~drizzle-trunk/drizzle/development : contents of plugin/simple_user_policy/tests/t/basic.test at revision 1994.5.3

~drizzle-trunk/drizzle/development : (revision 1994.5.3)

# Check for error if no parameter provided
create schema user1;
create schema user2;
SELECT SCHEMA_NAME FROM DATA_DICTIONARY.SCHEMAS ORDER BY SCHEMA_NAME;

# Set up a table to be able to test not being able to kill other people
use user2;
create table t1 (kill_id int);
insert into t1 values(connection_id());

# Test that we get a normal don't exist error for things that don't exist
--error ER_NO_SUCH_TABLE
SELECT * from user1.dont_exist;

# Connect as user1 - should only see information_schema, user1 and
# data_dictionary
# Also tests that we are able to read data_dictionary, without which fail
# would happen
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
connect (should_succeed,localhost,user1,,user1,,);
connection should_succeed;
SELECT SCHEMA_NAME FROM DATA_DICTIONARY.SCHEMAS ORDER BY SCHEMA_NAME;

# Test that we get blocked on not being allowed to see user2 at all before
# we get blocked on the table not existing
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--replace_regex /@'.*?'/@'LOCALHOST'/
--error ER_DBACCESS_DENIED_ERROR
SELECT * from user2.dont_exist;

# Test that we can't create a schema that isn't named the same as we are
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--replace_regex /@'.*?'/@'LOCALHOST'/
--error ER_DBACCESS_DENIED_ERROR
create schema authorize_fail;

# Test that we can't drop a schema that isn't named the same as we are
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--replace_regex /@'.*?'/@'LOCALHOST'/
--error ER_DBACCESS_DENIED_ERROR
drop schema user2;

# Set up a table to test that we can kill other versions of us
create table t1 (kill_id int);
insert into t1 values(connection_id());

--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
connect (con1,localhost,user1,,user1,);
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
connect (con2,localhost,user2,,user2,);
connection con1;

# Check that we don't see other people's connections
SELECT USERNAME, DB FROM DATA_DICTIONARY.PROCESSLIST ORDER BY USERNAME, DB;

# Check that we can kill a process that is owned by our user
--disable_reconnect
select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;
kill @id;

connection should_succeed;
--sleep 2

--disable_query_log
--disable_result_log
# One of the following statements should fail
--error 0,5,20,23
select 1;
--error 0,5,20,23
select 1;
--enable_query_log
--enable_result_log
--enable_reconnect

select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;
select @id != connection_id();

# Set the table to our current id now
update t1 set kill_id = connection_id();

# Test that we cannot kill a process owned by someone else
connection con2;
SELECT USERNAME, DB FROM DATA_DICTIONARY.PROCESSLIST ORDER BY USERNAME, DB;
select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;

--replace_regex /Unknown session id: [0-9]+/Unknown session id: #/
--error ER_NO_SUCH_THREAD
kill @id;

# Test that root can see everybody
connection default;
SELECT USERNAME, DB FROM DATA_DICTIONARY.PROCESSLIST ORDER BY USERNAME, DB;

# Test that root can kill someone else
use user1;
--disable_reconnect
select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;
kill @id;

connection should_succeed;
--sleep 2

--disable_query_log
--disable_result_log
# One of the following statements should fail
--error 0,5,20,23
select 1;
--error 0,5,20,23
select 1;
--enable_query_log
--enable_result_log
--enable_reconnect

select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;
select @id != connection_id();


# Test failing initial connection
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--replace_regex /@'.*?'/@'LOCALHOST'/
--error ER_DBACCESS_DENIED_ERROR
connect (should_fail,localhost,authz,,authz_no,,);

# Clean up after ourselves
connection default;
drop schema user1;
drop schema user2;
disconnect con1;
disconnect con2;
disconnect should_succeed;

