4493d40a-92aa-4162-9dfc-bfc4ec0996e6
/
polardbxengine
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
polardbxengine/mysql-test/t/plugin_auth_qa_1.test

247 lines
9.7 KiB
Plaintext
Raw Blame History

# The numbers represent test cases of the test plan.
--source include/have_plugin_auth.inc
CALL mtr.add_suppression("Plugin test_plugin_server reported: 'Wrong password supplied for plug_dest'");
CALL mtr.add_suppression("The plugin 'new_plugin_server' used to authenticate user 'new_user'@'%' is not loaded. Nobody can currently login using this account.");
# Official builds include separate debug enabled plugins to be used by
# the debug enabled server. But the non-debug *client* should not use them.
let PLUGIN_AUTH_OPT=`SELECT TRIM(TRAILING '/debug' FROM '$PLUGIN_AUTH_OPT')`;
CREATE DATABASE test_user_db;
--source include/plugin_auth_check_non_default_users.inc
--echo ========== test 1.2 ========================================
# CREATE...WITH/CREATE...BY
CREATE USER plug_user
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
GRANT PROXY ON plug_dest TO plug_user;
--replace_result $MASTER_MYSOCK MASTER_MYSOCK $PLUGIN_AUTH_OPT PLUGIN_AUTH_OPT
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
RENAME USER plug_dest TO new_dest;
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
GRANT PROXY ON new_dest TO plug_user;
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=new_dest -e "SELECT current_user();SELECT user();" 2>&1
--source include/plugin_auth_check_non_default_users.inc
DROP USER plug_user,new_dest;
# CREATE...WITH
CREATE USER plug_user
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug_user;
--echo connect(plug_user,localhost,plug_user,plug_dest);
connect(plug_user,localhost,plug_user,plug_dest);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect plug_user;
disconnect plug_user;
RENAME USER plug_user TO new_user;
--echo connect(plug_user,localhost,new_user,plug_dest);
connect(plug_user,localhost,new_user,plug_dest);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--source include/plugin_auth_check_non_default_users.inc
--echo disconnect plug_user;
disconnect plug_user;
UPDATE mysql.user SET user='plug_user' WHERE user='new_user';
FLUSH PRIVILEGES;
--source include/plugin_auth_check_non_default_users.inc
DROP USER plug_dest,plug_user;
--echo ========== test 1.3 ========================================
#
CREATE USER plug_user
IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug_user;
--echo connect(plug_user,localhost,plug_user,plug_dest);
connect(plug_user,localhost,plug_user,plug_dest);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect plug_user;
disconnect plug_user;
--source include/plugin_auth_check_non_default_users.inc
UPDATE mysql.user SET user='new_user' WHERE user='plug_user';
FLUSH PRIVILEGES;
--source include/plugin_auth_check_non_default_users.inc
UPDATE mysql.user SET authentication_string='new_dest' WHERE user='new_user';
FLUSH PRIVILEGES;
--source include/plugin_auth_check_non_default_users.inc
UPDATE mysql.user SET plugin='new_plugin_server' WHERE user='new_user';
FLUSH PRIVILEGES;
--source include/plugin_auth_check_non_default_users.inc
--echo connect(plug_user,localhost,new_user,new_dest);
--disable_query_log
--error ER_PLUGIN_IS_NOT_LOADED
connect(plug_user,localhost,new_user,new_dest);
--enable_query_log
UPDATE mysql.user SET plugin='test_plugin_server' WHERE user='new_user';
UPDATE mysql.user SET USER='new_dest' WHERE user='plug_dest';
FLUSH PRIVILEGES;
GRANT PROXY ON new_dest TO new_user;
--source include/plugin_auth_check_non_default_users.inc
--echo connect(plug_user,localhost,new_user,new_dest);
connect(plug_user,localhost,new_user,new_dest);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect plug_user;
disconnect plug_user;
UPDATE mysql.user SET USER='plug_dest' WHERE user='new_dest';
FLUSH PRIVILEGES;
CREATE USER new_dest IDENTIFIED BY 'new_dest_passwd';
--source include/plugin_auth_check_non_default_users.inc
GRANT ALL PRIVILEGES ON test.* TO new_user;
--echo connect(plug_user,localhost,new_dest,new_dest_passwd);
connect(plug_user,localhost,new_dest,new_dest_passwd);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect plug_user;
