firebird-qa/tests/bugs/gh_7506_test.py

#coding:utf-8

"""
ID:          issue-7506
ISSUE:       7506
TITLE:       Reduce output of the SHOW GRANTS command
DESCRIPTION:
    Test checks output of SHOW GRANT command when we allow access to:
    2) user;
    1) role.
NOTES:
    Checked on 5.0.0.1030.
"""
import pytest
from firebird.qa import *

tmp_user_boss = user_factory('db', name='tmp$gh_7506_john', password='123', plugin = 'Srp')
tmp_user_mngr = user_factory('db', name='tmp$gh_7506_mike', password='456', plugin = 'Srp')

tmp_role_boss = role_factory('db', name='tmp$gh_7506_boss')
tmp_role_mngr = role_factory('db', name='tmp$gh_7506_mngr')

db = db_factory()

act = python_act('db', substitutions=[('[ \t]+', ' ')])

@pytest.mark.version('>=5.0')
def test_1(act: Action, tmp_user_boss: User, tmp_user_mngr: User, tmp_role_boss: Role, tmp_role_mngr: Role, capsys):

    test_user_sql = f"""
        recreate table test(id int primary key, f01 int, f02 int, f03 int, f04 int, f05 int, f06 int);
        recreate view v_test as select * from test;

        grant delete, insert, select, update, references on test to view v_test;

        grant select on test to user {tmp_user_boss.name} with grant option;
        grant update(f01, f03) on test to user {tmp_user_boss.name};
        grant delete on test to user {tmp_user_boss.name};
        grant update(f02) on test to user {tmp_user_boss.name};
        grant insert on test to user {tmp_user_boss.name};
        grant update(f05, f06, f04) on test to user {tmp_user_boss.name} with grant option;
        grant update(f01, f03) on test to user {tmp_user_mngr.name};
        commit;

        connect '{act.db.dsn}' user {tmp_user_boss.name} password '{tmp_user_boss.password}';
        grant select on test to user {tmp_user_mngr.name};
        grant update(f05, f06, f04) on test to user {tmp_user_mngr.name};

        show grants;
    """

    act.expected_stdout = f"""
        /* Grant permissions for this database */
        GRANT DELETE, INSERT, UPDATE (F01, F02, F03) ON TEST TO USER {tmp_user_boss.name.upper()}
        GRANT SELECT, UPDATE (F04, F05, F06) ON TEST TO USER {tmp_user_boss.name.upper()} WITH GRANT OPTION
        GRANT SELECT ON TEST TO USER {tmp_user_mngr.name.upper()} GRANTED BY {tmp_user_boss.name.upper()}
        GRANT UPDATE (F01, F03) ON TEST TO USER {tmp_user_mngr.name.upper()}
        GRANT UPDATE (F04, F05, F06) ON TEST TO USER {tmp_user_mngr.name.upper()} GRANTED BY {tmp_user_boss.name.upper()}
        GRANT ALL ON TEST TO VIEW V_TEST
    """
    act.isql(input = test_user_sql, combine_output = True)
    assert act.clean_stdout == act.clean_expected_stdout
    act.reset()

    #----------------------------------------------------

    test_role_sql = f"""
        set wng off;
        revoke all on all from {tmp_user_boss.name};
        revoke all on all from {tmp_user_mngr.name};
        drop view v_test;
        commit;
        recreate table test(id int primary key, f01 int, f02 int, f03 int, f04 int, f05 int, f06 int);

        grant select on test to role {tmp_role_boss.name} with grant option;
        grant update(f01, f03) on test to role {tmp_role_boss.name};
        grant delete on test to role {tmp_role_boss.name};
        grant update(f02) on test to role {tmp_role_boss.name};
        grant insert on test to role {tmp_role_boss.name};
        grant update(f05, f06, f04) on test to role {tmp_role_boss.name} with grant option;
        grant update(f01, f03) on test to role {tmp_role_mngr.name};
        grant {tmp_role_boss.name} to {tmp_user_boss.name};
        commit;

        connect '{act.db.dsn}' user {tmp_user_boss.name} password '{tmp_user_boss.password}' role {tmp_role_boss.name};
        grant select on test to role {tmp_role_mngr.name};
        grant update(f05, f06, f04) on test to role {tmp_role_mngr.name};

        show grants;
    """

    act.expected_stdout = f"""
        /* Grant permissions for this database */
        GRANT DELETE, INSERT, UPDATE (F01, F02, F03) ON TEST TO ROLE TMP$GH_7506_BOSS
        GRANT SELECT, UPDATE (F04, F05, F06) ON TEST TO ROLE TMP$GH_7506_BOSS WITH GRANT OPTION
        GRANT SELECT ON TEST TO ROLE TMP$GH_7506_MNGR GRANTED BY TMP$GH_7506_JOHN
        GRANT UPDATE (F01, F03) ON TEST TO ROLE TMP$GH_7506_MNGR
        GRANT UPDATE (F04, F05, F06) ON TEST TO ROLE TMP$GH_7506_MNGR GRANTED BY TMP$GH_7506_JOHN
        GRANT TMP$GH_7506_BOSS TO TMP$GH_7506_JOHN
    """
    act.isql(input = test_role_sql, combine_output = True)
    assert act.clean_stdout == act.clean_expected_stdout
    act.reset()
Added/Updated tests\bugs\gh_7506_test.py: Checked on 5.0.0.1030. 2023-04-24 12:14:31 +02:00			`#coding:utf-8`

