4493d40a-92aa-4162-9dfc-bfc4ec0996e6
/
polardbxengine
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
polardbxengine/mysql-test/suite/encryption/t/tablespace_with_tables.test

201 lines
6.4 KiB
Plaintext
Raw Blame History

--echo #
--echo # WL#12261 Control (enforce and disable) table encryption
--echo #
--source include/have_debug.inc
--echo # Pre-define user u1, which is used in different tests below.
CREATE USER u1@localhost;
GRANT ALL ON db1.* TO u1@localhost;
GRANT CREATE TABLESPACE, PROCESS, SYSTEM_VARIABLES_ADMIN ON *.* TO u1@localhost;
SET GLOBAL debug= '+d,skip_table_encryption_admin_check_for_set';
connect (con1, localhost, u1);
--echo # The test cases run ALTER TABLESPACE to check its encryption mode.
--echo # The importance of this test is to check the way ALTER TABLESPACE
--echo # updates the ENCRYPTION clause of tables in it.
--echo # We run this command in various configuration as,
--echo #
--echo # - Setting table_encryption_privilege_check to true/false.
--echo # - Setting per database default encryption to true/false.
--echo # - With and without user holding TABLE_ENCRYPTION_ADMIN privilege.
--echo # - Check for warnings generated.
--echo #
--let table1_encryption_clause=yes
--let table2_encryption_clause=yes
--let caseno=0
--echo `````````````````````````````````````````````````````````
--echo # Unencrypted TABLESPACE to Unencrypted TABLESPACE (Nop)
--let database_encryption='n'
--let tablespace_encryption='n'
--let tablespace_encryption_to='n'
--let privilege_check=false
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let privilege_check=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--echo `````````````````````````````````````````````````````````
--echo # Encrypted TABLESPACE to Encrypted TABLESPACE (Nop)
--let database_encryption='y'
--let tablespace_encryption='y'
--let tablespace_encryption_to='y'
--let privilege_check=false
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let privilege_check=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=false
--echo `````````````````````````````````````````````````````````
--echo # Unencrypted TABLESPACE to encrypted TABLESPACE
--echo # with database encryption default 'n'
--let database_encryption='n'
--let tablespace_encryption='n'
--let tablespace_encryption_to='y'
--let privilege_check=false
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--echo `````````````````````````````````````````````````````````
--echo # Reject creating encrypted table in database with default encryption='n'
--let privilege_check=true
--let alter_tablespace_error=ER_TABLESPACE_CANNOT_BE_ENCRYPTED
--source ./tablespace_with_tables.inc
--let has_grant=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=false
--echo # With some tables without ENCRYPTION clause;
--let table2_encryption_clause=no
--let privilege_check=false
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--echo `````````````````````````````````````````````````````````
--echo # Reject creating encrypted table in database with default encryption='n'
--let privilege_check=true
--let alter_tablespace_error=ER_TABLESPACE_CANNOT_BE_ENCRYPTED
--source ./tablespace_with_tables.inc
--let has_grant=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=false
--let table2_encryption_clause=yes
--echo # With all tables without ENCRYPTION clause;
--let table1_encryption_clause=no
--let table2_encryption_clause=no
--let privilege_check=false
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--echo `````````````````````````````````````````````````````````
--echo # Request to create encrypted tablespace with default_table_encryption='n'
--let privilege_check=true
--let alter_tablespace_error=ER_TABLESPACE_CANNOT_BE_ENCRYPTED
--source ./tablespace_with_tables.inc
--let has_grant=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=false
--let table1_encryption_clause=yes
--let table2_encryption_clause=yes
--echo `````````````````````````````````````````````````````````
--echo # Unencrypted TABLESPACE to encrypted TABLESPACE
--echo # with database encryption 'y'
--let database_encryption='y'
--let tablespace_encryption='n'
--let tablespace_encryption_to='y'
--let privilege_check=false
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let privilege_check=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=false
--echo # Case $caseno.1 With some tables without ENCRYPTION clause;
--echo # CREATE table using unencrypted tablespace without
--echo # ENCRYPTION clause would inherit ENCRYPTION from database.
--echo # This makes CREATE TABLE fail because the ENCRYPTION clause
--echo # and the tablespace encryption type mismatches. The test
--echo # encryption.create_table does test this.
--echo # Case $caseno.2 With all tables without ENCRYPTION clause;
--echo # Behavior would be same as described in Case $caseno.1
--echo `````````````````````````````````````````````````````````
--echo # Encrypted TABLESPACE to unencrypted TABLESPACE
--echo # with database encryption 'n'
--let database_encryption='n'
--let tablespace_encryption='y'
--let tablespace_encryption_to='n'
--let privilege_check=false
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let privilege_check=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=false
--echo `````````````````````````````````````````````````````````
--echo # Encrypted TABLESPACE to unencrypted TABLESPACE
--echo # with database encryption 'y'
--let database_encryption='y'
--let tablespace_encryption='y'
--let tablespace_encryption_to='n'
--let privilege_check=false
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let privilege_check=true
--echo `````````````````````````````````````````````````````````
--echo # Request to create unencrypted tablespace with default_table_encryption='y'
--let alter_tablespace_error=ER_TABLESPACE_CANNOT_BE_DECRYPTED
--source ./tablespace_with_tables.inc
--let has_grant=true
--let alter_tablespace_error=0
--source ./tablespace_with_tables.inc
--let has_grant=false
--echo # Clean up.
connection default;
DROP USER u1@localhost;
SET GLOBAL debug= '-d,skip_table_encryption_admin_check_for_set';
Reference in New Issue View Git Blame Copy Permalink