Port 075-auth-cache.t etap test suite to eunit Timeouts are removed.
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/fb4a7747 Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/fb4a7747 Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/fb4a7747 Branch: refs/heads/1.x.x Commit: fb4a7747018e5f23c5c6debcff3df64ef76f8882 Parents: 535a780 Author: Alexander Shorin <[email protected]> Authored: Thu May 22 13:07:24 2014 +0400 Committer: Alexander Shorin <[email protected]> Committed: Wed Dec 2 03:49:04 2015 +0300 ---------------------------------------------------------------------- test/couchdb/Makefile.am | 1 + test/couchdb/couch_auth_cache_tests.erl | 246 ++++++++++++++++++++++++ test/etap/075-auth-cache.t | 276 --------------------------- test/etap/Makefile.am | 1 - 4 files changed, 247 insertions(+), 277 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/fb4a7747/test/couchdb/Makefile.am ---------------------------------------------------------------------- diff --git a/test/couchdb/Makefile.am b/test/couchdb/Makefile.am index d9ed703..3adad5f 100644 --- a/test/couchdb/Makefile.am +++ b/test/couchdb/Makefile.am @@ -21,6 +21,7 @@ all: chmod +x run eunit_files = \ + couch_auth_cache_tests.erl \ couch_btree_tests.erl \ couch_changes_tests.erl \ couch_db_tests.erl \ http://git-wip-us.apache.org/repos/asf/couchdb/blob/fb4a7747/test/couchdb/couch_auth_cache_tests.erl ---------------------------------------------------------------------- diff --git a/test/couchdb/couch_auth_cache_tests.erl b/test/couchdb/couch_auth_cache_tests.erl new file mode 100644 index 0000000..34f7127 --- /dev/null +++ b/test/couchdb/couch_auth_cache_tests.erl @@ -0,0 +1,246 @@ +% Licensed under the Apache License, Version 2.0 (the "License"); you may not +% use this file except in compliance with the License. You may obtain a copy of +% the License at +% +% http://www.apache.org/licenses/LICENSE-2.0 +% +% Unless required by applicable law or agreed to in writing, software +% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +% License for the specific language governing permissions and limitations under +% the License. + +-module(couch_auth_cache_tests). + +-include("couch_eunit.hrl"). +-include_lib("couchdb/couch_db.hrl"). + +-define(ADMIN_USER, {user_ctx, #user_ctx{roles=[<<"_admin">>]}}). +-define(SALT, <<"SALT">>). +-define(TIMEOUT, 1000). + + +start() -> + {ok, Pid} = couch_server_sup:start_link(?CONFIG_CHAIN), + Pid. + +stop(Pid) -> + erlang:monitor(process, Pid), + couch_server_sup:stop(), + receive + {'DOWN', _, _, Pid, _} -> + ok + after ?TIMEOUT -> + throw({timeout, server_stop}) + end. + +setup() -> + DbName = ?tempdb(), + couch_config:set("couch_httpd_auth", "authentication_db", + ?b2l(DbName), false), + DbName. + +teardown(DbName) -> + ok = couch_server:delete(DbName, [?ADMIN_USER]), + ok. + + +couch_auth_cache_test_() -> + { + "CouchDB auth cache tests", + { + setup, + fun start/0, fun stop/1, + { + foreach, + fun setup/0, fun teardown/1, + [ + fun should_get_nil_on_missed_cache/1, + fun should_get_right_password_hash/1, + fun should_ensure_doc_hash_equals_cached_one/1, + fun should_update_password/1, + fun should_cleanup_cache_after_userdoc_deletion/1, + fun should_restore_cache_after_userdoc_recreation/1, + fun should_drop_cache_on_auth_db_change/1, + fun should_restore_cache_on_auth_db_change/1, + fun should_recover_cache_after_shutdown/1 + ] + } + } + }. + + +should_get_nil_on_missed_cache(_) -> + ?_assertEqual(nil, couch_auth_cache:get_user_creds("joe")). + +should_get_right_password_hash(DbName) -> + ?