			`"""`
			`ID: issue-7506`
			`ISSUE: 7506`
			`TITLE: Reduce output of the SHOW GRANTS command`
			`DESCRIPTION:`
			`Test checks output of SHOW GRANT command when we allow access to:`
			`2) user;`
			`1) role.`
			`NOTES:`
			`Checked on 5.0.0.1030.`
			`"""`
			`import pytest`
			`from firebird.qa import *`

			`tmp_user_boss = user_factory('db', name='tmp$gh_7506_john', password='123', plugin = 'Srp')`
			`tmp_user_mngr = user_factory('db', name='tmp$gh_7506_mike', password='456', plugin = 'Srp')`

			`tmp_role_boss = role_factory('db', name='tmp$gh_7506_boss')`
			`tmp_role_mngr = role_factory('db', name='tmp$gh_7506_mngr')`

			`db = db_factory()`

			`act = python_act('db', substitutions=[('[ \t]+', ' ')])`

			`@pytest.mark.version('>=5.0')`
			`def test_1(act: Action, tmp_user_boss: User, tmp_user_mngr: User, tmp_role_boss: Role, tmp_role_mngr: Role, capsys):`

			`test_user_sql = f"""`
			`recreate table test(id int primary key, f01 int, f02 int, f03 int, f04 int, f05 int, f06 int);`
			`recreate view v_test as select * from test;`

			`grant delete, insert, select, update, references on test to view v_test;`

			`grant select on test to user {tmp_user_boss.name} with grant option;`
			`grant update(f01, f03) on test to user {tmp_user_boss.name};`
			`grant delete on test to user {tmp_user_boss.name};`
			`grant update(f02) on test to user {tmp_user_boss.name};`
			`grant insert on test to user {tmp_user_boss.name};`
			`grant update(f05, f06, f04) on test to user {tmp_user_boss.name} with grant option;`
			`grant update(f01, f03) on test to user {tmp_user_mngr.name};`
			`commit;`

			`connect '{act.db.dsn}' user {tmp_user_boss.name} password '{tmp_user_boss.password}';`
			`grant select on test to user {tmp_user_mngr.name};`
			`grant update(f05, f06, f04) on test to user {tmp_user_mngr.name};`

			`show grants;`
			`"""`

			`act.expected_stdout = f"""`
			`/* Grant permissions for this database */`
			`GRANT DELETE, INSERT, UPDATE (F01, F02, F03) ON TEST TO USER {tmp_user_boss.name.upper()}`
			`GRANT SELECT, UPDATE (F04, F05, F06) ON TEST TO USER {tmp_user_boss.name.upper()} WITH GRANT OPTION`
			`GRANT SELECT ON TEST TO USER {tmp_user_mngr.name.upper()} GRANTED BY {tmp_user_boss.name.upper()}`
			`GRANT UPDATE (F01, F03) ON TEST TO USER {tmp_user_mngr.name.upper()}`
			`GRANT UPDATE (F04, F05, F06) ON TEST TO USER {tmp_user_mngr.name.upper()} GRANTED BY {tmp_user_boss.name.upper()}`
			`GRANT ALL ON TEST TO VIEW V_TEST`
			`"""`
			`act.isql(input = test_user_sql, combine_output = True)`
			`assert act.clean_stdout == act.clean_expected_stdout`
			`act.reset()`

			`#----------------------------------------------------`

			`test_role_sql = f"""`
			`set wng off;`
			`revoke all on all from {tmp_user_boss.name};`
			`revoke all on all from {tmp_user_mngr.name};`
			`drop view v_test;`
			`commit;`
			`recreate table test(id int primary key, f01 int, f02 int, f03 int, f04 int, f05 int, f06 int);`

			`grant select on test to role {tmp_role_boss.name} with grant option;`
			`grant update(f01, f03) on test to role {tmp_role_boss.name};`
			`grant delete on test to role {tmp_role_boss.name};`
			`grant update(f02) on test to role {tmp_role_boss.name};`
			`grant insert on test to role {tmp_role_boss.name};`
			`grant update(f05, f06, f04) on test to role {tmp_role_boss.name} with grant option;`
			`grant update(f01, f03) on test to role {tmp_role_mngr.name};`
			`grant {tmp_role_boss.name} to {tmp_user_boss.name};`
			`commit;`

			`connect '{act.db.dsn}' user {tmp_user_boss.name} password '{tmp_user_boss.password}' role {tmp_role_boss.name};`
			`grant select on test to role {tmp_role_mngr.name};`
			`grant update(f05, f06, f04) on test to role {tmp_role_mngr.name};`

			`show grants;`
			`"""`

			`act.expected_stdout = f"""`
			`/* Grant permissions for this database */`
			`GRANT DELETE, INSERT, UPDATE (F01, F02, F03) ON TEST TO ROLE TMP$GH_7506_BOSS`
			`GRANT SELECT, UPDATE (F04, F05, F06) ON TEST TO ROLE TMP$GH_7506_BOSS WITH GRANT OPTION`
			`GRANT SELECT ON TEST TO ROLE TMP$GH_7506_MNGR GRANTED BY TMP$GH_7506_JOHN`
			`GRANT UPDATE (F01, F03) ON TEST TO ROLE TMP$GH_7506_MNGR`
			`GRANT UPDATE (F04, F05, F06) ON TEST TO ROLE TMP$GH_7506_MNGR GRANTED BY TMP$GH_7506_JOHN`
			`GRANT TMP$GH_7506_BOSS TO TMP$GH_7506_JOHN`
			`"""`
			`act.isql(input = test_role_sql, combine_output = True)`
			`assert act.clean_stdout == act.clean_expected_stdout`
			`act.reset()`