mirror of
https://github.com/FirebirdSQL/firebird-qa.git
synced 2025-01-22 21:43:06 +01:00
316 lines
15 KiB
Python
316 lines
15 KiB
Python
#coding:utf-8
|
|
#
|
|
# id: bugs.core_4821
|
|
# title: grant create database to ROLE does not work: "no permission for CREATE access to DATABASE ..."
|
|
# decription:
|
|
# ::: NOTE ::: Test requires that databases.conf contains 'RemoteAccess = true' for security.db
|
|
# This line is added there by scenario '<QA_HOME>
|
|
# undaily.bat' every time when check new FB snapshot.
|
|
#
|
|
# We make connection to security.db and create there user and role, with granting this role to user.
|
|
# (so, ROLE also is stored in the security.db).
|
|
# Then we grant privilege to create DB to just created role.
|
|
# After this we check that:
|
|
# * user can NOT create database if 'ROLE <this_role>' missed in the 'create database' statement;
|
|
# * user _CAN_ create database when issues: create database ... user ... password ... ROLE <this_role>
|
|
#
|
|
# Then we create backup of just created database and check that:
|
|
# * user can NOT restore it until specifying '-ROLE <this_role>' in gbak command line;
|
|
# * user _CAN_ restore database when issues: gbak -rep ... -user ... -pas ... -ROLE <this_role>;
|
|
# * the same pair of checks is performed for fbsvcmgr invocation;
|
|
#
|
|
# Finally, we connect again to security.db and drop <this_role>. After this restore must not be allowed
|
|
# even when "ROLE <this_role>" is specified in commands gbak or fbsvcmgr.
|
|
#
|
|
# Checked on:
|
|
# 4.0.0.1713 SS: 5.250s.
|
|
# 4.0.0.1346 SC: 5.734s.
|
|
# 4.0.0.1691 CS: 9.875s.
|
|
# 3.0.5.33218 SS: 4.313s.
|
|
# 3.0.5.33084 SC: 4.031s.
|
|
# 3.0.5.33212 CS: 7.672s.
|
|
#
|
|
# 13.04.2021. Adapted for run both on Windows and Linux. Checked on:
|
|
# Windows: 3.0.8.33445, 4.0.0.2416
|
|
# Linux: 3.0.8.33426, 4.0.0.2416
|
|
#
|
|
# [pcisar] 24.11.2021
|
|
# This test FAILs because it's not possible to grant create database to role tmp$db_creator
|
|
# although it exists (in test database):
|
|
# Statement failed, SQLSTATE = 28000
|
|
# unsuccessful metadata update
|
|
# -GRANT failed
|
|
# -SQL role TMP$DB_CREATOR does not exist
|
|
# -in security database
|
|
#
|
|
# tracker_id: CORE-4821
|
|
# min_versions: ['3.0.5']
|
|
# versions: 3.0.5
|
|
# qmid: None
|
|
|
|
import pytest
|
|
import sys
|
|
from pathlib import Path
|
|
from firebird.qa import db_factory, python_act, Action, temp_file, user_factory, User, \
|
|
role_factory, Role
|
|
|
|
# version: 3.0.5
|
|
# resources: None
|
|
|
|
substitutions_1 = [('no permission for CREATE access to DATABASE .*',
|
|
'no permission for CREATE access to DATABASE'),
|
|
('gbak: ERROR:failed to create database .*',
|
|
'gbak: ERROR:failed to create database'),
|
|
('-failed to create database .*', '-failed to create database'),
|
|
('CREATED_DB_NAME .*', 'CREATED_DB_NAME'),
|
|
('FDB_RESTORED_USING_GBAK .*', 'FDB_RESTORED_USING_GBAK'),
|
|
('FDB_RESTORED_USING_SMGR .*', 'FDB_RESTORED_USING_SMGR')]
|
|
|
|
init_script_1 = """"""
|
|
|
|
db_1 = db_factory(sql_dialect=3, init=init_script_1)
