本文整理汇总了Golang中github.com/youtube/vitess/go/vt/tableacl.SetDefaultACL函数的典型用法代码示例。如果您正苦于以下问题:Golang SetDefaultACL函数的具体用法?Golang SetDefaultACL怎么用?Golang SetDefaultACL使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SetDefaultACL函数的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: TestQueryExecutorTableAclDryRun
func TestQueryExecutorTableAclDryRun(t *testing.T) {
aclName := fmt.Sprintf("simpleacl-test-%d", rand.Int63())
tableacl.Register(aclName, &simpleacl.Factory{})
tableacl.SetDefaultACL(aclName)
db := setUpQueryExecutorTest()
query := "select * from test_table limit 1000"
want := &mproto.QueryResult{
Fields: getTestTableFields(),
RowsAffected: 0,
Rows: [][]sqltypes.Value{},
}
db.AddQuery(query, want)
db.AddQuery("select * from test_table where 1 != 1", &mproto.QueryResult{
Fields: getTestTableFields(),
})
username := "u2"
callInfo := &fakeCallInfo{
remoteAddr: "1.2.3.4",
username: username,
}
ctx := callinfo.NewContext(context.Background(), callInfo)
config := &tableaclpb.Config{
TableGroups: []*tableaclpb.TableGroupSpec{{
Name: "group02",
TableNamesOrPrefixes: []string{"test_table"},
Readers: []string{"u1"},
}},
}
if err := tableacl.InitFromProto(config); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
tableACLStatsKey := strings.Join([]string{
"test_table",
username,
planbuilder.PLAN_PASS_SELECT.String(),
username,
}, ".")
// enable Config.StrictTableAcl
sqlQuery := newTestSQLQuery(ctx, enableRowCache|enableSchemaOverrides|enableStrict|enableStrictTableAcl)
sqlQuery.qe.enableTableAclDryRun = true
qre := newTestQueryExecutor(ctx, sqlQuery, query, 0)
defer sqlQuery.disallowQueries()
checkPlanID(t, planbuilder.PLAN_PASS_SELECT, qre.plan.PlanId)
beforeCount := sqlQuery.qe.tableaclPseudoDenied.Counters.Counts()[tableACLStatsKey]
// query should fail because current user do not have read permissions
_, err := qre.Execute()
if err != nil {
t.Fatalf("qre.Execute() = %v, want: nil", err)
}
afterCount := sqlQuery.qe.tableaclPseudoDenied.Counters.Counts()[tableACLStatsKey]
if afterCount-beforeCount != 1 {
t.Fatalf("table acl pseudo denied count should increase by one. got: %d, want: %d", afterCount, beforeCount+1)
}
}
开发者ID:afrolovskiy,项目名称:vitess,代码行数:58,代码来源:query_executor_test.go
示例2: TestQueryExecutorTableAclDryRun
func TestQueryExecutorTableAclDryRun(t *testing.T) {
aclName := fmt.Sprintf("simpleacl-test-%d", rand.Int63())
tableacl.Register(aclName, &simpleacl.Factory{})
tableacl.SetDefaultACL(aclName)
db := setUpQueryExecutorTest()
query := "select * from test_table limit 1000"
want := &sqltypes.Result{
Fields: getTestTableFields(),
RowsAffected: 0,
Rows: [][]sqltypes.Value{},
}
db.AddQuery(query, want)
db.AddQuery("select * from test_table where 1 != 1", &sqltypes.Result{
Fields: getTestTableFields(),
})
username := "u2"
callerID := &querypb.VTGateCallerID{
Username: username,
}
ctx := callerid.NewContext(context.Background(), nil, callerID)
config := &tableaclpb.Config{
TableGroups: []*tableaclpb.TableGroupSpec{{
Name: "group02",
TableNamesOrPrefixes: []string{"test_table"},
Readers: []string{"u1"},
}},
}
if err := tableacl.InitFromProto(config); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
tableACLStatsKey := strings.Join([]string{
"test_table",
"group02",
planbuilder.PlanPassSelect.String(),
username,
}, ".")
// enable Config.StrictTableAcl
tsv := newTestTabletServer(ctx, enableStrict|enableStrictTableAcl, db)
tsv.qe.enableTableAclDryRun = true
qre := newTestQueryExecutor(ctx, tsv, query, 0)
defer tsv.StopService()
checkPlanID(t, planbuilder.PlanPassSelect, qre.plan.PlanID)
beforeCount := tsv.qe.tableaclPseudoDenied.Counters.Counts()[tableACLStatsKey]
// query should fail because current user do not have read permissions
_, err := qre.Execute()
if err != nil {
t.Fatalf("qre.Execute() = %v, want: nil", err)
}
afterCount := tsv.qe.tableaclPseudoDenied.Counters.Counts()[tableACLStatsKey]
if afterCount-beforeCount != 1 {
t.Fatalf("table acl pseudo denied count should increase by one. got: %d, want: %d", afterCount, beforeCount+1)
}
}
开发者ID:erzel,项目名称:vitess,代码行数:57,代码来源:query_executor_test.go
示例3: TestSuite
// TestSuite tests a concrete acl.Factory implementation.
