ClickHouse/tests/integration/test_user_valid_until/test.py

from datetime import datetime, timedelta
from time import sleep

import pytest

from helpers.cluster import ClickHouseCluster

cluster = ClickHouseCluster(__file__)
node = cluster.add_instance("node", stay_alive=True)


@pytest.fixture(scope="module")
def started_cluster():
    try:
        cluster.start()
        yield cluster

    finally:
        cluster.shutdown()


def test_basic(started_cluster):
    node.query("DROP USER IF EXISTS user_basic")

    # 1. Without VALID UNTIL
    node.query("CREATE USER user_basic")

    assert (
        node.query("SHOW CREATE USER user_basic")
        == "CREATE USER user_basic IDENTIFIED WITH no_password\n"
    )
    assert node.query("SELECT 1", user="user_basic") == "1\n"

    # 2. With valid VALID UNTIL
    node.query("ALTER USER user_basic VALID UNTIL '06/11/2040 08:03:20 Z+3'")

    assert (
        node.query("SHOW CREATE USER user_basic")
        == "CREATE USER user_basic IDENTIFIED WITH no_password VALID UNTIL \\'2040-11-06 05:03:20\\'\n"
    )
    assert node.query("SELECT 1", user="user_basic") == "1\n"

    # 3. With expired VALID UNTIL
    node.query("ALTER USER user_basic VALID UNTIL '06/11/2010 08:03:20 Z+3'")

    assert (
        node.query("SHOW CREATE USER user_basic")
        == "CREATE USER user_basic IDENTIFIED WITH no_password VALID UNTIL \\'2010-11-06 05:03:20\\'\n"
    )

    error = "Authentication failed"
    assert error in node.query_and_get_error("SELECT 1", user="user_basic")

    # 4. Reset VALID UNTIL
    node.query("ALTER USER user_basic VALID UNTIL 'infinity'")

    assert (
        node.query("SHOW CREATE USER user_basic")
        == "CREATE USER user_basic IDENTIFIED WITH no_password\n"
    )
    assert node.query("SELECT 1", user="user_basic") == "1\n"
    node.query("DROP USER user_basic")

    # 5. Make VALID UNTIL expire
    until_datetime = datetime.today() + timedelta(0, 10)
    until_string = until_datetime.strftime("%Y-%m-%d %H:%M:%S")

    node.query(f"CREATE USER user_basic VALID UNTIL '{until_string}'")

    assert node.query("SELECT 1", user="user_basic") == "1\n"

    sleep(12)

    error = "Authentication failed"
    assert error in node.query_and_get_error("SELECT 1", user="user_basic")

    node.query("DROP USER IF EXISTS user_basic")

    # NOT IDENTIFIED test to make sure valid until is also parsed on its short-circuit
    node.query("CREATE USER user_basic NOT IDENTIFIED VALID UNTIL '01/01/2010'")

    assert (
        node.query("SHOW CREATE USER user_basic")
        == "CREATE USER user_basic IDENTIFIED WITH no_password VALID UNTIL \\'2010-01-01 00:00:00\\'\n"
    )

    assert error in node.query_and_get_error("SELECT 1", user="user_basic")

    node.query("DROP USER IF EXISTS user_basic")


def test_details(started_cluster):
    node.query("DROP USER IF EXISTS user_details_infinity, user_details_time_only")

    # 1. Does not do anything
    node.query("CREATE USER user_details_infinity VALID UNTIL 'infinity'")

    assert (
        node.query("SHOW CREATE USER user_details_infinity")
        == "CREATE USER user_details_infinity IDENTIFIED WITH no_password\n"
    )

    # 2. Time only is not supported
    node.query(
        "CREATE USER user_details_time_only IDENTIFIED WITH no_password VALID UNTIL '22:03:40'"
    )

    until_year = datetime.today().strftime("%Y")

    assert (
        node.query("SHOW CREATE USER user_details_time_only")
        == f"CREATE USER user_details_time_only IDENTIFIED WITH no_password VALID UNTIL \\'{until_year}-01-01 22:03:40\\'\n"
    )

    node.query("DROP USER IF EXISTS user_details_infinity, user_details_time_only")


def test_restart(started_cluster):
    node.query("DROP USER IF EXISTS user_restart")

    node.query("CREATE USER user_restart VALID UNTIL '06/11/2010 08:03:20 Z+3'")

    assert (
        node.query("SHOW CREATE USER user_restart")
        == "CREATE USER user_restart IDENTIFIED WITH no_password VALID UNTIL \\'2010-11-06 05:03:20\\'\n"
    )

