Example 1 with UserInfo
use of org.voltdb.compiler.DeploymentBuilder.UserInfo in project voltdb by VoltDB.
the class TestAdhocCreateDropRole method testBasic.
@Test
public void testBasic() throws Exception {
System.out.println("\n\n-----\n testBasic \n-----\n\n");
String pathToCatalog = Configuration.getPathToCatalogForTest("adhocddl.jar");
String pathToDeployment = Configuration.getPathToCatalogForTest("adhocddl.xml");
VoltProjectBuilder builder = new VoltProjectBuilder();
// Need to parallel dbuilder as we modify builder
DeploymentBuilder dbuilder = new DeploymentBuilder(2, 1, 0);
builder.addLiteralSchema("create table FOO (" + "ID integer not null," + "VAL bigint, " + "constraint PK_TREE primary key (ID)" + ");\n" + "create table FOO_R (" + "ID integer not null," + "VAL bigint, " + "constraint PK_TREE_R primary key (ID)" + ");\n");
builder.addPartitionInfo("FOO", "ID");
dbuilder.setUseDDLSchema(true);
// Use random caps in role names to check case-insensitivity
dbuilder.addUsers(new DeploymentBuilder.UserInfo[] { new DeploymentBuilder.UserInfo("admin", "admin", new String[] { "Administrator" }) });
dbuilder.setSecurityEnabled(true);
dbuilder.setEnableCommandLogging(false);
boolean success = builder.compile(pathToCatalog, 2, 1, 0);
assertTrue("Schema compilation failed", success);
dbuilder.writeXML(pathToDeployment);
//MiscUtils.copyFile(builder.getPathToDeployment(), pathToDeployment);
VoltDB.Configuration config = new VoltDB.Configuration();
config.m_pathToCatalog = pathToCatalog;
config.m_pathToDeployment = pathToDeployment;
try {
startServer(config);
ClientConfig adminConfig = new ClientConfig("admin", "admin");
Client adminClient = ClientFactory.createClient(adminConfig);
ClientConfig userConfig = new ClientConfig("user", "user");
Client userClient = ClientFactory.createClient(userConfig);
adminClient.createConnection("localhost");
// Can't connect a user which doesn't exist
boolean threw = false;
try {
userClient.createConnection("localhost");
} catch (IOException ioe) {
ioe.printStackTrace();
threw = true;
assertTrue(ioe.getMessage().contains("Authentication rejected"));
}
assertTrue("Connecting bad user should have failed", threw);
// Add the user with the new role
dbuilder.addUsers(new UserInfo[] { new UserInfo("user", "user", new String[] { "NEWROLE" }) });
dbuilder.writeXML(pathToDeployment);
try {
adminClient.updateApplicationCatalog(null, new File(pathToDeployment));
} catch (ProcCallException pce) {
pce.printStackTrace();
fail("Should be able to add a user even with a role that doesn't exist");
}
// Check that we can connect the new user
try {
userClient.createConnection("localhost");
} catch (IOException ioe) {
ioe.printStackTrace();
fail("Should have been able to connect 'user'");
}
// Make sure the user doesn't actually have DEFAULTPROC permissions yet
threw = false;
try {
userClient.callProcedure("FOO.insert", 0, 0);
} catch (ProcCallException pce) {
pce.printStackTrace();
threw = true;
}
assertTrue("'user' shouldn't be able to call procedures yet", threw);
// Okay, it's showtime. Let's add the role through live DDL
try {
adminClient.callProcedure("@AdHoc", "create role NEWROLE with DEFAULTPROC");
} catch (ProcCallException pce) {
pce.printStackTrace();
fail("Creating role should have succeeded");
}
try {
adminClient.updateApplicationCatalog(null, new File(pathToDeployment));
} catch (ProcCallException pce) {
pce.printStackTrace();
fail("Adding 'user' should have succeeded this time");
}
// Make sure the user now has DEFAULTPROC permissions
try {
userClient.callProcedure("FOO.insert", 0, 0);
} catch (ProcCallException pce) {
pce.printStackTrace();
fail("'user' should be able to call default procs now");
}
threw = false;
try {
adminClient.callProcedure("@AdHoc", "create role NEWROLE with ALLPROC");
} catch (ProcCallException pce) {
assertTrue(pce.getMessage().contains("already exists"));