disconnect plug_user;
DROP USER plug_user, new_user,new_dest,plug_dest;
--echo ========== test 2, 2.1, 2.2 ================================
CREATE USER ''@'' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
--source include/plugin_auth_check_non_default_users.inc
--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
SELECT USER(),CURRENT_USER();
--echo ========== test 2.2.1 ======================================
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
--echo connect(proxy_con,localhost,proxy_user,proxied_user);
--disable_query_log
# This should fail, no grant
--error ER_ACCESS_DENIED_ERROR
connect(proxy_con,localhost,proxy_user,proxied_user);
--enable_query_log
GRANT PROXY ON proxied_user TO ''@'';
--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
SELECT USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
--echo connect(proxy_con,localhost,proxy_user,proxied_user);
connect(proxy_con,localhost,proxy_user,proxied_user);
SELECT USER(),CURRENT_USER();
--echo ========== test 2.2.1 ======================================
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
DROP USER ''@'',proxied_user;
#
CREATE USER ''@'' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'';
CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
--source include/plugin_auth_check_non_default_users.inc
--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
--echo connect(proxy_con,localhost,proxy_user,proxied_user);
--disable_query_log
# This should fail, no grant
--error ER_ACCESS_DENIED_ERROR
connect(proxy_con,localhost,proxy_user,proxied_user);
--enable_query_log
GRANT PROXY ON proxied_user TO ''@'';
--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
SELECT USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
--echo connect(proxy_con,localhost,proxy_user,proxied_user);
connect(proxy_con,localhost,proxy_user,proxied_user);
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
DROP USER ''@'',proxied_user;
#
CREATE USER ''@'' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
CREATE USER proxied_user_1 IDENTIFIED BY 'proxied_user_1_pwd';
CREATE USER proxied_user_2 IDENTIFIED BY 'proxied_user_2_pwd';
CREATE USER proxied_user_3 IDENTIFIED BY 'proxied_user_3_pwd';
CREATE USER proxied_user_4 IDENTIFIED BY 'proxied_user_4_pwd';
CREATE USER proxied_user_5 IDENTIFIED BY 'proxied_user_5_pwd';
GRANT PROXY ON proxied_user_1 TO ''@'';
GRANT PROXY ON proxied_user_2 TO ''@'';
GRANT PROXY ON proxied_user_3 TO ''@'';
GRANT PROXY ON proxied_user_4 TO ''@'';
GRANT PROXY ON proxied_user_5 TO ''@'';
--source include/plugin_auth_check_non_default_users.inc
--echo connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd');
connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd');
--echo connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd);
connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd);
--echo connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd);
connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd);
--echo connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd);
connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd);
--echo connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd);
connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd);
--echo connection proxy_con_1;
connection proxy_con_1;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection proxy_con_2;
connection proxy_con_2;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection proxy_con_3;
connection proxy_con_3;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection proxy_con_4;
connection proxy_con_4;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection proxy_con_5;
connection proxy_con_5;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con_1;
disconnect proxy_con_1;
--echo disconnect proxy_con_2;
disconnect proxy_con_2;
--echo disconnect proxy_con_3;
disconnect proxy_con_3;
--echo disconnect proxy_con_4;
disconnect proxy_con_4;
--echo disconnect proxy_con_5;
disconnect proxy_con_5;
DROP USER ''@'',proxied_user_1,proxied_user_2,proxied_user_3,proxied_user_4,proxied_user_5;
DROP DATABASE test_user_db;
--exit
Reference in New Issue View Git Blame Copy Permalink