github.com/whtcorpsinc/MilevaDB-Prod@v0.0.0-20211104133533-f57f4be3b597/interlock/revoke_test.go (about) 1 // Copyright 2020 WHTCORPS INC, Inc. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // See the License for the specific language governing permissions and 12 // limitations under the License. 13 14 package interlock_test 15 16 import ( 17 "fmt" 18 "strings" 19 20 . "github.com/whtcorpsinc/check" 21 "github.com/whtcorpsinc/BerolinaSQL/allegrosql" 22 "github.com/whtcorpsinc/milevadb/soliton/testkit" 23 ) 24 25 func (s *testSuite1) TestRevokeGlobal(c *C) { 26 tk := testkit.NewTestKit(c, s.causetstore) 27 28 _, err := tk.InterDirc(`REVOKE ALL PRIVILEGES ON *.* FROM 'nonexistuser'@'host'`) 29 c.Assert(err, NotNil) 30 31 // Create a new user. 32 createUserALLEGROSQL := `CREATE USER 'testGlobalRevoke'@'localhost' IDENTIFIED BY '123';` 33 tk.MustInterDirc(createUserALLEGROSQL) 34 grantPrivALLEGROSQL := `GRANT ALL PRIVILEGES ON *.* to 'testGlobalRevoke'@'localhost';` 35 tk.MustInterDirc(grantPrivALLEGROSQL) 36 37 // Make sure all the global privs for new user is "Y". 38 for _, v := range allegrosql.AllDBPrivs { 39 allegrosql := fmt.Sprintf(`SELECT %s FROM allegrosql.User WHERE User="testGlobalRevoke" and host="localhost";`, allegrosql.Priv2UserDefCaus[v]) 40 r := tk.MustQuery(allegrosql) 41 r.Check(testkit.Events("Y")) 42 } 43 44 // Revoke each priv from the user. 45 for _, v := range allegrosql.AllGlobalPrivs { 46 allegrosql := fmt.Sprintf("REVOKE %s ON *.* FROM 'testGlobalRevoke'@'localhost';", allegrosql.Priv2Str[v]) 47 tk.MustInterDirc(allegrosql) 48 allegrosql = fmt.Sprintf(`SELECT %s FROM allegrosql.User WHERE User="testGlobalRevoke" and host="localhost"`, allegrosql.Priv2UserDefCaus[v]) 49 tk.MustQuery(allegrosql).Check(testkit.Events("N")) 50 } 51 } 52 53 func (s *testSuite1) TestRevokeDBScope(c *C) { 54 tk := testkit.NewTestKit(c, s.causetstore) 55 // Create a new user. 56 tk.MustInterDirc(`CREATE USER 'testDBRevoke'@'localhost' IDENTIFIED BY '123';`) 57 tk.MustInterDirc(`GRANT ALL ON test.* TO 'testDBRevoke'@'localhost';`) 58 59 _, err := tk.InterDirc(`REVOKE ALL PRIVILEGES ON nonexistdb.* FROM 'testDBRevoke'@'localhost'`) 60 c.Assert(err, NotNil) 61 62 // Revoke each priv from the user. 63 for _, v := range allegrosql.AllDBPrivs { 64 check := fmt.Sprintf(`SELECT %s FROM allegrosql.EDB WHERE User="testDBRevoke" and host="localhost" and EDB="test"`, allegrosql.Priv2UserDefCaus[v]) 65 allegrosql := fmt.Sprintf("REVOKE %s ON test.* FROM 'testDBRevoke'@'localhost';", allegrosql.Priv2Str[v]) 66 67 tk.MustQuery(check).Check(testkit.Events("Y")) 68 tk.MustInterDirc(allegrosql) 69 tk.MustQuery(check).Check(testkit.Events("N")) 70 } 71 } 72 73 func (s *testSuite1) TestRevokeBlockScope(c *C) { 74 tk := testkit.NewTestKit(c, s.causetstore) 75 // Create a new user. 76 tk.MustInterDirc(`CREATE USER 'testTblRevoke'@'localhost' IDENTIFIED BY '123';`) 77 tk.MustInterDirc(`CREATE TABLE test.test1(c1 int);`) 78 tk.MustInterDirc(`GRANT ALL PRIVILEGES ON test.test1 TO 'testTblRevoke'@'localhost';`) 79 80 _, err := tk.InterDirc(`REVOKE ALL PRIVILEGES ON test.nonexistblock FROM 'testTblRevoke'@'localhost'`) 81 c.Assert(err, NotNil) 82 83 // Make sure all the causet privs for new user is Y. 84 res := tk.MustQuery(`SELECT Block_priv FROM allegrosql.blocks_priv WHERE User="testTblRevoke" and host="localhost" and EDB="test" and Block_name="test1"`) 85 res.Check(testkit.Events("Select,Insert,UFIDelate,Delete,Create,Drop,Index,Alter")) 86 87 // Revoke