_assert(begin + PasswordHash = hash_password("pass1"), + {ok, _} = update_user_doc(DbName, "joe", "pass1"), + Creds = couch_auth_cache:get_user_creds("joe"), + ?assertEqual(PasswordHash, + couch_util:get_value(<<"password_sha">>, Creds)), + true + end). + +should_ensure_doc_hash_equals_cached_one(DbName) -> + ?_assert(begin + {ok, _} = update_user_doc(DbName, "joe", "pass1"), + Creds = couch_auth_cache:get_user_creds("joe"), + + CachedHash = couch_util:get_value(<<"password_sha">>, Creds), + StoredHash = get_user_doc_password_sha(DbName, "joe"), + ?assertEqual(StoredHash, CachedHash), + true + end). + +should_update_password(DbName) -> + ?_assert(begin + PasswordHash = hash_password("pass2"), + {ok, Rev} = update_user_doc(DbName, "joe", "pass1"), + {ok, _} = update_user_doc(DbName, "joe", "pass2", Rev), + Creds = couch_auth_cache:get_user_creds("joe"), + ?assertEqual(PasswordHash, + couch_util:get_value(<<"password_sha">>, Creds)), + true + end). + +should_cleanup_cache_after_userdoc_deletion(DbName) -> + ?_assert(begin + {ok, _} = update_user_doc(DbName, "joe", "pass1"), + delete_user_doc(DbName, "joe"), + ?assertEqual(nil, couch_auth_cache:get_user_creds("joe")), + true + end). + +should_restore_cache_after_userdoc_recreation(DbName) -> + ?_assert(begin + PasswordHash = hash_password("pass5"), + {ok, _} = update_user_doc(DbName, "joe", "pass1"), + delete_user_doc(DbName, "joe"), + ?assertEqual(nil, couch_auth_cache:get_user_creds("joe")), + + {ok, _} = update_user_doc(DbName, "joe", "pass5"), + Creds = couch_auth_cache:get_user_creds("joe"), + + ?assertEqual(PasswordHash, + couch_util:get_value(<<"password_sha">>, Creds)), + true + end). + +should_drop_cache_on_auth_db_change(DbName) -> + ?_assert(begin + {ok, _} = update_user_doc(DbName, "joe", "pass1"), + full_commit(DbName), + couch_config:set("couch_httpd_auth", "authentication_db", + ?b2l(?tempdb()), false), + ?assertEqual(nil, couch_auth_cache:get_user_creds("joe")), + true + end). + +should_restore_cache_on_auth_db_change(DbName) -> + ?_assert(begin + PasswordHash = hash_password("pass1"), + {ok, _} = update_user_doc(DbName, "joe", "pass1"), + Creds = couch_auth_cache:get_user_creds("joe"), + full_commit(DbName), + + DbName1 = ?tempdb(), + couch_config:set("couch_httpd_auth", "authentication_db", + ?b2l(DbName1), false), + + {ok, _} = update_user_doc(DbName1, "joe", "pass5"), + full_commit(DbName1), + + couch_config:set("couch_httpd_auth", "authentication_db", + ?b2l(DbName), false), + + Creds = couch_auth_cache:get_user_creds("joe"), + ?assertEqual(PasswordHash, + couch_util:get_value(<<"password_sha">>, Creds)), + true + end). + +should_recover_cache_after_shutdown(DbName) -> + ?_assert(begin + PasswordHash = hash_password("pass2"), + {ok, Rev0} = update_user_doc(DbName, "joe", "pass1"), + {ok, Rev1} = update_user_doc(DbName, "joe", "pass2", Rev0), + full_commit(DbName), + shutdown_db(DbName), + {ok, Rev1} = get_doc_rev(DbName, "joe"), + ?assertEqual(PasswordHash, get_user_doc_password_sha(DbName, "joe")), + true + end). + + +update_user_doc(DbName, UserName, Password) -> + update_user_doc(DbName, UserName, Password, nil). + +update_user_doc(DbName, UserName, Password, Rev) -> + User = iolist_to_binary(UserName), + Doc = couch_doc:from_json_obj({[ + {<<"_id">>, <<"org.couchdb.user:", User/binary>>}, + {<<"name">>, User}, + {<<"type">>, <<"user">>}, + {<<"salt">>, ?SALT}, + {<<"password_sha">>, hash_password(Password)}, + {<<"roles">>, []} + ] ++ case Rev of + nil -> []; + _ -> [{<<"_rev">>, Rev}] + end + }), + {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]), + {ok, NewRev} = couch_db:update_doc(AuthDb, Doc, []), + ok = couch_db:close(AuthDb), + {ok, couch_doc:rev_to_str(NewRev)}. + +hash_password(Password) -> + ?l2b(couch_util:to_hex(crypto:sha(iolist_to_binary([Password, ?SALT])))). + +shutdown_db(DbName) -> + {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]), + ok = couch_db:close(AuthDb), + couch_util:shutdown_sync(AuthDb#db.main_pid), + ok = timer:sleep(1000). + +get_doc_rev(DbName, UserName) -> + DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]), + {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]), + UpdateRev = + case couch_db:open_doc(AuthDb, DocId, []) of + {ok, Doc} -> + {Props} = couch_doc:to_json_obj(Doc, []), + couch_util:get_value(<<"_rev">>, Props); + {not_found, missing} -> + nil + end, + ok = couch_db:close(AuthDb), + {ok, UpdateRev}. + +get_user_doc_password_sha(DbName, UserName) -> + DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]), + {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]), + {ok, Doc} = couch_db:open_doc(AuthDb, DocId, []), + ok = couch_db:close(AuthDb), + {Props} = couch_doc:to_json_obj(Doc, []), + couch_util:get_value(<<"password_sha">>, Props). + +delete_user_doc(DbName, UserName) -> + DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]), + {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]), + {ok, Doc} = couch_db:open_doc(AuthDb, DocId, []), + {Props} = couch_doc:to_json_obj(Doc, []), + DeletedDoc = couch_doc:from_json_obj({[ + {<<"_id">>, DocId}, + {<<"_rev">>, couch_util:get_value(<<"_rev">>, Props)}, + {<<"_deleted">>, true} + ]}), + {ok, _} = couch_db:update_doc(AuthDb, DeletedDoc, []), + ok = couch_db:close(AuthDb). + +full_commit(DbName) -> + {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]), + {ok, _} = couch_db:ensure_full_commit(AuthDb), + ok = couch_db:close(AuthDb). http://git-wip-us.apache.org/repos/asf/couchdb/blob/fb4a7747/test/etap/075-auth-cache.t ---------------------------------------------------------------------- diff --git a/test/etap/075-auth-cache.t b/test/etap/075-auth-cache.t deleted file mode 100755 index 623884b..0000000 --- a/test/etap/075-auth-cache.t +++ /dev/null @@ -1,276 +0,0 @@ -#!/usr/bin/env escript -%% -*- erlang -*- -% Licensed under the Apache License, Version 2.0 (the "License"); you may not -% use this file except in compliance with the License. You may obtain a copy of -% the License at -% -% http://www.apache.org/licenses/LICENSE-2.0 -% -% Unless required by applicable law or agreed to in writing, software -% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -% License for the specific language governing permissions and limitations under -% the License. - --record(user_ctx, { - name = null, - roles = [], - handler -}). - --record(db, { - main_pid = nil, - update_pid = nil, - compactor_pid = nil, - instance_start_time, % number of microsecs since jan 1 1970 as a binary string - fd, - updater_fd, - fd_ref_counter, - header, - committed_update_seq, - fulldocinfo_by_id_btree, - docinfo_by_seq_btree, - local_docs_btree, - update_seq, - name, - filepath, - validate_doc_funs = [], - security = [], - security_ptr = nil, - user_ctx = #user_ctx{}, - waiting_delayed_commit = nil, - revs_limit = 1000, - fsync_options = [], - options = [], - compression, - before_doc_update = nil, % nil | fun(Doc, Db) -> NewDoc - after_doc_read = nil % nil | fun(Doc, Db) -> NewDoc -}). - -auth_db_name() -> <<"couch_test_auth_db">>. -auth_db_2_name() -> <<"couch_test_auth_db_2">>. -salt() -> <<"SALT">>. - - -main(_) -> - test_util:init_code_path(), - - etap:plan(19), - case (catch test()) of - ok -> - etap:end_tests(); - Other -> - etap:diag(io_lib:format("Test died abnormally: ~p", [Other])), - etap:bail(Other) - end, - ok. - - -test() -> - couch_server_sup:start_link(test_util:config_files()), - OrigName = couch_config:get("couch_httpd_auth", "authentication_db"), - couch_config:set( - "couch_httpd_auth", "authentication_db", - binary_to_list(auth_db_name()), false), - delete_db(auth_db_name()), - delete_db(auth_db_2_name()), - - test_auth_db_crash(), - - couch_config:set("couch_httpd_auth", "authentication_db", OrigName, false), - delete_db(auth_db_name()), - delete_db(auth_db_2_name()), - couch_server_sup:stop(), - ok. - - -test_auth_db_crash() -> - Creds0 = couch_auth_cache:get_user_creds("joe"), - etap:is(Creds0, nil, "Got nil when getting joe's credentials"), - - etap:diag("Adding first version of Joe's user doc"), - PasswordHash1 = hash_password("pass1"), - {ok, Rev1} = update_user_doc(auth_db_name(), "joe", "pass1"), - - Creds1 = couch_auth_cache:get_user_creds("joe"), - etap:is(is_list(Creds1), true, "Got joe's credentials from cache"), - etap:is(couch_util:get_value(<<"password_sha">>, Creds1), PasswordHash1, - "Cached credentials have the right password"), - - etap:diag("Updating Joe's user doc password"), - PasswordHash2 = hash_password("pass2"), - {ok, _Rev2} = update_user_doc(auth_db_name(), "joe", "pass2", Rev1), - - Creds2 = couch_auth_cache:get_user_creds("joe"), - etap:is(is_list(Creds2), true, "Got joe's credentials from cache"), - etap:is(couch_util:get_value(<<"password_sha">>, Creds2), PasswordHash2, - "Cached credentials have the new password"), - - etap:diag("Shutting down the auth database process"), - shutdown_db(auth_db_name()), - - {ok, UpdateRev} = get_doc_rev(auth_db_name(), "joe"), - PasswordHash3 = hash_password("pass3"), - {ok, _Rev3} = update_user_doc(auth_db_name(), "joe", "pass3", UpdateRev), - - etap:is(get_user_doc_password_sha(auth_db_name(), "joe"), - PasswordHash3, - "Latest Joe's doc revision has the new password hash"), - - Creds3 = couch_auth_cache:get_user_creds("joe"), - etap:is(is_list(Creds3), true, "Got joe's credentials from cache"), - etap:is(couch_util:get_value(<<"password_sha">>, Creds3), PasswordHash3, - "Cached credentials have the new password"), - - etap:diag("Deleting Joe's user doc"), - delete_user_doc(auth_db_name(), "joe"), - Creds4 = couch_auth_cache:get_user_creds("joe"), - etap:is(nil, Creds4, - "Joe's credentials not found in cache after user doc was deleted"), - - etap:diag("Adding new user doc for Joe"), - PasswordHash5 = hash_password("pass5"), - {ok, _NewRev1} = update_user_doc(auth_db_name(), "joe", "pass5"), - - Creds5 = couch_auth_cache:get_user_creds("joe"), - etap:is(is_list(Creds5), true, "Got joe's credentials from cache"), - etap:is(couch_util:get_value(<<"password_sha">>, Creds5), PasswordHash5, - "Cached credentials have the right password"), - - full_commit(auth_db_name()), - - etap:diag("Changing the auth database"), - couch_config:set( - "couch_httpd_auth", "authentication_db", - binary_to_list(auth_db_2_name()), false), - ok = timer:sleep(500), - - Creds6 = couch_auth_cache:get_user_creds("joe"), - etap:is(nil, Creds6, - "Joe's credentials not found in cache after auth database changed"), - - etap:diag("Adding first version of Joe's user doc to new auth database"), - PasswordHash7 = hash_password("pass7"), - {ok, _} = update_user_doc(auth_db_2_name(), "joe", "pass7"), - - Creds7 = couch_auth_cache:get_user_creds("joe"), - etap:is(is_list(Creds7), true, "Got joe's credentials from cache"), - etap:is(couch_util:get_value(<<"password_sha">>, Creds7), PasswordHash7, - "Cached credentials have the right password"), - - etap:diag("Shutting down the auth database process"), - shutdown_db(auth_db_2_name()), - - {ok, UpdateRev2} = get_doc_rev(auth_db_2_name(), "joe"), - PasswordHash8 = hash_password("pass8"), - {ok, _Rev8} = update_user_doc(auth_db_2_name(), "joe", "pass8", UpdateRev2), - - etap:is(get_user_doc_password_sha(auth_db_2_name(), "joe"), - PasswordHash8, - "Latest Joe's doc revision has the