Changeset: 7b153446a92a for MonetDB
URL: https://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=7b153446a92a
Modified Files:
sql/test/Users/Tests/grantMonetdb.SQL.py
Branch: default
Log Message:
Only the 'monetdb' user in its 'sysadmin' role can create a user, see also
Issue #7034
Updated test description and query accordingly
diffs (28 lines):
diff --git a/sql/test/Users/Tests/grantMonetdb.SQL.py
b/sql/test/Users/Tests/grantMonetdb.SQL.py
--- a/sql/test/Users/Tests/grantMonetdb.SQL.py
+++ b/sql/test/Users/Tests/grantMonetdb.SQL.py
@@ -1,6 +1,8 @@
###
# Grant sysadmin rights to a user.
-# Verify that the user can assume the sysadmin role and CREATE new users,
GRANT privileges and roles.
+# Verify that the user can assume the sysadmin role and GRANT privileges and
+# roles, but cannot CREATE new users since only 'monetdb' in its 'sysadmin'
+# role can
###
from MonetDBtesting.sqltest import SQLTestCase
@@ -20,12 +22,12 @@ with SQLTestCase() as mdb:
tc.connect(username="alice", password="alice")
# alice is not a sysadmin yet
tc.execute("SET ROLE sysadmin;").assertFailed(err_code='42000',
err_message="Role (sysadmin) missing")
- tc.execute("CREATE USER may WITH PASSWORD 'may' NAME 'May' SCHEMA
library;").assertFailed(err_code='42M31', err_message="Insufficient privileges
to create user 'may'")
tc.execute("GRANT ALL ON library.orders TO
april;").assertFailed(err_code='01007', err_message="GRANT: Grantor 'alice' is
not allowed to grant privileges for table 'orders'")
# give alice sysadmin rights
mdb.execute("GRANT sysadmin TO alice;").assertSucceeded()
tc.execute("SET ROLE sysadmin;").assertSucceeded()
- # FIXME: this query should probably not fail
+
+ # but alice cannot create another user
tc.execute("CREATE USER may WITH PASSWORD 'may' NAME 'May' SCHEMA
library;").assertFailed(err_code='M0M27', err_message="CREATE USER: access
denied for user 'alice'")
with SQLTestCase() as tc2:
_______________________________________________
checkin-list mailing list
[email protected]
https://www.monetdb.org/mailman/listinfo/checkin-list
