bowensong commented on a change in pull request #163:
URL: https://github.com/apache/cassandra-dtest/pull/163#discussion_r721694783
##########
File path: cqlsh_tests/test_cqlsh.py
##########
@@ -2184,6 +2189,102 @@ def test_fetch_all_rows_in_batch_mode(self):
assert output_lines[-2].strip() == ''
assert output_lines[-1].strip() == "({} rows)".format(num_rows)
+ @since('4.1')
+ def test_passwd_warnings(self):
+ config = {'authenticator':
'org.apache.cassandra.auth.PasswordAuthenticator'}
+ self.cluster.set_configuration_options(values=config)
+ self.cluster.populate(1)
+ self.cluster.start()
+ node1, = self.cluster.nodelist()
+ node1.watch_log_for('Created default superuser')
+
+ session = self.patient_cql_connection(node1, user='cassandra',
password='cassandra')
+ session.execute("CREATE KEYSPACE ks WITH
REPLICATION={'class':'SimpleStrategy','replication_factor':1};")
+
+ # Ensure cqlsh warn about password in command line options
+ cqlsh_options = ['-u', 'cassandra', '-p', 'cassandra']
+ _, cqlsh_stderr = self.run_cqlsh(node1, cmds='quit',
cqlsh_options=cqlsh_options)
+ assert 'password on the command line' in cqlsh_stderr
+ assert cqlsh_stderr.count('\n') == 4, 'Unexpected warning or error
message found in stderr'
+
+ # Ensure the '--insecure-password-without-warning' option suppresses
the above warning
+ cqlsh_options.append('--insecure-password-without-warning')
+ _, cqlsh_stderr = self.run_cqlsh(node1, cmds='quit',
cqlsh_options=cqlsh_options)
+ assert cqlsh_stderr == ''
+
+ with NamedTemporaryFile(mode='wt') as cqlshrcfile:
+ # Ensure no warnings or errors is shown if username and password
are not in the cqlshrc file
+ cqlshrcfile.write('[authentication]\nkeyspace=ks\n')
+ cqlshrcfile.flush()
+ os.chmod(cqlshrcfile.name, stat.S_IRUSR | stat.S_IWUSR |
stat.S_IRGRP | stat.S_IROTH)
+ cqlsh_options = ['--cqlshrc', cqlshrcfile.name, '-u', 'cassandra',
'-p', 'cassandra', '--insecure-password-without-warning']
+ _, cqlsh_stderr = self.run_cqlsh(node1, cmds='quit',
cqlsh_options=cqlsh_options)
+ assert cqlsh_stderr == ''
+
+ # Ensure the deprecation warning shows when user and/or password
is found in the cqlshrc file
+ cqlshrcfile.seek(0)
+ cqlshrcfile.truncate()
+ cqlshrcfile.write('[authentication]\nusername=cassandra\n')
+ cqlshrcfile.flush()
+ os.chmod(cqlshrcfile.name, stat.S_IRUSR | stat.S_IWUSR |
stat.S_IRGRP | stat.S_IROTH)
+ cqlsh_options = ['--cqlshrc', cqlshrcfile.name, '-p', 'cassandra',
'--insecure-password-without-warning']
+ _, cqlsh_stderr = self.run_cqlsh(node1, cmds='quit',
cqlsh_options=cqlsh_options)
+ assert 'insecure cqlshrc file' not in cqlsh_stderr
+ assert 'Credentials in the cqlshrc file is deprecated' in
cqlsh_stderr
Review comment:
The message is in two lines, and the assert only checks for a partial
match on the the first line. The full message is:
Notice: Credentials in the cqlshrc file is deprecated and will be ignored in
the future.
Please use a credentials file to specify the username and password.
Which I believe is exactly you had expected - not only describe the problem,
also how to fix it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