new password hash"), - - Creds8 = couch_auth_cache:get_user_creds("joe"), - etap:is(is_list(Creds8), true, "Got joe's credentials from cache"), - etap:is(couch_util:get_value(<<"password_sha">>, Creds8), PasswordHash8, - "Cached credentials have the new password"), - - etap:diag("Changing the auth database again"), - couch_config:set( - "couch_httpd_auth", "authentication_db", - binary_to_list(auth_db_name()), false), - ok = timer:sleep(500), - - Creds9 = couch_auth_cache:get_user_creds("joe"), - etap:is(Creds9, Creds5, - "Got same credentials as before the firt auth database change"), - etap:is(couch_util:get_value(<<"password_sha">>, Creds9), PasswordHash5, - "Cached credentials have the right password"), - ok. - - -update_user_doc(DbName, UserName, Password) -> - update_user_doc(DbName, UserName, Password, nil). - -update_user_doc(DbName, UserName, Password, Rev) -> - User = iolist_to_binary(UserName), - Doc = couch_doc:from_json_obj({[ - {<<"_id">>, <<"org.couchdb.user:", User/binary>>}, - {<<"name">>, User}, - {<<"type">>, <<"user">>}, - {<<"salt">>, salt()}, - {<<"password_sha">>, hash_password(Password)}, - {<<"roles">>, []} - ] ++ case Rev of - nil -> []; - _ -> [{<<"_rev">>, Rev}] - end}), - {ok, AuthDb} = open_auth_db(DbName), - {ok, NewRev} = couch_db:update_doc(AuthDb, Doc, []), - ok = couch_db:close(AuthDb), - {ok, couch_doc:rev_to_str(NewRev)}. - - -hash_password(Password) -> - list_to_binary( - couch_util:to_hex(crypto:sha(iolist_to_binary([Password, salt()])))). - - -shutdown_db(DbName) -> - {ok, AuthDb} = open_auth_db(DbName), - ok = couch_db:close(AuthDb), - couch_util:shutdown_sync(AuthDb#db.main_pid), - ok = timer:sleep(1000). - - -get_doc_rev(DbName, UserName) -> - DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]), - {ok, AuthDb} = open_auth_db(DbName), - UpdateRev = - case couch_db:open_doc(AuthDb, DocId, []) of - {ok, Doc} -> - {Props} = couch_doc:to_json_obj(Doc, []), - couch_util:get_value(<<"_rev">>, Props); - {not_found, missing} -> - nil - end, - ok = couch_db:close(AuthDb), - {ok, UpdateRev}. - - -get_user_doc_password_sha(DbName, UserName) -> - DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]), - {ok, AuthDb} = open_auth_db(DbName), - {ok, Doc} = couch_db:open_doc(AuthDb, DocId, []), - ok = couch_db:close(AuthDb), - {Props} = couch_doc:to_json_obj(Doc, []), - couch_util:get_value(<<"password_sha">>, Props). - - -delete_user_doc(DbName, UserName) -> - DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]), - {ok, AuthDb} = open_auth_db(DbName), - {ok, Doc} = couch_db:open_doc(AuthDb, DocId, []), - {Props} = couch_doc:to_json_obj(Doc, []), - DeletedDoc = couch_doc:from_json_obj({[ - {<<"_id">>, DocId}, - {<<"_rev">>, couch_util:get_value(<<"_rev">>, Props)}, - {<<"_deleted">>, true} - ]}), - {ok, _} = couch_db:update_doc(AuthDb, DeletedDoc, []), - ok = couch_db:close(AuthDb). - - -full_commit(DbName) -> - {ok, AuthDb} = open_auth_db(DbName), - {ok, _} = couch_db:ensure_full_commit(AuthDb), - ok = couch_db:close(AuthDb). - - -open_auth_db(DbName) -> - couch_db:open_int( - DbName, [{user_ctx, #user_ctx{roles = [<<"_admin">>]}}]). - - -delete_db(Name) -> - couch_server:delete( - Name, [{user_ctx, #user_ctx{roles = [<<"_admin">>]}}]). http://git-wip-us.apache.org/repos/asf/couchdb/blob/fb4a7747/test/etap/Makefile.am ---------------------------------------------------------------------- diff --git a/test/etap/Makefile.am b/test/etap/Makefile.am index 446a3f3..3673ef9 100644 --- a/test/etap/Makefile.am +++ b/test/etap/Makefile.am @@ -36,7 +36,6 @@ fixture_files = \ fixtures/test.couch tap_files = \ - 075-auth-cache.t \ 076-file-compression.t \ 077-couch-db-fast-db-delete-create.t \ 080-config-get-set.t \