threw = true;
}
assertTrue("Shouldn't be able to 'create' same role twice", threw);
threw = false;
try {
// Use random caps in role names to check case-insensitivity
adminClient.callProcedure("@AdHoc", "create role aDministrator with ALLPROC");
} catch (ProcCallException pce) {
assertTrue(pce.getMessage().contains("already exists"));
threw = true;
}
assertTrue("Shouldn't be able to 'create' ADMINISTRATOR role", threw);
threw = false;
try {
adminClient.callProcedure("@AdHoc", "create role USER with ALLPROC");
} catch (ProcCallException pce) {
assertTrue(pce.getMessage().contains("already exists"));
threw = true;
}
assertTrue("Shouldn't be able to 'create' USER role", threw);
try {
adminClient.callProcedure("@AdHoc", "drop role NEWROLE;");
} catch (ProcCallException pce) {
pce.printStackTrace();
fail("Should be able to drop role NEWROLE");
}
// Can't drop twice
try {
adminClient.callProcedure("@AdHoc", "drop role NEWROLE;");
} catch (ProcCallException pce) {
pce.printStackTrace();
threw = true;
}
assertTrue("Can't vanilla DROP a role which doesn't exist", threw);
// unless you use IF EXISTS
try {
adminClient.callProcedure("@AdHoc", "drop role NEWROLE if exists;");
} catch (ProcCallException pce) {
pce.printStackTrace();
fail("Should be able to drop role NEWROLE if exists");
}
// Make sure the user doesn't actually have DEFAULTPROC permissions any more
threw = false;
try {
userClient.callProcedure("FOO.insert", 0, 0);
} catch (ProcCallException pce) {
pce.printStackTrace();
threw = true;
}
assertTrue("'user' shouldn't be able to call procedures yet", threw);
threw = false;
try {
adminClient.callProcedure("@AdHoc", "drop role USER;");
} catch (ProcCallException pce) {
threw = true;
assertTrue(pce.getMessage().contains("You may not drop the built-in role"));
pce.printStackTrace();
}
assertTrue("Shouldn't be able to drop role USER", threw);
// CHeck the administrator error message, there should end up being multiple
// reasons why we can't get rid of this role (like, we will require you to always
// have a user with this role)
threw = false;
try {
// Use random caps in role names to check case-insensitivity
adminClient.callProcedure("@AdHoc", "drop role adMinistrator;");
} catch (ProcCallException pce) {
threw = true;
assertTrue(pce.getMessage().contains("You may not drop the built-in role"));
pce.printStackTrace();
}
assertTrue("Shouldn't be able to drop role ADMINISTRATOR", threw);
// Make sure that we can't get rid of the administrator user
dbuilder.removeUser("admin");
dbuilder.writeXML(pathToDeployment);
threw = false;
try {
adminClient.updateApplicationCatalog(null, new File(pathToDeployment));
} catch (ProcCallException pce) {
pce.printStackTrace();
threw = true;
}
assertTrue("Shouldn't be able to remove the last remaining ADMINSTRATOR user", threw);
} finally {
teardownSystem();
}
}
Also used :
Configuration(org.voltdb.VoltDB.Configuration)
UserInfo(org.voltdb.compiler.DeploymentBuilder.UserInfo)
IOException(java.io.IOException)
VoltProjectBuilder(org.voltdb.compiler.VoltProjectBuilder)
Configuration(org.voltdb.VoltDB.Configuration)
UserInfo(org.voltdb.compiler.DeploymentBuilder.UserInfo)
ClientConfig(org.voltdb.client.ClientConfig)
Client(org.voltdb.client.Client)
File(java.io.File)
DeploymentBuilder(org.voltdb.compiler.DeploymentBuilder)
ProcCallException(org.voltdb.client.ProcCallException)
Test(org.junit.Test)
Aggregations
File (java.io.File)1
IOException (java.io.IOException)1
Test (org.junit.Test)1
Configuration (org.voltdb.VoltDB.Configuration)1
Client (org.voltdb.client.Client)1
ClientConfig (org.voltdb.client.ClientConfig)1
ProcCallException (org.voltdb.client.ProcCallException)1
DeploymentBuilder (org.voltdb.compiler.DeploymentBuilder)1
UserInfo (org.voltdb.compiler.DeploymentBuilder.UserInfo)1
VoltProjectBuilder (org.voltdb.compiler.VoltProjectBuilder)1
