Added/Updated tests\bugs\gh_7217_test.py: Checked on 5.0.0.959 - all OK.

2025-01-22 13:33:07 +01:00 · 2023-02-25 13:58:33 +03:00 · 2023-02-25 13:58:33 +03:00 · 5d5801c389
commit 5d5801c389
parent dc257d8e17
1 changed files with 116 additions and 0 deletions
--- a/tests/bugs/gh_7217_test.py
+++ b/tests/bugs/gh_7217_test.py
@ -0,0 +1,116 @@
+#coding:utf-8
+
+"""
+ID:          issue-7217
+ISSUE:       https://github.com/FirebirdSQL/firebird/issues/7217
+TITLE:       user with DROP ANY PACKAGE privilege can not execute DROP PACKAGE BODY
+NOTES:
+    [25.02.2023] pzotov
+    Confirmed bug on 5.0.0.520.
+    Checked on 5.0.0.959 - all OK.
+"""
+
+import pytest
+from firebird.qa import *
+
+init_script = """
+    set term ^;
+    create package pg_test_1 as
+    begin
+          procedure pg_sp_1 returns(id int);
+    end
+    ^
+    create package pg_test_2 as
+    begin
+          procedure pg_sp_2 returns(id int);
+    end
+    ^
+    create package body pg_test_1 as
+    begin
+      	procedure pg_sp_1 returns(id int) as
+      	begin
+      	    id = 1;
+      	    suspend;
+      	end
+    end
+    ^
+    create package body pg_test_2 as
+    begin
+      	procedure pg_sp_2 returns(id int) as
+      	begin
+      	    id = 1;
+      	    suspend;
+      	end
+    end
+    ^
+    set term ;^
+    commit;
+"""
+db = db_factory(init = init_script)
+
+tmp_usr1 = user_factory('db', name = 'tmp_user_7217_foo', password = '123')
+tmp_usr2 = user_factory('db', name = 'tmp_user_7217_bar', password = '456')
+tmp_role = role_factory('db', name = 'tmp_role_7217')
+
+act = python_act('db')
+
+expected_stdout = """
+    RDB$PACKAGE_BODY_SOURCE         <null>
+    RDB$PACKAGE_BODY_SOURCE         <null>
+    Records affected: 2
+"""
+
+@pytest.mark.version('>=5.0')
+def test_1(act: Action, tmp_usr1: User, tmp_usr2: User, tmp_role: Role):
+
+    test_script = f"""
+        set bail on;
+
+        connect '{act.db.dsn}' user {act.db.user} password '{act.db.password}';
+        grant DROP ANY PACKAGE to {tmp_usr1.name};
+        grant DROP ANY PACKAGE to {tmp_role.name};
+        grant {tmp_role.name} to {tmp_usr2.name};
+        commit;
+        set autoddl off;
+        set bail off;
+        -----------------------------------------------------
+        -- 1. Check that user can drop package when this permission was granted to HIMSELF:
+        connect '{act.db.dsn}' user {tmp_usr1.name} password '{tmp_usr1.password}';
+        drop package body pg_test_1;
+        rollback;
+
+        set term ^;
+        execute block as
+        begin
+            execute statement 'drop package body pg_test_1';
+        end
+        ^
+        set term ;^
+        commit;
+        -----------------------------------------------------
+        -- 2. Check that user can drop package when this permission was granted to ROLE which, in turn, was granted to that user:
+        connect '{act.db.dsn}' user {tmp_usr2.name} password '{tmp_usr2.password}' role {tmp_role.name};
+        drop package body pg_test_2;
+        rollback;
+
+        set term ^;
+        execute block as
+        begin
+            execute statement 'drop package body pg_test_2';
+        end
+        ^
+        set term ;^
+        commit;
+        -----------------------------------------------------
+        -- 3. Check that both packages now have no bodies:
+        connect '{act.db.dsn}' user {act.db.user} password '{act.db.password}';
+        set count on;
+        set list on;
+        set blob all;
+        -- must issue two rows, both with <null> literals:
+        select p.rdb$package_body_source from rdb$packages p where p.rdb$package_name in ( upper('pg_test_1'),upper('pg_test_2') );
+    """
+
+    act.expected_stdout = expected_stdout
+    act.isql(switches=['-q'], input = test_script, connect_db = False, credentials = False, combine_output = True)
+    assert act.clean_stdout == act.clean_expected_stdout