From cf0d745c1481401d320ffcbefb2cc50d74afa035 Mon Sep 17 00:00:00 2001 From: Johan Wikman Date: Mon, 29 Jan 2018 11:37:46 +0200 Subject: [PATCH] MXS-1583 Add test that exposes the behaviour This will fail with MaxScale 2.2.1. --- maxscale-system-test/.gitignore | 1 + maxscale-system-test/CMakeLists.txt | 1 + .../cnf/maxscale.cnf.template.mxs1583_fwf | 77 +++++++++++++++++++ maxscale-system-test/fw/rules_mxs1583 | 7 ++ maxscale-system-test/mxs1583_fwf.cpp | 65 ++++++++++++++++ 5 files changed, 151 insertions(+) create mode 100644 maxscale-system-test/cnf/maxscale.cnf.template.mxs1583_fwf create mode 100644 maxscale-system-test/fw/rules_mxs1583 create mode 100644 maxscale-system-test/mxs1583_fwf.cpp diff --git a/maxscale-system-test/.gitignore b/maxscale-system-test/.gitignore index 5d831b984..c84dcdb12 100644 --- a/maxscale-system-test/.gitignore +++ b/maxscale-system-test/.gitignore @@ -143,6 +143,7 @@ mxs1457_ignore_deleted mxs1468 mxs1476 mxs1509 +mxs1583_fwf mxs244_prepared_stmt_loop mxs280_select_outfile mxs314 diff --git a/maxscale-system-test/CMakeLists.txt b/maxscale-system-test/CMakeLists.txt index f497a20fc..df555690d 100644 --- a/maxscale-system-test/CMakeLists.txt +++ b/maxscale-system-test/CMakeLists.txt @@ -313,6 +313,7 @@ add_test_executable(fwf_logging.cpp fwf_logging fwf_logging LABELS dbfwfilter RE add_test_executable(fwf_reload.cpp fwf_reload fwf LABELS dbfwfilter REPL_BACKEND) add_test_executable(fwf_syntax.cpp fwf_syntax fwf_syntax LABELS dbfwfilter REPL_BACKEND) add_test_executable(fwf_com_ping.cpp fwf_com_ping fwf_com_ping LABELS dbfwfilter REPL_BACKEND) +add_test_executable(mxs1583_fwf.cpp mxs1583_fwf mxs1583_fwf LABELS dbfwfilter REPL_BACKEND) # Galera node priority test add_test_executable(galera_priority.cpp galera_priority galera_priority LABELS galeramon LIGHT GALERA_BACKEND) diff --git a/maxscale-system-test/cnf/maxscale.cnf.template.mxs1583_fwf b/maxscale-system-test/cnf/maxscale.cnf.template.mxs1583_fwf new file mode 100644 index 000000000..8c9e1213b --- /dev/null +++ b/maxscale-system-test/cnf/maxscale.cnf.template.mxs1583_fwf @@ -0,0 +1,77 @@ +[maxscale] +threads=###threads### +query_classifier_args=log_unrecognized_statements=3 + +[MySQL Monitor] +type=monitor +module=mysqlmon +###repl51### +servers=server1 +user=maxskysql +passwd=skysql +monitor_interval=100 + +[Database Firewall] +type=filter +module=dbfwfilter +rules=/###access_homedir###/rules/rules.txt +log_match=true +log_no_match=true + +[RW Split Router] +type=service +router=readconnroute +servers=server1 +user=maxskysql +passwd=skysql +filters=Database Firewall + +[Read Connection Router Slave] +type=service +router=readconnroute +router_options=slave +servers=server1 +user=maxskysql +passwd=skysql + +[Read Connection Router Master] +type=service +router=readconnroute +router_options=master +servers=server1 +user=maxskysql +passwd=skysql + +[RW Split Listener] +type=listener +service=RW Split Router +protocol=MySQLClient +port=4006 + +[Read Connection Listener Slave] +type=listener +service=Read Connection Router Slave +protocol=MySQLClient +port=4009 + +[Read Connection Listener Master] +type=listener +service=Read Connection Router Master +protocol=MySQLClient +port=4008 + +[CLI] +type=service +router=cli + +[CLI Listener] +type=listener +service=CLI +protocol=maxscaled +socket=default + +[server1] +type=server +address=###node_server_IP_1### +port=###node_server_port_1### +protocol=MySQLBackend diff --git a/maxscale-system-test/fw/rules_mxs1583 b/maxscale-system-test/fw/rules_mxs1583 new file mode 100644 index 000000000..ce87945c9 --- /dev/null +++ b/maxscale-system-test/fw/rules_mxs1583 @@ -0,0 +1,7 @@ +rule deny_functions_on_a match uses_function a + +users %@% match all rules deny_functions_on_a + +rule deny_functions_on_b match uses_function b + +users %@% match all rules deny_functions_on_b diff --git a/maxscale-system-test/mxs1583_fwf.cpp b/maxscale-system-test/mxs1583_fwf.cpp new file mode 100644 index 000000000..fa6c2e186 --- /dev/null +++ b/maxscale-system-test/mxs1583_fwf.cpp @@ -0,0 +1,65 @@ +/** + * Firewall filter multiple matching users + * + * Test it multiple matching user rows are handled in OR fashion. + */ + + +#include +#include +#include "testconnections.h" +#include "fw_copy_rules.h" + +int main(int argc, char** argv) +{ + TestConnections::skip_maxscale_start(true); + char rules_dir[4096]; + + TestConnections test(argc, argv); + test.stop_timeout(); + + test.tprintf("Creating rules\n"); + test.maxscales->stop_maxscale(0); + + sprintf(rules_dir, "%s/fw/", test_dir); + copy_rules(&test, (char*) "rules_mxs1583", rules_dir); + + test.set_timeout(60); + test.maxscales->start_maxscale(0); + + test.set_timeout(30); + test.maxscales->connect_maxscale(0); + + test.try_query(test.maxscales->conn_rwsplit[0], "drop table if exists t"); + test.try_query(test.maxscales->conn_rwsplit[0], "create table t (a text, b text)"); + + test.tprintf("Trying query that matches one 'user' row, expecting failure\n"); + test.set_timeout(30); + test.add_result(!execute_query(test.maxscales->conn_rwsplit[0], "select concat(a) from t"), + "Query that matches one 'user' row should fail.\n"); + + test.tprintf("Trying query that matches other 'user' row, expecting failure\n"); + test.set_timeout(30); + test.add_result(!execute_query(test.maxscales->conn_rwsplit[0], "select concat(b) from t"), + "Query that matches other 'user' row should fail.\n"); + + test.tprintf("Trying query that matches both 'user' rows, expecting failure\n"); + test.set_timeout(30); + test.add_result(!execute_query_silent(test.maxscales->conn_rwsplit[0], "select concat(a), concat(b) from t"), + "Query that matches both 'user' rows should fail.\n"); + + test.tprintf("Trying non-matching query to blacklisted RWSplit, expecting success\n"); + test.set_timeout(30); + test.add_result(execute_query_silent(test.maxscales->conn_rwsplit[0], "show status"), + "Non-matching query to blacklist service should succeed.\n"); + + test.stop_timeout(); + test.tprintf("Checking if MaxScale is alive\n"); + test.check_maxscale_processes(0, 1); + test.maxscales->stop_maxscale(0); + sleep(10); + test.tprintf("Checking if MaxScale was succesfully terminated\n"); + test.check_maxscale_processes(0, 0); + + return test.global_result; +}