2023-03-28 18:39:22 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
2023-08-11 13:12:13 +00:00
|
|
|
// SPDX-License-Identifier: BUSL-1.1
|
2023-03-28 18:39:22 +00:00
|
|
|
|
2014-08-28 20:42:07 +00:00
|
|
|
package agent
|
|
|
|
|
|
|
|
import (
|
2014-08-28 21:38:00 +00:00
|
|
|
"bytes"
|
2017-08-23 14:52:48 +00:00
|
|
|
"errors"
|
2014-08-28 21:38:00 +00:00
|
|
|
"fmt"
|
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
2014-08-28 20:42:07 +00:00
|
|
|
"testing"
|
2014-08-28 21:38:00 +00:00
|
|
|
"time"
|
|
|
|
|
2022-01-20 16:45:56 +00:00
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
|
2017-08-23 14:52:48 +00:00
|
|
|
"github.com/hashicorp/consul/acl"
|
2019-03-27 12:54:56 +00:00
|
|
|
"github.com/hashicorp/consul/sdk/testutil/retry"
|
2021-09-03 18:49:29 +00:00
|
|
|
"github.com/hashicorp/consul/testrpc"
|
2014-08-28 20:42:07 +00:00
|
|
|
)
|
|
|
|
|
2014-08-28 21:38:00 +00:00
|
|
|
func TestEventFire(t *testing.T) {
|
2020-12-07 18:42:55 +00:00
|
|
|
if testing.Short() {
|
|
|
|
t.Skip("too slow for testing.Short")
|
|
|
|
}
|
|
|
|
|
2017-05-21 07:54:40 +00:00
|
|
|
t.Parallel()
|
2020-03-31 19:59:56 +00:00
|
|
|
a := NewTestAgent(t, "")
|
2017-05-21 18:31:20 +00:00
|
|
|
defer a.Shutdown()
|
2018-09-12 13:49:27 +00:00
|
|
|
testrpc.WaitForTestAgent(t, a.RPC, "dc1")
|
2014-08-28 21:38:00 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
body := bytes.NewBuffer([]byte("test"))
|
|
|
|
url := "/v1/event/fire/test?node=Node&service=foo&tag=bar"
|
|
|
|
req, _ := http.NewRequest("PUT", url, body)
|
|
|
|
resp := httptest.NewRecorder()
|
|
|
|
obj, err := a.srv.EventFire(resp, req)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
2014-08-28 21:38:00 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
event, ok := obj.(*UserEvent)
|
|
|
|
if !ok {
|
|
|
|
t.Fatalf("bad: %#v", obj)
|
|
|
|
}
|
|
|
|
|
|
|
|
if event.ID == "" {
|
|
|
|
t.Fatalf("bad: %#v", event)
|
|
|
|
}
|
|
|
|
if event.Name != "test" {
|
|
|
|
t.Fatalf("bad: %#v", event)
|
|
|
|
}
|
|
|
|
if string(event.Payload) != "test" {
|
|
|
|
t.Fatalf("bad: %#v", event)
|
|
|
|
}
|
|
|
|
if event.NodeFilter != "Node" {
|
|
|
|
t.Fatalf("bad: %#v", event)
|
|
|
|
}
|
|
|
|
if event.ServiceFilter != "foo" {
|
|
|
|
t.Fatalf("bad: %#v", event)
|
|
|
|
}
|
|
|
|
if event.TagFilter != "bar" {
|
|
|
|
t.Fatalf("bad: %#v", event)
|
|
|
|
}
|
2014-08-28 21:38:00 +00:00
|
|
|
}
|
|
|
|
|
2015-06-19 00:05:13 +00:00
|
|
|
func TestEventFire_token(t *testing.T) {
|
2020-12-07 18:42:55 +00:00
|
|
|
if testing.Short() {
|
|
|
|
t.Skip("too slow for testing.Short")
|
|
|
|
}
|
|
|
|
|
2017-05-21 07:54:40 +00:00
|
|
|
t.Parallel()
|
2020-03-31 19:59:56 +00:00
|
|
|
a := NewTestAgent(t, TestACLConfig()+`
|
