firebird-qa/tests/bugs/test_core_6147.py

#coding:utf-8
#
# id:           bugs.core_6147
# title:        PLG$SRP table, PLG$SRP_VIEW View instructions are strangely added in the metadata script extracted when Windows trusted authentication is enabled
# decription:   
#                  ::: NOTE :::
#                  References to the table PLG$SRP and view PLG$SRP_VIEW *always* present in extracted metadata,
#                  regardless of using auth plugin (and this is NOT a bug!).
#               
#                  Fix was introduced in 4.0.0.2087: extracted metadata must contain "OR ALTER" clause in:
#                      CREATE OR ALTER GLOBAL MAPPING TRUSTED_AUTH_C6147 ...
#                             ^^^^^^^^
#                  Builds before 4.0.0.2084 did not add this clause in extracted metadata script (checked 4.0.0.2076).
#                  (see also discussion with Alex, 02-jun-2020 08:23).
#               
#                  ### NB ###
#                  For unclear reason ALTER EXTERNAL CONNECTIONS POOL CLEAR ALL + DROP DATABASE do not work as expected in this test:
#                  test DB remains opened by firebird.exe about 5...7 seconds after test finish, and 'drop database' does not issues any error.
#                  Because of this it was decided to forcedly change DB state to full shutdown in order to have ability to drop it.
#                  22.02.2021: perhaps, this was somehow related to core-6441.
#               
#                  NOTES FOR WINDOWS:
#                  ##################
#                  We create copy of %FIREBIRD_HOME%\\database.conf and change it content by adding lines:
#                       tmp_alias_6147 = ...
#                       {
#                           SecurityDatabase = tmp_alias_6147
#                       }
#                  Then we create trest DB in embedded mode, create SYSDBA that belongs to this DB and create global mapping.
#                  We check content of rdb$auth_mapping table after this step in order to ensure that mapping was actually created.
#                  After this we do connect to DB using Win_SSPI and extract metadata.
#                  
#                  NOTES FOR LINUX:
#                  ################
#                  03-mar-2021. This test can run on Linux but we have to use plugin = Srp instead of win_sspi.
#                  This is done by check result of os.name (see below).
#                  Local mapping (i.e. in RDB$DATABASE) will *not* be created in this case (in contrary to win_sspi),
#                  thus we create and drop it "manually" in order to pass expected results check.
#               
#                  Checked on:
#                  * Windows: 4.0.0.2377 SS/CS (done for both win_sspi and Srp, but only win_sspi is used in this test for Windows)
#                  * Linux:   4.0.0.2377 SS/CS (done for Srp)
#                
# tracker_id:   CORE-6147
# min_versions: ['4.0']
# versions:     4.0
# qmid:         None

import pytest
from firebird.qa import db_factory, isql_act, Action

# version: 4.0
# resources: None

substitutions_1 = [('[ \t]+', ' '), ('.*===.*', ''), ('PLUGIN .*', 'PLUGIN')]

init_script_1 = """"""

db_1 = db_factory(sql_dialect=3, init=init_script_1)

