
162 lines
5.6 KiB
Raw Normal View History

# Copyright 2021 Memgraph Ltd.
# Use of this software is governed by the Business Source License
# included in the file licenses/BSL.txt; by using this file, you agree to be bound by the terms of the Business Source
# License, and you may not use this file except in compliance with the Business Source License.
# As of the Change Date specified in that file, in accordance with
# the Business Source License, use of this software will be governed
# by the Apache License, Version 2.0, included in the file
# licenses/APL.txt.
import sys
import pytest
import time
import mgclient
import common
def get_cursor_with_user(username):
connection = common.connect(username=username, password="")
return connection.cursor()
def create_admin_user(cursor, admin_user):
common.execute_and_fetch_all(cursor, f"CREATE USER {admin_user}")
cursor, f"GRANT ALL PRIVILEGES TO {admin_user}")
def create_stream_user(cursor, stream_user):
common.execute_and_fetch_all(cursor, f"CREATE USER {stream_user}")
cursor, f"GRANT STREAM TO {stream_user}")
def test_ownerless_stream(producer, topics, connection):
assert len(topics) > 0
userless_cursor = connection.cursor()
"CREATE STREAM ownerless "
f"TOPICS {topics[0]} "
f"TRANSFORM transform.simple")
common.start_stream(userless_cursor, "ownerless")
admin_user = "admin_user"
create_admin_user(userless_cursor, admin_user)
producer.send(topics[0], b"first message").get(timeout=60)
assert common.timed_wait(
lambda: not common.get_is_running(userless_cursor, "ownerless"))
assert len(common.execute_and_fetch_all(
userless_cursor, "MATCH (n) RETURN n")) == 0
common.execute_and_fetch_all(userless_cursor, f"DROP USER {admin_user}")
common.start_stream(userless_cursor, "ownerless")
second_message = b"second message"
producer.send(topics[0], second_message).get(timeout=60)
userless_cursor, topics[0], second_message)
assert len(common.execute_and_fetch_all(
userless_cursor, "MATCH (n) RETURN n")) == 1
def test_owner_is_shown(topics, connection):
assert len(topics) > 0
userless_cursor = connection.cursor()
stream_user = "stream_user"
create_stream_user(userless_cursor, stream_user)
stream_cursor = get_cursor_with_user(stream_user)
common.execute_and_fetch_all(stream_cursor, "CREATE STREAM test "
f"TOPICS {topics[0]} "
f"TRANSFORM transform.simple")
common.check_stream_info(userless_cursor, "test", ("test", [
topics[0]], "mg_consumer", None, None,
"transform.simple", stream_user, "localhost:9092", False))
def test_insufficient_privileges(producer, topics, connection):
assert len(topics) > 0
userless_cursor = connection.cursor()
admin_user = "admin_user"
create_admin_user(userless_cursor, admin_user)
admin_cursor = get_cursor_with_user(admin_user)
stream_user = "stream_user"
create_stream_user(userless_cursor, stream_user)
stream_cursor = get_cursor_with_user(stream_user)
"CREATE STREAM insufficient_test "
f"TOPICS {topics[0]} "
f"TRANSFORM transform.simple")
# the stream is started by admin, but should check against the owner
# privileges
common.start_stream(admin_cursor, "insufficient_test")
producer.send(topics[0], b"first message").get(timeout=60)
assert common.timed_wait(
lambda: not common.get_is_running(userless_cursor, "insufficient_test"))
assert len(common.execute_and_fetch_all(
userless_cursor, "MATCH (n) RETURN n")) == 0
admin_cursor, f"GRANT CREATE TO {stream_user}")
common.start_stream(userless_cursor, "insufficient_test")
second_message = b"second message"
producer.send(topics[0], second_message).get(timeout=60)
userless_cursor, topics[0], second_message)
assert len(common.execute_and_fetch_all(
userless_cursor, "MATCH (n) RETURN n")) == 1
def test_happy_case(producer, topics, connection):
assert len(topics) > 0
userless_cursor = connection.cursor()
admin_user = "admin_user"
create_admin_user(userless_cursor, admin_user)
admin_cursor = get_cursor_with_user(admin_user)
stream_user = "stream_user"
create_stream_user(userless_cursor, stream_user)
stream_cursor = get_cursor_with_user(stream_user)
admin_cursor, f"GRANT CREATE TO {stream_user}")
"CREATE STREAM insufficient_test "
f"TOPICS {topics[0]} "
f"TRANSFORM transform.simple")
common.start_stream(stream_cursor, "insufficient_test")
first_message = b"first message"
producer.send(topics[0], first_message).get(timeout=60)
userless_cursor, topics[0], first_message)
assert len(common.execute_and_fetch_all(
userless_cursor, "MATCH (n) RETURN n")) == 1
if __name__ == "__main__":
sys.exit(pytest.main([__file__, "-rA"]))