2017-09-25 18:40:42 +00:00
|
|
|
acl_default_policy = "deny"
|
|
|
|
`)
|
2017-05-21 18:31:20 +00:00
|
|
|
defer a.Shutdown()
|
2018-09-12 13:49:27 +00:00
|
|
|
testrpc.WaitForLeader(t, a.RPC, "dc1")
|
2015-06-19 00:05:13 +00:00
|
|
|
|
2021-09-03 18:49:29 +00:00
|
|
|
token := createToken(t, a, testEventPolicy)
|
2017-05-21 18:31:20 +00:00
|
|
|
|
|
|
|
type tcase struct {
|
|
|
|
event string
|
|
|
|
allowed bool
|
|
|
|
}
|
|
|
|
tcases := []tcase{
|
|
|
|
{"foo", false},
|
|
|
|
{"bar", false},
|
|
|
|
{"baz", true},
|
|
|
|
}
|
|
|
|
for _, c := range tcases {
|
|
|
|
// Try to fire the event over the HTTP interface
|
2023-01-24 16:21:41 +00:00
|
|
|
url := fmt.Sprintf("/v1/event/fire/%s", c.event)
|
2017-05-21 18:31:20 +00:00
|
|
|
req, _ := http.NewRequest("PUT", url, nil)
|
2023-01-24 16:21:41 +00:00
|
|
|
req.Header.Add("X-Consul-Token", token)
|
2017-05-21 18:31:20 +00:00
|
|
|
resp := httptest.NewRecorder()
|
2022-01-31 16:17:35 +00:00
|
|
|
_, err := a.srv.EventFire(resp, req)
|
2015-06-19 00:05:13 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
// Check the result
|
|
|
|
if c.allowed {
|
2022-01-31 16:17:35 +00:00
|
|
|
body := resp.Body.String()
|
2017-08-23 14:52:48 +00:00
|
|
|
if acl.IsErrPermissionDenied(errors.New(body)) {
|
2017-05-21 18:31:20 +00:00
|
|
|
t.Fatalf("bad: %s", body)
|
|
|
|
}
|
|
|
|
if resp.Code != 200 {
|
|
|
|
t.Fatalf("bad: %d", resp.Code)
|
|
|
|
}
|
|
|
|
} else {
|
2022-01-31 16:17:35 +00:00
|
|
|
if !acl.IsErrPermissionDenied(err) {
|
|
|
|
t.Fatalf("bad: %s", err.Error())
|
2017-05-21 18:31:20 +00:00
|
|
|
}
|
2022-04-29 17:42:49 +00:00
|
|
|
if err, ok := err.(HTTPError); ok {
|
|
|
|
if err.StatusCode != 403 {
|
|
|
|
t.Fatalf("Expected 403 but got %d", err.StatusCode)
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
t.Fatalf("Expected HTTP Error %v", err)
|
2015-06-19 00:05:13 +00:00
|
|
|
}
|
|
|
|
}
|
2017-05-21 18:31:20 +00:00
|
|
|
}
|
2015-06-19 00:05:13 +00:00
|
|
|
}
|
|
|
|
|
2014-08-28 21:38:00 +00:00
|
|
|
func TestEventList(t *testing.T) {
|
2020-12-07 18:42:55 +00:00
|
|
|
if testing.Short() {
|
|
|
|
t.Skip("too slow for testing.Short")
|
|
|
|
}
|
|
|
|
|
2017-05-21 07:54:40 +00:00
|
|
|
t.Parallel()
|
2020-03-31 19:59:56 +00:00
|
|
|
a := NewTestAgent(t, "")
|
2017-05-21 18:31:20 +00:00
|
|
|
defer a.Shutdown()
|
2018-09-12 13:49:27 +00:00
|
|
|
testrpc.WaitForTestAgent(t, a.RPC, "dc1")
|
2014-08-28 21:38:00 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
p := &UserEvent{Name: "test"}
|
|
|
|
if err := a.UserEvent("dc1", "root", p); err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
2014-08-28 21:38:00 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
retry.Run(t, func(r *retry.R) {
|
|
|
|
