From 9924ecb026553df772e14f182f5f6b07b7e256d3 Mon Sep 17 00:00:00 2001
From: openGaussDev <zhoutianlian@huawei.com>
Date: Wed, 9 Mar 2022 17:18:45 +0800
Subject: [PATCH]  add test case hw_audit_pg_query

Offering: openGaussDev

More detail:add test case hw_audit_pg_query

Match-id-08b44df1f068d35498a10f3748a471204a7f16d8
---
 ...w_audit_multi_thread_rotation_interval.out |  0
 .../regress/input/hw_audit_pg_query.source    | 30 ++++++++++++
 .../regress/output/hw_audit_pg_query.source   | 48 +++++++++++++++++++
 src/test/regress/security_audit_schedule0     |  2 +-
 4 files changed, 79 insertions(+), 1 deletion(-)
 create mode 100644 src/test/regress/expected/hw_audit_multi_thread_rotation_interval.out
 create mode 100644 src/test/regress/input/hw_audit_pg_query.source
 create mode 100644 src/test/regress/output/hw_audit_pg_query.source

diff --git a/src/test/regress/expected/hw_audit_multi_thread_rotation_interval.out b/src/test/regress/expected/hw_audit_multi_thread_rotation_interval.out
new file mode 100644
index 000000000..e69de29bb
diff --git a/src/test/regress/input/hw_audit_pg_query.source b/src/test/regress/input/hw_audit_pg_query.source
new file mode 100644
index 000000000..79fa7e73d
--- /dev/null
+++ b/src/test/regress/input/hw_audit_pg_query.source
@@ -0,0 +1,30 @@
+-- 显示允许审计日志记录状态
+show audit_enabled;
+
+-- 修改guc参数 允许审计日志记录状态设为off 重启
+\! @abs_bindir@/gs_guc reload -Z datanode -D @abs_srcdir@/tmp_check/datanode1 -c "audit_enabled=off" > /dev/null 2>&1
+
+-- 重启数据库 等待1s
+select pg_sleep(1);
+\! @abs_bindir@/gs_ctl stop -D @abs_srcdir@/tmp_check/datanode1 > /dev/null 2>&1
+\! @abs_bindir@/gs_ctl start -D @abs_srcdir@/tmp_check/datanode1 > /dev/null 2>&1
+\! sleep 5
+
+-- 显示允许审计日志记录状态
+\! @abs_bindir@/gsql -r -p @portstring@ -d postgres -c "show audit_enabled";
+
+-- 在审计日志记录关闭状态下 新建用户
+\! @abs_bindir@/gsql -r -p @portstring@ -d postgres -c "CREATE USER test_pg_query PASSWORD 'test_pwd@123'";
+
+-- 查询审计日志 create user
+\! @abs_bindir@/gsql -r -p @portstring@ -d postgres -c "select object_name,detail_info from pg_query_audit('2002-03-09 00:00:00','2032-03-09 24:00:00') where detail_info like 'CREATE USER%'";
+
+-- 恢复guc参数 审计日志记录状态 重启
+\! @abs_bindir@/gs_guc reload -Z datanode -D @abs_srcdir@/tmp_check/datanode1 -c "audit_enabled" > /dev/null 2>&1
+\! sleep 1
+\! @abs_bindir@/gs_ctl stop -D @abs_srcdir@/tmp_check/datanode1 > /dev/null 2>&1
+\! @abs_bindir@/gs_ctl start -D @abs_srcdir@/tmp_check/datanode1 > /dev/null 2>&1
+\! sleep 5
+
+-- 显示允许审计日志记录状态
+\! @abs_bindir@/gsql -r -p @portstring@ -d postgres -c "show audit_enabled";
diff --git a/src/test/regress/output/hw_audit_pg_query.source b/src/test/regress/output/hw_audit_pg_query.source
new file mode 100644
index 000000000..2f61f9361
--- /dev/null
+++ b/src/test/regress/output/hw_audit_pg_query.source
@@ -0,0 +1,48 @@
+-- 显示允许审计日志记录状态
+show audit_enabled;
+ audit_enabled 
+---------------
+ on
+(1 row)
+
+-- 修改guc参数 允许审计日志记录状态设为off 重启
+\! @abs_bindir@/gs_guc reload -Z datanode -D @abs_srcdir@/tmp_check/datanode1 -c "audit_enabled=off" > /dev/null 2>&1
+-- 重启数据库 等待1s
+select pg_sleep(1);
+ pg_sleep 
+----------
+ 
+(1 row)
+
+\! @abs_bindir@/gs_ctl stop -D @abs_srcdir@/tmp_check/datanode1 > /dev/null 2>&1
+\! @abs_bindir@/gs_ctl start -D @abs_srcdir@/tmp_check/datanode1 > /dev/null 2>&1
+\! sleep 5
+-- 显示允许审计日志记录状态
+\! @abs_bindir@/gsql -r -p @portstring@ -d postgres -c "show audit_enabled";
+ audit_enabled 
+---------------
+ off
+(1 row)
+
+-- 在审计日志记录关闭状态下 新建用户
+\! @abs_bindir@/gsql -r -p @portstring@ -d postgres -c "CREATE USER test_pg_query PASSWORD 'test_pwd@123'";
+CREATE ROLE
+-- 查询审计日志 create user
+\! @abs_bindir@/gsql -r -p @portstring@ -d postgres -c "select object_name,detail_info from pg_query_audit('2002-03-09 00:00:00','2032-03-09 24:00:00') where detail_info like 'CREATE USER%'";
+ object_name | detail_info 
+-------------+-------------
+(0 rows)
+
+-- 恢复guc参数 审计日志记录状态 重启
+\! @abs_bindir@/gs_guc reload -Z datanode -D @abs_srcdir@/tmp_check/datanode1 -c "audit_enabled" > /dev/null 2>&1
+\! sleep 1
+\! @abs_bindir@/gs_ctl stop -D @abs_srcdir@/tmp_check/datanode1 > /dev/null 2>&1
+\! @abs_bindir@/gs_ctl start -D @abs_srcdir@/tmp_check/datanode1 > /dev/null 2>&1
+\! sleep 5
+-- 显示允许审计日志记录状态
+\! @abs_bindir@/gsql -r -p @portstring@ -d postgres -c "show audit_enabled";
+ audit_enabled 
+---------------
+ on
+(1 row)
+
diff --git a/src/test/regress/security_audit_schedule0 b/src/test/regress/security_audit_schedule0
index 78a9c0782..1c0fe39ba 100644
--- a/src/test/regress/security_audit_schedule0
+++ b/src/test/regress/security_audit_schedule0
@@ -1,10 +1,10 @@
 # ------------------
 # # Database security audit
 # # ---------------
+test: hw_audit_pg_query
 test: hw_audit_space
 test: hw_audit_rotation_interval
 test: hw_audit_rotation_size
-
 #--------------------
 # # Multi thread
 #-------------------