# test_script_1
#---
# 
#  import os
#  import subprocess
#  import datetime
#  import time
#  import shutil
#  import re
#  from fdb import services
#  
#  this_fdb = db_conn.database_name
#  
#  if os.name == 'nt':
#      # On Windows we test what it was initially described  in the ticket (trusted auth.):
#      PLUGIN_FOR_MAPPING = 'win_sspi'
#  else:
#      # On Linux currently we can check only Srp plugin
#      # but results must be the same as for win_sspi:
#      PLUGIN_FOR_MAPPING = 'Srp'
#  
#  
#  # 23.08.2020: !!! REMOVING OS-VARIABLE ISC_USER IS MANDATORY HERE !!!
#  # This variable could be set by other .fbts which was performed before current within batch mode (i.e. when fbt_run is called from <rundaily>)
#  # NB: os.unsetenv('ISC_USER') actually does NOT affect on content of os.environ dictionary, see: https://docs.python.org/2/library/os.html
#  # We have to remove OS variable either by os.environ.pop() or using 'del os.environ[...]', but in any case this must be enclosed intro try/exc:
#  #os.environ.pop('ISC_USER')
#  try:
#      del os.environ["ISC_USER"]
#  except KeyError as e:
#      pass
#  
#  db_conn.close()
#  
#  #--------------------------------------------
#  
#  def flush_and_close( file_handle ):
#      # https://docs.python.org/2/library/os.html#os.fsync
#      # If you're starting with a Python file object f, 
#      # first do f.flush(), and 
#      # then do os.fsync(f.fileno()), to ensure that all internal buffers associated with f are written to disk.
#      global os
#      
#      file_handle.flush()
#      if file_handle.mode not in ('r', 'rb') and file_handle.name != os.devnull:
#          # otherwise: "OSError: [Errno 9] Bad file descriptor"!
#          os.fsync(file_handle.fileno())
#      file_handle.close()
#  
#  #--------------------------------------------
#  
#  def cleanup( f_names_list ):
#      global os
#      for f in f_names_list:
#         if type(f) == file:
#            del_name = f.name
#         elif type(f) == str:
#            del_name = f
#         else:
#            print('Unrecognized type of element:', f, ' - can not be treated as file.')
#            del_name = None
#  
#         if del_name and os.path.isfile( del_name ):
#             os.remove( del_name )
#      
#  #--------------------------------------------
#  
#  svc = services.connect(host='localhost', user= user_name, password= user_password)
#  fb_home = svc.get_home_directory()
#  svc.close()
#  # Resut: fb_home is full path to FB instance home (with trailing slash).
#  
#  dts = datetime.datetime.now().strftime("%y%m%d_%H%M%S")
#  
#  dbconf = os.path.join( fb_home, 'databases.conf')
#  dbcbak = os.path.join( fb_home, 'databases_'+dts+'.bak')
#  
#  shutil.copy2( dbconf, dbcbak )
#  
#  tmp_fdb=os.path.join(context['temp_directory'],'tmp_6147.fdb')
#  cleanup( (tmp_fdb,) )
#  
#  text2app='''
#  
#  # Temporarily added by fbtest, CORE-6147. Should be removed auto:
#  ##############################
#  tmp_alias_6147 = %(tmp_fdb)s
#  {
#      SecurityDatabase = tmp_alias_6147
#  }
#  ##############################
#  ''' % locals()
#  
#  f_dbconf=open( dbconf, 'a')
#  f_dbconf.seek(0, 2)
#  f_dbconf.write( text2app )
#  flush_and_close( f_dbconf )
#  
#  
#  SHOW_MAP_INFO_QUERY = '''
#      set count on;
#      -- set echo on;
#      set width map_name 31;
#      set width map_type 10;
#      set width map_plugin 16;
#      set width from_type 10;
#      set width map_from 10;