req, _ := http.NewRequest("GET", "/v1/event/list", nil)
|
|
|
|
resp := httptest.NewRecorder()
|
|
|
|
obj, err := a.srv.EventList(resp, req)
|
|
|
|
if err != nil {
|
|
|
|
r.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
list, ok := obj.([]*UserEvent)
|
|
|
|
if !ok {
|
|
|
|
r.Fatalf("bad: %#v", obj)
|
|
|
|
}
|
|
|
|
if len(list) != 1 || list[0].Name != "test" {
|
|
|
|
r.Fatalf("bad: %#v", list)
|
|
|
|
}
|
|
|
|
header := resp.Header().Get("X-Consul-Index")
|
|
|
|
if header == "" || header == "0" {
|
|
|
|
r.Fatalf("bad: %#v", header)
|
|
|
|
}
|
2014-08-28 22:25:53 +00:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestEventList_Filter(t *testing.T) {
|
2020-12-07 18:42:55 +00:00
|
|
|
if testing.Short() {
|
|
|
|
t.Skip("too slow for testing.Short")
|
|
|
|
}
|
|
|
|
|
2017-05-21 07:54:40 +00:00
|
|
|
t.Parallel()
|
2020-03-31 19:59:56 +00:00
|
|
|
a := NewTestAgent(t, "")
|
2017-05-21 18:31:20 +00:00
|
|
|
defer a.Shutdown()
|
2018-09-12 13:49:27 +00:00
|
|
|
testrpc.WaitForTestAgent(t, a.RPC, "dc1")
|
2014-08-28 22:25:53 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
p := &UserEvent{Name: "test"}
|
|
|
|
if err := a.UserEvent("dc1", "root", p); err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
2014-08-28 22:25:53 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
p = &UserEvent{Name: "foo"}
|
|
|
|
if err := a.UserEvent("dc1", "root", p); err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
2014-08-28 22:25:53 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
retry.Run(t, func(r *retry.R) {
|
|
|
|
req, _ := http.NewRequest("GET", "/v1/event/list?name=foo", nil)
|
|
|
|
resp := httptest.NewRecorder()
|
|
|
|
obj, err := a.srv.EventList(resp, req)
|
|
|
|
if err != nil {
|
|
|
|
r.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
list, ok := obj.([]*UserEvent)
|
|
|
|
if !ok {
|
|
|
|
r.Fatalf("bad: %#v", obj)
|
|
|
|
}
|
|
|
|
if len(list) != 1 || list[0].Name != "foo" {
|
|
|
|
r.Fatalf("bad: %#v", list)
|
|
|
|
}
|
|
|
|
header := resp.Header().Get("X-Consul-Index")
|
|
|
|
if header == "" || header == "0" {
|
|
|
|
r.Fatalf("bad: %#v", header)
|
|
|
|
}
|
2014-08-28 21:38:00 +00:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2016-12-15 03:42:37 +00:00
|
|
|
func TestEventList_ACLFilter(t *testing.T) {
|
2020-12-07 18:42:55 +00:00
|
|
|
if testing.Short() {
|
|
|
|
t.Skip("too slow for testing.Short")
|
|
|
|
}
|
|
|
|
|
2017-05-21 07:54:40 +00:00
|
|
|
t.Parallel()
|
2020-03-31 19:59:56 +00:00
|
|
|
a := NewTestAgent(t, TestACLConfig())
|
2017-05-21 07:11:09 +00:00
|
|
|
defer a.Shutdown()
|
2018-09-12 13:49:27 +00:00
|
|
|
testrpc.WaitForLeader(t, a.RPC, "dc1")
|
2016-12-15 03:42:37 +00:00
|
|
|
|
2021-12-03 17:38:59 +00:00
|
|
|
// Fire some events.
