2018-10-04 21:23:07 +08:00
|
|
|
#include <gmock/gmock.h>
|
|
|
|
#include <gtest/gtest.h>
|
2018-08-16 16:13:04 +08:00
|
|
|
|
|
|
|
#include "query/frontend/semantic/required_privileges.hpp"
|
2018-11-07 01:15:55 +08:00
|
|
|
#include "storage/common/types/types.hpp"
|
2018-08-16 16:13:04 +08:00
|
|
|
|
|
|
|
#include "query_common.hpp"
|
|
|
|
|
|
|
|
using namespace query;
|
|
|
|
|
|
|
|
class FakeDbAccessor {};
|
|
|
|
|
|
|
|
storage::EdgeType EDGE_TYPE(0);
|
|
|
|
storage::Label LABEL_0(0);
|
|
|
|
storage::Label LABEL_1(1);
|
|
|
|
storage::Property PROP_0(0);
|
|
|
|
|
|
|
|
using ::testing::UnorderedElementsAre;
|
|
|
|
|
|
|
|
class TestPrivilegeExtractor : public ::testing::Test {
|
|
|
|
protected:
|
|
|
|
AstStorage storage;
|
|
|
|
FakeDbAccessor dba;
|
|
|
|
};
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, CreateNode) {
|
2018-10-10 21:19:34 +08:00
|
|
|
auto *query = QUERY(SINGLE_QUERY(CREATE(PATTERN(NODE("n")))));
|
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::CREATE));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, MatchNodeDelete) {
|
2018-10-10 21:19:34 +08:00
|
|
|
auto *query =
|
|
|
|
QUERY(SINGLE_QUERY(MATCH(PATTERN(NODE("n"))), DELETE(IDENT("n"))));
|
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::MATCH,
|
|
|
|
AuthQuery::Privilege::DELETE));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, MatchNodeReturn) {
|
2018-10-10 21:19:34 +08:00
|
|
|
auto *query = QUERY(SINGLE_QUERY(MATCH(PATTERN(NODE("n"))), RETURN("n")));
|
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::MATCH));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, MatchCreateExpand) {
|
2018-10-10 21:19:34 +08:00
|
|
|
auto *query = QUERY(SINGLE_QUERY(
|
2018-08-16 16:13:04 +08:00
|
|
|
MATCH(PATTERN(NODE("n"))),
|
|
|
|
CREATE(PATTERN(NODE("n"),
|
|
|
|
EDGE("r", EdgeAtom::Direction::OUT, {EDGE_TYPE}),
|
|
|
|
NODE("m")))));
|
2018-10-10 21:19:34 +08:00
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::MATCH,
|
|
|
|
AuthQuery::Privilege::CREATE));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, MatchNodeSetLabels) {
|
2018-10-10 21:19:34 +08:00
|
|
|
auto *query = QUERY(
|
|
|
|
SINGLE_QUERY(MATCH(PATTERN(NODE("n"))), SET("n", {LABEL_0, LABEL_1})));
|
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::MATCH,
|
|
|
|
AuthQuery::Privilege::SET));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, MatchNodeSetProperty) {
|
2018-10-10 21:19:34 +08:00
|
|
|
auto *query = QUERY(
|
|
|
|
SINGLE_QUERY(MATCH(PATTERN(NODE("n"))),
|
|
|
|
SET(PROPERTY_LOOKUP("n", {"prop", PROP_0}), LITERAL(42))));
|
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::MATCH,
|
|
|
|
AuthQuery::Privilege::SET));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, MatchNodeSetProperties) {
|
2018-10-10 21:19:34 +08:00
|
|
|
auto *query =
|
|
|
|
QUERY(SINGLE_QUERY(MATCH(PATTERN(NODE("n"))), SET("n", LIST())));
|
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::MATCH,
|
|
|
|
AuthQuery::Privilege::SET));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, MatchNodeRemoveLabels) {
|
2018-10-10 21:19:34 +08:00
|
|
|
auto *query = QUERY(
|
2018-08-16 16:13:04 +08:00
|
|
|
SINGLE_QUERY(MATCH(PATTERN(NODE("n"))), REMOVE("n", {LABEL_0, LABEL_1})));
|
2018-10-10 21:19:34 +08:00
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::MATCH,
|
|
|
|
AuthQuery::Privilege::REMOVE));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, MatchNodeRemoveProperty) {
|
2018-10-10 21:19:34 +08:00
|
|
|
auto *query =
|
|
|
|
QUERY(SINGLE_QUERY(MATCH(PATTERN(NODE("n"))),
|
|
|
|
REMOVE(PROPERTY_LOOKUP("n", {"prop", PROP_0}))));
|
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::MATCH,
|
|
|
|
AuthQuery::Privilege::REMOVE));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, CreateIndex) {
|
2018-10-19 22:18:44 +08:00
|
|
|
auto *query = CREATE_INDEX_ON(LABEL_0, PROP_0);
|
2018-10-10 21:19:34 +08:00
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::INDEX));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, AuthQuery) {
|
2018-10-19 22:18:44 +08:00
|
|
|
auto *query = AUTH_QUERY(AuthQuery::Action::CREATE_ROLE, "", "role", "",
|
|
|
|
nullptr, std::vector<AuthQuery::Privilege>{});
|
2018-10-10 21:19:34 +08:00
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::AUTH));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_F(TestPrivilegeExtractor, StreamQuery) {
|
|
|
|
std::string stream_name("kafka");
|
|
|
|
std::string stream_uri("localhost:1234");
|
|
|
|
std::string stream_topic("tropik");
|
|
|
|
std::string transform_uri("localhost:1234/file.py");
|
|
|
|
|
2018-10-19 22:18:44 +08:00
|
|
|
std::vector<StreamQuery *> stream_queries = {
|
2018-08-16 16:13:04 +08:00
|
|
|
CREATE_STREAM(stream_name, stream_uri, stream_topic, transform_uri,
|
|
|
|
nullptr, nullptr),
|
|
|
|
DROP_STREAM(stream_name),
|
|
|
|
SHOW_STREAMS,
|
|
|
|
START_STREAM(stream_name, nullptr),
|
|
|
|
STOP_STREAM(stream_name),
|
|
|
|
START_ALL_STREAMS,
|
|
|
|
STOP_ALL_STREAMS};
|
|
|
|
|
2018-10-19 22:18:44 +08:00
|
|
|
for (auto *query : stream_queries) {
|
2018-10-10 21:19:34 +08:00
|
|
|
EXPECT_THAT(GetRequiredPrivileges(query),
|
2018-08-16 16:13:04 +08:00
|
|
|
UnorderedElementsAre(AuthQuery::Privilege::STREAM));
|
|
|
|
}
|
|
|
|
}
|