#      set width to_type 10;
#      set width map_to 10;
#      select * from v_map_info;
#  '''
#  
#  if PLUGIN_FOR_MAPPING == 'Srp':
#      db_connect_string = this_fdb
#      sql_txt=    '''
#          set bail on;
#          connect 'localhost:%(db_connect_string)s' user %(user_name)s password '%(user_password)s';
#          commit;
#          -- ::: NB :::
#          -- Local mapping will NOT be created when use Srp; create it here in order to have the same results
#          -- as for win_sspi:
#          create or alter mapping trusted_auth_c6147 using plugin %(PLUGIN_FOR_MAPPING)s from any user to user;
#          commit;
#      ''' % dict(globals(), **locals())
#  else:
#      db_connect_string = 'tmp_alias_6147'
#      sql_txt=    '''
#          set bail on;
#          -- do NOT use 'localhost:' here! Otherwise:
#          -- Statement failed, SQLSTATE = 28000
#          -- Your user name and password are not defined. ...
#          create database '%(db_connect_string)s' user %(user_name)s;
#          create user %(user_name)s password '%(user_password)s';
#          commit;
#      ''' % dict(globals(), **locals())
#  
#  sql_txt += '''
#      -- ::: NB :::
#      -- When used plugin is win_sspi then *TWO* mappings will be created here:  "local' (in rdb$auth_mapping)
#      -- and g;pbal (in sec$global_auth_mapping). This is NOT so when used plugin = Srp (only global mapping will be made).
#      create or alter global mapping trusted_auth_c6147 using plugin %(PLUGIN_FOR_MAPPING)s from any user to user;
#      commit;                                                        
#  
#      recreate view v_map_info as
#      select
#          map_name
#         ,map_type
#         -- ,map_plugin
#         ,from_type
#         ,map_from
#         ,to_type
#         ,map_to
#      from
#      (
#          select
#               rdb$map_name      as map_name
#              ,'local'           as map_type
#              ,rdb$map_plugin    as map_plugin
#              ,rdb$map_from_type as from_type
#              ,rdb$map_from      as map_from
#              ,rdb$map_to_type   as to_type
#              ,rdb$map_to        as map_to
#          from rdb$auth_mapping
#          UNION ALL
#          select
#              sec$map_name
#              ,'global'
#              ,sec$map_plugin
#              ,sec$map_from_type
#              ,sec$map_from
#              ,sec$map_to_type
#              ,sec$map_to
#          from sec$global_auth_mapping
#      ) t
#      where
#          t.map_name = upper('trusted_auth_c6147')
#          and t.map_plugin = upper('%(PLUGIN_FOR_MAPPING)s')
#      ;
#      commit;
#  
#      %(SHOW_MAP_INFO_QUERY)s
#  
#  ''' % dict(globals(), **locals())
#  
#  f_prepare_sql = open( os.path.join(context['temp_directory'],'tmp_6147_prepare.sql'), 'w')
#  f_prepare_sql.write(sql_txt)
#  flush_and_close( f_prepare_sql )
#  
#  f_prepare_log=open( os.path.join(context['temp_directory'],'tmp_6147_prepare.log'), 'w')
#  subprocess.call( [ context['isql_path'], "-q", "-i", f_prepare_sql.name ], stdout=f_prepare_log, stderr=subprocess.STDOUT )
#  flush_and_close( f_prepare_log )
#  
#  
#  # Extract metadata from test DB:
#  ##################
#  f_medatata_log=open( os.path.join(context['temp_directory'],'tmp_6147_meta.mapping.sql'), 'w')
#  subprocess.call( [ context['isql_path'], '-x', 'localhost:%(db_connect_string)s' % locals(),'-user', user_name, '-pas', user_password ], stdout=f_medatata_log, stderr=subprocess.STDOUT )
#  flush_and_close( f_medatata_log )
#  
#  
#  # Remove global mapping:
#  ########################
#  f_cleanup_sql = open( os.path.join(context['temp_directory'],'tmp_6147_cleanup.sql'), 'w')
#  sql_txt='''
#      set bail on;
#      -- NB: here we have to connect as "common" SYSDBA (using Srp) rather than Win_SSPI.
