10000 Fix auth_test.py · postgrespro/pg_probackup@04e05b1 · GitHub
[go: up one dir, main page]
Skip to content

Commit 04e05b1

Browse files
funny-falconfunny-falcon
committed
Fix auth_test.py
1 parent cda016c commit 04e05b1

File tree

2 files changed

+86
-105
lines changed

2 files changed

+86
-105
lines changed

tests/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ def load_tests(loader, tests, pattern):
2727
if os.environ['PG_PROBACKUP_LONG'] == 'ON':
2828
suite.addTests(loader.loadTestsFromModule(time_consuming))
2929

30-
# suite.addTests(loader.loadTestsFromModule(auth_test))
30+
suite.addTests(loader.loadTestsFromModule(auth_test))
3131
suite.addTests(loader.loadTestsFromModule(archive))
3232
suite.addTests(loader.loadTestsFromModule(backup))
3333
suite.addTests(loader.loadTestsFromModule(catchup))

tests/auth_test.py

Lines changed: 85 additions & 104 deletions
Original file line numberDiff line numberDiff line change
@@ -126,24 +126,16 @@ def test_backup_via_unprivileged_user(self):
126126
node.safe_psql(
127127
"postgres",
128128
"GRANT EXECUTE ON FUNCTION pg_stop_backup(boolean) TO backup")
129-
elif self.get_vestion(node) < self.version_to_num('15.0'):
129+
elif self.get_version(node) < self.version_to_num('15.0'):
130130
node.safe_psql(
131131
"postgres",
132-
"GRANT EXECUTE ON FUNCTION "
133-
"pg_stop_backup(boolean, boolean) TO backup")
134-
# Do this for ptrack backups
135-
node.safe_psql(
136-
"postgres",
137-
"GRANT EXECUTE ON FUNCTION pg_stop_backup() TO backup")
132+
"GRANT EXECUTE ON FUNCTION pg_stop_backup() TO backup; "
133+
"GRANT EXECUTE ON FUNCTION pg_stop_backup(boolean, boolean) TO backup;")
138134
else:
139135
node.safe_psql(
140136
"postgres",
141-
"GRANT EXECUTE ON FUNCTION "
142-
"pg_backup_stop(boolean) TO backup")
143-
# Do this for ptrack backups
144-
node.safe_psql(
145-
"postgres",
146-
"GRANT EXECUTE ON FUNCTION pg_backup_stop() TO backup")
137+
"GRANT EXECUTE ON FUNCTION pg_backup_stop() TO backup; "
138+
"GRANT EXECUTE ON FUNCTION pg_backup_stop(boolean) TO backup;")
147139

148140
self.backup_node(
149141
backup_dir, 'node', node, options=['-U', 'backup'])
@@ -193,7 +185,10 @@ def setUpClass(cls):
193185
set_replication=True,
194186
initdb_params=['--data-checksums', '--auth-host=md5']
195187
)
196-
modify_pg_hba(cls.node)
188+
189+
cls.username = cls.pb.get_username()
190+
191+
cls.modify_pg_hba(cls.node)
197192

198193
cls.pb.init_pb(cls.backup_dir)
199194
cls.pb.add_instance(cls.backup_dir, cls.node.name, cls.node)
@@ -203,7 +198,7 @@ def setUpClass(cls):
203198
except StartNodeException:
204199
raise unittest.skip("Node hasn't started")
205200

