thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-09-19 16:20:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

initial tests

Browse Source
This commit is contained in:
Arthur Passos 2024-06-24 15:48:46 -03:00
parent 9d19001945
commit fe0d3b3e27
2 changed files with 130 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
tests/queries/0_stateless/03174_add_identified_with.reference Normal file
View File

@ -0,0 +1,38 @@
Basic authentication after user creation
1
Changed password, old password should not work
AUTHENTICATION_FAILED
New password should work
1
Two new passwords were added, should both work
1
1
Gen ssh key
Authenticating with ssh key
1
Altering credentials and keeping only bcrypt_password
Asserting SSH does not work anymore
AUTHENTICATION_FAILED
Asserting bcrypt_password works
1
Adding new bcrypt_password
Both current authentication methods should work
1
1
Reset authentication methods to new
Only the latest should work, below should fail
AUTHENTICATION_FAILED
Should work
1
Multiple identified with, not allowed
SYNTAX_ERROR
Multiple identified with, not allowed, even if mixed
SYNTAX_ERROR
Identified with must precede all add identified with, not allowed
SYNTAX_ERROR
CREATE Multiple identified with, not allowed
SYNTAX_ERROR
CREATE Multiple identified with, not allowed, even if mixed
SYNTAX_ERROR
CREATE Identified with must precede all add identified with, not allowed
SYNTAX_ERROR

92
tests/queries/0_stateless/03174_add_identified_with.sh Executable file
View File

@ -0,0 +1,92 @@
#!/usr/bin/env bash
CURDIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
# shellcheck source=../shell_config.sh
. "$CURDIR"/../shell_config.sh
function test_login_pwd
{
${CLICKHOUSE_CLIENT} --user $1 --password $2 --query "select 1"
}
function test_login_pwd_expect_error
{
test_login_pwd "$1" "$2" 2>&1 | grep -m1 -o 'AUTHENTICATION_FAILED'
}
user="u01_03174"
${CLICKHOUSE_CLIENT} --query "DROP USER IF EXISTS ${user}"
${CLICKHOUSE_CLIENT} --query "CREATE USER ${user} IDENTIFIED WITH plaintext_password BY '1'"
echo "Basic authentication after user creation"
test_login_pwd ${user} '1'
${CLICKHOUSE_CLIENT} --query "ALTER USER ${user} IDENTIFIED WITH plaintext_password BY '2'"
echo "Changed password, old password should not work"
test_login_pwd_expect_error ${user} '1'
echo "New password should work"
test_login_pwd ${user} '2'
${CLICKHOUSE_CLIENT} --query "ALTER USER ${user} ADD IDENTIFIED WITH sha256_password BY '3' ADD IDENTIFIED WITH plaintext_password BY '4'"
echo "Two new passwords were added, should both work"
test_login_pwd ${user} '3'
test_login_pwd ${user} '4'
echo "Gen ssh key"
yes 'yes' | ssh-keygen -t ed25519 -N '' -f 'ssh_key' > /dev/null
pub_key=$(awk '{print $2}' ssh_key.pub)
${CLICKHOUSE_CLIENT} --query "ALTER USER ${user} ADD IDENTIFIED WITH ssh_key BY KEY '${pub_key}' TYPE 'ssh-ed25519'"
echo "Authenticating with ssh key"
${CLICKHOUSE_CLIENT} --user ${user} --ssh-key-file 'ssh_key' --ssh-key-passphrase "" --query "SELECT 1"
echo "Altering credentials and keeping only bcrypt_password"
${CLICKHOUSE_CLIENT} --query "ALTER USER ${user} IDENTIFIED WITH bcrypt_password BY '5'"
echo "Asserting SSH does not work anymore"
${CLICKHOUSE_CLIENT} --user ${user} --ssh-key-file 'ssh_key' --ssh-key-passphrase "" --query "SELECT 1" 2>&1 | grep -m1 -o 'AUTHENTICATION_FAILED'
echo "Asserting bcrypt_password works"
test_login_pwd ${user} '5'
echo "Adding new bcrypt_password"
${CLICKHOUSE_CLIENT} --query "ALTER USER ${user} ADD IDENTIFIED WITH bcrypt_password BY '6'"
echo "Both current authentication methods should work"
test_login_pwd ${user} '5'
test_login_pwd ${user} '6'
echo "Reset authentication methods to new"
${CLICKHOUSE_CLIENT} --query "ALTER USER ${user} RESET AUTHENTICATION METHODS TO NEW"
echo "Only the latest should work, below should fail"
test_login_pwd_expect_error ${user} '5'
echo "Should work"
test_login_pwd ${user} '6'
echo "Multiple identified with, not allowed"
${CLICKHOUSE_CLIENT} --query "ALTER USER ${user} IDENTIFIED WITH plaintext_password '7' IDENTIFIED WITH plaintext_password '8'" 2>&1 | grep -m1 -o "SYNTAX_ERROR"
echo "Multiple identified with, not allowed, even if mixed"
${CLICKHOUSE_CLIENT} --query "ALTER USER ${user} IDENTIFIED WITH plaintext_password '7' ADD IDENTIFIED WITH plaintext_password '8' IDENTIFIED WITH plaintext_password '9'" 2>&1 | grep -m1 -o "SYNTAX_ERROR"
echo "Identified with must precede all add identified with, not allowed"
${CLICKHOUSE_CLIENT} --query "ALTER USER ${user} ADD IDENTIFIED WITH plaintext_password '7' IDENTIFIED WITH plaintext_password '8'" 2>&1 | grep -m1 -o "SYNTAX_ERROR"
${CLICKHOUSE_CLIENT} --query "DROP USER ${user}"
echo "CREATE Multiple identified with, not allowed"
${CLICKHOUSE_CLIENT} --query "CREATE USER ${user} IDENTIFIED WITH plaintext_password '7' IDENTIFIED WITH plaintext_password '8'" 2>&1 | grep -m1 -o "SYNTAX_ERROR"
echo "CREATE Multiple identified with, not allowed, even if mixed"
${CLICKHOUSE_CLIENT} --query "CREATE USER ${user} IDENTIFIED WITH plaintext_password '7' ADD IDENTIFIED WITH plaintext_password '8' IDENTIFIED WITH plaintext_password '9'" 2>&1 | grep -m1 -o "SYNTAX_ERROR"
echo "CREATE Identified with must precede all add identified with, not allowed"
${CLICKHOUSE_CLIENT} --query "CREATE USER ${user} ADD IDENTIFIED WITH plaintext_password '7' IDENTIFIED WITH plaintext_password '8'" 2>&1 | grep -m1 -o "SYNTAX_ERROR"
${CLICKHOUSE_CLIENT} --query "DROP USER IF EXISTS ${user}"