    node.restart_clickhouse()

    assert (
        node.query("SHOW CREATE USER user_restart")
        == "CREATE USER user_restart IDENTIFIED WITH no_password VALID UNTIL \\'2010-11-06 05:03:20\\'\n"
    )

    error = "Authentication failed"
    assert error in node.query_and_get_error("SELECT 1", user="user_restart")

    node.query("DROP USER IF EXISTS user_restart")


def test_multiple_authentication_methods(started_cluster):
    node.query("DROP USER IF EXISTS user_basic")

    node.query(
        "CREATE USER user_basic IDENTIFIED WITH plaintext_password BY 'no_expiration',"
        "plaintext_password by 'not_expired' VALID UNTIL '06/11/2040', plaintext_password by 'expired' VALID UNTIL '06/11/2010',"
        "plaintext_password by 'infinity' VALID UNTIL 'infinity'"
    )

    assert (
        node.query("SHOW CREATE USER user_basic")
        == "CREATE USER user_basic IDENTIFIED WITH plaintext_password, plaintext_password VALID UNTIL \\'2040-11-06 00:00:00\\', "
        "plaintext_password VALID UNTIL \\'2010-11-06 00:00:00\\', plaintext_password\n"
    )
    assert node.query("SELECT 1", user="user_basic", password="no_expiration") == "1\n"
    assert node.query("SELECT 1", user="user_basic", password="not_expired") == "1\n"
    assert node.query("SELECT 1", user="user_basic", password="infinity") == "1\n"

    error = "Authentication failed"
    assert error in node.query_and_get_error(
        "SELECT 1", user="user_basic", password="expired"
    )

    # Expire them all
    node.query("ALTER USER user_basic VALID UNTIL '06/11/2010 08:03:20'")

    assert (
        node.query("SHOW CREATE USER user_basic")
        == "CREATE USER user_basic IDENTIFIED WITH plaintext_password VALID UNTIL \\'2010-11-06 08:03:20\\',"
        " plaintext_password VALID UNTIL \\'2010-11-06 08:03:20\\',"
        " plaintext_password VALID UNTIL \\'2010-11-06 08:03:20\\',"
        " plaintext_password VALID UNTIL \\'2010-11-06 08:03:20\\'\n"
    )

    assert error in node.query_and_get_error(
        "SELECT 1", user="user_basic", password="no_expiration"
    )
    assert error in node.query_and_get_error(
        "SELECT 1", user="user_basic", password="not_expired"
    )
    assert error in node.query_and_get_error(
        "SELECT 1", user="user_basic", password="infinity"
    )
    assert error in node.query_and_get_error(
        "SELECT 1", user="user_basic", password="expired"
    )
Fixes 2023-09-13 03:14:02 +00:00			`from datetime import datetime, timedelta`
			`from time import sleep`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00
Automatic style fix 2024-09-27 10:19:39 +00:00			`import pytest`

Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`from helpers.cluster import ClickHouseCluster`

			`cluster = ClickHouseCluster(__file__)`
Fix VALID UNTIL clause resetting after restart 2024-07-11 22:35:39 +00:00			`node = cluster.add_instance("node", stay_alive=True)`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00

			`@pytest.fixture(scope="module")`
			`def started_cluster():`
			`try:`
			`cluster.start()`
			`yield cluster`

			`finally:`
			`cluster.shutdown()`


			`def test_basic(started_cluster):`
add cleanup code to existing tests so flaky tests pass.. 2024-09-02 12:59:28 +00:00			`node.query("DROP USER IF EXISTS user_basic")`

Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`# 1. Without VALID UNTIL`
			`node.query("CREATE USER user_basic")`

try to fix black 2024-06-27 12:20:12 +00:00			`assert (`
			`node.query("SHOW CREATE USER user_basic")`
			`== "CREATE USER user_basic IDENTIFIED WITH no_password\n"`
			`)`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`assert node.query("SELECT 1", user="user_basic") == "1\n"`

			`# 2. With valid VALID UNTIL`
			`node.query("ALTER USER user_basic VALID UNTIL '06/11/2040 08:03:20 Z+3'")`

			`assert (`
			`node.query("SHOW CREATE USER user_basic")`
update some other tests 2024-06-27 01:26:46 +00:00			`== "CREATE USER user_basic IDENTIFIED WITH no_password VALID UNTIL \\'2040-11-06 05:03:20\\'\n"`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`)`
			`assert node.query("SELECT 1", user="user_basic") == "1\n"`

