Вход Зарегистрироваться
Обзор
Проекты с открытым исходным кодом > Database Related > Database Management/Monitoring &&
Сканировать QR-код WeChat для оплаты
Отмена
Платеж завершен
Смотреть
Отписаться Следить за всеми активностями Следить только за динамикой выпуска обновлений Подписаться без уведомления
1 В избранное 0 Ответвления 0

OSCHINA-MIRROR/hanchuanchuan-goInception

Код Задачи 1 Запросы на слияние 0 Wiki Статистика
Присоединиться к Gitlife
Откройте для себя и примите участие в публичных проектах с открытым исходным кодом с участием более 10 миллионов разработчиков. Приватные репозитории также полностью бесплатны :)
Присоединиться бесплатно
Клонировать/Скачать
HTTPS SSH SVN SVN+SSH
Копировать
Скачать ZIP
hanchuanchuan-goInception
/
executor
/
revoke_test.go
revoke_test.go 6.1 КБ
Копировать Редактировать Исходные данные Просмотреть построчно История
hanchuanchuan Отправлено 6 лет назад 27f3c5a
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145
// Copyright 2017 PingCAP, Inc.

//

// Licensed under the Apache License, Version 2.0 (the "License");

// you may not use this file except in compliance with the License.

// You may obtain a copy of the License at

//

//     http://www.apache.org/licenses/LICENSE-2.0

//

// Unless required by applicable law or agreed to in writing, software

// distributed under the License is distributed on an "AS IS" BASIS,

// See the License for the specific language governing permissions and

// limitations under the License.



package executor_test



import (

	"fmt"

	"strings"



	"github.com/hanchuanchuan/goInception/mysql"

	"github.com/hanchuanchuan/goInception/util/testkit"

	. "github.com/pingcap/check"

)



func (s *testSuite) TestRevokeGlobal(c *C) {

	tk := testkit.NewTestKit(c, s.store)



	_, err := tk.Exec(`REVOKE ALL PRIVILEGES ON *.* FROM 'nonexistuser'@'host'`)

	c.Assert(err, NotNil)



	// Create a new user.

	createUserSQL := `CREATE USER 'testGlobalRevoke'@'localhost' IDENTIFIED BY '123';`

	tk.MustExec(createUserSQL)

	grantPrivSQL := `GRANT ALL PRIVILEGES ON *.* to 'testGlobalRevoke'@'localhost';`

	tk.MustExec(grantPrivSQL)



	// Make sure all the global privs for new user is "Y".

	for _, v := range mysql.AllDBPrivs {

		sql := fmt.Sprintf(`SELECT %s FROM mysql.User WHERE User="testGlobalRevoke" and host="localhost";`, mysql.Priv2UserCol[v])

		r := tk.MustQuery(sql)

		r.Check(testkit.Rows("Y"))

	}



	// Revoke each priv from the user.

	for _, v := range mysql.AllGlobalPrivs {

		sql := fmt.Sprintf("REVOKE %s ON *.* FROM 'testGlobalRevoke'@'localhost';", mysql.Priv2Str[v])

		tk.MustExec(sql)

		sql = fmt.Sprintf(`SELECT %s FROM mysql.User WHERE User="testGlobalRevoke" and host="localhost"`, mysql.Priv2UserCol[v])

		tk.MustQuery(sql).Check(testkit.Rows("N"))

	}

}



func (s *testSuite) TestRevokeDBScope(c *C) {

	tk := testkit.NewTestKit(c, s.store)

	// Create a new user.

	tk.MustExec(`CREATE USER 'testDBRevoke'@'localhost' IDENTIFIED BY '123';`)

	tk.MustExec(`GRANT ALL ON test.* TO 'testDBRevoke'@'localhost';`)



	_, err := tk.Exec(`REVOKE ALL PRIVILEGES ON nonexistdb.* FROM 'testDBRevoke'@'localhost'`)

	c.Assert(err, NotNil)



	// Revoke each priv from the user.

	for _, v := range mysql.AllDBPrivs {

		check := fmt.Sprintf(`SELECT %s FROM mysql.DB WHERE User="testDBRevoke" and host="localhost" and db="test"`, mysql.Priv2UserCol[v])

		sql := fmt.Sprintf("REVOKE %s ON test.* FROM 'testDBRevoke'@'localhost';", mysql.Priv2Str[v])



		tk.MustQuery(check).Check(testkit.Rows("Y"))

		tk.MustExec(sql)

		tk.MustQuery(check).Check(testkit.Rows("N"))

	}

}



func (s *testSuite) TestRevokeTableScope(c *C) {

	tk := testkit.NewTestKit(c, s.store)

	// Create a new user.

	tk.MustExec(`CREATE USER 'testTblRevoke'@'localhost' IDENTIFIED BY '123';`)

	tk.MustExec(`CREATE TABLE test.test1(c1 int);`)

	tk.MustExec(`GRANT ALL PRIVILEGES ON test.test1 TO 'testTblRevoke'@'localhost';`)