206-
if cls.pb.get_version(cls.node) < 150000:
201+
if cls.pb.get_version(cls.node) < 100000:
207202
cls.node.safe_psql(
208203
"postgres",
209204
"CREATE ROLE backup WITH LOGIN PASSWORD 'password'; "
@@ -218,6 +213,21 @@ def setUpClass(cls):
218213
"GRANT EXECUTE ON FUNCTION txid_current() TO backup; "
219214
"GRANT EXECUTE ON FUNCTION txid_current_snapshot() TO backup; "
220215
"GRANT EXECUTE ON FUNCTION txid_snapshot_xmax(txid_snapshot) TO backup;")
216+
elif cls.pb.get_version(cls.node) < 150000:
217+
cls.node.safe_psql(
218+
"postgres",
219+
"CREATE ROLE backup WITH LOGIN PASSWORD 'password'; "
220+
"GRANT USAGE ON SCHEMA pg_catalog TO backup; "
221+
"GRANT EXECUTE ON FUNCTION current_setting(text) TO backup; "
222+
"GRANT EXECUTE ON FUNCTION pg_is_in_recovery() TO backup; "
223+
"GRANT EXECUTE ON FUNCTION pg_start_backup(text, boolean, boolean) TO backup; "
224+
"GRANT EXECUTE ON FUNCTION pg_stop_backup() TO backup; "
225+
"GRANT EXECUTE ON FUNCTION pg_stop_backup(boolean, boolean) TO backup; "
226+
"GRANT EXECUTE ON FUNCTION pg_create_restore_point(text) TO backup; "
227+
"GRANT EXECUTE ON FUNCTION pg_switch_wal() TO backup; "
228+
"GRANT EXECUTE ON FUNCTION txid_current() TO backup; "
229+
"GRANT EXECUTE ON FUNCTION txid_current_snapshot() TO backup; "
230+
"GRANT EXECUTE ON FUNCTION txid_snapshot_xmax(txid_snapshot) TO backup;")
221231
else:
222232
cls.node.safe_psql(
223233
"postgres",
@@ -229,7 +239,7 @@ def setUpClass(cls):
229239
"GRANT EXECUTE ON FUNCTION pg_backup_stop() TO backup; "
230240
"GRANT EXECUTE ON FUNCTION pg_backup_stop(boolean) TO backup; "
231241
"GRANT EXECUTE ON FUNCTION pg_create_restore_point(text) TO backup; "
232-
"GRANT EXECUTE ON FUNCTION pg_switch_xlog() TO backup; "
242+
"GRANT EXECUTE ON FUNCTION pg_switch_wal() TO backup; "
233243
"GRANT EXECUTE ON FUNCTION txid_current() TO backup; "
234244
"GRANT EXECUTE ON FUNCTION txid_current_snapshot() TO backup; "
235245
"GRANT EXECUTE ON FUNCTION txid_snapshot_xmax(txid_snapshot) TO backup;")
@@ -244,12 +254,13 @@ def tearDownClass(cls):
244254

245255
@unittest.skipIf(skip_test, "Module pexpect isn't installed. You need to install it.")
246256
def setUp(self):
247-
self.cmd = ['backup',
257+
self.pb_cmd = ['backup',
248258
'-B', self.backup_dir,
249259
'--instance', self.node.name,
250260
'-h', '127.0.0.1',
251261
'-p', str(self.node.port),
252262
'-U', 'backup',
263+
'-d', 'postgres',
253264
'-b', 'FULL'
254265
]
255266

@@ -269,136 +280,106 @@ def test_empty_password(self):
269280
""" Test case: PGPB_AUTH03 - zero password length """
270281
try:
271282
self.assertIn("ERROR: no password supplied",
272-
str(run_pb_with_auth([self.pb.probackup_path] + self.cmd, '\0\r\n'))
273-
)
283+
self.run_pb_with_auth('\0\r\n'))
274284
except (TIMEOUT, ExceptionPexpect) as e:
275285
self.fail(e.value)
276286

277287
def test_wrong_password(self):
278288
""" Test case: PGPB_AUTH04 - incorrect password """
279-
try:
280-
self.assertIn("password authentication failed",
281-
str(run_pb_with_auth([self.pb.probackup_path] + self.cmd, 'wrong_password\r\n'))
282-
)
283-
except (TIMEOUT, ExceptionPexpect) as e:
284-
self.fail(e.value)
289+
self.assertIn("password authentication failed",
290+
self.run_pb_with_auth('wrong_password\r\n'))
285291

