ClickHouse/tests/queries/0_stateless/03234_check_grant.sh

#!/usr/bin/env bash

CURDIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
# shellcheck source=../shell_config.sh
. "$CURDIR"/../shell_config.sh

db=${CLICKHOUSE_DATABASE}
user=user_${CLICKHOUSE_TEST_UNIQUE_NAME}
role=role_${CLICKHOUSE_TEST_UNIQUE_NAME}

${CLICKHOUSE_CLIENT} --query "DROP ROLE IF EXISTS $role; DROP USER IF EXISTS $user; DROP TABLE IF EXISTS ${db}.tb;"

${CLICKHOUSE_CLIENT} --query "CREATE USER $user; GRANT SELECT ON ${db}.tb TO $user;"

# Has been granted but not table not exists 
# expected to 1
${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tb"

${CLICKHOUSE_CLIENT} --query "CREATE TABLE ${db}.tb (\`content\` UInt64) ENGINE = MergeTree ORDER BY content; INSERT INTO ${db}.tb VALUES (1);"
# Has been granted and table exists
# expected to 1
${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tb"

${CLICKHOUSE_CLIENT} --query "REVOKE SELECT ON ${db}.tb FROM $user;"
# Has not been granted but table exists
# expected to 0
${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tb"

# Role
# expected to 1
${CLICKHOUSE_CLIENT} --query "CREATE ROLE $role; GRANT SELECT ON ${db}.tb TO $role; GRANT $role TO $user"
${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "SET ROLE $role"
${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tb"

# wildcard
${CLICKHOUSE_CLIENT} --query "GRANT SELECT ON ${db}.tbb* TO $user;"
# expected to 1
${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tbb1"
# expected to 1
${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tbb2*"

${CLICKHOUSE_CLIENT} --query "DROP ROLE $role; DROP USER $user; DROP TABLE $db.tb;"
[Update] Use stateless test instead of integration test 2024-09-08 08:09:01 +00:00			`#!/usr/bin/env bash`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00
[Fix] Add source env build in stateless test 2024-09-08 09:19:36 +00:00			`CURDIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)`
			`# shellcheck source=../shell_config.sh`
			`. "$CURDIR"/../shell_config.sh`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00
[Test] Add test case for check grant 2024-10-01 07:38:19 +00:00			`db=${CLICKHOUSE_DATABASE}`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`user=user_${CLICKHOUSE_TEST_UNIQUE_NAME}`
			`role=role_${CLICKHOUSE_TEST_UNIQUE_NAME}`
[Update] Use stateless test instead of integration test 2024-09-08 08:09:01 +00:00
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`${CLICKHOUSE_CLIENT} --query "DROP ROLE IF EXISTS $role; DROP USER IF EXISTS $user; DROP TABLE IF EXISTS ${db}.tb;"`

			`${CLICKHOUSE_CLIENT} --query "CREATE USER $user; GRANT SELECT ON ${db}.tb TO $user;"`
[Update] Use stateless test instead of integration test 2024-09-08 08:09:01 +00:00
[Test] Add test case for check grant 2024-10-01 07:38:19 +00:00			`# Has been granted but not table not exists`
			`# expected to 1`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tb"`
[Update] Use stateless test instead of integration test 2024-09-08 08:09:01 +00:00
[Test] Add test case for check grant 2024-10-01 07:38:19 +00:00			${CLICKHOUSE_CLIENT} --query "CREATE TABLE ${db}.tb (\`content\` UInt64) ENGINE = MergeTree ORDER BY content; INSERT INTO ${db}.tb VALUES (1);"
[Update] Use stateless test instead of integration test 2024-09-08 08:09:01 +00:00			`# Has been granted and table exists`
[Test] Add test case for check grant 2024-10-01 07:38:19 +00:00			`# expected to 1`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tb"`
[Update] Use stateless test instead of integration test 2024-09-08 08:09:01 +00:00
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`${CLICKHOUSE_CLIENT} --query "REVOKE SELECT ON ${db}.tb FROM $user;"`
[Update] Use stateless test instead of integration test 2024-09-08 08:09:01 +00:00			`# Has not been granted but table exists`
[Test] Add test case for check grant 2024-10-01 07:38:19 +00:00			`# expected to 0`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tb"`
[Update] Use stateless test instead of integration test 2024-09-08 08:09:01 +00:00
			`# Role`
[Test] Add test case for check grant 2024-10-01 07:38:19 +00:00			`# expected to 1`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`${CLICKHOUSE_CLIENT} --query "CREATE ROLE $role; GRANT SELECT ON ${db}.tb TO $role; GRANT $role TO $user"`
			`${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "SET ROLE $role"`
			`${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tb"`
[Test] Add test case for check grant 2024-10-01 07:38:19 +00:00
			`# wildcard`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`${CLICKHOUSE_CLIENT} --query "GRANT SELECT ON ${db}.tbb* TO $user;"`
[Doc/Test] Update doc about check grant wildcard; Add more case in stateless-test case about check grant wildcard 2024-10-02 00:11:17 +00:00			`# expected to 1`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tbb1"`
[Doc/Test] Update doc about check grant wildcard; Add more case in stateless-test case about check grant wildcard 2024-10-02 00:11:17 +00:00			`# expected to 1`
Allow test 03234_check_grant.sh to run in parallel. 2024-11-19 16:43:57 +00:00			`${CLICKHOUSE_CURL} -sS "${CLICKHOUSE_URL}&user=$user" --data-binary "CHECK GRANT SELECT ON ${db}.tbb2*"`

			`${CLICKHOUSE_CLIENT} --query "DROP ROLE $role; DROP USER $user; DROP TABLE $db.tb;"`