Fixes 2023-09-13 03:14:02 +00:00			`# 3. With expired VALID UNTIL`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`node.query("ALTER USER user_basic VALID UNTIL '06/11/2010 08:03:20 Z+3'")`

			`assert (`
			`node.query("SHOW CREATE USER user_basic")`
update some other tests 2024-06-27 01:26:46 +00:00			`== "CREATE USER user_basic IDENTIFIED WITH no_password VALID UNTIL \\'2010-11-06 05:03:20\\'\n"`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`)`

			`error = "Authentication failed"`
			`assert error in node.query_and_get_error("SELECT 1", user="user_basic")`

			`# 4. Reset VALID UNTIL`
			`node.query("ALTER USER user_basic VALID UNTIL 'infinity'")`

try to fix black 2024-06-27 12:20:12 +00:00			`assert (`
			`node.query("SHOW CREATE USER user_basic")`
			`== "CREATE USER user_basic IDENTIFIED WITH no_password\n"`
			`)`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`assert node.query("SELECT 1", user="user_basic") == "1\n"`
Fixes 2023-09-13 03:14:02 +00:00			`node.query("DROP USER user_basic")`

			`# 5. Make VALID UNTIL expire`
			`until_datetime = datetime.today() + timedelta(0, 10)`
			`until_string = until_datetime.strftime("%Y-%m-%d %H:%M:%S")`

			`node.query(f"CREATE USER user_basic VALID UNTIL '{until_string}'")`

			`assert node.query("SELECT 1", user="user_basic") == "1\n"`

			`sleep(12)`

			`error = "Authentication failed"`
			`assert error in node.query_and_get_error("SELECT 1", user="user_basic")`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00
add cleanup code to existing tests so flaky tests pass.. 2024-09-02 12:59:28 +00:00			`node.query("DROP USER IF EXISTS user_basic")`

make sure valid until is parsed for not identified as well 2024-10-08 12:03:23 +00:00			`# NOT IDENTIFIED test to make sure valid until is also parsed on its short-circuit`
			`node.query("CREATE USER user_basic NOT IDENTIFIED VALID UNTIL '01/01/2010'")`

			`assert (`
black check 2024-10-08 12:19:02 +00:00			`node.query("SHOW CREATE USER user_basic")`
			`== "CREATE USER user_basic IDENTIFIED WITH no_password VALID UNTIL \\'2010-01-01 00:00:00\\'\n"`
make sure valid until is parsed for not identified as well 2024-10-08 12:03:23 +00:00			`)`

			`assert error in node.query_and_get_error("SELECT 1", user="user_basic")`

			`node.query("DROP USER IF EXISTS user_basic")`

Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00
			`def test_details(started_cluster):`
add cleanup code to existing tests so flaky tests pass.. 2024-09-02 12:59:28 +00:00			`node.query("DROP USER IF EXISTS user_details_infinity, user_details_time_only")`

Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`# 1. Does not do anything`
			`node.query("CREATE USER user_details_infinity VALID UNTIL 'infinity'")`

			`assert (`
			`node.query("SHOW CREATE USER user_details_infinity")`
update some other tests 2024-06-27 01:26:46 +00:00			`== "CREATE USER user_details_infinity IDENTIFIED WITH no_password\n"`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`)`

			`# 2. Time only is not supported`
try to fix black 2024-06-27 12:20:12 +00:00			`node.query(`
			`"CREATE USER user_details_time_only IDENTIFIED WITH no_password VALID UNTIL '22:03:40'"`
			`)`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00
Fix test_user_valid_until 2024-01-02 13:50:28 +00:00			`until_year = datetime.today().strftime("%Y")`

Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`assert (`
			`node.query("SHOW CREATE USER user_details_time_only")`
update some other tests 2024-06-27 01:26:46 +00:00			`== f"CREATE USER user_details_time_only IDENTIFIED WITH no_password VALID UNTIL \\'{until_year}-01-01 22:03:40\\'\n"`
Add VALID UNTIL clause for users 2023-06-22 01:35:11 +00:00			`)`
Fix VALID UNTIL clause resetting after restart 2024-07-11 22:35:39 +00:00
add cleanup code to existing tests so flaky tests pass.. 2024-09-02 12:59:28 +00:00			`node.query("DROP USER IF EXISTS user_details_infinity, user_details_time_only")`

Fix VALID UNTIL clause resetting after restart 2024-07-11 22:35:39 +00:00
			`def test_restart(started_cluster):`
add cleanup code to existing tests so flaky tests pass.. 2024-09-02 12:59:28 +00:00			`node.query("DROP USER IF EXISTS user_restart")`