#      -- Otherwise global mapping can not be deleted:
#      -- ############################################
#      -- Statement failed, SQLSTATE = 28000
#      -- unsuccessful metadata update
#      -- -DROP MAPPING TRUSTED_AUTH_C6147 failed
#      -- -Unable to perform operation
#      -- -System privilege CHANGE_MAPPING_RULES is missing
#      -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#      -- This I can not explain: why user who did create global mapping can not delete it ???
#      -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#      connect 'localhost:%(db_connect_string)s' user %(user_name)s password '%(user_password)s';
#      drop global mapping trusted_auth_c6147;
#  ''' % dict(globals(), **locals())
#  
#  if PLUGIN_FOR_MAPPING == 'Srp':
#      sql_txt +=     '''
#          -- Delete record from rdb$auth_mapping (only when used plugin = 'Srp'):
#          drop mapping trusted_auth_c6147;
#      '''
#  
#  sql_txt += '''    
#      commit;
#  
#      %(SHOW_MAP_INFO_QUERY)s
#      quit;
#  
#      -- DOES NOT HELP! DATABASE FILE REMAINS OPENED BY FIREBIRD!
#      -- ALTER EXTERNAL CONNECTIONS POOL CLEAR ALL; -- !! mandatory otherwise database file will be kept by engine and fbtest will not able to drop it !!
#      -- drop database; --> does not raise errot when clear pool but DB file still remains opened !!!
#  ''' % dict(globals(), **locals())
#  
#  f_cleanup_sql.write(sql_txt)
#  flush_and_close( f_cleanup_sql )
#  
#  # DROP MAPPING:
#  ###############
#  f_cleanup_log = open( os.path.join(context['temp_directory'],'tmp_6147_cleanup.log'), 'w')
#  subprocess.call( [ context['isql_path'], "-q", "-i", f_cleanup_sql.name ], stdout=f_cleanup_log, stderr=subprocess.STDOUT )
#  flush_and_close( f_cleanup_log )
#  
#  subprocess.call( [context['gfix_path'], 'localhost:%(db_connect_string)s' % locals(), '-shut', 'single', '-force', '0', '-user', user_name, '-pas', user_password] )
#  
#  # RESTORE original config:
#  ##########################
#  shutil.move( dbcbak, dbconf)
#  
#  with open(f_prepare_log.name, 'r') as f:
#      for line in f:
#          if line.split():
#              print('AFTER_MADE_MAPPING: ' + line)
#  
#  allowed_patterns = (
#       re.compile('MAPPING TRUSTED_AUTH_C6147', re.IGNORECASE)
#      ,re.compile('SQLSTATE', re.IGNORECASE)
#      ,re.compile('Missing security', re.IGNORECASE)
#      ,re.compile('Your user', re.IGNORECASE)
#  )
#  
#  with open(f_medatata_log.name, 'r') as f:
#      for line in f:
#          match2some = [ p.search(line) for p in allowed_patterns ]
#          if max(match2some):
#              print('EXTRACTED_METADATA: ' + line)
#  
#  with open(f_cleanup_log.name, 'r') as f:
#      for line in f:
#          if line.split():
#              print('AFTER_DROP_MAPPING: ' + line)
#  
#  # CLEANUP:
#  ##########
#  time.sleep(1)
#  f_list=( 
#       f_prepare_sql
#      ,f_prepare_log
#      ,f_medatata_log
#      ,f_cleanup_sql
#      ,f_cleanup_log
#      ,tmp_fdb
#  )
#  cleanup( f_list )
#  
#  
#    
#---
#act_1 = python_act('db_1', test_script_1, substitutions=substitutions_1)

