mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-09-20 08:40:50 +00:00
Add tests for row-level security with prewhere
This commit is contained in:
parent
bcf30d8412
commit
879d9206c1
@ -107,6 +107,7 @@ def test_cannot_trick_row_policy_with_keyword_with():
|
||||
assert node.query("WITH 0 AS a SELECT a, b FROM mydb.filtered_table1") == TSV([[0, 0], [0, 1]])
|
||||
assert node.query("WITH 0 AS a SELECT a FROM mydb.filtered_table1") == TSV([[0], [0]])
|
||||
assert node.query("WITH 0 AS a SELECT b FROM mydb.filtered_table1") == TSV([[0], [1]])
|
||||
assert node.query("WITH 0 AS a SELECT * FROM mydb.filtered_table1 PREWHERE a IN(0, 1) WHERE b IN(0, 1)") == TSV([[0], [1]])
|
||||
|
||||
|
||||
def test_policy_from_users_xml_affects_only_user_assigned():
|
||||
@ -121,6 +122,38 @@ def test_policy_from_users_xml_affects_only_user_assigned():
|
||||
assert node.query("SELECT * FROM mydb.local", user="another") == TSV([[1, 0], [1, 1]])
|
||||
|
||||
|
||||
def test_with_prewhere():
|
||||
copy_policy_xml('normal_filters.xml')
|
||||
assert node.query("SELECT * FROM mydb.filtered_table2 WHERE a > 1") == TSV([[4, 5, 2, 1]])
|
||||
assert node.query("SELECT a FROM mydb.filtered_table2 WHERE a > 1") == TSV([[4]])
|
||||
assert node.query("SELECT a, b FROM mydb.filtered_table2 WHERE a > 1") == TSV([[4, 5]])
|
||||
assert node.query("SELECT b, c FROM mydb.filtered_table2 WHERE a > 1") == TSV([[5, 2]])
|
||||
assert node.query("SELECT d FROM mydb.filtered_table2 WHERE a > 1") == TSV([[1]])
|
||||
|
||||
assert node.query("SELECT * FROM mydb.filtered_table2 PREWHERE a > 1") == TSV([[4, 5, 2, 1]])
|
||||
assert node.query("SELECT a FROM mydb.filtered_table2 PREWHERE a > 1") == TSV([[4]])
|
||||
assert node.query("SELECT a, b FROM mydb.filtered_table2 PREWHERE a > 1") == TSV([[4, 5]])
|
||||
assert node.query("SELECT b, c FROM mydb.filtered_table2 PREWHERE a > 1") == TSV([[5, 2]])
|
||||
assert node.query("SELECT d FROM mydb.filtered_table2 PREWHERE a > 1") == TSV([[1]])
|
||||
|
||||
assert node.query("SELECT * FROM mydb.filtered_table2 PREWHERE a < 4 WHERE b < 10") == TSV([[1, 2, 3, 4]])
|
||||
assert node.query("SELECT a FROM mydb.filtered_table2 PREWHERE a < 4 WHERE b < 10") == TSV([[1]])
|
||||
assert node.query("SELECT b FROM mydb.filtered_table2 PREWHERE a < 4 WHERE b < 10") == TSV([[2]])
|
||||
assert node.query("SELECT a, b FROM mydb.filtered_table2 PREWHERE a < 4 WHERE b < 10") == TSV([[1, 2]])
|
||||
assert node.query("SELECT a, c FROM mydb.filtered_table2 PREWHERE a < 4 WHERE b < 10") == TSV([[1, 3]])
|
||||
assert node.query("SELECT b, d FROM mydb.filtered_table2 PREWHERE a < 4 WHERE b < 10") == TSV([[2, 4]])
|
||||
assert node.query("SELECT c, d FROM mydb.filtered_table2 PREWHERE a < 4 WHERE b < 10") == TSV([[3, 4]])
|
||||
|
||||
|
||||
def test_with_throwif_in_prewhere():
|
||||
copy_policy_xml('no_filters.xml')
|
||||
assert 'expected' in node.query_and_get_error("SELECT throwIf(a = 0, 'expected') FROM mydb.filtered_table2 PREWHERE b < 10")
|
||||
|
||||
copy_policy_xml('normal_filters.xml')
|
||||
assert node.query("SELECT throwIf(a = 0, 'pwned') FROM mydb.filtered_table2 PREWHERE b < 10") == TSV([
|
||||
[4, 5, 2, 1], [1, 2, 3, 4]])
|
||||
|
||||
|
||||
def test_change_of_users_xml_changes_row_policies():
|
||||
copy_policy_xml('normal_filters.xml')
|
||||
assert node.query("SELECT * FROM mydb.filtered_table1") == TSV([[1, 0], [1, 1]])
|
||||
|
16
tests/performance/prewhere_with_row_level_filter.xml
Normal file
16
tests/performance/prewhere_with_row_level_filter.xml
Normal file
@ -0,0 +1,16 @@
|
||||
<test>
|
||||
<create_query>DROP TABLE IF EXISTS test_prl;</create_query>
|
||||
<create_query>CREATE TABLE test_prl (n UInt64) ENGINE MergeTree ORDER BY n;</create_query>
|
||||
<create_query>CREATE ROW POLICY OR REPLACE test_prl_policy ON test_prl AS PERMISSIVE FOR SELECT USING n % 7 TO ALL;</create_query>
|
||||
|
||||
<fill_query>INSERT INTO test_prl SELECT number FROM numbers(50000000);</fill_query>
|
||||
|
||||
<query>SELECT * FROM test_prl;</query>
|
||||
<query>SELECT * FROM test_prl WHERE n % 3 AND n % 5;</query>
|
||||
<query>SELECT * FROM test_prl PREWHERE n % 3 AND n % 5;</query>
|
||||
<query>SELECT * FROM test_prl PREWHERE n % 3 WHERE n % 5;</query>
|
||||
<query>SELECT * FROM test_prl PREWHERE n % 5 WHERE n % 3;</query>
|
||||
|
||||
<drop_query>DROP ROW POLICY IF EXISTS test_prl_policy ON test_prl;</drop_query>
|
||||
<drop_query>DROP TABLE IF EXISTS test_prl;</drop_query>
|
||||
</test>
|
Loading…
Reference in New Issue
Block a user