MXS-3021: Add test case for strict
Checks that multi-statements are allowed and that rules that match still cause queries to be blocked.
This commit is contained in:
Markus Mäkelä
@ -326,6 +326,7 @@ add_test_executable(fwf_logging.cpp fwf_logging fwf_logging LABELS dbfwfilter RE
|
|||||||
add_test_executable(fwf_reload.cpp fwf_reload fwf LABELS dbfwfilter REPL_BACKEND)
|
add_test_executable(fwf_reload.cpp fwf_reload fwf LABELS dbfwfilter REPL_BACKEND)
|
||||||
add_test_executable(fwf_syntax.cpp fwf_syntax fwf_syntax LABELS dbfwfilter REPL_BACKEND)
|
add_test_executable(fwf_syntax.cpp fwf_syntax fwf_syntax LABELS dbfwfilter REPL_BACKEND)
|
||||||
add_test_executable(fwf_com_ping.cpp fwf_com_ping fwf_com_ping LABELS dbfwfilter REPL_BACKEND)
|
add_test_executable(fwf_com_ping.cpp fwf_com_ping fwf_com_ping LABELS dbfwfilter REPL_BACKEND)
|
||||||
|
add_test_executable(fwf_strict.cpp fwf_strict fwf_strict LABELS dbfwfilter REPL_BACKEND)
|
||||||
add_test_executable(mxs1583_fwf.cpp mxs1583_fwf mxs1583_fwf LABELS dbfwfilter REPL_BACKEND)
|
add_test_executable(mxs1583_fwf.cpp mxs1583_fwf mxs1583_fwf LABELS dbfwfilter REPL_BACKEND)
|
||||||
|
|
||||||
# Block and unblock Master and check that Maxscale survived
|
# Block and unblock Master and check that Maxscale survived
|
||||||
|
|||||||
32
maxscale-system-test/cnf/maxscale.cnf.template.fwf_strict
Normal file
32
maxscale-system-test/cnf/maxscale.cnf.template.fwf_strict
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
[maxscale]
|
||||||
|
threads=###threads###
|
||||||
|
|
||||||
|
###server###
|
||||||
|
|
||||||
|
[MySQL-Monitor]
|
||||||
|
type=monitor
|
||||||
|
module=mysqlmon
|
||||||
|
servers=###server_line###
|
||||||
|
user=maxskysql
|
||||||
|
password=skysql
|
||||||
|
monitor_interval=1000
|
||||||
|
|
||||||
|
[readconn]
|
||||||
|
type=service
|
||||||
|
router=readconnroute
|
||||||
|
servers=###server_line###
|
||||||
|
user=maxskysql
|
||||||
|
password=skysql
|
||||||
|
filters=fw
|
||||||
|
|
||||||
|
[readconn-listener]
|
||||||
|
type=listener
|
||||||
|
service=readconn
|
||||||
|
protocol=MySQLClient
|
||||||
|
port=4006
|
||||||
|
|
||||||
|
[fw]
|
||||||
|
type=filter
|
||||||
|
module=dbfwfilter
|
||||||
|
rules=/###access_homedir###/rules/rules.txt
|
||||||
|
strict=false
|
||||||
35
maxscale-system-test/fwf_strict.cpp
Normal file
35
maxscale-system-test/fwf_strict.cpp
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
/**
|
||||||
|
* MXS-1111: Dbfwfilter COM_PING test
|
||||||
|
*
|
||||||
|
* Check that COM_PING is allowed with `action=allow`
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "testconnections.h"
|
||||||
|
#include "fw_copy_rules.h"
|
||||||
|
|
||||||
|
#include <fstream>
|
||||||
|
|
||||||
|
auto rules =
|
||||||
|
R"(
|
||||||
|
rule dont_mess_with_system_tables match regex 'mysql.*' on_queries drop|alter|create|use|load
|
||||||
|
users %@% match any rules dont_mess_with_system_tables
|
||||||
|
)";
|
||||||
|
|
||||||
|
int main(int argc, char** argv)
|
||||||
|
{
|
||||||
|
std::ofstream file("rules.txt");
|
||||||
|
file << rules;
|
||||||
|
file.close();
|
||||||
|
|
||||||
|
TestConnections::skip_maxscale_start(true);
|
||||||
|
TestConnections test(argc, argv);
|
||||||
|
copy_rules(&test, (char*) "rules.txt", (char*) ".");
|
||||||
|
test.maxscales->start();
|
||||||
|
|
||||||
|
auto conn = test.maxscales->rwsplit();
|
||||||
|
test.expect(conn.connect(), "Connect failed: %s", conn.error());
|
||||||
|
test.expect(conn.query("SELECT 1; SELECT 2; SELECT 3;"), "Query failed: %s", conn.error());
|
||||||
|
test.expect(!conn.query("DROP DATABASE mysql"), "DROP succeeded");
|
||||||
|
|
||||||
|
return test.global_result;
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user