#coding:utf-8 # # id: bugs.core_4821 # title: grant create database to ROLE does not work: "no permission for CREATE access to DATABASE ..." # decription: # ::: NOTE ::: Test requires that databases.conf contains 'RemoteAccess = true' for security.db # This line is added there by scenario ' # undaily.bat' every time when check new FB snapshot. # # We make connection to security.db and create there user and role, with granting this role to user. # (so, ROLE also is stored in the security.db). # Then we grant privilege to create DB to just created role. # After this we check that: # * user can NOT create database if 'ROLE ' missed in the 'create database' statement; # * user _CAN_ create database when issues: create database ... user ... password ... ROLE # # Then we create backup of just created database and check that: # * user can NOT restore it until specifying '-ROLE ' in gbak command line; # * user _CAN_ restore database when issues: gbak -rep ... -user ... -pas ... -ROLE ; # * the same pair of checks is performed for fbsvcmgr invocation; # # Finally, we connect again to security.db and drop . After this restore must not be allowed # even when "ROLE " is specified in commands gbak or fbsvcmgr. # # Checked on: # 4.0.0.1713 SS: 5.250s. # 4.0.0.1346 SC: 5.734s. # 4.0.0.1691 CS: 9.875s. # 3.0.5.33218 SS: 4.313s. # 3.0.5.33084 SC: 4.031s. # 3.0.5.33212 CS: 7.672s. # # 13.04.2021. Adapted for run both on Windows and Linux. Checked on: # Windows: 3.0.8.33445, 4.0.0.2416 # Linux: 3.0.8.33426, 4.0.0.2416 # # [pcisar] 24.11.2021 # This test FAILs because it's not possible to grant create database to role tmp$db_creator # although it exists (in test database): # Statement failed, SQLSTATE = 28000 # unsuccessful metadata update # -GRANT failed # -SQL role TMP$DB_CREATOR does not exist # -in security database # # tracker_id: CORE-4821 # min_versions: ['3.0.5'] # versions: 3.0.5 # qmid: None import pytest import sys from pathlib import Path from firebird.qa import db_factory, python_act, Action, temp_file, user_factory, User # version: 3.0.5 # resources: None substitutions_1 = [('no permission for CREATE access to DATABASE .*', 'no permission for CREATE access to DATABASE'), ('gbak: ERROR:failed to create database .*', 'gbak: ERROR:failed to create database'), ('-failed to create database .*', '-failed to create database'), ('CREATED_DB_NAME .*', 'CREATED_DB_NAME'), ('FDB_RESTORED_USING_GBAK .*', 'FDB_RESTORED_USING_GBAK'), ('FDB_RESTORED_USING_SMGR .*', 'FDB_RESTORED_USING_SMGR')] init_script_1 = """""" db_1 = db_factory(sql_dialect=3, init=init_script_1) # test_script_1 #--- # # import os # # os.environ["ISC_USER"] = user_name # os.environ["ISC_PASSWORD"] = user_password # # this_db = db_conn.database_name # db_conn.close() # # #-------------------------------------------- # # def flush_and_close( file_handle ): # # https://docs.python.org/2/library/os.html#os.fsync # # If you're starting with a Python file object f, # # first do f.flush(), and # # then do os.fsync(f.fileno()), to ensure that all internal buffers associated with f are written to disk. # global os # # file_handle.flush() # if file_handle.mode not in ('r', 'rb') and file_handle.name != os.devnull: # # otherwise: "OSError: [Errno 9] Bad file descriptor"! # os.fsync(file_handle.fileno()) # file_handle.close() # # #-------------------------------------------- # # def cleanup( f_names_list ): # global os # for i in range(len( f_names_list )): # if type(f_names_list[i]) == file: # del_name = f_names_list[i].name # elif type(f_names_list[i]) == str: # del_name = f_names_list[i] # else: # print('Unrecognized type of element:', f_names_list[i], ' - can not be treated as file.') # print('type(f_names_list[i])=',type(f_names_list[i])) # del_name = None # # if del_name and os.path.isfile( del_name ): # os.remove( del_name ) # # #-------------------------------------------- # # fdb_test1 = os.path.join(context['temp_directory'],'tmp_4821_test1.fdb') # fdb_test2 = os.path.join(context['temp_directory'],'tmp_4821_test2.fdb') # fbk_name = os.path.join(context['temp_directory'],'tmp_4821_test2.fbk') # fdb_restored_using_gbak = os.path.join(context['temp_directory'],'tmp_4821_restored.gbak.fdb') # fdb_restored_using_smgr = os.path.join(context['temp_directory'],'tmp_4821_restored.smgr.fdb') # fdb_restored_unexpected = os.path.join(context['temp_directory'],'tmp_4821_restored.wo_grant.fdb') # # f_list = [fdb_test1, fdb_test2, fbk_name, fdb_restored_using_gbak, fdb_restored_using_smgr, fdb_restored_unexpected] # cleanup( f_list ) # # sql_init=''' # set wng off; # set bail on; # set term ^; # execute block as # begin # execute statement 'drop role tmp$db_creator'; # when any do begin end # end^ # set term ;^ # commit; # create role tmp$db_creator; # commit; # create or alter user tmp$c4821_boss password '123' using plugin Srp; # revoke all on all from tmp$c4821_boss; # grant create database to role tmp$db_creator; # grant tmp$db_creator to tmp$c4821_boss; # commit; # --show grants; # ''' # # runProgram('isql', [ 'localhost:security.db' ], sql_init) # # sql_test=''' # create database 'localhost:%(fdb_test1)s' user tmp$c4821_boss password '123'; # select mon$database_name as created_db_name from mon$database; # rollback; # create database 'localhost:%(fdb_test2)s' user tmp$c4821_boss password '123' role tmp$db_creator; # set list on; # select mon$database_name as created_db_name from mon$database; # ''' % locals() # # runProgram('isql', [ '-q' ], sql_test) # # # Must PASS because user tmp$c4821_boss is the owner of this DB: # runProgram('gbak', [ '-b', 'localhost:' + fdb_test2, fbk_name, '-user', 'tmp$c4821_boss', '-pas', '123'] ) # # # Must FAIL because we do not specify role, with text: # # "gbak: ERROR:no permission for CREATE access to DATABASE ... / gbak: ERROR:failed to create database localhost:tmp_4821_restored.gbak.fdb" # runProgram('gbak', [ '-rep', fbk_name, 'localhost:'+fdb_restored_using_gbak, '-user', 'tmp$c4821_boss', '-pas', '123'] ) # # # Must PASS because we DO specify role: # runProgram('gbak', [ '-rep', fbk_name, 'localhost:'+fdb_restored_using_gbak, '-user', 'tmp$c4821_boss', '-pas', '123', '-role', 'tmp$db_creator'] ) # # runProgram('isql', [ 'localhost:'+fdb_restored_using_gbak ], 'set list on; select mon$database_name as fdb_restored_using_gbak from mon$database;') # # # Must FAIL because we do not specify role, with text: "no permission for CREATE access to DATABASE ... / failed to create database tmp_4821_restored.smgr.fdb" # runProgram('fbsvcmgr', [ 'localhost:service_mgr', 'user', 'tmp$c4821_boss', 'password', '123', 'action_restore', 'res_replace', 'bkp_file', fbk_name, 'dbname', fdb_restored_using_smgr ] ) # # # Must PASS because we DO specify role: # runProgram('fbsvcmgr', [ 'localhost:service_mgr', 'user', 'tmp$c4821_boss', 'password', '123', 'role', 'tmp$db_creator', 'action_restore', 'res_replace', 'bkp_file', fbk_name, 'dbname', fdb_restored_using_smgr ] ) # # runProgram('isql', [ 'localhost:'+fdb_restored_using_smgr ], 'set list on; select mon$database_name as fdb_restored_using_smgr from mon$database;') # # # # ATTENTION: now we DROP role and check that after this action user tmp$c4821_boss will not be allowed to restore DB # ############################# # runProgram('isql', [ 'localhost:security.db' ], 'drop role tmp$db_creator; commit;') # # # Must FAIL because there is no more role which was allowed to create DB # # Error text: "gbak: ERROR:no permission for CREATE ... TMP_4821_RESTORED.WO_GRANT.FDB" # runProgram('gbak', [ '-rep', fbk_name, 'localhost:'+fdb_restored_unexpected, '-user', 'tmp$c4821_boss', '-pas', '123', '-role', 'tmp$db_creator'] ) # # # Must FAIL (because of the same reason), with text: "no permission for CREATE access to DATABASE TMP_4821_RESTORED.WO_GRANT.FDB" # runProgram('fbsvcmgr', [ 'localhost:service_mgr', 'user', 'tmp$c4821_boss', 'password', '123', 'role', 'tmp$db_creator', 'action_restore', 'res_replace', 'bkp_file', fbk_name, 'dbname', fdb_restored_unexpected ] ) # # # CLEANUP: # ########## # # sql_fini=''' # drop user tmp$c4821_boss using plugin Srp; # commit; # ''' # runProgram('isql', [ 'localhost:security.db' ], sql_fini) # # cleanup( f_list ) # #--- act_1 = python_act('db_1', substitutions=substitutions_1) expected_stdout_1 = """ CREATED_DB_NAME /opt/scripts/qa-rundaily/dbg-repo/tmp/tmp_4821_test2.fdb FDB_RESTORED_USING_GBAK /opt/scripts/qa-rundaily/dbg-repo/tmp/tmp_4821_restored.gbak.fdb FDB_RESTORED_USING_SMGR /opt/scripts/qa-rundaily/dbg-repo/tmp/tmp_4821_restored.smgr.fdb """ expected_stderr_1 = """ Statement failed, SQLSTATE = 28000 no permission for CREATE access to DATABASE