ClickHouse/tests/integration/test_access_control_on_cluster/test.py

import pytest
from helpers.cluster import ClickHouseCluster

cluster = ClickHouseCluster(__file__)
ch1 = cluster.add_instance(
    "ch1",
    main_configs=["configs/config.d/clusters.xml"],
    user_configs=[
        "configs/users.d/users.xml",
    ],
    with_zookeeper=True,
)
ch2 = cluster.add_instance(
    "ch2",
    main_configs=["configs/config.d/clusters.xml"],
    user_configs=[
        "configs/users.d/users.xml",
    ],
    with_zookeeper=True,
)
ch3 = cluster.add_instance(
    "ch3",
    main_configs=["configs/config.d/clusters.xml"],
    user_configs=[
        "configs/users.d/users.xml",
    ],
    with_zookeeper=True,
)


@pytest.fixture(scope="module", autouse=True)
def started_cluster():
    try:
        cluster.start()
        yield cluster

    finally:
        cluster.shutdown()


def test_access_control_on_cluster():
    ch1.query_with_retry(
        "CREATE USER IF NOT EXISTS Alex ON CLUSTER 'cluster'", retry_count=5
    )
    assert ch1.query("SHOW CREATE USER Alex") == "CREATE USER Alex\n"
    assert ch2.query("SHOW CREATE USER Alex") == "CREATE USER Alex\n"
    assert ch3.query("SHOW CREATE USER Alex") == "CREATE USER Alex\n"

    ch2.query_with_retry(
        "GRANT ON CLUSTER 'cluster' SELECT ON *.* TO Alex", retry_count=3
    )
    assert ch1.query("SHOW GRANTS FOR Alex") == "GRANT SELECT ON *.* TO Alex\n"
    assert ch2.query("SHOW GRANTS FOR Alex") == "GRANT SELECT ON *.* TO Alex\n"
    assert ch3.query("SHOW GRANTS FOR Alex") == "GRANT SELECT ON *.* TO Alex\n"

    ch3.query_with_retry(
        "REVOKE ON CLUSTER 'cluster' SELECT ON *.* FROM Alex", retry_count=3
    )
    assert ch1.query("SHOW GRANTS FOR Alex") == ""
    assert ch2.query("SHOW GRANTS FOR Alex") == ""
    assert ch3.query("SHOW GRANTS FOR Alex") == ""

    ch2.query_with_retry("DROP USER Alex ON CLUSTER 'cluster'", retry_count=3)
    assert "There is no user `Alex`" in ch1.query_and_get_error("SHOW CREATE USER Alex")
    assert "There is no user `Alex`" in ch2.query_and_get_error("SHOW CREATE USER Alex")
    assert "There is no user `Alex`" in ch3.query_and_get_error("SHOW CREATE USER Alex")


def test_grant_all_on_cluster():
    ch1.query("CREATE USER IF NOT EXISTS Alex ON CLUSTER 'cluster'")
    ch1.query("GRANT ALL ON *.* TO Alex ON CLUSTER 'cluster'")

    assert ch1.query("SHOW GRANTS FOR Alex") == "GRANT ALL ON *.* TO Alex\n"
    assert ch2.query("SHOW GRANTS FOR Alex") == "GRANT ALL ON *.* TO Alex\n"

    ch1.query("DROP USER Alex ON CLUSTER 'cluster'")


def test_grant_current_database_on_cluster():
    ch1.query("CREATE DATABASE user_db ON CLUSTER 'cluster'")
    ch1.query(
        "CREATE USER IF NOT EXISTS test_user ON CLUSTER 'cluster' DEFAULT DATABASE user_db"
    )
    ch1.query(
        "GRANT SELECT ON user_db.* TO test_user ON CLUSTER 'cluster' WITH GRANT OPTION"
    )
    ch1.query("GRANT CLUSTER ON * TO test_user ON CLUSTER 'cluster'")

    assert ch1.query("SHOW DATABASES", user="test_user") == "user_db\n"
    ch1.query("GRANT SELECT ON * TO test_user ON CLUSTER 'cluster'", user="test_user")
    assert ch1.query("SHOW DATABASES", user="test_user") == "user_db\n"
Implement "ON CLUSTER" clause for access control SQL. 2020-04-05 23:03:20 +00:00			`import pytest`
			`from helpers.cluster import ClickHouseCluster`

			`cluster = ClickHouseCluster(__file__)`
Apply black formatter to all *.py files in the repo 2022-03-22 16:39:58 +00:00			`ch1 = cluster.add_instance(`
Fix integration test 2023-02-05 21:38:07 +00:00			`"ch1",`
			`main_configs=["configs/config.d/clusters.xml"],`
			`user_configs=[`
			`"configs/users.d/users.xml",`
			`],`
			`with_zookeeper=True,`
Apply black formatter to all *.py files in the repo 2022-03-22 16:39:58 +00:00			`)`
			`ch2 = cluster.add_instance(`
Fix integration test 2023-02-05 21:38:07 +00:00			`"ch2",`
			`main_configs=["configs/config.d/clusters.xml"],`
			`user_configs=[`
			`"configs/users.d/users.xml",`
			`],`
			`with_zookeeper=True,`
Apply black formatter to all *.py files in the repo 2022-03-22 16:39:58 +00:00			`)`
			`ch3 = cluster.add_instance(`
Fix integration test 2023-02-05 21:38:07 +00:00			`"ch3",`
			`main_configs=["configs/config.d/clusters.xml"],`
			`user_configs=[`
			`"configs/users.d/users.xml",`
			`],`
			`with_zookeeper=True,`
Apply black formatter to all *.py files in the repo 2022-03-22 16:39:58 +00:00			`)`
Implement "ON CLUSTER" clause for access control SQL. 2020-04-05 23:03:20 +00:00
Format and optimize imports in integration test files This PR formats all the `*.py` files found under the `tests/integration` folder. It also reorders the imports and cleans up a bunch of unused imports. The formatting also takes care of other things like wrapping lines and fixing spaces and indents such that the tests look more readable. 2020-09-16 04:26:10 +00:00
Implement "ON CLUSTER" clause for access control SQL. 2020-04-05 23:03:20 +00:00			`@pytest.fixture(scope="module", autouse=True)`
			`def started_cluster():`
			`try:`
			`cluster.start()`
			`yield cluster`