286292
def test_right_password(self):
287293
""" Test case: PGPB_AUTH01 - correct password """
288-
try:
289-
self.assertIn("completed",
290-
str(run_pb_with_auth([self.pb.probackup_path] + self.cmd, 'password\r\n'))
291-
)
292-
except (TIMEOUT, ExceptionPexpect) as e:
293-
self.fail(e.value)
294+
self.assertIn("completed",
295+
self.run_pb_with_auth('password\r\n'))
294296

295297
def test_right_password_and_wrong_pgpass(self):
296298
""" Test case: PGPB_AUTH05 - correct password and incorrect .pgpass (-W)"""
297299
line = ":".join(['127.0.0.1', str(self.node.port), 'postgres', 'backup', 'wrong_password'])
298-
create_pgpass(self.pgpass_file, line)
299-
try:
300-
self.assertIn("completed",
301-
str(run_pb_with_auth([self.pb.probackup_path] + self.cmd + ['-W'], 'password\r\n'))
302-
)
303-
except (TIMEOUT, ExceptionPexpect) as e:
304-
self.fail(e.value)
300+
self.create_pgpass(self.pgpass_file, line)
301+
self.assertIn("completed",
302+
self.run_pb_with_auth('password\r\n', add_args=["-W"]))
305303

306304
def test_ctrl_c_event(self):
307305
""" Test case: PGPB_AUTH02 - send interrupt signal """
308306
try:
309-
run_pb_with_auth([self.pb.probackup_path] + self.cmd, kill=True)
307+
self.run_pb_with_auth(kill=True)
310308
except TIMEOUT:
311309
self.fail("Error: CTRL+C event ignored")
312310

313311
def test_pgpassfile_env(self):
314312
""" Test case: PGPB_AUTH06 - set environment var PGPASSFILE """
315313
path = os.path.join(self.pb.tmp_path, module_name, 'pgpass.conf')
316314
line = ":".join(['127.0.0.1', str(self.node.port), 'postgres', 'backup', 'password'])
317-
create_pgpass(path, line)
315+
self.create_pgpass(path, line)
318316
self.pb.test_env["PGPASSFILE"] = path
319-
try:
320-
self.assertEqual(
321-
"OK",
322-
self.pb.show_pb(self.backup_dir, self.node.name, self.pb.run_pb(self.cmd + ['-w']))["status"],
323-
"ERROR: Full backup status is not valid."
324-
)
325-
except ProbackupException as e:
326-
self.fail(e)
317+
self.assertEqual(
318+
"OK",
319+
self.pb.show_pb(self.backup_dir, self.node.name, self.pb.run_pb(self.pb_cmd + ['-w']))["status"],
320+
"ERROR: Full backup status is not valid."
321+
)
327322

328323
def test_pgpass(self):
329324
""" Test case: PGPB_AUTH07 - Create file .pgpass in home dir. """
330325
line = ":".join(['127.0.0.1', str(self.node.port), 'postgres', 'backup', 'password'])
331-
create_pgpass(self.pgpass_file, line)
332-
try:
333-
self.assertEqual(
334-
"OK",
335-
self.pb.show_pb(self.backup_dir, self.node.name, self.pb.run_pb(self.cmd + ['-w']))["status"],
336-
"ERROR: Full backup status is not valid."
337-
)
338-
except ProbackupException as e:
339-
self.fail(e)
326+
self.create_pgpass(self.pgpass_file, line)
327+
self.assertEqual(
328+
"OK",
329+
self.pb.show_pb(self.backup_dir, self.node.name, self.pb.run_pb(self.pb_cmd + ['-w']))["status"],
330+
"ERROR: Full backup status is not valid."
331+
)
340332