|
|
|
|
# test_script_1
|
|
#---
|
|
#
|
|
# import os
|
|
#
|
|
# os.environ["ISC_USER"] = user_name
|
|
# os.environ["ISC_PASSWORD"] = user_password
|
|
#
|
|
# this_db = db_conn.database_name
|
|
# db_conn.close()
|
|
#
|
|
# #--------------------------------------------
|
|
#
|
|
# def flush_and_close( file_handle ):
|
|
# # https://docs.python.org/2/library/os.html#os.fsync
|
|
# # If you're starting with a Python file object f,
|
|
# # first do f.flush(), and
|
|
# # then do os.fsync(f.fileno()), to ensure that all internal buffers associated with f are written to disk.
|
|
# global os
|
|
#
|
|
# file_handle.flush()
|
|
# if file_handle.mode not in ('r', 'rb') and file_handle.name != os.devnull:
|
|
# # otherwise: "OSError: [Errno 9] Bad file descriptor"!
|
|
# os.fsync(file_handle.fileno())
|
|
# file_handle.close()
|
|
#
|
|
# #--------------------------------------------
|
|
#
|
|
# def cleanup( f_names_list ):
|
|
# global os
|
|
# for i in range(len( f_names_list )):
|
|
# if type(f_names_list[i]) == file:
|
|
# del_name = f_names_list[i].name
|
|
# elif type(f_names_list[i]) == str:
|
|
# del_name = f_names_list[i]
|
|
# else:
|
|
# print('Unrecognized type of element:', f_names_list[i], ' - can not be treated as file.')
|
|
# print('type(f_names_list[i])=',type(f_names_list[i]))
|
|
# del_name = None
|
|
#
|
|
# if del_name and os.path.isfile( del_name ):
|
|
# os.remove( del_name )
|
|
#
|
|
# #--------------------------------------------
|
|
#
|
|
# fdb_test1 = os.path.join(context['temp_directory'],'tmp_4821_test1.fdb')
|
|
# fdb_test2 = os.path.join(context['temp_directory'],'tmp_4821_test2.fdb')
|
|
# fbk_name = os.path.join(context['temp_directory'],'tmp_4821_test2.fbk')
|
|
# fdb_restored_using_gbak = os.path.join(context['temp_directory'],'tmp_4821_restored.gbak.fdb')
|
|
# fdb_restored_using_smgr = os.path.join(context['temp_directory'],'tmp_4821_restored.smgr.fdb')
|
|
# fdb_restored_unexpected = os.path.join(context['temp_directory'],'tmp_4821_restored.wo_grant.fdb')
|
|
#
|
|
# f_list = [fdb_test1, fdb_test2, fbk_name, fdb_restored_using_gbak, fdb_restored_using_smgr, fdb_restored_unexpected]
|
|
# cleanup( f_list )
|
|
#
|
|
# sql_init='''
|
|
# set wng off;
|
|
# set bail on;
|
|
# set term ^;
|
|
# execute block as
|
|
# begin
|
|
# execute statement 'drop role tmp$db_creator';
|
|
# when any do begin end
|
|
# end^
|
|
# set term ;^
|
|
# commit;
|
|
# create role tmp$db_creator;
|
|
# commit;
|
|
# create or alter user tmp$c4821_boss password '123' using plugin Srp;
|
|
# revoke all on all from tmp$c4821_boss;
|
|
# grant create database to role tmp$db_creator;
|
|
# grant tmp$db_creator to tmp$c4821_boss;
|
|
# commit;
|
|
# --show grants;
|
|
# '''
|
|
#
|
|
# runProgram('isql', [ 'localhost:security.db' ], sql_init)
|
|
#
|
|
# sql_test='''
|
|
# create database 'localhost:%(fdb_test1)s' user tmp$c4821_boss password '123';
|
|
# select mon$database_name as created_db_name from mon$database;
|
|
# rollback;
|
|
# create database 'localhost:%(fdb_test2)s' user tmp$c4821_boss password '123' role tmp$db_creator;
|
|
# set list on;
|
|
# select mon$database_name as created_db_name from mon$database;
|
|
# ''' % locals()
|
|
#
|
|
# runProgram('isql', [ '-q' ], sql_test)
|
|
#
|
|
# # Must PASS because user tmp$c4821_boss is the owner of this DB:
|
|
# runProgram('gbak', [ '-b', 'localhost:' + fdb_test2, fbk_name, '-user', 'tmp$c4821_boss', '-pas', '123'] )
|
|
#
|
|
# # Must FAIL because we do not specify role, with text:
|
|
# # "gbak: ERROR:no permission for CREATE access to DATABASE ... / gbak: ERROR:failed to create database localhost:tmp_4821_restored.gbak.fdb"
|
|
# runProgram('gbak', [ '-rep', fbk_name, 'localhost:'+fdb_restored_using_gbak, '-user', 'tmp$c4821_boss', '-pas', '123'] )
|
|
#
|
|
# # Must PASS because we DO specify role:
|
|
# runProgram('gbak', [ '-rep', fbk_name, 'localhost:'+fdb_restored_using_gbak, '-user', 'tmp$c4821_boss', '-pas', '123', '-role', 'tmp$db_creator'] )
|
|
#
|
|