	_, err := tk.Exec(`REVOKE ALL PRIVILEGES ON test.nonexisttable FROM 'testTblRevoke'@'localhost'`)

	c.Assert(err, NotNil)



	// Make sure all the table privs for new user is Y.

	res := tk.MustQuery(`SELECT Table_priv FROM mysql.tables_priv WHERE User="testTblRevoke" and host="localhost" and db="test" and Table_name="test1"`)

	res.Check(testkit.Rows("Select,Insert,Update,Delete,Create,Drop,Grant,Index,Alter"))



	// Revoke each priv from the user.

	for _, v := range mysql.AllTablePrivs {

		sql := fmt.Sprintf("REVOKE %s ON test.test1 FROM 'testTblRevoke'@'localhost';", mysql.Priv2Str[v])

		tk.MustExec(sql)

		rows := tk.MustQuery(`SELECT Table_priv FROM mysql.tables_priv WHERE User="testTblRevoke" and host="localhost" and db="test" and Table_name="test1";`).Rows()

		c.Assert(rows, HasLen, 1)

		row := rows[0]

		c.Assert(row, HasLen, 1)

		p := fmt.Sprintf("%v", row[0])

		c.Assert(strings.Index(p, mysql.Priv2SetStr[v]), Equals, -1)

	}



	// Revoke all table scope privs.

	tk.MustExec("REVOKE ALL ON test.test1 FROM 'testTblRevoke'@'localhost';")

	tk.MustQuery(`SELECT Table_priv FROM mysql.Tables_priv WHERE User="testTblRevoke" and host="localhost" and db="test" and Table_name="test1"`).Check(testkit.Rows(""))

}



func (s *testSuite) TestRevokeColumnScope(c *C) {

	tk := testkit.NewTestKit(c, s.store)

	// Create a new user.

	tk.MustExec(`CREATE USER 'testColRevoke'@'localhost' IDENTIFIED BY '123';`)

	tk.MustExec(`CREATE TABLE test.test3(c1 int, c2 int);`)

	tk.MustQuery(`SELECT * FROM mysql.Columns_priv WHERE User="testColRevoke" and host="localhost" and db="test" and Table_name="test3" and Column_name="c2"`).Check(testkit.Rows())



	// Grant and Revoke each priv on the user.

	for _, v := range mysql.AllColumnPrivs {

		grantSQL := fmt.Sprintf("GRANT %s(c1) ON test.test3 TO 'testColRevoke'@'localhost';", mysql.Priv2Str[v])

		revokeSQL := fmt.Sprintf("REVOKE %s(c1) ON test.test3 FROM 'testColRevoke'@'localhost';", mysql.Priv2Str[v])

		checkSQL := `SELECT Column_priv FROM mysql.Columns_priv WHERE User="testColRevoke" and host="localhost" and db="test" and Table_name="test3" and Column_name="c1"`



		tk.MustExec(grantSQL)

		rows := tk.MustQuery(checkSQL).Rows()

		c.Assert(rows, HasLen, 1)

		row := rows[0]

		c.Assert(row, HasLen, 1)

		p := fmt.Sprintf("%v", row[0])

		c.Assert(strings.Index(p, mysql.Priv2SetStr[v]), Greater, -1)



		tk.MustExec(revokeSQL)

		tk.MustQuery(checkSQL).Check(testkit.Rows(""))

	}



	// Create a new user.

	tk.MustExec("CREATE USER 'testCol1Revoke'@'localhost' IDENTIFIED BY '123';")

	tk.MustExec("USE test;")

	// Grant all column scope privs.

	tk.MustExec("GRANT ALL(c2) ON test3 TO 'testCol1Revoke'@'localhost';")

	// Make sure all the column privs for granted user are in the Column_priv set.

	for _, v := range mysql.AllColumnPrivs {

		rows := tk.MustQuery(`SELECT Column_priv FROM mysql.Columns_priv WHERE User="testCol1Revoke" and host="localhost" and db="test" and Table_name="test3" and Column_name="c2";`).Rows()

		c.Assert(rows, HasLen, 1)

		row := rows[0]

		c.Assert(row, HasLen, 1)

		p := fmt.Sprintf("%v", row[0])

		c.Assert(strings.Index(p, mysql.Priv2SetStr[v]), Greater, -1)

	}

	tk.MustExec("REVOKE ALL(c2) ON test3 FROM 'testCol1Revoke'@'localhost'")

	tk.MustQuery(`SELECT Column_priv FROM mysql.Columns_priv WHERE User="testCol1Revoke" and host="localhost" and db="test" and Table_name="test3"`).Check(testkit.Rows(""))

}

Опубликовать ( 0 )

Вы можете оставить комментарий после Вход в систему

1
https://gitlife.ru/oschina-mirror/hanchuanchuan-goInception.git
git@gitlife.ru:oschina-mirror/hanchuanchuan-goInception.git
oschina-mirror
hanchuanchuan-goInception
hanchuanchuan-goInception
v1.2.4
Опубликовать
Отчет о репозитории
Вернуться к началу