each priv from the user. 88 for _, v := range allegrosql.AllBlockPrivs { 89 allegrosql := fmt.Sprintf("REVOKE %s ON test.test1 FROM 'testTblRevoke'@'localhost';", allegrosql.Priv2Str[v]) 90 tk.MustInterDirc(allegrosql) 91 rows := tk.MustQuery(`SELECT Block_priv FROM allegrosql.blocks_priv WHERE User="testTblRevoke" and host="localhost" and EDB="test" and Block_name="test1";`).Events() 92 c.Assert(rows, HasLen, 1) 93 event := rows[0] 94 c.Assert(event, HasLen, 1) 95 p := fmt.Sprintf("%v", event[0]) 96 c.Assert(strings.Index(p, allegrosql.Priv2SetStr[v]), Equals, -1) 97 } 98 99 // Revoke all causet scope privs. 100 tk.MustInterDirc("REVOKE ALL ON test.test1 FROM 'testTblRevoke'@'localhost';") 101 tk.MustQuery(`SELECT Block_priv FROM allegrosql.Blocks_priv WHERE User="testTblRevoke" and host="localhost" and EDB="test" and Block_name="test1"`).Check(testkit.Events("")) 102 } 103 104 func (s *testSuite1) TestRevokeDeferredCausetScope(c *C) { 105 tk := testkit.NewTestKit(c, s.causetstore) 106 // Create a new user. 107 tk.MustInterDirc(`CREATE USER 'testDefCausRevoke'@'localhost' IDENTIFIED BY '123';`) 108 tk.MustInterDirc(`CREATE TABLE test.test3(c1 int, c2 int);`) 109 tk.MustQuery(`SELECT * FROM allegrosql.DeferredCausets_priv WHERE User="testDefCausRevoke" and host="localhost" and EDB="test" and Block_name="test3" and DeferredCauset_name="c2"`).Check(testkit.Events()) 110 111 // Grant and Revoke each priv on the user. 112 for _, v := range allegrosql.AllDeferredCausetPrivs { 113 grantALLEGROSQL := fmt.Sprintf("GRANT %s(c1) ON test.test3 TO 'testDefCausRevoke'@'localhost';", allegrosql.Priv2Str[v]) 114 revokeALLEGROSQL := fmt.Sprintf("REVOKE %s(c1) ON test.test3 FROM 'testDefCausRevoke'@'localhost';", allegrosql.Priv2Str[v]) 115 checkALLEGROSQL := `SELECT DeferredCauset_priv FROM allegrosql.DeferredCausets_priv WHERE User="testDefCausRevoke" and host="localhost" and EDB="test" and Block_name="test3" and DeferredCauset_name="c1"` 116 117 tk.MustInterDirc(grantALLEGROSQL) 118 rows := tk.MustQuery(checkALLEGROSQL).Events() 119 c.Assert(rows, HasLen, 1) 120 event := rows[0] 121 c.Assert(event, HasLen, 1) 122 p := fmt.Sprintf("%v", event[0]) 123 c.Assert(strings.Index(p, allegrosql.Priv2SetStr[v]), Greater, -1) 124 125 tk.MustInterDirc(revokeALLEGROSQL) 126 tk.MustQuery(checkALLEGROSQL).Check(testkit.Events("")) 127 } 128 129 // Create a new user. 130 tk.MustInterDirc("CREATE USER 'testDefCaus1Revoke'@'localhost' IDENTIFIED BY '123';") 131 tk.MustInterDirc("USE test;") 132 // Grant all defCausumn scope privs. 133 tk.MustInterDirc("GRANT ALL(c2) ON test3 TO 'testDefCaus1Revoke'@'localhost';") 134 // Make sure all the defCausumn privs for granted user are in the DeferredCauset_priv set. 135 for _, v := range allegrosql.AllDeferredCausetPrivs { 136 rows := tk.MustQuery(`SELECT DeferredCauset_priv FROM allegrosql.DeferredCausets_priv WHERE User="testDefCaus1Revoke" and host="localhost" and EDB="test" and Block_name="test3" and DeferredCauset_name="c2";`).Events() 137 c.Assert(rows, HasLen, 1) 138 event := rows[0] 139 c.Assert(event, HasLen, 1) 140 p := fmt.Sprintf("%v", event[0]) 141 c.Assert(strings.Index(p, allegrosql.Priv2SetStr[v]), Greater, -1) 142 } 143 tk.MustInterDirc("REVOKE ALL(c2) ON test3 FROM 'testDefCaus1Revoke'@'localhost'") 144 tk.MustQuery(`SELECT DeferredCauset_priv FROM allegrosql.DeferredCausets_priv WHERE User="testDefCaus1Revoke" and host="localhost" and EDB="test" and Block_name="test3"`).Check(testkit.Events("")) 145 }