From 644ec0ddef185c800433d1e67cc43d0746da91e1 Mon Sep 17 00:00:00 2001 From: Hitoshi Mitake Date: Sat, 8 Oct 2016 21:10:05 +0900 Subject: [PATCH] etcdctl, e2e: parse auth related options in endpoint health command Partially fixes https://github.com/coreos/etcd/issues/6611 --- e2e/ctl_v3_endpoint_test.go | 31 +++++++++++++++++++++++++++++ etcdctl/ctlv3/command/ep_command.go | 3 ++- 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/e2e/ctl_v3_endpoint_test.go b/e2e/ctl_v3_endpoint_test.go index a88cc35bc..244ff5ce2 100644 --- a/e2e/ctl_v3_endpoint_test.go +++ b/e2e/ctl_v3_endpoint_test.go @@ -21,6 +21,9 @@ import ( func TestCtlV3EndpointHealth(t *testing.T) { testCtl(t, endpointHealthTest, withQuorum()) } func TestCtlV3EndpointStatus(t *testing.T) { testCtl(t, endpointStatusTest, withQuorum()) } +func TestCtlV3EndpointHealthWithAuth(t *testing.T) { + testCtl(t, endpointHealthTestWithAuth, withQuorum()) +} func endpointHealthTest(cx ctlCtx) { if err := ctlV3EndpointHealth(cx); err != nil { @@ -52,3 +55,31 @@ func ctlV3EndpointStatus(cx ctlCtx) error { } return spawnWithExpects(cmdArgs, eps...) } + +func ctlV3EndpointHealthFailPermissionDenied(cx ctlCtx) error { + cmdArgs := append(cx.PrefixArgs(), "endpoint", "health") + lines := make([]string, cx.epc.cfg.clusterSize) + for i := range lines { + lines[i] = "is unhealthy: failed to commit proposal: etcdserver: permission denied" + } + return spawnWithExpects(cmdArgs, lines...) +} + +func endpointHealthTestWithAuth(cx ctlCtx) { + if err := authEnable(cx); err != nil { + cx.t.Fatal(err) + } + + cx.user, cx.pass = "root", "root" + authSetupTestUser(cx) + + if err := ctlV3EndpointHealth(cx); err != nil { + cx.t.Fatalf("endpointStatusTest ctlV3EndpointHealth error (%v)", err) + } + + // health checking with an ordinal user must fail because the user isn't granted a permission of the key "health" + cx.user, cx.pass = "test-user", "pass" + if err := ctlV3EndpointHealthFailPermissionDenied(cx); err != nil { + cx.t.Fatalf("endpointStatusTest ctlV3EndpointHealth error (%v)", err) + } +} diff --git a/etcdctl/ctlv3/command/ep_command.go b/etcdctl/ctlv3/command/ep_command.go index 5b1cd564b..c77c86d11 100644 --- a/etcdctl/ctlv3/command/ep_command.go +++ b/etcdctl/ctlv3/command/ep_command.go @@ -68,9 +68,10 @@ func epHealthCommandFunc(cmd *cobra.Command, args []string) { sec := secureCfgFromCmd(cmd) dt := dialTimeoutFromCmd(cmd) + auth := authCfgFromCmd(cmd) cfgs := []*v3.Config{} for _, ep := range endpoints { - cfg, err := newClientCfg([]string{ep}, dt, sec, nil) + cfg, err := newClientCfg([]string{ep}, dt, sec, auth) if err != nil { ExitWithError(ExitBadArgs, err) }