expected_stdout_1 = """
AFTER_MADE_MAPPING: MAP_NAME                        MAP_TYPE   FROM_TYPE  MAP_FROM   TO_TYPE MAP_TO     
AFTER_MADE_MAPPING: =============================== ========== ========== ========== ======= ========== 
AFTER_MADE_MAPPING: TRUSTED_AUTH_C6147              local      USER       *                0 <null>     
AFTER_MADE_MAPPING: TRUSTED_AUTH_C6147              global     USER       *                0 <null>     
AFTER_MADE_MAPPING: Records affected: 2

EXTRACTED_METADATA: CREATE MAPPING TRUSTED_AUTH_C6147 USING PLUGIN
EXTRACTED_METADATA: CREATE OR ALTER GLOBAL MAPPING TRUSTED_AUTH_C6147 USING PLUGIN

AFTER_DROP_MAPPING: Records affected: 0

  """

@pytest.mark.version('>=4.0')
@pytest.mark.xfail
def test_core_6147_1(db_1):
    pytest.fail("Test not IMPLEMENTED")
Firebird engine tests 2021-04-26 20:07:00 +02:00			`#coding:utf-8`
			`#`
			`# id: bugs.core_6147`
			`# title: PLG$SRP table, PLG$SRP_VIEW View instructions are strangely added in the metadata script extracted when Windows trusted authentication is enabled`
			`# decription:`
			`# ::: NOTE :::`
			`# References to the table PLG$SRP and view PLG$SRP_VIEW always present in extracted metadata,`
			`# regardless of using auth plugin (and this is NOT a bug!).`
			`#`
			`# Fix was introduced in 4.0.0.2087: extracted metadata must contain "OR ALTER" clause in:`
			`# CREATE OR ALTER GLOBAL MAPPING TRUSTED_AUTH_C6147 ...`
			`# ^^^^^^^^`
			`# Builds before 4.0.0.2084 did not add this clause in extracted metadata script (checked 4.0.0.2076).`
			`# (see also discussion with Alex, 02-jun-2020 08:23).`
			`#`
			`# ### NB ###`
			`# For unclear reason ALTER EXTERNAL CONNECTIONS POOL CLEAR ALL + DROP DATABASE do not work as expected in this test:`
			`# test DB remains opened by firebird.exe about 5...7 seconds after test finish, and 'drop database' does not issues any error.`
			`# Because of this it was decided to forcedly change DB state to full shutdown in order to have ability to drop it.`
			`# 22.02.2021: perhaps, this was somehow related to core-6441.`
			`#`
			`# NOTES FOR WINDOWS:`
			`# ##################`
			`# We create copy of %FIREBIRD_HOME%\\database.conf and change it content by adding lines:`
			`# tmp_alias_6147 = ...`
			`# {`
			`# SecurityDatabase = tmp_alias_6147`
			`# }`
			`# Then we create trest DB in embedded mode, create SYSDBA that belongs to this DB and create global mapping.`
			`# We check content of rdb$auth_mapping table after this step in order to ensure that mapping was actually created.`
			`# After this we do connect to DB using Win_SSPI and extract metadata.`
			`#`
			`# NOTES FOR LINUX:`
			`# ################`
			`# 03-mar-2021. This test can run on Linux but we have to use plugin = Srp instead of win_sspi.`
			`# This is done by check result of os.name (see below).`
			`# Local mapping (i.e. in RDB$DATABASE) will not be created in this case (in contrary to win_sspi),`
			`# thus we create and drop it "manually" in order to pass expected results check.`
			`#`
			`# Checked on:`
			`# * Windows: 4.0.0.2377 SS/CS (done for both win_sspi and Srp, but only win_sspi is used in this test for Windows)`
			`# * Linux: 4.0.0.2377 SS/CS (done for Srp)`
			`#`
			`# tracker_id: CORE-6147`
			`# min_versions: ['4.0']`
			`# versions: 4.0`
			`# qmid: None`

