diff --git a/tests/script/tsim/user/basic.sim b/tests/script/tsim/user/basic.sim index 8b91efd5df..6502123b73 100644 --- a/tests/script/tsim/user/basic.sim +++ b/tests/script/tsim/user/basic.sim @@ -14,6 +14,9 @@ endi if $data(root)[3] != 1 then return -1 endi +if $data(root)[4] != 1 then + return -1 +endi sql alter user root pass 'taosdata' @@ -21,6 +24,8 @@ sql_error ALTER USER root SYSINFO 0 sql_error ALTER USER root SYSINFO 1 sql_error ALTER USER root enable 0 sql_error ALTER USER root enable 1 +sql_error ALTER USER root createdb 0 +sql_error ALTER USER root createdb 1 #sql_error create database db vgroups 1; sql_error GRANT read ON db.* to root; @@ -53,6 +58,9 @@ endi if $data(u1)[3] != 0 then return -1 endi +if $data(u1)[4] != 0 then + return -1 +endi sql CREATE USER u2 PASS 'taosdata' SYSINFO 1; sql select * from information_schema.ins_users @@ -68,6 +76,9 @@ endi if $data(u2)[3] != 1 then return -1 endi +if $data(u2)[4] != 0 then + return -1 +endi print =============== step2: sysinfo alter sql ALTER USER u1 SYSINFO 1 @@ -81,6 +92,9 @@ endi if $data(u1)[3] != 1 then return -1 endi +if $data(u1)[4] != 0 then + return -1 +endi sql ALTER USER u1 SYSINFO 0 sql select * from information_schema.ins_users @@ -93,6 +107,9 @@ endi if $data(u1)[3] != 0 then return -1 endi +if $data(u1)[4] != 0 then + return -1 +endi sql ALTER USER u1 SYSINFO 0 sql ALTER USER u1 SYSINFO 0 @@ -118,6 +135,9 @@ endi if $data(u2)[3] != 1 then return -1 endi +if $data(u2)[4] != 0 then + return -1 +endi sql ALTER USER u2 enable 1 sql select * from information_schema.ins_users @@ -130,15 +150,53 @@ endi if $data(u2)[3] != 1 then return -1 endi +if $data(u2)[4] != 0 then + return -1 +endi sql ALTER USER u2 enable 1 sql ALTER USER u2 enable 1 + +print =============== step4: createdb alter +sql ALTER USER u2 createdb 1 +sql select * from information_schema.ins_users +if $rows != 2 then + return -1 +endi +if $data(u2)[1] != 0 then + return -1 +endi +if $data(u2)[2] != 1 then + return -1 +endi +if $data(u2)[3] != 1 then + return -1 +endi +if $data(u2)[4] != 1 then + return -1 +endi + +sql ALTER USER u2 createdb 0 +sql select * from information_schema.ins_users +if $data(u2)[1] != 0 then + return -1 +endi +if $data(u2)[2] != 1 then + return -1 +endi +if $data(u2)[3] != 1 then + return -1 +endi +if $data(u2)[4] != 0 then + return -1 +endi + print =============== restart taosd system sh/exec.sh -n dnode1 -s stop system sh/exec.sh -n dnode1 -s start -print =============== step4: enable privilege +print =============== step5: enable privilege sql select * from information_schema.ins_users if $rows != 2 then return -1 @@ -152,6 +210,9 @@ endi if $data(u2)[3] != 1 then return -1 endi +if $data(u2)[4] != 0 then + return -1 +endi system sh/exec.sh -n dnode1 -s stop -x SIGINT \ No newline at end of file diff --git a/tests/system-test/0-others/user_control.py b/tests/system-test/0-others/user_control.py index 7b5578ba45..7dfc53ca6b 100644 --- a/tests/system-test/0-others/user_control.py +++ b/tests/system-test/0-others/user_control.py @@ -87,21 +87,29 @@ class TDconnect: self.cursor = self._conn.cursor() return self - def error(self, sql): + def error(self, sql, expectErrInfo = None): + caller = inspect.getframeinfo(inspect.stack()[1][0]) expectErrNotOccured = True try: self.cursor.execute(sql) - except BaseException: + except BaseException as e: + tdLog.info("err:%s" % (e)) expectErrNotOccured = False + self.errno = e.errno + error_info = repr(e) + self.error_info = ','.join(error_info[error_info.index('(')+1:-1].split(",")[:-1]).replace("'","") if expectErrNotOccured: - caller = inspect.getframeinfo(inspect.stack()[1][0]) tdLog.exit(f"{caller.filename}({caller.lineno}) failed: sql:{sql}, expect error not occured" ) else: - self.queryRows = 0 - self.queryCols = 0 - self.queryResult = None - tdLog.info(f"sql:{sql}, expect error occured") + if expectErrInfo != None: + if expectErrInfo == self.error_info: + self.queryRows = 0 + self.queryCols = 0 + self.queryResult = None + tdLog.info("sql:%s, expected ErrInfo '%s' occured" % (sql, expectErrInfo)) + else: + tdLog.exit("%s(%d) failed: sql:%s, ErrInfo '%s' occured, but not expected ErrInfo '%s'" % (caller.filename, caller.lineno, sql, self.error_info, expectErrInfo)) def query(self, sql, row_tag=None): # sourcery skip: raise-from-previous-error, raise-specific-error @@ -647,6 +655,16 @@ class TDTestCase: user.error(f"drop user {self.__user_list[0]}") user.error(f"drop user {self.__user_list[1]}") user.error("drop user root") + # 普通用户默认不可创建 db + user.error("create database ordinary_user_db", expectErrInfo='Insufficient privilege for operation') + tdSql.execute(f'alter user {self.__user_list[0]} createdb 1') + tdSql.execute(f'alter user {self.__user_list[0]} createdb 0') + tdSql.execute(f'alter user {self.__user_list[0]} createdb 1') + tdSql.execute(f'alter user {self.__user_list[0]} createdb 1') + user.query("create database ordinary_user_db") + user.query("drop database ordinary_user_db") + tdSql.execute(f'alter user {self.__user_list[0]} createdb 0') + user.error("create database ordinary_user_db", expectErrInfo='Insufficient privilege for operation') tdLog.printNoPrefix("==========step5: enable info") taos1_conn = taos.connect(user=self.__user_list[1], password=f"new{self.__passwd_list[1]}")