Fix test_allow_introspection.

This commit is contained in:
Vitaly Baranov 2020-06-28 21:41:41 +03:00
parent eb27814fbe
commit ace9c99e14
4 changed files with 21 additions and 7 deletions

View File

@ -0,0 +1,7 @@
<yandex>
<profiles>
<default>
<allow_introspection_functions>1</allow_introspection_functions>
</default>
</profiles>
</yandex>

View File

@ -8,9 +8,9 @@ from helpers.test_tools import assert_eq_with_retry
cluster = ClickHouseCluster(__file__) cluster = ClickHouseCluster(__file__)
node1 = cluster.add_instance('node1') node1 = cluster.add_instance('node1', config_dir="configs")
node2 = cluster.add_instance('node2') node2 = cluster.add_instance('node2', config_dir="configs")
distributed = cluster.add_instance('distributed', main_configs=["configs/remote_servers.xml"], stay_alive=True) distributed = cluster.add_instance('distributed', config_dir="configs", stay_alive=True)
@pytest.fixture(scope="module", autouse=True) @pytest.fixture(scope="module", autouse=True)

View File

@ -177,11 +177,18 @@ def test_allow_ddl():
def test_allow_introspection(): def test_allow_introspection():
assert "Introspection functions are disabled" in instance.query_and_get_error("SELECT demangle('a')")
assert "Not enough privileges" in instance.query_and_get_error("SELECT demangle('a')", user="robin") assert "Not enough privileges" in instance.query_and_get_error("SELECT demangle('a')", user="robin")
assert "Not enough privileges" in instance.query_and_get_error("SELECT demangle('a')", user="robin", settings={"allow_introspection_functions":1})
assert "Introspection functions are disabled" in instance.query_and_get_error("GRANT demangle ON *.* TO robin")
assert "Not enough privileges" in instance.query_and_get_error("GRANT demangle ON *.* TO robin", user="robin")
assert "Not enough privileges" in instance.query_and_get_error("GRANT demangle ON *.* TO robin", user="robin", settings={"allow_introspection_functions":1})
assert instance.query("SELECT demangle('a')", settings={"allow_introspection_functions":1}) == "signed char\n"
instance.query("GRANT demangle ON *.* TO robin", settings={"allow_introspection_functions":1})
instance.query("GRANT ALL ON *.* TO robin")
assert "Introspection functions are disabled" in instance.query_and_get_error("SELECT demangle('a')", user="robin") assert "Introspection functions are disabled" in instance.query_and_get_error("SELECT demangle('a')", user="robin")
instance.query("ALTER USER robin SETTINGS allow_introspection_functions=1") instance.query("ALTER USER robin SETTINGS allow_introspection_functions=1")
assert instance.query("SELECT demangle('a')", user="robin") == "signed char\n" assert instance.query("SELECT demangle('a')", user="robin") == "signed char\n"
@ -194,5 +201,5 @@ def test_allow_introspection():
instance.query("DROP SETTINGS PROFILE xyz") instance.query("DROP SETTINGS PROFILE xyz")
assert "Introspection functions are disabled" in instance.query_and_get_error("SELECT demangle('a')", user="robin") assert "Introspection functions are disabled" in instance.query_and_get_error("SELECT demangle('a')", user="robin")
instance.query("REVOKE ALL ON *.* FROM robin") instance.query("REVOKE demangle ON *.* FROM robin", settings={"allow_introspection_functions":1})
assert "Not enough privileges" in instance.query_and_get_error("SELECT demangle('a')", user="robin") assert "Not enough privileges" in instance.query_and_get_error("SELECT demangle('a')", user="robin")