			`import pytest`
			`from firebird.qa import db_factory, isql_act, Action`

			`# version: 4.0`
			`# resources: None`

			`substitutions_1 = [('[ \t]+', ' '), ('.===.', ''), ('PLUGIN .*', 'PLUGIN')]`

			`init_script_1 = """"""`

			`db_1 = db_factory(sql_dialect=3, init=init_script_1)`

			`# test_script_1`
			`#---`
			`#`
			`# import os`
			`# import subprocess`
			`# import datetime`
			`# import time`
			`# import shutil`
			`# import re`
			`# from fdb import services`
			`#`
			`# this_fdb = db_conn.database_name`
			`#`
			`# if os.name == 'nt':`
			`# # On Windows we test what it was initially described in the ticket (trusted auth.):`
			`# PLUGIN_FOR_MAPPING = 'win_sspi'`
			`# else:`
			`# # On Linux currently we can check only Srp plugin`
			`# # but results must be the same as for win_sspi:`
			`# PLUGIN_FOR_MAPPING = 'Srp'`
			`#`
			`#`
			`# # 23.08.2020: !!! REMOVING OS-VARIABLE ISC_USER IS MANDATORY HERE !!!`
			`# # This variable could be set by other .fbts which was performed before current within batch mode (i.e. when fbt_run is called from <rundaily>)`
			`# # NB: os.unsetenv('ISC_USER') actually does NOT affect on content of os.environ dictionary, see: https://docs.python.org/2/library/os.html`
			`# # We have to remove OS variable either by os.environ.pop() or using 'del os.environ[...]', but in any case this must be enclosed intro try/exc:`
			`# #os.environ.pop('ISC_USER')`
			`# try:`
			`# del os.environ["ISC_USER"]`
			`# except KeyError as e:`
			`# pass`
			`#`
			`# db_conn.close()`
			`#`
			`# #--------------------------------------------`
			`#`
			`# def flush_and_close( file_handle ):`
			`# # https://docs.python.org/2/library/os.html#os.fsync`
			`# # If you're starting with a Python file object f,`
			`# # first do f.flush(), and`
			`# # then do os.fsync(f.fileno()), to ensure that all internal buffers associated with f are written to disk.`
			`# global os`
			`#`
			`# file_handle.flush()`
			`# if file_handle.mode not in ('r', 'rb') and file_handle.name != os.devnull:`
			`# # otherwise: "OSError: [Errno 9] Bad file descriptor"!`
			`# os.fsync(file_handle.fileno())`
			`# file_handle.close()`
			`#`
			`# #--------------------------------------------`
			`#`
			`# def cleanup( f_names_list ):`
			`# global os`
			`# for f in f_names_list:`
			`# if type(f) == file:`
			`# del_name = f.name`
			`# elif type(f) == str:`
			`# del_name = f`
			`# else:`
			`# print('Unrecognized type of element:', f, ' - can not be treated as file.')`
			`# del_name = None`
			`#`
			`# if del_name and os.path.isfile( del_name ):`
			`# os.remove( del_name )`
			`#`
			`# #--------------------------------------------`
			`#`
			`# svc = services.connect(host='localhost', user= user_name, password= user_password)`
			`# fb_home = svc.get_home_directory()`
			`# svc.close()`
			`# # Resut: fb_home is full path to FB instance home (with trailing slash).`
			`#`
			`# dts = datetime.datetime.now().strftime("%y%m%d_%H%M%S")`
			`#`
			`# dbconf = os.path.join( fb_home, 'databases.conf')`
			`# dbcbak = os.path.join( fb_home, 'databases_'+dts+'.bak')`
			`#`
			`# shutil.copy2( dbconf, dbcbak )`
			`#`
			`# tmp_fdb=os.path.join(context['temp_directory'],'tmp_6147.fdb')`
			`# cleanup( (tmp_fdb,) )`
			`#`
			`# text2app='''`
			`#`
			`# # Temporarily added by fbtest, CORE-6147. Should be removed auto:`
			`# ##############################`
			`# tmp_alias_6147 = %(tmp_fdb)s`
			`# {`
			`# SecurityDatabase = tmp_alias_6147`
			`# }`
			`# ##############################`
			`# ''' % locals()`
			`#`
			`# f_dbconf=open( dbconf, 'a')`
			`# f_dbconf.seek(0, 2)`
			`# f_dbconf.write( text2app )`
			`# flush_and_close( f_dbconf )`
			`#`
			`#`
			`# SHOW_MAP_INFO_QUERY = '''`
			`# set count on;`
			`# -- set echo on;`
			`# set width map_name 31;`
