Fix test_allow_introspection.

2024-11-21 15:12:02 +00:00 · 2020-06-28 21:41:41 +03:00 · 2020-06-28 21:41:41 +03:00 · ace9c99e14
commit ace9c99e14
parent eb27814fbe
4 changed files with 21 additions and 7 deletions
--- a/tests/integration/test_settings_constraints_distributed/configs/config.d/remote_servers.xml
+++ b/tests/integration/test_settings_constraints_distributed/configs/config.d/remote_servers.xml
--- a/tests/integration/test_settings_constraints_distributed/configs/users.d/allow_introspection_functions.xml
+++ b/tests/integration/test_settings_constraints_distributed/configs/users.d/allow_introspection_functions.xml
@ -0,0 +1,7 @@
+<yandex>
+    <profiles>
+        <default>
+            <allow_introspection_functions>1</allow_introspection_functions>
+        </default>
+    </profiles>
+</yandex>
--- a/tests/integration/test_settings_constraints_distributed/test.py
+++ b/tests/integration/test_settings_constraints_distributed/test.py
@ -8,9 +8,9 @@ from helpers.test_tools import assert_eq_with_retry

 cluster = ClickHouseCluster(__file__)

-node1 = cluster.add_instance('node1')
-node2 = cluster.add_instance('node2')
-distributed = cluster.add_instance('distributed', main_configs=["configs/remote_servers.xml"], stay_alive=True)
+node1 = cluster.add_instance('node1', config_dir="configs")
+node2 = cluster.add_instance('node2', config_dir="configs")
+distributed = cluster.add_instance('distributed', config_dir="configs", stay_alive=True)


@pytest.fixture(scope="module", autouse=True)
--- a/tests/integration/test_settings_profile/test.py
+++ b/tests/integration/test_settings_profile/test.py
@ -177,11 +177,18 @@ def test_allow_ddl():


 def test_allow_introspection():
+    assert "Introspection functions are disabled" in instance.query_and_get_error("SELECT demangle('a')")
    assert "Not enough privileges" in instance.query_and_get_error("SELECT demangle('a')", user="robin")
-    
-    instance.query("GRANT ALL ON *.* TO robin")
-    assert "Introspection functions are disabled" in instance.query_and_get_error("SELECT demangle('a')", user="robin")
+    assert "Not enough privileges" in instance.query_and_get_error("SELECT demangle('a')", user="robin", settings={"allow_introspection_functions":1})

+    assert "Introspection functions are disabled" in instance.query_and_get_error("GRANT demangle ON *.* TO robin")
+    assert "Not enough privileges" in instance.query_and_get_error("GRANT demangle ON *.* TO robin", user="robin")
+    assert "Not enough privileges" in instance.query_and_get_error("GRANT demangle ON *.* TO robin", user="robin", settings={"allow_introspection_functions":1})
+
+    assert instance.query("SELECT demangle('a')", settings={"allow_introspection_functions":1}) == "signed char\n"
+    instance.query("GRANT demangle ON *.* TO robin", settings={"allow_introspection_functions":1})
+
+    assert "Introspection functions are disabled" in instance.query_and_get_error("SELECT demangle('a')", user="robin")
    instance.query("ALTER USER robin SETTINGS allow_introspection_functions=1")
    assert instance.query("SELECT demangle('a')", user="robin") == "signed char\n"

@ -194,5 +201,5 @@ def test_allow_introspection():
    instance.query("DROP SETTINGS PROFILE xyz")
    assert "Introspection functions are disabled" in instance.query_and_get_error("SELECT demangle('a')", user="robin")

-    instance.query("REVOKE ALL ON *.* FROM robin")
+    instance.query("REVOKE demangle ON *.* FROM robin", settings={"allow_introspection_functions":1})
    assert "Not enough privileges" in instance.query_and_get_error("SELECT demangle('a')", user="robin")