# runProgram('isql', [ 'localhost:'+fdb_restored_using_gbak ], 'set list on; select mon$database_name as fdb_restored_using_gbak from mon$database;')
|
|
#
|
|
# # Must FAIL because we do not specify role, with text: "no permission for CREATE access to DATABASE ... / failed to create database tmp_4821_restored.smgr.fdb"
|
|
# runProgram('fbsvcmgr', [ 'localhost:service_mgr', 'user', 'tmp$c4821_boss', 'password', '123', 'action_restore', 'res_replace', 'bkp_file', fbk_name, 'dbname', fdb_restored_using_smgr ] )
|
|
#
|
|
# # Must PASS because we DO specify role:
|
|
# runProgram('fbsvcmgr', [ 'localhost:service_mgr', 'user', 'tmp$c4821_boss', 'password', '123', 'role', 'tmp$db_creator', 'action_restore', 'res_replace', 'bkp_file', fbk_name, 'dbname', fdb_restored_using_smgr ] )
|
|
#
|
|
# runProgram('isql', [ 'localhost:'+fdb_restored_using_smgr ], 'set list on; select mon$database_name as fdb_restored_using_smgr from mon$database;')
|
|
#
|
|
#
|
|
# # ATTENTION: now we DROP role and check that after this action user tmp$c4821_boss will not be allowed to restore DB
|
|
# #############################
|
|
# runProgram('isql', [ 'localhost:security.db' ], 'drop role tmp$db_creator; commit;')
|
|
#
|
|
# # Must FAIL because there is no more role which was allowed to create DB
|
|
# # Error text: "gbak: ERROR:no permission for CREATE ... TMP_4821_RESTORED.WO_GRANT.FDB"
|
|
# runProgram('gbak', [ '-rep', fbk_name, 'localhost:'+fdb_restored_unexpected, '-user', 'tmp$c4821_boss', '-pas', '123', '-role', 'tmp$db_creator'] )
|
|
#
|
|
# # Must FAIL (because of the same reason), with text: "no permission for CREATE access to DATABASE TMP_4821_RESTORED.WO_GRANT.FDB"
|
|
# runProgram('fbsvcmgr', [ 'localhost:service_mgr', 'user', 'tmp$c4821_boss', 'password', '123', 'role', 'tmp$db_creator', 'action_restore', 'res_replace', 'bkp_file', fbk_name, 'dbname', fdb_restored_unexpected ] )
|
|
#
|
|
# # CLEANUP:
|
|
# ##########
|
|
#
|
|
# sql_fini='''
|
|
# drop user tmp$c4821_boss using plugin Srp;
|
|
# commit;
|
|
# '''
|
|
# runProgram('isql', [ 'localhost:security.db' ], sql_fini)
|
|
#
|
|
# cleanup( f_list )
|
|
#
|
|
#---
|
|
|
|
act_1 = python_act('db_1', substitutions=substitutions_1)
|
|
|
|
expected_stdout_1 = """
|
|
CREATED_DB_NAME /opt/scripts/qa-rundaily/dbg-repo/tmp/tmp_4821_test2.fdb
|
|
FDB_RESTORED_USING_GBAK /opt/scripts/qa-rundaily/dbg-repo/tmp/tmp_4821_restored.gbak.fdb
|
|
FDB_RESTORED_USING_SMGR /opt/scripts/qa-rundaily/dbg-repo/tmp/tmp_4821_restored.smgr.fdb
|
|
"""
|
|
|
|
expected_stderr_1 = """
|
|
Statement failed, SQLSTATE = 28000
|
|
no permission for CREATE access to DATABASE
|
|
gbak: ERROR:no permission for CREATE access to DATABASE
|
|
gbak: ERROR:failed to create database
|
|
gbak:Exiting before completion due to errors
|
|
no permission for CREATE access to DATABASE
|
|
-failed to create database
|
|
-Exiting before completion due to errors
|
|
gbak: ERROR:no permission for CREATE access to DATABASE
|
|
gbak: ERROR:failed to create database
|
|
gbak:Exiting before completion due to errors
|
|
no permission for CREATE access to DATABASE
|
|
-failed to create database
|
|
-Exiting before completion due to errors
|
|
"""
|
|
|
|
test_user_1 = user_factory('db_1', name='tmp$c4821_boss', password='123')
|
|
|
|
fdb_test1 = temp_file('tmp_4821_test1.fdb')
|
|
fdb_test2 = temp_file('tmp_4821_test2.fdb')
|
|
fbk_name = temp_file('tmp_4821_test2.fbk')
|
|
fdb_restored_using_gbak = temp_file('tmp_4821_restored.gbak.fdb')
|
|
fdb_restored_using_smgr = temp_file('tmp_4821_restored.smgr.fdb')
|
|
fdb_restored_unexpected = temp_file('tmp_4821_restored.no_grant.fdb')
|
|
test_role = role_factory('db_1', name='tmp$db_creator')
|
|
|
|
@pytest.mark.version('>=3.0.5')
|
|
def test_1(act_1: Action, test_user_1: User, capsys, fdb_test1: Path, fdb_test2: Path,
|
|
fbk_name: Path, fdb_restored_using_gbak: Path, fdb_restored_using_smgr: Path,
|
|
fdb_restored_unexpected: Path, test_role: Role):
|
|
pytest.skip("Requires changes to databases.conf")
