You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by zh...@apache.org on 2021/02/04 05:48:49 UTC

[shardingsphere] branch master updated: Fix unit tests for authorizedSchemas configuration (#9312)

This is an automated email from the ASF dual-hosted git repository.

zhangyonglun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git


The following commit(s) were added to refs/heads/master by this push:
     new b46bb28  Fix unit tests for authorizedSchemas configuration (#9312)
b46bb28 is described below

commit b46bb28d3bb56b2e1cd2a8483dcb3488d4466922
Author: Juan Pan(Trista) <pa...@apache.org>
AuthorDate: Thu Feb 4 13:48:21 2021 +0800

    Fix unit tests for authorizedSchemas configuration (#9312)
    
    * Delete authorizedSchemas configuration
    
    * Fix unit tests
    
    * Fix unit tests
---
 .../infra/auth/privilege/data/DataPrivilege.java       | 14 ++++++++------
 .../infra/auth/privilege/data/SchemaPrivilege.java     |  9 ++++++---
 .../proxy/frontend/mysql/MySQLFrontendEngineTest.java  |  4 +++-
 .../mysql/auth/MySQLAuthenticationHandlerTest.java     | 18 ++++++++++++++++--
 .../auth/PostgreSQLAuthenticationEngineTest.java       |  8 ++++----
 5 files changed, 37 insertions(+), 16 deletions(-)

diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/DataPrivilege.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/DataPrivilege.java
index 67d8656..c4fedb4 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/DataPrivilege.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/DataPrivilege.java
@@ -44,8 +44,7 @@ public final class DataPrivilege {
      * @return has privileges or not
      */
     public boolean hasPrivileges(final String schema, final Collection<PrivilegeType> privileges) {
-        return globalPrivileges.contains(PrivilegeType.ALL) || globalPrivileges.containsAll(privileges)
-                || hasPrivileges0(schema, privileges);
+        return hasGlobalPrivileges(privileges) || hasSpecificPrivileges(schema, privileges);
     }
     
     /**
@@ -57,16 +56,19 @@ public final class DataPrivilege {
      * @return has privileges or not
      */
     public boolean hasPrivileges(final String schema, final String table, final Collection<PrivilegeType> privileges) {
-        return globalPrivileges.contains(PrivilegeType.ALL) || globalPrivileges.containsAll(privileges)
-                || hasPrivileges0(schema, table, privileges);
+        return hasGlobalPrivileges(privileges) || hasSpecificPrivileges(schema, table, privileges);
     }
     
-    private boolean hasPrivileges0(final String schema, final Collection<PrivilegeType> privileges) {
+    private boolean hasGlobalPrivileges(final Collection<PrivilegeType> privileges) {
+        return globalPrivileges.contains(PrivilegeType.ALL) || !globalPrivileges.isEmpty() && globalPrivileges.containsAll(privileges);
+    }
+    
+    private boolean hasSpecificPrivileges(final String schema, final Collection<PrivilegeType> privileges) {
         Collection<PrivilegeType> targets = privileges.stream().filter(each -> !globalPrivileges.contains(each)).collect(Collectors.toList());
         return specificPrivileges.containsKey(schema) && specificPrivileges.get(schema).hasPrivileges(targets);
     }
     
-    private boolean hasPrivileges0(final String schema, final String table, final Collection<PrivilegeType> privileges) {
+    private boolean hasSpecificPrivileges(final String schema, final String table, final Collection<PrivilegeType> privileges) {
         Collection<PrivilegeType> targets = privileges.stream().filter(each -> !globalPrivileges.contains(each)).collect(Collectors.toList());
         return specificPrivileges.containsKey(schema) && specificPrivileges.get(schema).hasPrivileges(table, targets);
     }
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/SchemaPrivilege.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/SchemaPrivilege.java
index 9dd2e07..ea78ebd 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/SchemaPrivilege.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/SchemaPrivilege.java
@@ -58,11 +58,14 @@ public final class SchemaPrivilege {
      * @return has privileges or not
      */
     public boolean hasPrivileges(final String table, final Collection<PrivilegeType> privileges) {
-        return globalPrivileges.contains(PrivilegeType.ALL) || globalPrivileges.containsAll(privileges)
-                || hasPrivileges0(table, privileges);
+        return hasGlobalPrivileges(privileges) || hasSpecificPrivileges(table, privileges);
     }
     
-    private boolean hasPrivileges0(final String table, final Collection<PrivilegeType> privileges) {
+    private boolean hasGlobalPrivileges(final Collection<PrivilegeType> privileges) {
+        return globalPrivileges.contains(PrivilegeType.ALL) || !globalPrivileges.isEmpty() && globalPrivileges.containsAll(privileges);
+    }
+    
+    private boolean hasSpecificPrivileges(final String table, final Collection<PrivilegeType> privileges) {
         Collection<PrivilegeType> targets = privileges.stream().filter(each -> !globalPrivileges.contains(each)).collect(Collectors.toList());
         return specificPrivileges.containsKey(table) && specificPrivileges.get(table).hasPrivileges(targets);
     }
diff --git a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/MySQLFrontendEngineTest.java b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/MySQLFrontendEngineTest.java
index 1247705..fa5c27b 100644
--- a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/MySQLFrontendEngineTest.java
+++ b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/MySQLFrontendEngineTest.java
@@ -151,7 +151,9 @@ public final class MySQLFrontendEngineTest {
 
