Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(flaky): fix flaky 18_0002_ownership_cover #14300

Merged
merged 1 commit into from
Jan 11, 2024
Merged

chore(flaky): fix flaky 18_0002_ownership_cover #14300

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 9 additions & 8 deletions tests/suites/0_stateless/18_rbac/18_0002_ownership_cover.result
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,24 +14,25 @@ Error: APIError: ResponseError with 1063: Permission denied, privilege [Usage] i
Error: APIError: ResponseError with 1063: Permission denied, privilege [Read] is required on STAGE hello for user 'owner'@'%' with roles [public,r_0002]
Error: APIError: ResponseError with 1063: Permission denied, privilege [Select] is required on 'default'.'d_0002'.'t' for user 'owner'@'%' with roles [public,r_0002]
=== test ownership: show stmt ===
Error: APIError: ResponseError with 1003: Unknown database 'db_a'
public 0 false false
role1 0 true true
t
t1
db_a
information_schema
GRANT OWNERSHIP ON 'default'.'db_a'.* TO ROLE `role1`
GRANT OWNERSHIP ON 'default'.'db_a'.'t' TO ROLE `role1`
GRANT OWNERSHIP ON 'default'.'db_a'.'t1' TO ROLE `role1`
GRANT CREATE ON *.* TO 'a'@'%'
GRANT OWNERSHIP ON 'default'.'db_a'.* TO ROLE `role1`
GRANT OWNERSHIP ON 'default'.'db_a'.'t1' TO ROLE `role1`
GRANT CREATE ON *.* TO 'a'@'%'
GRANT CREATE ON *.* TO 'b'@'%'
GRANT OWNERSHIP ON 'default'.'db_a'.* TO 'b'@'%'
GRANT OWNERSHIP ON 'default'.'db_a'.'t' TO 'b'@'%'
GRANT OWNERSHIP ON 'default'.'db_a'.'t1' TO 'b'@'%'
GRANT CREATE ON *.* TO 'a'@'%'
GRANT OWNERSHIP ON 'default'.'db_a'.* TO 'a'@'%'
GRANT OWNERSHIP ON 'default'.'db_a'.'t' TO 'a'@'%'
GRANT OWNERSHIP ON 'default'.'db_a'.'t1' TO 'a'@'%'
t
t1
t
t1
GRANT CREATE ON *.* TO 'a'@'%'
Error: APIError: ResponseError with 1063: Permission denied: User 'a'@'%' does not have the required privileges for database 'db_a'
t
t1
25 changes: 10 additions & 15 deletions tests/suites/0_stateless/18_rbac/18_0002_ownership_cover.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,34 +83,29 @@ echo "unset enable_experimental_rbac_check" | $BENDSQL_CLIENT_CONNECT
echo "=== test ownership: show stmt ==="
echo "drop user if exists a;" | $BENDSQL_CLIENT_CONNECT
echo "drop user if exists b;" | $BENDSQL_CLIENT_CONNECT
echo "drop database db_a;" | $BENDSQL_CLIENT_CONNECT
echo "drop database if exists db_a;" | $BENDSQL_CLIENT_CONNECT
echo "drop role if exists role1;" | $BENDSQL_CLIENT_CONNECT


echo "create role role1;" | $BENDSQL_CLIENT_CONNECT
echo "create user a identified by '123' with DEFAULT_ROLE='role1';" | $BENDSQL_CLIENT_CONNECT
echo "create user b identified by '123';" | $BENDSQL_CLIENT_CONNECT
echo "grant create on *.* to a;" | $BENDSQL_CLIENT_CONNECT
echo "grant create on *.* to b;" | $BENDSQL_CLIENT_CONNECT
echo "create user a identified by '123'" | $BENDSQL_CLIENT_CONNECT
echo "create database db_a;" | $BENDSQL_CLIENT_CONNECT
echo "grant ownership on db_a.* to role role1;" | $BENDSQL_CLIENT_CONNECT
echo "grant role role1 to a;" | $BENDSQL_CLIENT_CONNECT

echo "create user b identified by '123';" | $BENDSQL_CLIENT_CONNECT

export USER_A_CONNECT="bendsql --user=a --password=123 --host=${QUERY_MYSQL_HANDLER_HOST} --port ${QUERY_HTTP_HANDLER_PORT}"
export USER_B_CONNECT="bendsql --user=b --password=123 --host=${QUERY_MYSQL_HANDLER_HOST} --port ${QUERY_HTTP_HANDLER_PORT}"


echo "set default role role1;" | $USER_A_CONNECT
echo "show roles;" | $USER_A_CONNECT
echo "create database db_a;" | $USER_A_CONNECT
echo "create table db_a.t(id int);" | $USER_A_CONNECT
echo "create table db_a.t1(id int);" | $USER_A_CONNECT
echo "show tables from db_a" | $USER_A_CONNECT
echo "show databases" | $USER_A_CONNECT

echo "show grants for role role1;" | $BENDSQL_CLIENT_CONNECT
echo "show grants for a;" | $BENDSQL_CLIENT_CONNECT

echo "drop table db_a.t" | $USER_A_CONNECT

echo "show grants for role role1;" | $BENDSQL_CLIENT_CONNECT
echo "show grants for a;" | $BENDSQL_CLIENT_CONNECT

echo "grant role role1 to b;" | $BENDSQL_CLIENT_CONNECT
echo "show grants for b;" | $BENDSQL_CLIENT_CONNECT
Expand All @@ -122,12 +117,12 @@ echo "show tables from db_a;" | $USER_B_CONNECT

echo "revoke role role1 from a;" | $BENDSQL_CLIENT_CONNECT
echo "show grants for a ;" | $BENDSQL_CLIENT_CONNECT
echo "revoke create on *.* from a;" | $BENDSQL_CLIENT_CONNECT

echo "show tables from db_a;" | $USER_A_CONNECT
echo "show tables from db_a;" | $USER_B_CONNECT

echo "drop table db_a.t1;" | $USER_B_CONNECT
echo "drop database db_a;" | $BENDSQL_CLIENT_CONNECT
echo "drop role if exists role1;" | $BENDSQL_CLIENT_CONNECT
echo "drop user if exists a;" | $BENDSQL_CLIENT_CONNECT
echo "drop user if exists b;" | $BENDSQL_CLIENT_CONNECT
echo "drop database db_a;" | $BENDSQL_CLIENT_CONNECT
Loading