From 407afc69eda3d7dc4c3f7f187e938ef627a05210 Mon Sep 17 00:00:00 2001
From: Anthony Romano <anthony.romano@coreos.com>
Date: Tue, 27 Dec 2016 14:48:23 -0800
Subject: [PATCH] e2e: check etcdctl endpoint health is healthy if denied
 permission to key

---
 e2e/ctl_v3_endpoint_test.go | 28 +++++-----------------------
 1 file changed, 5 insertions(+), 23 deletions(-)

diff --git a/e2e/ctl_v3_endpoint_test.go b/e2e/ctl_v3_endpoint_test.go
index f6c53d052..0bbd6569b 100644
--- a/e2e/ctl_v3_endpoint_test.go
+++ b/e2e/ctl_v3_endpoint_test.go
@@ -40,15 +40,6 @@ func ctlV3EndpointHealth(cx ctlCtx) error {
 	return spawnWithExpects(cmdArgs, lines...)
 }
 
-func ctlV3EndpointHealthWithKey(cx ctlCtx, key string) error {
-	cmdArgs := append(cx.PrefixArgs(), "endpoint", "health", "--health-check-key", key)
-	lines := make([]string, cx.epc.cfg.clusterSize)
-	for i := range lines {
-		lines[i] = "is healthy"
-	}
-	return spawnWithExpects(cmdArgs, lines...)
-}
-
 func endpointStatusTest(cx ctlCtx) {
 	if err := ctlV3EndpointStatus(cx); err != nil {
 		cx.t.Fatalf("endpointStatusTest ctlV3EndpointStatus error (%v)", err)
@@ -65,15 +56,6 @@ func ctlV3EndpointStatus(cx ctlCtx) error {
 	return spawnWithExpects(cmdArgs, eps...)
 }
 
-func ctlV3EndpointHealthFailPermissionDenied(cx ctlCtx) error {
-	cmdArgs := append(cx.PrefixArgs(), "endpoint", "health")
-	lines := make([]string, cx.epc.cfg.clusterSize)
-	for i := range lines {
-		lines[i] = "is unhealthy: failed to commit proposal: etcdserver: permission denied"
-	}
-	return spawnWithExpects(cmdArgs, lines...)
-}
-
 func endpointHealthTestWithAuth(cx ctlCtx) {
 	if err := authEnable(cx); err != nil {
 		cx.t.Fatal(err)
@@ -86,19 +68,19 @@ func endpointHealthTestWithAuth(cx ctlCtx) {
 		cx.t.Fatalf("endpointStatusTest ctlV3EndpointHealth error (%v)", err)
 	}
 
-	// health checking with an ordinal user must fail because the user isn't granted a permission of the key "health"
+	// health checking with an ordinal user "succeeds" since permission denial goes through consensus
 	cx.user, cx.pass = "test-user", "pass"
-	if err := ctlV3EndpointHealthFailPermissionDenied(cx); err != nil {
+	if err := ctlV3EndpointHealth(cx); err != nil {
 		cx.t.Fatalf("endpointStatusTest ctlV3EndpointHealth error (%v)", err)
 	}
 
+	// succeed if permissions granted for ordinary user
 	cx.user, cx.pass = "root", "root"
-	if err := ctlV3RoleGrantPermission(cx, "test-role", grantingPerm{true, true, "custom-key", "", false}); err != nil {
+	if err := ctlV3RoleGrantPermission(cx, "test-role", grantingPerm{true, true, "health", "", false}); err != nil {
 		cx.t.Fatal(err)
 	}
-
 	cx.user, cx.pass = "test-user", "pass"
-	if err := ctlV3EndpointHealthWithKey(cx, "custom-key"); err != nil {
+	if err := ctlV3EndpointHealth(cx); err != nil {
 		cx.t.Fatalf("endpointStatusTest ctlV3EndpointHealth error (%v)", err)
 	}
 }