Fix VALID UNTIL clause resetting after restart 2024-07-11 22:35:39 +00:00			`node.query("CREATE USER user_restart VALID UNTIL '06/11/2010 08:03:20 Z+3'")`

			`assert (`
			`node.query("SHOW CREATE USER user_restart")`
fix test that was recently introduced 2024-07-23 12:32:59 +00:00			`== "CREATE USER user_restart IDENTIFIED WITH no_password VALID UNTIL \\'2010-11-06 05:03:20\\'\n"`
Fix VALID UNTIL clause resetting after restart 2024-07-11 22:35:39 +00:00			`)`

			`node.restart_clickhouse()`

			`assert (`
			`node.query("SHOW CREATE USER user_restart")`
fix test that was recently introduced 2024-07-23 12:32:59 +00:00			`== "CREATE USER user_restart IDENTIFIED WITH no_password VALID UNTIL \\'2010-11-06 05:03:20\\'\n"`
Fix VALID UNTIL clause resetting after restart 2024-07-11 22:35:39 +00:00			`)`

			`error = "Authentication failed"`
			`assert error in node.query_and_get_error("SELECT 1", user="user_restart")`
add cleanup code to existing tests so flaky tests pass.. 2024-09-02 12:59:28 +00:00
			`node.query("DROP USER IF EXISTS user_restart")`
tests for expiration time for each auth metho 2024-09-30 18:28:21 +00:00

			`def test_multiple_authentication_methods(started_cluster):`
			`node.query("DROP USER IF EXISTS user_basic")`

			`node.query(`
			`"CREATE USER user_basic IDENTIFIED WITH plaintext_password BY 'no_expiration',"`
			`"plaintext_password by 'not_expired' VALID UNTIL '06/11/2040', plaintext_password by 'expired' VALID UNTIL '06/11/2010',"`
			`"plaintext_password by 'infinity' VALID UNTIL 'infinity'"`
			`)`

			`assert (`
fix style and add docs 2024-09-30 18:44:02 +00:00			`node.query("SHOW CREATE USER user_basic")`
			`== "CREATE USER user_basic IDENTIFIED WITH plaintext_password, plaintext_password VALID UNTIL \\'2040-11-06 00:00:00\\', "`
			`"plaintext_password VALID UNTIL \\'2010-11-06 00:00:00\\', plaintext_password\n"`
tests for expiration time for each auth metho 2024-09-30 18:28:21 +00:00			`)`
			`assert node.query("SELECT 1", user="user_basic", password="no_expiration") == "1\n"`
			`assert node.query("SELECT 1", user="user_basic", password="not_expired") == "1\n"`
			`assert node.query("SELECT 1", user="user_basic", password="infinity") == "1\n"`

			`error = "Authentication failed"`
fix style and add docs 2024-09-30 18:44:02 +00:00			`assert error in node.query_and_get_error(`
			`"SELECT 1", user="user_basic", password="expired"`
			`)`
tests for expiration time for each auth metho 2024-09-30 18:28:21 +00:00
			`# Expire them all`
			`node.query("ALTER USER user_basic VALID UNTIL '06/11/2010 08:03:20'")`

			`assert (`
fix style and add docs 2024-09-30 18:44:02 +00:00			`node.query("SHOW CREATE USER user_basic")`
			`== "CREATE USER user_basic IDENTIFIED WITH plaintext_password VALID UNTIL \\'2010-11-06 08:03:20\\',"`
			`" plaintext_password VALID UNTIL \\'2010-11-06 08:03:20\\',"`
			`" plaintext_password VALID UNTIL \\'2010-11-06 08:03:20\\',"`
			`" plaintext_password VALID UNTIL \\'2010-11-06 08:03:20\\'\n"`
tests for expiration time for each auth metho 2024-09-30 18:28:21 +00:00			`)`

fix style and add docs 2024-09-30 18:44:02 +00:00			`assert error in node.query_and_get_error(`
			`"SELECT 1", user="user_basic", password="no_expiration"`
			`)`
			`assert error in node.query_and_get_error(`
			`"SELECT 1", user="user_basic", password="not_expired"`
			`)`
			`assert error in node.query_and_get_error(`
			`"SELECT 1", user="user_basic", password="infinity"`
			`)`
			`assert error in node.query_and_get_error(`
			`"SELECT 1", user="user_basic", password="expired"`
			`)`