MXS-3021: Add test case for strict

Checks that multi-statements are allowed and that rules that match still cause queries to be blocked.
2020-06-03 10:11:21 +03:00 · 2020-06-03 10:11:21 +03:00 · a8c8531bbc
commit a8c8531bbc
parent da5af75c1c
3 changed files with 68 additions and 0 deletions
--- a/maxscale-system-test/CMakeLists.txt
+++ b/maxscale-system-test/CMakeLists.txt
@ -326,6 +326,7 @@ add_test_executable(fwf_logging.cpp fwf_logging fwf_logging LABELS dbfwfilter RE
 add_test_executable(fwf_reload.cpp fwf_reload fwf LABELS dbfwfilter REPL_BACKEND)
 add_test_executable(fwf_syntax.cpp fwf_syntax fwf_syntax LABELS dbfwfilter REPL_BACKEND)
 add_test_executable(fwf_com_ping.cpp fwf_com_ping fwf_com_ping LABELS dbfwfilter REPL_BACKEND)
+add_test_executable(fwf_strict.cpp fwf_strict fwf_strict LABELS dbfwfilter REPL_BACKEND)
 add_test_executable(mxs1583_fwf.cpp mxs1583_fwf mxs1583_fwf LABELS dbfwfilter REPL_BACKEND)

 # Block and unblock Master and check that Maxscale survived
--- a/maxscale-system-test/cnf/maxscale.cnf.template.fwf_strict
+++ b/maxscale-system-test/cnf/maxscale.cnf.template.fwf_strict
@ -0,0 +1,32 @@
+[maxscale]
+threads=###threads###
+
+###server###
+
+[MySQL-Monitor]
+type=monitor
+module=mysqlmon
+servers=###server_line###
+user=maxskysql
+password=skysql
+monitor_interval=1000
+
+[readconn]
+type=service
+router=readconnroute
+servers=###server_line###
+user=maxskysql
+password=skysql
+filters=fw
+
+[readconn-listener]
+type=listener
+service=readconn
+protocol=MySQLClient
+port=4006
+
+[fw]
+type=filter
+module=dbfwfilter
+rules=/###access_homedir###/rules/rules.txt
+strict=false
--- a/maxscale-system-test/fwf_strict.cpp
+++ b/maxscale-system-test/fwf_strict.cpp
@ -0,0 +1,35 @@
+/**
+ * MXS-1111: Dbfwfilter COM_PING test
+ *
+ * Check that COM_PING is allowed with `action=allow`
+ */
+
+#include "testconnections.h"
+#include "fw_copy_rules.h"
+
+#include <fstream>
+
+auto rules =
+    R"(
+rule dont_mess_with_system_tables match regex 'mysql.*' on_queries drop|alter|create|use|load
+users %@% match any rules dont_mess_with_system_tables
+)";
+
+int main(int argc, char** argv)
+{
+    std::ofstream file("rules.txt");
+    file << rules;
+    file.close();
+
+    TestConnections::skip_maxscale_start(true);
+    TestConnections test(argc, argv);
+    copy_rules(&test, (char*) "rules.txt", (char*) ".");
+    test.maxscales->start();
+
+    auto conn = test.maxscales->rwsplit();
+    test.expect(conn.connect(), "Connect failed: %s", conn.error());
+    test.expect(conn.query("SELECT 1; SELECT 2; SELECT 3;"), "Query failed: %s", conn.error());
+    test.expect(!conn.query("DROP DATABASE mysql"), "DROP succeeded");
+
+    return test.global_result;
+}