			`# set width map_type 10;`
			`# set width map_plugin 16;`
			`# set width from_type 10;`
			`# set width map_from 10;`
			`# set width to_type 10;`
			`# set width map_to 10;`
			`# select * from v_map_info;`
			`# '''`
			`#`
			`# if PLUGIN_FOR_MAPPING == 'Srp':`
			`# db_connect_string = this_fdb`
			`# sql_txt= '''`
			`# set bail on;`
			`# connect 'localhost:%(db_connect_string)s' user %(user_name)s password '%(user_password)s';`
			`# commit;`
			`# -- ::: NB :::`
			`# -- Local mapping will NOT be created when use Srp; create it here in order to have the same results`
			`# -- as for win_sspi:`
			`# create or alter mapping trusted_auth_c6147 using plugin %(PLUGIN_FOR_MAPPING)s from any user to user;`
			`# commit;`
			`# ''' % dict(globals(), **locals())`
			`# else:`
			`# db_connect_string = 'tmp_alias_6147'`
			`# sql_txt= '''`
			`# set bail on;`
			`# -- do NOT use 'localhost:' here! Otherwise:`
			`# -- Statement failed, SQLSTATE = 28000`
			`# -- Your user name and password are not defined. ...`
			`# create database '%(db_connect_string)s' user %(user_name)s;`
			`# create user %(user_name)s password '%(user_password)s';`
			`# commit;`
			`# ''' % dict(globals(), **locals())`
			`#`
			`# sql_txt += '''`
			`# -- ::: NB :::`
			`# -- When used plugin is win_sspi then TWO mappings will be created here: "local' (in rdb$auth_mapping)`
			`# -- and g;pbal (in sec$global_auth_mapping). This is NOT so when used plugin = Srp (only global mapping will be made).`
			`# create or alter global mapping trusted_auth_c6147 using plugin %(PLUGIN_FOR_MAPPING)s from any user to user;`
			`# commit;`
			`#`
			`# recreate view v_map_info as`
			`# select`
			`# map_name`
			`# ,map_type`
			`# -- ,map_plugin`
			`# ,from_type`
			`# ,map_from`
			`# ,to_type`
			`# ,map_to`
			`# from`
			`# (`
			`# select`
			`# rdb$map_name as map_name`
			`# ,'local' as map_type`
			`# ,rdb$map_plugin as map_plugin`
			`# ,rdb$map_from_type as from_type`
			`# ,rdb$map_from as map_from`
			`# ,rdb$map_to_type as to_type`
			`# ,rdb$map_to as map_to`
			`# from rdb$auth_mapping`
			`# UNION ALL`
			`# select`
			`# sec$map_name`
			`# ,'global'`
			`# ,sec$map_plugin`
			`# ,sec$map_from_type`
			`# ,sec$map_from`
			`# ,sec$map_to_type`
			`# ,sec$map_to`
			`# from sec$global_auth_mapping`
			`# ) t`
			`# where`
			`# t.map_name = upper('trusted_auth_c6147')`
			`# and t.map_plugin = upper('%(PLUGIN_FOR_MAPPING)s')`
			`# ;`
			`# commit;`
			`#`
			`# %(SHOW_MAP_INFO_QUERY)s`
			`#`
			`# ''' % dict(globals(), **locals())`
			`#`
			`# f_prepare_sql = open( os.path.join(context['temp_directory'],'tmp_6147_prepare.sql'), 'w')`
			`# f_prepare_sql.write(sql_txt)`
			`# flush_and_close( f_prepare_sql )`
			`#`
			`# f_prepare_log=open( os.path.join(context['temp_directory'],'tmp_6147_prepare.log'), 'w')`
			`# subprocess.call( [ context['isql_path'], "-q", "-i", f_prepare_sql.name ], stdout=f_prepare_log, stderr=subprocess.STDOUT )`
			`# flush_and_close( f_prepare_log )`
			`#`
			`#`
			`# # Extract metadata from test DB:`
			`# ##################`
			`# f_medatata_log=open( os.path.join(context['temp_directory'],'tmp_6147_meta.mapping.sql'), 'w')`
			`# subprocess.call( [ context['isql_path'], '-x', 'localhost:%(db_connect_string)s' % locals(),'-user', user_name, '-pas', user_password ], stdout=f_medatata_log, stderr=subprocess.STDOUT )`
			`# flush_and_close( f_medatata_log )`
			`#`
			`#`
			`# # Remove global mapping:`
			`# ########################`
			`# f_cleanup_sql = open( os.path.join(context['temp_directory'],'tmp_6147_cleanup.sql'), 'w')`
			`# sql_txt='''`
			`# set bail on;`
			`# -- NB: here we have to connect as "common" SYSDBA (using Srp) rather than Win_SSPI.`
			`# -- Otherwise global mapping can not be deleted:`
			`# -- ############################################`
