thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-11-25 09:02:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix postgresql protocol with row policy

Browse Source
This commit is contained in:
kssenii 2021-04-07 12:55:20 +00:00
parent d2d4a3d796
commit 15ae912b56
4 changed files with 75 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docker/test/stateless/Dockerfile
View File

@ -28,7 +28,9 @@ RUN apt-get update -y \
tree \ tree \
unixodbc \ unixodbc \
wget \ wget \
mysql-client=5.7* mysql-client=5.7* \
postgresql \
postgresql-contrib
RUN pip3 install numpy scipy pandas RUN pip3 install numpy scipy pandas

10
src/Core/PostgreSQLProtocol.h
View File

@ -832,10 +832,13 @@ class NoPasswordAuth : public AuthenticationMethod
{ {
public: public:
void authenticate( void authenticate(
const String & /* user_name */, const String & user_name,
Context & /* context */, Context & context,
Messaging::MessageTransport & /* mt */, Messaging::MessageTransport & /* mt */,
const Poco::Net::SocketAddress & /* address */) override {} const Poco::Net::SocketAddress & address) override
{
context.setUser(user_name, "", address);
}
Authentication::Type getType() const override Authentication::Type getType() const override
{ {
@ -859,6 +862,7 @@ public:
{ {
std::unique_ptr<Messaging::PasswordMessage> password = mt.receive<Messaging::PasswordMessage>(); std::unique_ptr<Messaging::PasswordMessage> password = mt.receive<Messaging::PasswordMessage>();
setPassword(user_name, password->password, context, mt, address); setPassword(user_name, password->password, context, mt, address);
context.setUser(user_name, password->password, address);
} }
else else
throw Exception( throw Exception(

24
tests/queries/0_stateless/01802_test_postgresql_protocol_with_row_policy.reference Normal file
View File

@ -0,0 +1,24 @@
before row policy
0
1
2
3
4
5
6
7
8
9
after row policy with no password
val
-----
2
(1 row)
after row policy with plaintext_password
val
-----
2
(1 row)

41
tests/queries/0_stateless/01802_test_postgresql_protocol_with_row_policy.sh Executable file
View File

@ -0,0 +1,41 @@
#!/usr/bin/env bash
CUR_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
# shellcheck source=../shell_config.sh
. "$CUR_DIR"/../shell_config.sh
echo "
DROP USER IF EXISTS postgresql_protocol_user;
DROP TABLE IF EXISTS postgresql_protocol_with_row_policy;
DROP ROW POLICY IF EXISTS test_policy ON postgresql_protocol_with_row_policy;
CREATE TABLE postgresql_protocol_with_row_policy (val UInt32) ENGINE=MergeTree ORDER BY val;
INSERT INTO postgresql_protocol_with_row_policy SELECT number FROM numbers(10);
SELECT 'before row policy';
SELECT * FROM postgresql_protocol_with_row_policy;
SELECT '';
" | $CLICKHOUSE_CLIENT -n
echo "
CREATE USER postgresql_protocol_user HOST IP '127.0.0.1' IDENTIFIED WITH no_password;
GRANT SELECT(val) ON postgresql_protocol_with_row_policy TO postgresql_protocol_user;
CREATE ROW POLICY IF NOT EXISTS test_policy ON postgresql_protocol_with_row_policy FOR SELECT USING val = 2 TO postgresql_protocol_user;
SELECT 'after row policy with no password';
" | $CLICKHOUSE_CLIENT -n
psql --host localhost --port 5433 default --user postgresql_protocol_user -c "SELECT * FROM postgresql_protocol_with_row_policy;"
echo "
DROP USER IF EXISTS postgresql_protocol_user;
DROP ROW POLICY IF EXISTS test_policy ON postgresql_protocol_with_row_policy;
CREATE USER postgresql_protocol_user HOST IP '127.0.0.1' IDENTIFIED WITH plaintext_password BY 'qwerty';
GRANT SELECT(val) ON postgresql_protocol_with_row_policy TO postgresql_protocol_user;
CREATE ROW POLICY IF NOT EXISTS test_policy ON postgresql_protocol_with_row_policy FOR SELECT USING val = 2 TO postgresql_protocol_user;
SELECT 'after row policy with plaintext_password';
" | $CLICKHOUSE_CLIENT -n
psql "postgresql://postgresql_protocol_user:qwerty@localhost:5433/default" -c "SELECT * FROM postgresql_protocol_with_row_policy;"