6
0
mirror of https://github.com/FirebirdSQL/firebird-qa.git synced 2025-01-22 13:33:07 +01:00
firebird-qa/tests/bugs/gh_7506_test.py

104 lines
4.4 KiB
Python

#coding:utf-8
"""
ID: issue-7506
ISSUE: 7506
TITLE: Reduce output of the SHOW GRANTS command
DESCRIPTION:
Test checks output of SHOW GRANT command when we allow access to:
2) user;
1) role.
NOTES:
Checked on 5.0.0.1030.
"""
import pytest
from firebird.qa import *
tmp_user_boss = user_factory('db', name='tmp$gh_7506_john', password='123', plugin = 'Srp')
tmp_user_mngr = user_factory('db', name='tmp$gh_7506_mike', password='456', plugin = 'Srp')
tmp_role_boss = role_factory('db', name='tmp$gh_7506_boss')
tmp_role_mngr = role_factory('db', name='tmp$gh_7506_mngr')
db = db_factory()
act = python_act('db', substitutions=[('[ \t]+', ' ')])
@pytest.mark.version('>=5.0')
def test_1(act: Action, tmp_user_boss: User, tmp_user_mngr: User, tmp_role_boss: Role, tmp_role_mngr: Role, capsys):
test_user_sql = f"""
recreate table test(id int primary key, f01 int, f02 int, f03 int, f04 int, f05 int, f06 int);
recreate view v_test as select * from test;
grant delete, insert, select, update, references on test to view v_test;
grant select on test to user {tmp_user_boss.name} with grant option;
grant update(f01, f03) on test to user {tmp_user_boss.name};
grant delete on test to user {tmp_user_boss.name};
grant update(f02) on test to user {tmp_user_boss.name};
grant insert on test to user {tmp_user_boss.name};
grant update(f05, f06, f04) on test to user {tmp_user_boss.name} with grant option;
grant update(f01, f03) on test to user {tmp_user_mngr.name};
commit;
connect '{act.db.dsn}' user {tmp_user_boss.name} password '{tmp_user_boss.password}';
grant select on test to user {tmp_user_mngr.name};
grant update(f05, f06, f04) on test to user {tmp_user_mngr.name};
show grants;
"""
act.expected_stdout = f"""
/* Grant permissions for this database */
GRANT DELETE, INSERT, UPDATE (F01, F02, F03) ON TEST TO USER {tmp_user_boss.name.upper()}
GRANT SELECT, UPDATE (F04, F05, F06) ON TEST TO USER {tmp_user_boss.name.upper()} WITH GRANT OPTION
GRANT SELECT ON TEST TO USER {tmp_user_mngr.name.upper()} GRANTED BY {tmp_user_boss.name.upper()}
GRANT UPDATE (F01, F03) ON TEST TO USER {tmp_user_mngr.name.upper()}
GRANT UPDATE (F04, F05, F06) ON TEST TO USER {tmp_user_mngr.name.upper()} GRANTED BY {tmp_user_boss.name.upper()}
GRANT ALL ON TEST TO VIEW V_TEST
"""
act.isql(input = test_user_sql, combine_output = True)
assert act.clean_stdout == act.clean_expected_stdout
act.reset()
#----------------------------------------------------
test_role_sql = f"""
set wng off;
revoke all on all from {tmp_user_boss.name};
revoke all on all from {tmp_user_mngr.name};
drop view v_test;
commit;
recreate table test(id int primary key, f01 int, f02 int, f03 int, f04 int, f05 int, f06 int);
grant select on test to role {tmp_role_boss.name} with grant option;
grant update(f01, f03) on test to role {tmp_role_boss.name};
grant delete on test to role {tmp_role_boss.name};
grant update(f02) on test to role {tmp_role_boss.name};
grant insert on test to role {tmp_role_boss.name};
grant update(f05, f06, f04) on test to role {tmp_role_boss.name} with grant option;
grant update(f01, f03) on test to role {tmp_role_mngr.name};
grant {tmp_role_boss.name} to {tmp_user_boss.name};
commit;
connect '{act.db.dsn}' user {tmp_user_boss.name} password '{tmp_user_boss.password}' role {tmp_role_boss.name};
grant select on test to role {tmp_role_mngr.name};
grant update(f05, f06, f04) on test to role {tmp_role_mngr.name};
show grants;
"""
act.expected_stdout = f"""
/* Grant permissions for this database */
GRANT DELETE, INSERT, UPDATE (F01, F02, F03) ON TEST TO ROLE TMP$GH_7506_BOSS
GRANT SELECT, UPDATE (F04, F05, F06) ON TEST TO ROLE TMP$GH_7506_BOSS WITH GRANT OPTION
GRANT SELECT ON TEST TO ROLE TMP$GH_7506_MNGR GRANTED BY TMP$GH_7506_JOHN
GRANT UPDATE (F01, F03) ON TEST TO ROLE TMP$GH_7506_MNGR
GRANT UPDATE (F04, F05, F06) ON TEST TO ROLE TMP$GH_7506_MNGR GRANTED BY TMP$GH_7506_JOHN
GRANT TMP$GH_7506_BOSS TO TMP$GH_7506_JOHN
"""
act.isql(input = test_role_sql, combine_output = True)
assert act.clean_stdout == act.clean_expected_stdout
act.reset()