1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	1	# Check for error if no parameter provided
1963.2.4 by Brian Aker Updated test so that it should always be deterministic.	2	create schema user1;
	3	create schema user2;
	4	SELECT SCHEMA_NAME FROM DATA_DICTIONARY.SCHEMAS ORDER BY SCHEMA_NAME;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	5
	6	# Set up a table to be able to test not being able to kill other people
	7	use user2;
	8	create table t1 (kill_id int);
	9	insert into t1 values(connection_id());
	10
	11	# Test that we get a normal don't exist error for things that don't exist
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	12	--error ER_NO_SUCH_TABLE
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	13	SELECT * from user1.dont_exist;
	14
	15	# Connect as user1 - should only see information_schema, user1 and
	16	# data_dictionary
	17	# Also tests that we are able to read data_dictionary, without which fail
	18	# would happen
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	19	--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	20	connect (should_succeed,localhost,user1,,user1,,);
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	21	connection should_succeed;
1963.2.4 by Brian Aker Updated test so that it should always be deterministic.	22	SELECT SCHEMA_NAME FROM DATA_DICTIONARY.SCHEMAS ORDER BY SCHEMA_NAME;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	23
	24	# Test that we get blocked on not being allowed to see user2 at all before
	25	# we get blocked on the table not existing
	26	--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
	27	--replace_regex /@'.*?'/@'LOCALHOST'/
	28	--error ER_DBACCESS_DENIED_ERROR
	29	SELECT * from user2.dont_exist;
	30
	31	# Test that we can't create a schema that isn't named the same as we are
	32	--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
	33	--replace_regex /@'.*?'/@'LOCALHOST'/
	34	--error ER_DBACCESS_DENIED_ERROR
1963.2.4 by Brian Aker Updated test so that it should always be deterministic.	35	create schema authorize_fail;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	36
	37	# Test that we can't drop a schema that isn't named the same as we are
	38	--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
	39	--replace_regex /@'.*?'/@'LOCALHOST'/
	40	--error ER_DBACCESS_DENIED_ERROR
1963.2.4 by Brian Aker Updated test so that it should always be deterministic.	41	drop schema user2;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	42
	43	# Set up a table to test that we can kill other versions of us
	44	create table t1 (kill_id int);
	45	insert into t1 values(connection_id());
	46
	47	--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
	48	connect (con1,localhost,user1,,user1,);
	49	--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
	50	connect (con2,localhost,user2,,user2,);
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	51	connection con1;
	52
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	53	# Check that we don't see other people's connections
2029.1.26 by Brian Aker Merge in work for reserved words in SQL standard.	54	SELECT USERNAME, DB FROM DATA_DICTIONARY.PROCESSLIST ORDER BY USERNAME, DB;
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	55
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	56	# Check that we can kill a process that is owned by our user
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	57	--disable_reconnect
1963.2.4 by Brian Aker Updated test so that it should always be deterministic.	58	select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	59	kill @id;
	60
	61	connection should_succeed;
	62	--sleep 2
	63
	64	--disable_query_log
	65	--disable_result_log
	66	# One of the following statements should fail
	67	--error 0,5,20,23
	68	select 1;
	69	--error 0,5,20,23
	70	select 1;
	71	--enable_query_log
	72	--enable_result_log
	73	--enable_reconnect
	74
1963.2.4 by Brian Aker Updated test so that it should always be deterministic.	75	select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	76	select @id != connection_id();
	77
	78	# Set the table to our current id now
	79	update t1 set kill_id = connection_id();
	80
	81	# Test that we cannot kill a process owned by someone else
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	82	connection con2;
2029.1.26 by Brian Aker Merge in work for reserved words in SQL standard.	83	SELECT USERNAME, DB FROM DATA_DICTIONARY.PROCESSLIST ORDER BY USERNAME, DB;
1963.2.4 by Brian Aker Updated test so that it should always be deterministic.	84	select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	85
2039.4.1 by Lee Bieber fix tests that are failing with --repeat=2	86	--replace_regex /Unknown session id: [0-9]+/Unknown session id: #/
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	87	--error ER_NO_SUCH_THREAD
	88	kill @id;
	89
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	90	# Test that root can see everybody
	91	connection default;
2029.1.26 by Brian Aker Merge in work for reserved words in SQL standard.	92	SELECT USERNAME, DB FROM DATA_DICTIONARY.PROCESSLIST ORDER BY USERNAME, DB;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	93
	94	# Test that root can kill someone else
	95	use user1;
	96	--disable_reconnect
1963.2.4 by Brian Aker Updated test so that it should always be deterministic.	97	select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	98	kill @id;
	99
	100	connection should_succeed;
	101	--sleep 2
	102
	103	--disable_query_log
	104	--disable_result_log
	105	# One of the following statements should fail
	106	--error 0,5,20,23
	107	select 1;
	108	--error 0,5,20,23
	109	select 1;
	110	--enable_query_log
	111	--enable_result_log
	112	--enable_reconnect
	113
1963.2.4 by Brian Aker Updated test so that it should always be deterministic.	114	select IF(((@id := kill_id) - kill_id), "NO", "YES") from t1;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	115	select @id != connection_id();
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	116
	117
	118	# Test failing initial connection
	119	--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
	120	--replace_regex /@'.*?'/@'LOCALHOST'/
	121	--error ER_DBACCESS_DENIED_ERROR
	122	connect (should_fail,localhost,authz,,authz_no,,);
	123
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	124	# Clean up after ourselves
1317.1.6 by Monty Taylor Added plugin to test the Authorization interface.	125	connection default;
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	126	drop schema user1;
	127	drop schema user2;
	128	disconnect con1;
	129	disconnect con2;
	130	disconnect should_succeed;