcors.localhost:6789/?cors", data=cors_config_payload)
for origin in ["https://sth.google.com", "https://a.google.com"]:
preflight_response = requests.options(
"http://testcors.localhost:6789/test",
headers={"Access-Control-Request-Method": "POST", "Origin": origin},
)
assert preflight_response.status_code == 200
assert preflight_response.headers["Access-Control-Allow-Origin"] == origin
# Non-matching requests throw an error though - it does not act as a full wildcard
preflight_response = requests.options(
"http://testcors.localhost:6789/test",
headers={
"Access-Control-Request-Method": "POST",
"Origin": "sth.microsoft.com",
},
)
assert preflight_response.status_code == 403
assert b"<Code>AccessForbidden</Code>" in preflight_response.content
# Verify we can use a wildcard as the origin
cors_config_payload = """<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>POST</AllowedMethod>
</CORSRule></CORSConfiguration>"""
requests.put("http://testcors.localhost:6789/?cors", data=cors_config_payload)
for origin in ["https://a.google.com", "http://b.microsoft.com", "any"]:
preflight_response = requests.options(
"http://testcors.localhost:6789/test",
headers={"Access-Control-Request-Method": "POST", "Origin": origin},
)
assert preflight_response.status_code == 200
assert preflight_response.headers["Access-Control-Allow-Origin"] == origin
thread.stop()
Reference in New Issue Copy Permalink