|
|
|
|
events := []*UserEvent{
|
|
|
|
{Name: "foo"},
|
|
|
|
{Name: "bar"},
|
|
|
|
}
|
|
|
|
for _, e := range events {
|
|
|
|
err := a.UserEvent("dc1", "root", e)
|
|
|
|
require.NoError(t, err)
|
2016-12-15 03:42:37 +00:00
|
|
|
}
|
|
|
|
|
2017-05-09 17:46:11 +00:00
|
|
|
t.Run("no token", func(t *testing.T) {
|
2017-05-04 22:52:53 +00:00
|
|
|
retry.Run(t, func(r *retry.R) {
|
2021-12-03 17:38:59 +00:00
|
|
|
req := httptest.NewRequest("GET", "/v1/event/list", nil)
|
2016-12-15 03:42:37 +00:00
|
|
|
resp := httptest.NewRecorder()
|
2021-12-03 17:38:59 +00:00
|
|
|
|
2017-05-21 07:11:09 +00:00
|
|
|
obj, err := a.srv.EventList(resp, req)
|
2022-01-20 16:45:56 +00:00
|
|
|
require.NoError(r, err)
|
2016-12-15 03:42:37 +00:00
|
|
|
|
|
|
|
list, ok := obj.([]*UserEvent)
|
2022-01-20 16:45:56 +00:00
|
|
|
require.True(r, ok)
|
|
|
|
require.Empty(r, list)
|
|
|
|
require.Empty(r, resp.Header().Get("X-Consul-Results-Filtered-By-ACLs"))
|
2021-12-03 17:38:59 +00:00
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("token with access to one event type", func(t *testing.T) {
|
|
|
|
retry.Run(t, func(r *retry.R) {
|
2023-12-06 17:11:32 +00:00
|
|
|
token := testCreateToken(r, a, `
|
2021-12-03 17:38:59 +00:00
|
|
|
event "foo" {
|
|
|
|
policy = "read"
|
|
|
|
}
|
|
|
|
`)
|
|
|
|
|
2023-01-24 16:21:41 +00:00
|
|
|
req := httptest.NewRequest("GET", "/v1/event/list", nil)
|
|
|
|
req.Header.Add("X-Consul-Token", token)
|
2021-12-03 17:38:59 +00:00
|
|
|
resp := httptest.NewRecorder()
|
|
|
|
|
|
|
|
obj, err := a.srv.EventList(resp, req)
|
2022-01-20 16:45:56 +00:00
|
|
|
require.NoError(r, err)
|
2021-12-03 17:38:59 +00:00
|
|
|
|
|
|
|
list, ok := obj.([]*UserEvent)
|
2022-01-20 16:45:56 +00:00
|
|
|
require.True(r, ok)
|
|
|
|
require.Len(r, list, 1)
|
|
|
|
require.Equal(r, "foo", list[0].Name)
|
|
|
|
require.NotEmpty(r, resp.Header().Get("X-Consul-Results-Filtered-By-ACLs"))
|
2017-04-29 16:34:02 +00:00
|
|
|
})
|
2017-05-09 17:46:11 +00:00
|
|
|
})
|
2016-12-15 03:42:37 +00:00
|
|
|
|
2017-05-09 17:46:11 +00:00
|
|
|
t.Run("root token", func(t *testing.T) {
|
2017-05-04 22:52:53 +00:00
|
|
|
retry.Run(t, func(r *retry.R) {
|
2023-01-24 16:21:41 +00:00
|
|
|
req := httptest.NewRequest("GET", "/v1/event/list", nil)
|
|
|
|
req.Header.Add("X-Consul-Token", "root")
|
2016-12-15 03:42:37 +00:00
|
|
|
resp := httptest.NewRecorder()
|
2021-12-03 17:38:59 +00:00
|
|
|
|
2017-05-21 07:11:09 +00:00
|
|
|