     private void setAuthentication(final ShardingSphereUser user) {
         DefaultAuthentication authentication = new DefaultAuthentication();
-        authentication.getAuthentication().put(user, new ShardingSpherePrivilege());
+        ShardingSpherePrivilege privilege = new ShardingSpherePrivilege();
+        privilege.setSuper();
+        authentication.getAuthentication().put(user, privilege);
         initProxyContext(authentication);
     }
 
diff --git a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandlerTest.java b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandlerTest.java
index 8154006..bb86fa8 100644
--- a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandlerTest.java
+++ b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandlerTest.java
@@ -21,6 +21,8 @@ import com.google.common.primitives.Bytes;
 import lombok.SneakyThrows;
 import org.apache.shardingsphere.db.protocol.mysql.constant.MySQLServerErrorCode;
 import org.apache.shardingsphere.db.protocol.mysql.packet.handshake.MySQLAuthPluginData;
+import org.apache.shardingsphere.infra.auth.privilege.PrivilegeType;
+import org.apache.shardingsphere.infra.auth.privilege.data.SchemaPrivilege;
 import org.apache.shardingsphere.infra.auth.user.ShardingSphereUser;
 import org.apache.shardingsphere.infra.auth.builtin.DefaultAuthentication;
 import org.apache.shardingsphere.infra.auth.privilege.ShardingSpherePrivilege;
@@ -101,7 +103,7 @@ public final class MySQLAuthenticationHandlerTest {
     
     @Test
     public void assertLoginWithUnauthorizedSchema() {
-        setAuthentication(new ShardingSphereUser("root", "root", ""));
+        setAuthenticationForDB(new ShardingSphereUser("root", "root", ""));
         byte[] authResponse = {-27, 89, -20, -27, 65, -120, -64, -101, 86, -100, -108, -100, 6, -125, -37, 117, 14, -43, 95, -113};
         assertThat(authenticationHandler.login("root", "", authResponse, "db2").orElse(null), is(MySQLServerErrorCode.ER_DBACCESS_DENIED_ERROR));
     }
@@ -113,7 +115,19 @@ public final class MySQLAuthenticationHandlerTest {
     
     private void setAuthentication(final ShardingSphereUser user) {
         DefaultAuthentication authentication = new DefaultAuthentication();
-        authentication.getAuthentication().put(user, new ShardingSpherePrivilege());
+        ShardingSpherePrivilege privilege = new ShardingSpherePrivilege();
+        privilege.setSuper();
+        authentication.getAuthentication().put(user, privilege);
+        initProxyContext(authentication);
+    }
+    
+    private void setAuthenticationForDB(final ShardingSphereUser user) {
+        DefaultAuthentication authentication = new DefaultAuthentication();
+        ShardingSpherePrivilege privilege = new ShardingSpherePrivilege();
+        SchemaPrivilege schema = new SchemaPrivilege("db1");
+        schema.getGlobalPrivileges().add(PrivilegeType.ALL);
+        privilege.getDataPrivilege().getSpecificPrivileges().put("db1", schema);
+        authentication.getAuthentication().put(user, privilege);
         initProxyContext(authentication);
     }
     
diff --git a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationEngineTest.java b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationEngineTest.java
index 62bf5fe..5619879 100644
--- a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationEngineTest.java
+++ b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationEngineTest.java
@@ -26,9 +26,8 @@ import org.apache.shardingsphere.db.protocol.payload.PacketPayload;
 import org.apache.shardingsphere.db.protocol.postgresql.packet.command.query.binary.BinaryStatementRegistry;
 import org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLAuthenticationMD5PasswordPacket;
 import org.apache.shardingsphere.db.protocol.postgresql.payload.PostgreSQLPacketPayload;
-import org.apache.shardingsphere.infra.auth.user.ShardingSphereUser;
-import org.apache.shardingsphere.infra.auth.builtin.DefaultAuthentication;
 import org.apache.shardingsphere.infra.auth.privilege.ShardingSpherePrivilege;
+import org.apache.shardingsphere.infra.auth.user.ShardingSphereUser;
 import org.apache.shardingsphere.infra.context.metadata.impl.StandardMetaDataContexts;
 import org.apache.shardingsphere.proxy.backend.context.ProxyContext;
 import org.apache.shardingsphere.proxy.frontend.auth.AuthenticationResult;
@@ -125,8 +124,9 @@ public final class PostgreSQLAuthenticationEngineTest {
         payload.writeStringNul(md5Digest);
         ProxyContext proxyContext = ProxyContext.getInstance();
         StandardMetaDataContexts standardMetaDataContexts = new StandardMetaDataContexts();
-        ((DefaultAuthentication) standardMetaDataContexts.getAuthentication()).getAuthentication().put(
-                new ShardingSphereUser(username, password, ""), new ShardingSpherePrivilege());
+        ShardingSpherePrivilege privilege = new ShardingSpherePrivilege();
+        privilege.setSuper();
+        (standardMetaDataContexts.getAuthentication()).getAuthentication().put(new ShardingSphereUser(username, password, ""), privilege);
         proxyContext.init(standardMetaDataContexts, mock(TransactionContexts.class));
         actual = engine.auth(channelHandlerContext, payload);
         assertThat(actual.isFinished(), is(password.equals(inputPassword)));