gbak: ERROR:no permission for CREATE access to DATABASE gbak: ERROR:failed to create database gbak:Exiting before completion due to errors no permission for CREATE access to DATABASE -failed to create database -Exiting before completion due to errors gbak: ERROR:no permission for CREATE access to DATABASE gbak: ERROR:failed to create database gbak:Exiting before completion due to errors no permission for CREATE access to DATABASE -failed to create database -Exiting before completion due to errors """ test_user_1 = user_factory(name='tmp$c4821_boss', password='123') fdb_test1 = temp_file('tmp_4821_test1.fdb') fdb_test2 = temp_file('tmp_4821_test2.fdb') fbk_name = temp_file('tmp_4821_test2.fbk') fdb_restored_using_gbak = temp_file('tmp_4821_restored.gbak.fdb') fdb_restored_using_smgr = temp_file('tmp_4821_restored.smgr.fdb') fdb_restored_unexpected = temp_file('tmp_4821_restored.no_grant.fdb') @pytest.mark.version('>=3.0.5') def test_1(act_1: Action, test_user_1: User, capsys, fdb_test1: Path, fdb_test2: Path, fbk_name: Path, fdb_restored_using_gbak: Path, fdb_restored_using_smgr: Path, fdb_restored_unexpected: Path): with act_1.test_role('tmp$db_creator'): with act_1.db.connect() as con: #con.execute_immediate('revoke all on all from tmp$c4821_boss') con.execute_immediate('grant create database to role tmp$db_creator') con.execute_immediate('grant tmp$db_creator to tmp$c4821_boss') con.commit() # sql_test = f""" create database 'localhost:{fdb_test1}' user tmp$c4821_boss password '123'; select mon$database_name as created_db_name from mon$database; rollback; create database 'localhost:{fdb_test2}' user tmp$c4821_boss password '123' role tmp$db_creator; set list on; select mon$database_name as created_db_name from mon$database; """ act_1.isql(switches=['-q'], input=sql_test) print(act_1.stdout) # Must PASS because user tmp$c4821_boss is the owner of this DB: act_1.reset() act_1.gbak(switches=['-b', '-user', 'tmp$c4821_boss', '-pas', '123', f'localhost:{fdb_test2}', str(fbk_name)], credentials=False) # Must FAIL because we do not specify role, with text: # "gbak: ERROR:no permission for CREATE access to DATABASE ... / gbak: ERROR:failed to create database localhost:tmp_4821_restored.gbak.fdb" act_1.reset() act_1.expected_stderr = "Must FAIL because we do not specify role" act_1.gbak(switches=['-rep', '-user', 'tmp$c4821_boss', '-pas', '123', str(fbk_name), f'localhost:{fdb_restored_using_gbak}'], credentials=False) print(act_1.stderr, file=sys.stderr) # Must PASS because we DO specify role: act_1.reset() act_1.gbak(switches=['-rep', '-user', 'tmp$c4821_boss', '-pas', '123', '-role', 'tmp$db_creator', str(fbk_name), f'localhost:{fdb_restored_using_gbak}'], credentials=False) # act_1.reset() act_1.isql(switches=['-user', act_1.db.user, '-password', act_1.db.password, f'localhost:{fdb_restored_using_gbak}'], connect_db=False, input='set list on; select mon$database_name as fdb_restored_using_gbak from mon$database;') print(act_1.stdout) # Must FAIL because we do not specify role, with text: "no permission for CREATE access to DATABASE ... / failed to create database tmp_4821_restored.smgr.fdb" act_1.reset() act_1.expected_stderr = "Must FAIL because we do not specify role" act_1.svcmgr(switches=['localhost:service_mgr', 'user', 'tmp$c4821_boss', 'password', '123', 'action_restore', 'res_replace', 'bkp_file', str(fbk_name), 'dbname', str(fdb_restored_using_smgr)], connect_mngr=False) print(act_1.stderr, file=sys.stderr) # Must PASS because we DO specify role: act_1.reset() act_1.svcmgr(switches=['localhost:service_mgr', 'user', 'tmp$c4821_boss', 'password', '123', 'role', 'tmp$db_creator', 'action_restore', 'res_replace', 'bkp_file', str(fbk_name), 'dbname', str(fdb_restored_using_smgr)], connect_mngr=False) # act_1.reset() act_1.isql(switches=['-user', act_1.db.user, '-password', act_1.db.password, f'localhost:{fdb_restored_using_gbak}'], connect_db=False, input='set list on; select mon$database_name as fdb_restored_using_smgr from mon$database;') print(act_1.stdout) # act_1.reset() act_1.expected_stdout = expected_stdout_1 act_1.expected_stderr = expected_stderr_1 act_1.stdout = capsys.readouterr().out act_1.stderr = capsys.readouterr().err assert act_1.clean_stdout == act_1.clean_expected_stdout assert act_1.clean_stderr == act_1.clean_expected_stderr