diff --git a/tests/integration/test_max_authentication_methods_per_user/test.py b/tests/integration/test_max_authentication_methods_per_user/test.py index 81d36dfd21d..2a1d54d9b5a 100644 --- a/tests/integration/test_max_authentication_methods_per_user/test.py +++ b/tests/integration/test_max_authentication_methods_per_user/test.py @@ -23,11 +23,11 @@ def started_cluster(): finally: cluster.shutdown() +expected_error = "User can not be created/updated because it exceeds the allowed quantity of authentication methods per user" def test_create(started_cluster): - expected_error = "User can not be created/updated because it exceeds the allowed quantity of authentication methods per user" - assert expected_error in limited_node.query_and_get_error("CREATE USER u_max_authentication_methods IDENTIFIED BY '1', BY '2', BY '3'") + assert expected_error in limited_node.query_and_get_error("CREATE USER u_max_authentication_methods IDENTIFIED BY '1', BY '2', BY '3'") assert expected_error not in limited_node.query_and_get_answer_with_error("CREATE USER u_max_authentication_methods IDENTIFIED BY '1', BY '2'") @@ -36,10 +36,8 @@ def test_create(started_cluster): def test_alter(started_cluster): limited_node.query("CREATE USER u_max_authentication_methods IDENTIFIED BY '1'") - expected_error = "User can not be created/updated because it exceeds the allowed quantity of authentication methods per user" assert expected_error in limited_node.query_and_get_error("ALTER USER u_max_authentication_methods ADD IDENTIFIED BY '2', BY '3'") - expected_error = "User can not be created/updated because it exceeds the allowed quantity of authentication methods per user" assert expected_error in limited_node.query_and_get_error("ALTER USER u_max_authentication_methods IDENTIFIED BY '3', BY '4', BY '5'") assert expected_error not in limited_node.query_and_get_answer_with_error("ALTER USER u_max_authentication_methods ADD IDENTIFIED BY '2'") @@ -47,3 +45,44 @@ def test_alter(started_cluster): assert expected_error not in limited_node.query_and_get_answer_with_error("ALTER USER u_max_authentication_methods IDENTIFIED BY '2', BY '3'") limited_node.query("DROP USER u_max_authentication_methods") + + +def get_query_with_multiple_identified_with(operation, username, identified_with_count, add_operation = ""): + identified_clauses = ", ".join([f"BY '1'" for _ in range(identified_with_count)]) + query = f"{operation} USER {username} {add_operation} IDENTIFIED {identified_clauses}" + return query + + +def test_create_default_setting(started_cluster): + expected_error = "User can not be created/updated because it exceeds the allowed quantity of authentication methods per user" + + query_exceeds = get_query_with_multiple_identified_with("CREATE", "u_max_authentication_methods", 257) + + assert expected_error in default_node.query_and_get_error(query_exceeds) + + query_not_exceeds = get_query_with_multiple_identified_with("CREATE", "u_max_authentication_methods", 256) + + assert expected_error not in default_node.query_and_get_answer_with_error(query_not_exceeds) + + default_node.query("DROP USER u_max_authentication_methods") + +def test_alter_default_setting(started_cluster): + default_node.query("CREATE USER u_max_authentication_methods IDENTIFIED BY '1'") + + query_add_exceeds = get_query_with_multiple_identified_with("ALTER", "u_max_authentication_methods", 256, "ADD") + + assert expected_error in default_node.query_and_get_error(query_add_exceeds) + + query_replace_exceeds = get_query_with_multiple_identified_with("ALTER", "u_max_authentication_methods", 257) + + assert expected_error in default_node.query_and_get_error(query_replace_exceeds) + + query_add_not_exceeds = get_query_with_multiple_identified_with("ALTER", "u_max_authentication_methods", 1, "ADD") + + assert expected_error not in default_node.query_and_get_answer_with_error(query_add_not_exceeds) + + query_replace_not_exceeds = get_query_with_multiple_identified_with("ALTER", "u_max_authentication_methods", 2) + + assert expected_error not in default_node.query_and_get_answer_with_error(query_replace_not_exceeds) + + default_node.query("DROP USER u_max_authentication_methods")