chore(flaky): fix flaky 18_0002_ownership_cover

databendlabs · Jan 11, 2024 · 7dbfbd9 · 7dbfbd9
1 parent d73ae9e
commit 7dbfbd9
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 23 deletions.
diff --git a/tests/suites/0_stateless/18_rbac/18_0002_ownership_cover.result b/tests/suites/0_stateless/18_rbac/18_0002_ownership_cover.result
@@ -14,24 +14,25 @@ Error: APIError: ResponseError with 1063: Permission denied, privilege [Usage] i
 Error: APIError: ResponseError with 1063: Permission denied, privilege [Read] is required on STAGE hello for user 'owner'@'%' with roles [public,r_0002]
 Error: APIError: ResponseError with 1063: Permission denied, privilege [Select] is required on 'default'.'d_0002'.'t' for user 'owner'@'%' with roles [public,r_0002]
 === test ownership: show stmt ===
-Error: APIError: ResponseError with 1003: Unknown database 'db_a'
 public	0	false	false
 role1	0	true	true
+t
+t1
+db_a
+information_schema
 GRANT OWNERSHIP ON 'default'.'db_a'.* TO ROLE `role1`
 GRANT OWNERSHIP ON 'default'.'db_a'.'t' TO ROLE `role1`
 GRANT OWNERSHIP ON 'default'.'db_a'.'t1' TO ROLE `role1`
-GRANT CREATE ON *.* TO 'a'@'%'
-GRANT OWNERSHIP ON 'default'.'db_a'.* TO ROLE `role1`
-GRANT OWNERSHIP ON 'default'.'db_a'.'t1' TO ROLE `role1`
-GRANT CREATE ON *.* TO 'a'@'%'
-GRANT CREATE ON *.* TO 'b'@'%'
 GRANT OWNERSHIP ON 'default'.'db_a'.* TO 'b'@'%'
+GRANT OWNERSHIP ON 'default'.'db_a'.'t' TO 'b'@'%'
 GRANT OWNERSHIP ON 'default'.'db_a'.'t1' TO 'b'@'%'
-GRANT CREATE ON *.* TO 'a'@'%'
 GRANT OWNERSHIP ON 'default'.'db_a'.* TO 'a'@'%'
+GRANT OWNERSHIP ON 'default'.'db_a'.'t' TO 'a'@'%'
 GRANT OWNERSHIP ON 'default'.'db_a'.'t1' TO 'a'@'%'
+t
 t1
+t
 t1
-GRANT CREATE ON *.* TO 'a'@'%'
 Error: APIError: ResponseError with 1063: Permission denied: User 'a'@'%' does not have the required privileges for database 'db_a'
+t
 t1
diff --git a/tests/suites/0_stateless/18_rbac/18_0002_ownership_cover.sh b/tests/suites/0_stateless/18_rbac/18_0002_ownership_cover.sh
@@ -83,34 +83,29 @@ echo "unset enable_experimental_rbac_check" | $BENDSQL_CLIENT_CONNECT
 echo "=== test ownership: show stmt ==="
 echo "drop user if exists a;" | $BENDSQL_CLIENT_CONNECT
 echo "drop user if exists b;" | $BENDSQL_CLIENT_CONNECT
-echo "drop database db_a;" | $BENDSQL_CLIENT_CONNECT
+echo "drop database if exists db_a;" | $BENDSQL_CLIENT_CONNECT
 echo "drop role if exists role1;" | $BENDSQL_CLIENT_CONNECT
 
 
 echo "create role role1;" | $BENDSQL_CLIENT_CONNECT
-echo "create user a identified by '123' with DEFAULT_ROLE='role1';" | $BENDSQL_CLIENT_CONNECT
-echo "create user b identified by '123';" | $BENDSQL_CLIENT_CONNECT
-echo "grant create on *.* to a;" | $BENDSQL_CLIENT_CONNECT
-echo "grant create on *.* to b;" | $BENDSQL_CLIENT_CONNECT
+echo "create user a identified by '123'" | $BENDSQL_CLIENT_CONNECT
+echo "create database db_a;" | $BENDSQL_CLIENT_CONNECT
+echo "grant ownership on db_a.* to role role1;" | $BENDSQL_CLIENT_CONNECT
 echo "grant role role1 to a;" | $BENDSQL_CLIENT_CONNECT
 
+echo "create user b identified by '123';" | $BENDSQL_CLIENT_CONNECT
 
 export USER_A_CONNECT="bendsql --user=a --password=123 --host=${QUERY_MYSQL_HANDLER_HOST} --port ${QUERY_HTTP_HANDLER_PORT}"
 export USER_B_CONNECT="bendsql --user=b --password=123 --host=${QUERY_MYSQL_HANDLER_HOST} --port ${QUERY_HTTP_HANDLER_PORT}"
 
-
+echo "set default role role1;" | $USER_A_CONNECT
 echo "show roles;" | $USER_A_CONNECT
-echo "create database db_a;" | $USER_A_CONNECT
 echo "create table db_a.t(id int);" | $USER_A_CONNECT
 echo "create table db_a.t1(id int);" | $USER_A_CONNECT
+echo "show tables from db_a" | $USER_A_CONNECT
+echo "show databases" | $USER_A_CONNECT
 
 echo "show grants for role role1;" | $BENDSQL_CLIENT_CONNECT
-echo "show grants for a;" | $BENDSQL_CLIENT_CONNECT
-
-echo "drop table db_a.t" | $USER_A_CONNECT
-
-echo "show grants for role role1;" | $BENDSQL_CLIENT_CONNECT
-echo "show grants for a;" | $BENDSQL_CLIENT_CONNECT
 
 echo "grant role role1 to b;" | $BENDSQL_CLIENT_CONNECT
 echo "show grants for b;" | $BENDSQL_CLIENT_CONNECT
@@ -122,12 +117,12 @@ echo "show tables from db_a;" | $USER_B_CONNECT
 
 echo "revoke role role1 from a;" | $BENDSQL_CLIENT_CONNECT
 echo "show grants for a ;" | $BENDSQL_CLIENT_CONNECT
-echo "revoke create on *.* from a;" | $BENDSQL_CLIENT_CONNECT
 
 echo "show tables from db_a;" | $USER_A_CONNECT
 echo "show tables from db_a;" | $USER_B_CONNECT
 
+echo "drop table db_a.t1;" | $USER_B_CONNECT
+echo "drop database db_a;" | $BENDSQL_CLIENT_CONNECT
 echo "drop role if exists role1;" | $BENDSQL_CLIENT_CONNECT
 echo "drop user if exists a;" | $BENDSQL_CLIENT_CONNECT
 echo "drop user if exists b;" | $BENDSQL_CLIENT_CONNECT
-echo "drop database db_a;" | $BENDSQL_CLIENT_CONNECT