firebird/firebird-qa
6
0
Fork 0
mirror of https://github.com/FirebirdSQL/firebird-qa.git synced 2025-01-22 21:43:06 +01:00
Code Issues Activity
034b469851
firebird-qa/tests/functional/syspriv/test_change_mapping_rules.py

78 lines
2.3 KiB
Python
Raw Blame History

#coding:utf-8
"""
ID: syspriv.change-mapping-rules
TITLE: Check ability to manage auth mappings
DESCRIPTION:
Verify ability to issue CREATE / ALTER / DROP MAPPING by non-sysdba user.
FBTEST: functional.syspriv.change_mapping_rules
"""
import pytest
from firebird.qa import *
db = db_factory()
test_user = user_factory('db', name='john_smith_mapping_manager', do_not_create=True)
test_role = role_factory('db', name='tmp_role_for_change_mapping', do_not_create=True)
test_script = """
set wng off;
-- set bail on;
set list on;
-- NB: without 'grant admin role' it is unable to create GLOBAL mapping:
-- Statement failed, SQLSTATE = 28000 / ... / -CREATE OR ALTER MAPPING ... failed
-- -Unable to perform operation /-System privilege CHANGE_MAPPING_RULES is missing
create or alter
user john_smith_mapping_manager
password '123'
grant admin role --- [ !!! ]
;
set term ^;
execute block as
begin
execute statement 'drop role tmp_role_for_change_mapping';
when any do begin end
end^
set term ;^
create role tmp_role_for_change_mapping set system privileges to CHANGE_MAPPING_RULES;
commit;
grant default tmp_role_for_change_mapping to user john_smith_mapping_manager;
commit;
connect '$(DSN)' user john_smith_mapping_manager password '123'; -- role tmp_role_for_change_mapping;
create or alter mapping tmp_syspriv_local_map using plugin srp from any user to user;
create or alter global mapping tmp_syspriv_global_map using plugin srp from any user to user;
commit;
show mapping;
drop global mapping tmp_syspriv_global_map;
drop mapping tmp_syspriv_local_map;
commit;
--connect '$(DSN)' user sysdba password 'masterkey';
--drop user john_smith_mapping_manager;
--drop role tmp_role_for_change_mapping;
--commit;
"""
act = isql_act('db', test_script, substitutions=[('.*Global mapping.*', '')])
expected_stdout = """
TMP_SYSPRIV_LOCAL_MAP USING PLUGIN SRP FROM ANY USER TO USER
*** Global mapping ***
TMP_SYSPRIV_GLOBAL_MAP USING PLUGIN SRP FROM ANY USER TO USER
"""
@pytest.mark.version('>=4.0')
def test_1(act: Action, test_user, test_role):
act.expected_stdout = expected_stdout
act.execute()
assert act.clean_stdout == act.clean_expected_stdout
Reference in New Issue View Git Blame Copy Permalink