obj, err := a.srv.EventList(resp, req)
|
2022-01-20 16:45:56 +00:00
|
|
|
require.NoError(r, err)
|
2016-12-15 03:42:37 +00:00
|
|
|
|
|
|
|
list, ok := obj.([]*UserEvent)
|
2022-01-20 16:45:56 +00:00
|
|
|
require.True(r, ok)
|
|
|
|
require.Len(r, list, 2)
|
2021-12-03 17:38:59 +00:00
|
|
|
|
|
|
|
var names []string
|
|
|
|
for _, e := range list {
|
|
|
|
names = append(names, e.Name)
|
2016-12-15 03:42:37 +00:00
|
|
|
}
|
2022-01-20 16:45:56 +00:00
|
|
|
require.ElementsMatch(r, []string{"foo", "bar"}, names)
|
2021-12-03 17:38:59 +00:00
|
|
|
|
2022-01-20 16:45:56 +00:00
|
|
|
require.Empty(r, resp.Header().Get("X-Consul-Results-Filtered-By-ACLs"))
|
2017-04-29 16:34:02 +00:00
|
|
|
})
|
2017-05-09 17:46:11 +00:00
|
|
|
})
|
2016-12-15 03:42:37 +00:00
|
|
|
}
|
|
|
|
|
2014-08-28 21:38:00 +00:00
|
|
|
func TestEventList_Blocking(t *testing.T) {
|
2020-12-07 18:42:55 +00:00
|
|
|
if testing.Short() {
|
|
|
|
t.Skip("too slow for testing.Short")
|
|
|
|
}
|
|
|
|
|
2017-05-21 07:54:40 +00:00
|
|
|
t.Parallel()
|
2020-03-31 19:59:56 +00:00
|
|
|
a := NewTestAgent(t, "")
|
2017-05-21 18:31:20 +00:00
|
|
|
defer a.Shutdown()
|
2018-09-12 13:49:27 +00:00
|
|
|
testrpc.WaitForTestAgent(t, a.RPC, "dc1")
|
2014-08-28 21:38:00 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
p := &UserEvent{Name: "test"}
|
|
|
|
if err := a.UserEvent("dc1", "root", p); err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
2014-08-28 21:38:00 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
var index string
|
|
|
|
retry.Run(t, func(r *retry.R) {
|
|
|
|
req, _ := http.NewRequest("GET", "/v1/event/list", nil)
|
|
|
|
resp := httptest.NewRecorder()
|
|
|
|
if _, err := a.srv.EventList(resp, req); err != nil {
|
|
|
|
r.Fatal(err)
|
|
|
|
}
|
|
|
|
header := resp.Header().Get("X-Consul-Index")
|
|
|
|
if header == "" || header == "0" {
|
|
|
|
r.Fatalf("bad: %#v", header)
|
|
|
|
}
|
|
|
|
index = header
|
|
|
|
})
|
2014-08-28 21:38:00 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
go func() {
|
|
|
|
time.Sleep(50 * time.Millisecond)
|
|
|
|
p := &UserEvent{Name: "second"}
|
|
|
|
if err := a.UserEvent("dc1", "root", p); err != nil {
|
2020-06-05 20:52:31 +00:00
|
|
|
t.Errorf("err: %v", err)
|
2017-05-21 18:31:20 +00:00
|
|
|
}
|
|
|
|
}()
|
2014-11-21 04:48:51 +00:00
|
|
|
|
2017-05-21 18:31:20 +00:00
|
|
|
retry.Run(t, func(r *retry.R) {
|
|
|
|
url := "/v1/event/list?index=" + index
|
|
|
|
req, _ := http.NewRequest("GET", url, nil)