			`# -- Statement failed, SQLSTATE = 28000`
			`# -- unsuccessful metadata update`
			`# -- -DROP MAPPING TRUSTED_AUTH_C6147 failed`
			`# -- -Unable to perform operation`
			`# -- -System privilege CHANGE_MAPPING_RULES is missing`
			`# -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
			`# -- This I can not explain: why user who did create global mapping can not delete it ???`
			`# -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
			`# connect 'localhost:%(db_connect_string)s' user %(user_name)s password '%(user_password)s';`
			`# drop global mapping trusted_auth_c6147;`
			`# ''' % dict(globals(), **locals())`
			`#`
			`# if PLUGIN_FOR_MAPPING == 'Srp':`
			`# sql_txt += '''`
			`# -- Delete record from rdb$auth_mapping (only when used plugin = 'Srp'):`
			`# drop mapping trusted_auth_c6147;`
			`# '''`
			`#`
			`# sql_txt += '''`
			`# commit;`
			`#`
			`# %(SHOW_MAP_INFO_QUERY)s`
			`# quit;`
			`#`
			`# -- DOES NOT HELP! DATABASE FILE REMAINS OPENED BY FIREBIRD!`
			`# -- ALTER EXTERNAL CONNECTIONS POOL CLEAR ALL; -- !! mandatory otherwise database file will be kept by engine and fbtest will not able to drop it !!`
			`# -- drop database; --> does not raise errot when clear pool but DB file still remains opened !!!`
			`# ''' % dict(globals(), **locals())`
			`#`
			`# f_cleanup_sql.write(sql_txt)`
			`# flush_and_close( f_cleanup_sql )`
			`#`
			`# # DROP MAPPING:`
			`# ###############`
			`# f_cleanup_log = open( os.path.join(context['temp_directory'],'tmp_6147_cleanup.log'), 'w')`
			`# subprocess.call( [ context['isql_path'], "-q", "-i", f_cleanup_sql.name ], stdout=f_cleanup_log, stderr=subprocess.STDOUT )`
			`# flush_and_close( f_cleanup_log )`
			`#`
			`# subprocess.call( [context['gfix_path'], 'localhost:%(db_connect_string)s' % locals(), '-shut', 'single', '-force', '0', '-user', user_name, '-pas', user_password] )`
			`#`
			`# # RESTORE original config:`
			`# ##########################`
			`# shutil.move( dbcbak, dbconf)`
			`#`
			`# with open(f_prepare_log.name, 'r') as f:`
			`# for line in f:`
			`# if line.split():`
			`# print('AFTER_MADE_MAPPING: ' + line)`
			`#`
			`# allowed_patterns = (`
			`# re.compile('MAPPING TRUSTED_AUTH_C6147', re.IGNORECASE)`
			`# ,re.compile('SQLSTATE', re.IGNORECASE)`
			`# ,re.compile('Missing security', re.IGNORECASE)`
			`# ,re.compile('Your user', re.IGNORECASE)`
			`# )`
			`#`
			`# with open(f_medatata_log.name, 'r') as f:`
			`# for line in f:`
			`# match2some = [ p.search(line) for p in allowed_patterns ]`
			`# if max(match2some):`
			`# print('EXTRACTED_METADATA: ' + line)`
			`#`
			`# with open(f_cleanup_log.name, 'r') as f:`
			`# for line in f:`
			`# if line.split():`
			`# print('AFTER_DROP_MAPPING: ' + line)`
			`#`
			`# # CLEANUP:`
			`# ##########`
			`# time.sleep(1)`
			`# f_list=(`
			`# f_prepare_sql`
			`# ,f_prepare_log`
			`# ,f_medatata_log`
			`# ,f_cleanup_sql`
			`# ,f_cleanup_log`
			`# ,tmp_fdb`
			`# )`
			`# cleanup( f_list )`
			`#`
			`#`
			`#`
			`#---`
			`#act_1 = python_act('db_1', test_script_1, substitutions=substitutions_1)`

			`expected_stdout_1 = """`
			`AFTER_MADE_MAPPING: MAP_NAME MAP_TYPE FROM_TYPE MAP_FROM TO_TYPE MAP_TO`
			`AFTER_MADE_MAPPING: =============================== ========== ========== ========== ======= ==========`
			`AFTER_MADE_MAPPING: TRUSTED_AUTH_C6147 local USER * 0 <null>`
			`AFTER_MADE_MAPPING: TRUSTED_AUTH_C6147 global USER * 0 <null>`
			`AFTER_MADE_MAPPING: Records affected: 2`

			`EXTRACTED_METADATA: CREATE MAPPING TRUSTED_AUTH_C6147 USING PLUGIN`
			`EXTRACTED_METADATA: CREATE OR ALTER GLOBAL MAPPING TRUSTED_AUTH_C6147 USING PLUGIN`

			`AFTER_DROP_MAPPING: Records affected: 0`

			`"""`

			`@pytest.mark.version('>=4.0')`
			`@pytest.mark.xfail`
			`def test_core_6147_1(db_1):`
			`pytest.fail("Test not IMPLEMENTED")`