2021-04-26 20:07:00 +02:00
|
|
|
#coding:utf-8
|
2022-01-24 20:27:02 +01:00
|
|
|
|
|
|
|
"""
|
|
|
|
ID: issue-5066
|
|
|
|
ISSUE: 5066
|
2022-02-02 15:46:19 +01:00
|
|
|
TITLE: AV when trying to manage users list using EXECUTE STATEMENT on behalf of
|
|
|
|
non-sysdba user which has RDB$ADMIN role
|
2022-01-24 20:27:02 +01:00
|
|
|
DESCRIPTION:
|
|
|
|
NOTES:
|
|
|
|
[24.11.2021] pcisar
|
|
|
|
On FB v4.0.0.2496 this test fails as provided script file 'core_4766.sql' raises error in
|
|
|
|
execute block->execute statement->create/drop user:
|
|
|
|
Statement failed, SQLSTATE = 28000
|
|
|
|
Your user name and password are not defined. Ask your database administrator to set up a Firebird login.
|
|
|
|
-At block line: 3, col: 9
|
|
|
|
Variant for FB 3 works fine.
|
|
|
|
JIRA: CORE-4766
|
2022-02-02 15:46:19 +01:00
|
|
|
FBTEST: bugs.core_4766
|
2022-01-24 20:27:02 +01:00
|
|
|
"""
|
2021-04-26 20:07:00 +02:00
|
|
|
|
|
|
|
import pytest
|
2021-11-26 19:20:43 +01:00
|
|
|
from firebird.qa import db_factory, python_act, Action
|
2021-04-26 20:07:00 +02:00
|
|
|
|
2022-01-24 20:27:02 +01:00
|
|
|
db = db_factory()
|
2021-04-26 20:07:00 +02:00
|
|
|
|
2022-01-24 20:27:02 +01:00
|
|
|
act = python_act('db', substitutions=[('TCPv.*', 'TCP'), ('.*After line \\d+.*', ''),
|
|
|
|
('find/delete', 'delete'), ('TABLE PLG\\$.*', 'TABLE PLG')])
|
2021-04-26 20:07:00 +02:00
|
|
|
|
2022-01-24 20:27:02 +01:00
|
|
|
# version: 3.0
|
2021-04-26 20:07:00 +02:00
|
|
|
|
|
|
|
expected_stdout_1 = """
|
|
|
|
Srp: BOSS_SEC_NAME TMP_4766_BOSS
|
|
|
|
Srp: BOSS_SEC_PLUGIN Srp
|
|
|
|
Srp: BOSS_SEC_IS_ADMIN <true>
|
|
|
|
Srp: Statement failed, SQLSTATE = 28000
|
|
|
|
Srp: add record error
|
|
|
|
Srp: -no permission for INSERT access to TABLE PLG$SRP_VIEW
|
|
|
|
|
|
|
|
Srp: MNGR_SEC_NAME <null>
|
|
|
|
Srp: MNGR_SEC_PLUGIN <null>
|
|
|
|
Srp: MNGR_SEC_IS_ADMIN <null>
|
|
|
|
Srp: Statement failed, SQLSTATE = 28000
|
|
|
|
Srp: delete record error
|
|
|
|
Srp: -no permission for DELETE access to TABLE PLG$SRP_VIEW
|
|
|
|
|
|
|
|
|
|
|
|
Leg: BOSS_SEC_NAME TMP_4766_BOSS
|
|
|
|
Leg: BOSS_SEC_PLUGIN Legacy_UserManager
|
|
|
|
Leg: BOSS_SEC_IS_ADMIN <true>
|
|
|
|
Leg: Statement failed, SQLSTATE = 28000
|
|
|
|
Leg: add record error
|
|
|
|
Leg: -no permission for INSERT access to TABLE PLG$VIEW_USERS
|
|
|
|
|
|
|
|
Leg: MNGR_SEC_NAME <null>
|
|
|
|
Leg: MNGR_SEC_PLUGIN <null>
|
|
|
|
Leg: MNGR_SEC_IS_ADMIN <null>
|
|
|
|
|
|
|
|
Leg: Statement failed, SQLSTATE = 28000
|
|
|
|
Leg: find/delete record error
|
|
|
|
Leg: -no permission for DELETE access to TABLE PLG$VIEW_USERS
|
|
|
|
|
2021-11-26 19:20:43 +01:00
|
|
|
"""
|
2021-04-26 20:07:00 +02:00
|
|
|
|
2021-11-26 19:20:43 +01:00
|
|
|
@pytest.mark.version('>=3.0,<4')
|
2022-01-24 20:27:02 +01:00
|
|
|
def test_1(act: Action, capsys):
|
|
|
|
sql_text = (act.files_dir / 'core_4766.sql').read_text()
|
|
|
|