|
|
|
|
resp := httptest.NewRecorder()
|
|
|
|
obj, err := a.srv.EventList(resp, req)
|
|
|
|
if err != nil {
|
|
|
|
r.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
list, ok := obj.([]*UserEvent)
|
|
|
|
if !ok {
|
|
|
|
r.Fatalf("bad: %#v", obj)
|
|
|
|
}
|
|
|
|
if len(list) != 2 || list[1].Name != "second" {
|
|
|
|
r.Fatalf("bad: %#v", list)
|
|
|
|
}
|
2014-11-21 04:48:51 +00:00
|
|
|
})
|
|
|
|
}
|
2014-08-28 21:38:00 +00:00
|
|
|
|
2014-11-21 04:48:51 +00:00
|
|
|
func TestEventList_EventBufOrder(t *testing.T) {
|
2020-12-07 18:42:55 +00:00
|
|
|
if testing.Short() {
|
|
|
|
t.Skip("too slow for testing.Short")
|
|
|
|
}
|
|
|
|
|
2017-05-21 07:54:40 +00:00
|
|
|
t.Parallel()
|
2020-03-31 19:59:56 +00:00
|
|
|
a := NewTestAgent(t, "")
|
2017-05-21 18:31:20 +00:00
|
|
|
defer a.Shutdown()
|
2018-09-12 13:49:27 +00:00
|
|
|
testrpc.WaitForTestAgent(t, a.RPC, "dc1")
|
2017-05-21 18:31:20 +00:00
|
|
|
|
|
|
|
// Fire some events in a non-sequential order
|
|
|
|
expected := &UserEvent{Name: "foo"}
|
|
|
|
|
|
|
|
for _, e := range []*UserEvent{
|
2020-06-16 17:19:31 +00:00
|
|
|
{Name: "foo"},
|
|
|
|
{Name: "bar"},
|
|
|
|
{Name: "foo"},
|
2017-05-21 18:31:20 +00:00
|
|
|
expected,
|
2020-06-16 17:19:31 +00:00
|
|
|
{Name: "bar"},
|
2017-05-21 18:31:20 +00:00
|
|
|
} {
|
|
|
|
if err := a.UserEvent("dc1", "root", e); err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// Test that the event order is preserved when name
|
|
|
|
// filtering on a list of > 1 matching event.
|
|
|
|
retry.Run(t, func(r *retry.R) {
|
|
|
|
url := "/v1/event/list?name=foo"
|
|
|
|
req, _ := http.NewRequest("GET", url, nil)
|
|
|
|
resp := httptest.NewRecorder()
|
|
|
|
obj, err := a.srv.EventList(resp, req)
|
|
|
|
if err != nil {
|
|
|
|
r.Fatal(err)
|
|
|
|
}
|
|
|
|
list, ok := obj.([]*UserEvent)
|
|
|
|
if !ok {
|
|
|
|
r.Fatalf("bad: %#v", obj)
|
|
|
|
}
|
|
|
|
if len(list) != 3 || list[2].ID != expected.ID {
|
|
|
|
r.Fatalf("bad: %#v", list)
|
2014-11-21 04:35:52 +00:00
|
|
|
}
|
2014-08-28 21:38:00 +00:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2014-08-28 20:42:07 +00:00
|
|
|
func TestUUIDToUint64(t *testing.T) {
|
2017-05-21 07:54:40 +00:00
|
|
|
t.Parallel()
|
2014-08-28 20:42:07 +00:00
|
|
|
inp := "cb9a81ad-fff6-52ac-92a7-5f70687805ec"
|
|
|
|
|
|
|
|
// Output value was computed using python
|
|
|
|
if uuidToUint64(inp) != 6430540886266763072 {
|
|
|
|
t.Fatalf("bad")
|
|
|
|
}
|
|
|
|
}
|