MXS-1583 Add test that exposes the behaviour

This will fail with MaxScale 2.2.1.
2018-01-29 11:37:46 +02:00 · 2018-01-29 11:37:46 +02:00 · cf0d745c14
commit cf0d745c14
parent 9ded584836
5 changed files with 151 additions and 0 deletions
--- a/maxscale-system-test/.gitignore
+++ b/maxscale-system-test/.gitignore
@ -143,6 +143,7 @@ mxs1457_ignore_deleted
 mxs1468
 mxs1476
 mxs1509
+mxs1583_fwf
 mxs244_prepared_stmt_loop
 mxs280_select_outfile
 mxs314
--- a/maxscale-system-test/CMakeLists.txt
+++ b/maxscale-system-test/CMakeLists.txt
@ -313,6 +313,7 @@ add_test_executable(fwf_logging.cpp fwf_logging fwf_logging LABELS dbfwfilter RE
 add_test_executable(fwf_reload.cpp fwf_reload fwf LABELS dbfwfilter REPL_BACKEND)
 add_test_executable(fwf_syntax.cpp fwf_syntax fwf_syntax LABELS dbfwfilter REPL_BACKEND)
 add_test_executable(fwf_com_ping.cpp fwf_com_ping fwf_com_ping LABELS dbfwfilter REPL_BACKEND)
+add_test_executable(mxs1583_fwf.cpp mxs1583_fwf mxs1583_fwf LABELS dbfwfilter REPL_BACKEND)

 # Galera node priority test
 add_test_executable(galera_priority.cpp galera_priority galera_priority LABELS galeramon LIGHT GALERA_BACKEND)
--- a/maxscale-system-test/cnf/maxscale.cnf.template.mxs1583_fwf
+++ b/maxscale-system-test/cnf/maxscale.cnf.template.mxs1583_fwf
@ -0,0 +1,77 @@
+[maxscale]
+threads=###threads###
+query_classifier_args=log_unrecognized_statements=3
+
+[MySQL Monitor]
+type=monitor
+module=mysqlmon
+###repl51###
+servers=server1
+user=maxskysql
+passwd=skysql
+monitor_interval=100
+
+[Database Firewall]
+type=filter
+module=dbfwfilter
+rules=/###access_homedir###/rules/rules.txt
+log_match=true
+log_no_match=true
+
+[RW Split Router]
+type=service
+router=readconnroute
+servers=server1
+user=maxskysql
+passwd=skysql
+filters=Database Firewall
+
+[Read Connection Router Slave]
+type=service
+router=readconnroute
+router_options=slave
+servers=server1
+user=maxskysql
+passwd=skysql
+
+[Read Connection Router Master]
+type=service
+router=readconnroute
+router_options=master
+servers=server1
+user=maxskysql
+passwd=skysql
+
+[RW Split Listener]
+type=listener
+service=RW Split Router
+protocol=MySQLClient
+port=4006
+
+[Read Connection Listener Slave]
+type=listener
+service=Read Connection Router Slave
+protocol=MySQLClient
+port=4009
+
+[Read Connection Listener Master]
+type=listener
+service=Read Connection Router Master
+protocol=MySQLClient
+port=4008
+
+[CLI]
+type=service
+router=cli
+
+[CLI Listener]
+type=listener
+service=CLI
+protocol=maxscaled
+socket=default
+
+[server1]
+type=server
+address=###node_server_IP_1###
+port=###node_server_port_1###
+protocol=MySQLBackend
--- a/maxscale-system-test/fw/rules_mxs1583
+++ b/maxscale-system-test/fw/rules_mxs1583
@ -0,0 +1,7 @@
+rule deny_functions_on_a match uses_function a
+
+users %@% match all rules deny_functions_on_a
+
+rule deny_functions_on_b match uses_function b
+
+users %@% match all rules deny_functions_on_b
--- a/maxscale-system-test/mxs1583_fwf.cpp
+++ b/maxscale-system-test/mxs1583_fwf.cpp
@ -0,0 +1,65 @@
+/**
+ * Firewall filter multiple matching users
+ *
+ * Test it multiple matching user rows are handled in OR fashion.
+ */
+
+
+#include <iostream>
+#include <unistd.h>
+#include "testconnections.h"
+#include "fw_copy_rules.h"
+
+int main(int argc, char** argv)
+{
+    TestConnections::skip_maxscale_start(true);
+    char rules_dir[4096];
+
+    TestConnections test(argc, argv);
+    test.stop_timeout();
+
+    test.tprintf("Creating rules\n");
+    test.maxscales->stop_maxscale(0);
+
+    sprintf(rules_dir, "%s/fw/", test_dir);
+    copy_rules(&test, (char*) "rules_mxs1583", rules_dir);
+
+    test.set_timeout(60);
+    test.maxscales->start_maxscale(0);
+
+    test.set_timeout(30);
+    test.maxscales->connect_maxscale(0);
+
+    test.try_query(test.maxscales->conn_rwsplit[0], "drop table if exists t");
+    test.try_query(test.maxscales->conn_rwsplit[0], "create table t (a text, b text)");
+
+    test.tprintf("Trying query that matches one 'user' row, expecting failure\n");
+    test.set_timeout(30);
+    test.add_result(!execute_query(test.maxscales->conn_rwsplit[0], "select concat(a) from t"),
+                     "Query that matches one 'user' row should fail.\n");
+
+    test.tprintf("Trying query that matches other 'user' row, expecting failure\n");
+    test.set_timeout(30);
+    test.add_result(!execute_query(test.maxscales->conn_rwsplit[0], "select concat(b) from t"),
+                     "Query that matches other 'user' row should fail.\n");
+
+    test.tprintf("Trying query that matches both 'user' rows, expecting failure\n");
+    test.set_timeout(30);
+    test.add_result(!execute_query_silent(test.maxscales->conn_rwsplit[0], "select concat(a), concat(b) from t"),
+                     "Query that matches both 'user' rows should fail.\n");
+
+    test.tprintf("Trying non-matching query to blacklisted RWSplit, expecting success\n");
+    test.set_timeout(30);
+    test.add_result(execute_query_silent(test.maxscales->conn_rwsplit[0], "show status"),
+                     "Non-matching query to blacklist service should succeed.\n");
+
+    test.stop_timeout();
+    test.tprintf("Checking if MaxScale is alive\n");
+    test.check_maxscale_processes(0, 1);
+    test.maxscales->stop_maxscale(0);
+    sleep(10);
+    test.tprintf("Checking if MaxScale was succesfully terminated\n");
+    test.check_maxscale_processes(0, 0);
+
+    return test.global_result;
+}