341333
def test_pgpassword(self):
342334
""" Test case: PGPB_AUTH08 - set environment var PGPASSWORD """
343335
self.pb.test_env["PGPASSWORD"] = "password"
344-
try:
345-
self.assertEqual(
346-
"OK",
347-
self.pb.show_pb(self.backup_dir, self.node.name, self.pb.run_pb(self.cmd + ['-w']))["status"],
348-
"ERROR: Full backup status is not valid."
349-
)
350-
except ProbackupException as e:
351-
self.fail(e)
336+
self.assertEqual(
337+
"OK",
338+
self.pb.show_pb(self.backup_dir, self.node.name, self.pb.run_pb(self.pb_cmd + ['-w']))["status"],
339+
"ERROR: Full backup status is not valid."
340+
)
352341

353342
def test_pgpassword_and_wrong_pgpass(self):
354343
""" Test case: PGPB_AUTH09 - Check priority between PGPASSWORD and .pgpass file"""
355344
line = ":".join(['127.0.0.1', str(self.node.port), 'postgres', 'backup', 'wrong_password'])
356-
create_pgpass(self.pgpass_file, line)
345+
self.create_pgpass(self.pgpass_file, line)
357346
self.pb.test_env["PGPASSWORD"] = "password"
358-
try:
359-
self.assertEqual(
360-
"OK",
361-
self.pb.show_pb(self.backup_dir, self.node.name, self.pb.run_pb(self.cmd + ['-w']))["status"],
362-
"ERROR: Full backup status is not valid."
363-
)
364-
except ProbackupException as e:
365-
self.fail(e)
366-
347+
self.assertEqual(
348+
"OK",
349+
self.pb.show_pb(self.backup_dir, self.node.name, self.pb.run_pb(self.pb_cmd + ['-w']))["status"],
350+
"ERROR: Full backup status is not valid."
351+
)
367352

368-
def run_pb_with_auth(cmd, password=None, kill=False):
369-
try:
370-
with spawn(" ".join(cmd), encoding='utf-8', timeout=10) as probackup:
353+
def run_pb_with_auth(self, password=None, add_args = [], kill=False):
354+
with spawn(self.pb.probackup_path, self.pb_cmd + add_args, encoding='utf-8', timeout=10) as probackup:
371355
result = probackup.expect(u"Password for user .*:", 5)
372356
if kill:
373357
probackup.kill(signal.SIGINT)
374358
elif result == 0:
375359
probackup.sendline(password)
376360
probackup.expect(EOF)
377-
return probackup.before
361+
return str(probackup.before)
378362
else:
379363
raise ExceptionPexpect("Other pexpect errors.")
380-
except TIMEOUT:
381-
raise TIMEOUT("Timeout error.")
382-
except ExceptionPexpect:
383-
raise ExceptionPexpect("Pexpect error.")
384-
385-
386-
def modify_pg_hba(node):
387-
"""
388-
Description:
389-
Add trust authentication for user postgres. Need for add new role and set grant.
390-
:param node:
391-
:return None:
392-
"""
393-
hba_conf = os.path.join(node.data_dir, "pg_hba.conf")
394-
with open(hba_conf, 'r+') as fio:
395-
data = fio.read()
396-
fio.seek(0)
397-
fio.write('host\tall\tpostgres\t127.0.0.1/0\ttrust\n' + data)
398-
399-
400-
def create_pgpass(path, line):
401-
with open(path, 'w') as passfile:
402-
# host:port:db:username:password
403-
passfile.write(line)
404-
os.chmod(path, 0o600)
364+
365+
366+
@classmethod
367+
def modify_pg_hba(cls, node):
368+
"""
369+
Description:
370+
Add trust authentication for user postgres. Need for add new role and set grant.
371+
:param node:
372+
:return None:
373+
"""
374+
hba_conf = os.path.join(node.data_dir, "pg_hba.conf")
375+
with open(hba_conf, 'r+') as fio:
376+
data = fio.read()
377+
fio.seek(0)
378+
fio.write('host\tall\t%s\t127.0.0.1/0\ttrust\n%s' % (cls.username, data))
379+
380+
381+
def create_pgpass(self, path, line):
382+
with open(path, 'w') as passfile:
383+
# host:port:db:username:password
384+
passfile.write(line)
385+
os.chmod(path, 0o600)

0 commit comments

Comments
 (0)
0