|
|
# The role MUST be created in security database!
|
|
#with act_1.db.connect() as con:
|
|
#con.execute_immediate(f'grant create database to role {test_role.name}')
|
|
with act_1.db.connect() as con:
|
|
con.execute_immediate(f'grant create database to role {test_role.name}')
|
|
con.execute_immediate(f'grant {test_role.name} to {test_user_1.name}')
|
|
con.commit()
|
|
#
|
|
sql_test = f"""
|
|
create database 'localhost:{fdb_test1}' user {test_user_1.name} password '123';
|
|
select mon$database_name as created_db_name from mon$database;
|
|
rollback;
|
|
create database 'localhost:{fdb_test2}' user {test_user_1.name} password '123' role {test_role.name};
|
|
set list on;
|
|
select mon$database_name as created_db_name from mon$database;
|
|
"""
|
|
act_1.isql(switches=['-q'], input=sql_test)
|
|
print(act_1.stdout)
|
|
# Must PASS because user test_user_1 is the owner of this DB:
|
|
act_1.reset()
|
|
act_1.gbak(switches=['-b', '-user', test_user_1.name, '-pas', '123',
|
|
act_1.get_dsn(fdb_test2), str(fbk_name)],
|
|
credentials=False)
|
|
# Must FAIL because we do not specify role, with text:
|
|
# "gbak: ERROR:no permission for CREATE access to DATABASE ... / gbak: ERROR:failed to create database localhost:tmp_4821_restored.gbak.fdb"
|
|
act_1.reset()
|
|
act_1.expected_stderr = "Must FAIL because we do not specify role"
|
|
act_1.gbak(switches=['-rep', '-user', test_user_1.name, '-pas', '123',
|
|
str(fbk_name), act_1.get_dsn(fdb_restored_using_gbak)],
|
|
credentials=False)
|
|
print(act_1.stderr, file=sys.stderr)
|
|
# Must PASS because we DO specify role:
|
|
act_1.reset()
|
|
act_1.gbak(switches=['-rep', '-user', test_user_1.name, '-pas', '123', '-role', test_role.name,
|
|
str(fbk_name), act_1.get_dsn(fdb_restored_using_gbak)],
|
|
credentials=False)
|
|
#
|
|
act_1.reset()
|
|
act_1.isql(switches=['-user', act_1.db.user, '-password', act_1.db.password,
|
|
act_1.get_dsn(fdb_restored_using_gbak)], connect_db=False,
|
|
input='set list on; select mon$database_name as fdb_restored_using_gbak from mon$database;')
|
|
print(act_1.stdout)
|
|
# Must FAIL because we do not specify role, with text: "no permission for CREATE access to DATABASE ... / failed to create database tmp_4821_restored.smgr.fdb"
|
|
act_1.reset()
|
|
act_1.expected_stderr = "Must FAIL because we do not specify role"
|
|
act_1.svcmgr(switches=[f'{act_1.host}:service_mgr', 'user', test_user_1.name, 'password', '123',
|
|
'action_restore', 'res_replace', 'bkp_file', str(fbk_name),
|
|
'dbname', str(fdb_restored_using_smgr)], connect_mngr=False)
|
|
print(act_1.stderr, file=sys.stderr)
|
|
# Must PASS because we DO specify role:
|
|
act_1.reset()
|
|
act_1.svcmgr(switches=[f'{act_1.host}:service_mgr', 'user', test_user_1.name, 'password', '123',
|
|
'role', test_role.name, 'action_restore', 'res_replace',
|
|
'bkp_file', str(fbk_name), 'dbname', str(fdb_restored_using_smgr)],
|
|
connect_mngr=False)
|
|
#
|
|
act_1.reset()
|
|
act_1.isql(switches=['-user', act_1.db.user, '-password', act_1.db.password,
|
|
act_1.get_dsn(fdb_restored_using_gbak)], connect_db=False,
|
|
input='set list on; select mon$database_name as fdb_restored_using_smgr from mon$database;')
|
|
print(act_1.stdout)
|
|
#
|
|
act_1.reset()
|
|
act_1.expected_stdout = expected_stdout_1
|
|
act_1.expected_stderr = expected_stderr_1
|
|
act_1.stdout = capsys.readouterr().out
|
|
act_1.stderr = capsys.readouterr().err
|
|
assert act_1.clean_stdout == act_1.clean_expected_stdout
|
|
assert act_1.clean_stderr == act_1.clean_expected_stderr
|