subs = {'dsn': act.db.dsn, 'user_name': act.db.user, 'user_password': act.db.password,
|
|
|
|
'current_auth_plugin': None,}
|
|
|
|
for current_auth_plugin in ['Srp', 'Legacy_UserManager']:
|
|
|
|
subs['current_auth_plugin'] = current_auth_plugin
|
2022-02-08 18:14:29 +01:00
|
|
|
act.reset()
|
2022-01-24 20:27:02 +01:00
|
|
|
act.isql(switches=['-q'], input=sql_text % subs, combine_output=True)
|
2022-02-08 18:14:29 +01:00
|
|
|
for line in act.clean_stdout.splitlines():
|
2022-01-24 20:27:02 +01:00
|
|
|
if line.strip():
|
|
|
|
print(current_auth_plugin[:3] + ': ' + line)
|
|
|
|
#
|
|
|
|
act.reset()
|
|
|
|
act.expected_stdout = expected_stdout_1
|
|
|
|
act.stdout = capsys.readouterr().out
|
|
|
|
assert act.clean_stdout == act.clean_expected_stdout
|
2021-04-26 20:07:00 +02:00
|
|
|
|
|
|
|
# version: 4.0
|
|
|
|
|
|
|
|
expected_stdout_2 = """
|
|
|
|
Leg: BOSS_SEC_NAME TMP_4766_BOSS
|
|
|
|
Leg: BOSS_SEC_PLUGIN Legacy_UserManager
|
|
|
|
Leg: BOSS_SEC_IS_ADMIN <true>
|
|
|
|
|
|
|
|
Leg: Statement failed, SQLSTATE = 28000
|
|
|
|
Leg: add record error
|
|
|
|
Leg: -no permission for INSERT access to TABLE PLG$VIEW_USERS
|
|
|
|
Leg: -Effective user is TMP_4766_BOSS
|
|
|
|
|
|
|
|
Leg: MNGR_SEC_NAME <null>
|
|
|
|
Leg: MNGR_SEC_PLUGIN <null>
|
|
|
|
Leg: MNGR_SEC_IS_ADMIN <null>
|
|
|
|
|
|
|
|
Leg: Statement failed, SQLSTATE = 28000
|
|
|
|
Leg: find/delete record error
|
|
|
|
Leg: -no permission for DELETE access to TABLE PLG$VIEW_USERS
|
|
|
|
Leg: -Effective user is TMP_4766_BOSS
|
2021-11-26 19:20:43 +01:00
|
|
|
"""
|
2021-04-26 20:07:00 +02:00
|
|
|
|
|
|
|
@pytest.mark.version('>=4.0')
|
2022-01-24 20:27:02 +01:00
|
|
|
def test_2(act: Action, capsys):
|
|
|
|
sql_text = (act.files_dir / 'core_4766.sql').read_text()
|
2021-11-26 19:20:43 +01:00
|
|
|
# ::: NB :::
|
2022-01-24 20:27:02 +01:00
|
|
|
# Only Legacy_UserManager is checked for FB 4.0. Srp has totally different behaviour,
|
|
|
|
# at least for 4.0.0.1714.
|
2021-11-26 19:20:43 +01:00
|
|
|
# Sent letter to dimitr and alex, 05.01.2020 22:00.
|
2022-01-24 20:27:02 +01:00
|
|
|
subs = {'dsn': act.db.dsn, 'user_name': act.db.user, 'user_password': act.db.password,
|
2021-11-26 19:20:43 +01:00
|
|
|
'current_auth_plugin': None,}
|
2021-12-19 22:25:36 +01:00
|
|
|
for current_auth_plugin in ['Legacy_UserManager']:
|
2021-11-26 19:20:43 +01:00
|
|
|
subs['current_auth_plugin'] = current_auth_plugin
|
2022-02-08 18:14:29 +01:00
|
|
|
act.reset()
|
2022-01-24 20:27:02 +01:00
|
|
|
act.isql(switches=['-q'], input=sql_text % subs, combine_output=True)
|
2022-02-08 18:14:29 +01:00
|
|
|
for line in act.clean_stdout.splitlines():
|
2021-11-26 19:20:43 +01:00
|
|
|
if line.strip():
|
|
|
|
print(current_auth_plugin[:3] + ': ' + line)
|
|
|
|
#
|
2022-01-24 20:27:02 +01:00
|
|
|
act.reset()
|
|
|
|
act.expected_stdout = expected_stdout_2
|
|
|
|
act.stdout = capsys.readouterr().out
|
|
|
|
assert act.clean_stdout == act.clean_expected_stdout
|