			`finally:`
			`cluster.shutdown()`


			`def test_access_control_on_cluster():`
Apply black formatter to all *.py files in the repo 2022-03-22 16:39:58 +00:00			`ch1.query_with_retry(`
			`"CREATE USER IF NOT EXISTS Alex ON CLUSTER 'cluster'", retry_count=5`
			`)`
Implement "ON CLUSTER" clause for access control SQL. 2020-04-05 23:03:20 +00:00			`assert ch1.query("SHOW CREATE USER Alex") == "CREATE USER Alex\n"`
			`assert ch2.query("SHOW CREATE USER Alex") == "CREATE USER Alex\n"`
			`assert ch3.query("SHOW CREATE USER Alex") == "CREATE USER Alex\n"`

Apply black formatter to all *.py files in the repo 2022-03-22 16:39:58 +00:00			`ch2.query_with_retry(`
			`"GRANT ON CLUSTER 'cluster' SELECT ON . TO Alex", retry_count=3`
			`)`
Implement "ON CLUSTER" clause for access control SQL. 2020-04-05 23:03:20 +00:00			`assert ch1.query("SHOW GRANTS FOR Alex") == "GRANT SELECT ON . TO Alex\n"`
			`assert ch2.query("SHOW GRANTS FOR Alex") == "GRANT SELECT ON . TO Alex\n"`
			`assert ch3.query("SHOW GRANTS FOR Alex") == "GRANT SELECT ON . TO Alex\n"`

Apply black formatter to all *.py files in the repo 2022-03-22 16:39:58 +00:00			`ch3.query_with_retry(`
			`"REVOKE ON CLUSTER 'cluster' SELECT ON . FROM Alex", retry_count=3`
			`)`
Implement "ON CLUSTER" clause for access control SQL. 2020-04-05 23:03:20 +00:00			`assert ch1.query("SHOW GRANTS FOR Alex") == ""`
			`assert ch2.query("SHOW GRANTS FOR Alex") == ""`
			`assert ch3.query("SHOW GRANTS FOR Alex") == ""`

Add retries to test_access_control_on_cluster 2021-02-09 15:37:33 +00:00			`ch2.query_with_retry("DROP USER Alex ON CLUSTER 'cluster'", retry_count=3)`
Use enum Type instead of std::type_index to represent the type of IAccessEntity. This change simplifies handling of access entities in access storages. 2020-05-03 03:12:03 +00:00			assert "There is no user `Alex`" in ch1.query_and_get_error("SHOW CREATE USER Alex")
			assert "There is no user `Alex`" in ch2.query_and_get_error("SHOW CREATE USER Alex")
			assert "There is no user `Alex`" in ch3.query_and_get_error("SHOW CREATE USER Alex")
Fix crash when granting ALL on cluster. 2022-07-01 10:18:09 +00:00

			`def test_grant_all_on_cluster():`
			`ch1.query("CREATE USER IF NOT EXISTS Alex ON CLUSTER 'cluster'")`
			`ch1.query("GRANT ALL ON . TO Alex ON CLUSTER 'cluster'")`

			`assert ch1.query("SHOW GRANTS FOR Alex") == "GRANT ALL ON . TO Alex\n"`
			`assert ch2.query("SHOW GRANTS FOR Alex") == "GRANT ALL ON . TO Alex\n"`

			`ch1.query("DROP USER Alex ON CLUSTER 'cluster'")`
Fix default database with grant on cluster 2024-06-03 22:43:08 +00:00

			`def test_grant_current_database_on_cluster():`
			`ch1.query("CREATE DATABASE user_db ON CLUSTER 'cluster'")`
Automatic style fix 2024-06-03 22:55:53 +00:00			`ch1.query(`
			`"CREATE USER IF NOT EXISTS test_user ON CLUSTER 'cluster' DEFAULT DATABASE user_db"`
			`)`
			`ch1.query(`
			`"GRANT SELECT ON user_db.* TO test_user ON CLUSTER 'cluster' WITH GRANT OPTION"`
			`)`
fix test 2024-06-04 01:29:08 +00:00			`ch1.query("GRANT CLUSTER ON * TO test_user ON CLUSTER 'cluster'")`
Fix default database with grant on cluster 2024-06-03 22:43:08 +00:00
			`assert ch1.query("SHOW DATABASES", user="test_user") == "user_db\n"`
			`ch1.query("GRANT SELECT ON * TO test_user ON CLUSTER 'cluster'", user="test_user")`
			`assert ch1.query("SHOW DATABASES", user="test_user") == "user_db\n"`