test(storage): add buckets to fix failing test (#4903)
diff --git a/storage/integration_test.go b/storage/integration_test.go
index 60fb7c1..4d2edb7 100644
--- a/storage/integration_test.go
+++ b/storage/integration_test.go
@@ -2715,7 +2715,6 @@
}
func TestIntegration_RequesterPays(t *testing.T) {
- t.Skip("https://github.com/googleapis/google-cloud-go/issues/4720")
// This test needs a second project and user (token source) to test
// all possibilities. Since we need these things for Firestore already,
// we use them here.
@@ -2744,43 +2743,48 @@
const wantErrorCode = 400
ctx := context.Background()
+
+ // Start first client
client := testConfig(ctx, t)
defer client.Close()
+
h := testHelper{t}
- bucketName2 := uidSpace.New()
- b1 := client.Bucket(bucketName2)
+ // Set project IDs
+ const noPermissionsProjID = "veener-jba" // a third project, one on which the user does NOT have Editor permission
+
projID := testutil.ProjID()
+
// Use Firestore project as a project that does not contain the bucket.
otherProjID := os.Getenv(envFirestoreProjID)
if otherProjID == "" {
t.Fatalf("need a second project (env var %s)", envFirestoreProjID)
}
+
ts := testutil.TokenSourceEnv(ctx, envFirestorePrivateKey, ScopeFullControl)
if ts == nil {
t.Fatalf("need a second account (env var %s)", envFirestorePrivateKey)
}
+
+ // Start second client
otherClient, err := newTestClient(ctx, option.WithTokenSource(ts))
if err != nil {
t.Fatal(err)
}
defer otherClient.Close()
- b2 := otherClient.Bucket(bucketName2)
- user, err := keyFileEmail(os.Getenv("GCLOUD_TESTS_GOLANG_KEY"))
+
+ // Get user emails from credentials
+ jwt, err := testutil.JWTConfig()
if err != nil {
t.Fatal(err)
}
+ user := jwt.Email
+
otherUser, err := keyFileEmail(os.Getenv(envFirestorePrivateKey))
if err != nil {
t.Fatal(err)
}
- // Create a requester-pays bucket. The bucket is contained in the project projID.
- h.mustCreate(b1, projID, &BucketAttrs{RequesterPays: true})
- if err := b1.ACL().Set(ctx, ACLEntity("user-"+otherUser), RoleOwner); err != nil {
- t.Fatal(err)
- }
-
// Extract the error code from err if it's a googleapi.Error.
errCode := func(err error) int {
if err == nil {
@@ -2793,6 +2797,33 @@
return -1
}
+ obj1 := "acl-go-test" + uidSpace.New()
+ obj2 := "acl-go-test" + uidSpace.New()
+
+ bucketName := uidSpace.New()
+ bucketName2 := uidSpace.New()
+ b1 := client.Bucket(bucketName)
+ b2 := otherClient.Bucket(bucketName)
+
+ // These are buckets with the same functionality as b1 and b2
+ // We create these to avoid rate limit for bucket operations
+ b1a := client.Bucket(bucketName2)
+ b2a := otherClient.Bucket(bucketName2)
+
+ // Create a requester-pays bucket. The bucket is contained in the project projID.
+ h.mustCreate(b1, projID, &BucketAttrs{RequesterPays: true})
+ if err := b1.ACL().Set(ctx, ACLEntity("user-"+otherUser), RoleOwner); err != nil {
+ t.Fatal(err)
+ }
+ defer h.mustDeleteBucket(b1)
+
+ // Repeat for b1a
+ h.mustCreate(b1a, projID, &BucketAttrs{RequesterPays: true})
+ if err := b1a.ACL().Set(ctx, ACLEntity("user-"+otherUser), RoleOwner); err != nil {
+ t.Fatal(err)
+ }
+ defer h.mustDeleteBucket(b1a)
+
// Call f under various conditions.
// Here b1 and b2 refer to the same bucket, but b1 is bound to client,
// while b2 is bound to otherClient. The clients differ in their credentials,
@@ -2810,13 +2841,13 @@
// user: an Owner on the containing project
// userProject: containing project
// result: success, by the same rule as above; userProject is unnecessary but allowed.
- if err := f(b1.UserProject(projID)); err != nil {
+ if err := f(b1a.UserProject(projID)); err != nil {
t.Errorf("%s: got %v, want nil", msg, err)
}
// user: not an Owner on the containing project
// userProject: absent
// result: failure, by the standard requester-pays rule
- err := f(b2)
+ err := f(b2a)
if got, want := errCode(err), wantErrorCode; got != want {
t.Errorf("%s: got error %v with code %d, want code %d\n"+
"confirm that %s is NOT an Owner on %s",
@@ -2825,7 +2856,7 @@
// user: not an Owner on the containing project
// userProject: not the containing one, but user has Editor role on it
// result: success, by the standard requester-pays rule
- if err := f(b2.UserProject(otherProjID)); err != nil {
+ if err := f(b2a.UserProject(otherProjID)); err != nil {
t.Errorf("%s: got %v, want nil\n"+
"confirm that %s is an Editor on %s and that that project has billing enabled",
msg, err, otherUser, otherProjID)
@@ -2833,11 +2864,11 @@
// user: not an Owner on the containing project
// userProject: the containing one, on which the user does NOT have Editor permission.
// result: failure
- err = f(b2.UserProject("veener-jba"))
+ err = f(b2.UserProject(noPermissionsProjID))
if got, want := errCode(err), 403; got != want {
t.Errorf("%s: got error %v, want code %d\n"+
"confirm that %s is NOT an Editor on %s",
- msg, err, want, otherUser, "veener-jba")
+ msg, err, want, otherUser, noPermissionsProjID)
}
}
@@ -2856,10 +2887,10 @@
}
}
// Object operations.
- obj1 := "acl-go-test" + uidSpace.New()
call("write object", func(b *BucketHandle) error {
return writeObject(ctx, b.Object(obj1), "text/plain", []byte("hello"))
})
+
call("read object", func(b *BucketHandle) error {
_, err := readObject(ctx, b.Object(obj1))
return err
@@ -2875,7 +2906,6 @@
// ACL operations.
// Create another object for these to avoid object rate limits.
- obj2 := "acl-go-test" + uidSpace.New()
call("write object", func(b *BucketHandle) error {
return writeObject(ctx, b.Object(obj2), "text/plain", []byte("hello"))
})
@@ -2939,18 +2969,25 @@
// The storage service may perform validation in any order (perhaps in parallel),
// so if we delete an object that doesn't exist and for which we lack permission,
// we could see either of those two errors. (See Google-internal bug 78341001.)
- h.mustWrite(b1.Object(obj1).NewWriter(ctx), []byte("hello")) // note: b1, not b.
+ h.mustWrite(b1.Object(obj1).NewWriter(ctx), []byte("hello")) // note: b1, not b.
+ h.mustWrite(b1a.Object(obj1).NewWriter(ctx), []byte("hello")) // b1a as well
return b.Object(obj1).Delete(ctx)
})
b1.Object(obj1).Delete(ctx) // Clean up created objects.
b1.Object(obj2).Delete(ctx)
+ b1a.Object(obj1).Delete(ctx)
+ b1a.Object(obj2).Delete(ctx)
for _, obj := range []string{"copy", "compose"} {
if err := b1.UserProject(projID).Object(obj).Delete(ctx); err != nil {
t.Fatalf("could not delete %q: %v", obj, err)
}
}
+ for _, obj := range []string{"copy", "compose"} {
+ if err := b1a.UserProject(projID).Object(obj).Delete(ctx); err != nil {
+ t.Fatalf("could not delete %q: %v", obj, err)
+ }
+ }
- h.mustDeleteBucket(b1)
}
func TestIntegration_Notifications(t *testing.T) {