func TestSuite(t *testing.T, factory acl.Factory) {
name := fmt.Sprintf("tableacl-test-%d", rand.Int63())
tableacl.Register(name, factory)
tableacl.SetDefaultACL(name)
testValidConfigs(t)
testDenyReaderInsert(t)
testAllowReaderSelect(t)
testDenyReaderDDL(t)
//testAllowUnmatchedTable(t)
}
开发者ID:CowLeo,项目名称:vitess,代码行数:12,代码来源:testlib.go
示例4: TestQueryExecutorTableAcl
func TestQueryExecutorTableAcl(t *testing.T) {
testUtils := &testUtils{}
aclName := fmt.Sprintf("simpleacl-test-%d", rand.Int63())
tableacl.Register(aclName, &simpleacl.Factory{})
tableacl.SetDefaultACL(aclName)
db := setUpQueryExecutorTest()
query := "select * from test_table limit 1000"
expected := &mproto.QueryResult{
Fields: getTestTableFields(),
RowsAffected: 0,
Rows: [][]sqltypes.Value{},
}
db.AddQuery(query, expected)
db.AddQuery("select * from test_table where 1 != 1", &mproto.QueryResult{
Fields: getTestTableFields(),
})
username := "u2"
callInfo := &fakeCallInfo{
remoteAddr: "1.2.3.4",
username: username,
}
ctx := callinfo.NewContext(context.Background(), callInfo)
if err := tableacl.InitFromBytes(
[]byte(fmt.Sprintf(`{"test_table":{"READER":"%s"}}`, username))); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
qre, sqlQuery := newTestQueryExecutor(
query, ctx, enableRowCache|enableSchemaOverrides|enableStrict)
checkPlanID(t, planbuilder.PLAN_PASS_SELECT, qre.plan.PlanId)
testUtils.checkEqual(t, expected, qre.Execute())
sqlQuery.disallowQueries()
if err := tableacl.InitFromBytes([]byte(`{"test_table":{"READER":"superuser"}}`)); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
// without enabling Config.StrictTableAcl
qre, sqlQuery = newTestQueryExecutor(
query, ctx, enableRowCache|enableSchemaOverrides|enableStrict)
checkPlanID(t, planbuilder.PLAN_PASS_SELECT, qre.plan.PlanId)
qre.Execute()
sqlQuery.disallowQueries()
// enable Config.StrictTableAcl
qre, sqlQuery = newTestQueryExecutor(
query, ctx, enableRowCache|enableSchemaOverrides|enableStrict|enableStrictTableAcl)
defer sqlQuery.disallowQueries()
checkPlanID(t, planbuilder.PLAN_PASS_SELECT, qre.plan.PlanId)
defer handleAndVerifyTabletError(t, "query should fail because current user do not have read permissions", ErrFail)
qre.Execute()
}
开发者ID:UGuarder,项目名称:vitess,代码行数:52,代码来源:query_executor_test.go
示例5: TestSuite
// TestSuite tests a concrete acl.Factory implementation.
func TestSuite(t *testing.T, factory acl.Factory) {
name := fmt.Sprintf("tableacl-test-%d", rand.Int63())
tableacl.Register(name, factory)
tableacl.SetDefaultACL(name)
testParseInvalidJSON(t)
testInvalidRoleName(t)
testInvalidRegex(t)
testValidConfigs(t)
testDenyReaderInsert(t)
testAllowReaderSelect(t)
testDenyReaderDDL(t)
testAllowUnmatchedTable(t)
testAllUserReadAccess(t)
testAllUserWriteAccess(t)
}
开发者ID:pranjal5215,项目名称:vitess,代码行数:17,代码来源:testlib.go
示例6: TestQueryExecutorTableAcl
func TestQueryExecutorTableAcl(t *testing.T) {
aclName := fmt.Sprintf("simpleacl-test-%d", rand.Int63())
tableacl.Register(aclName, &simpleacl.Factory{})
tableacl.SetDefaultACL(aclName)
db := setUpQueryExecutorTest()
query := "select * from test_table limit 1000"
want := &mproto.QueryResult{
Fields: getTestTableFields(),
RowsAffected: 0,
Rows: [][]sqltypes.Value{},
}
db.AddQuery(query, want)
db.AddQuery("select * from test_table where 1 != 1", &mproto.QueryResult{
Fields: getTestTableFields(),
})
username := "u2"
callInfo := &fakeCallInfo{
remoteAddr: "1.2.3.4",
username: username,
}
ctx := callinfo.NewContext(context.Background(), callInfo)
config := &tableaclpb.Config{
TableGroups: []*tableaclpb.TableGroupSpec{{
Name: "group01",
TableNamesOrPrefixes: []string{"test_table"},
Readers: []string{username},
}},
}
if err := tableacl.InitFromProto(config); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
sqlQuery := newTestSQLQuery(ctx, enableRowCache|enableSchemaOverrides|enableStrict)
qre := newTestQueryExecutor(ctx, sqlQuery, query, 0)
defer sqlQuery.disallowQueries()
checkPlanID(t, planbuilder.PLAN_PASS_SELECT, qre.plan.PlanId)
got, err := qre.Execute()
if err != nil {
t.Fatalf("got: %v, want nil", err)
}
if !reflect.DeepEqual(got, want) {
t.Fatalf("qre.Execute() = %v, want: %v", got, want)
}
}
开发者ID:afrolovskiy,项目名称:vitess,代码行数:45,代码来源:query_executor_test.go
示例7: TestQueryExecutorTableAcl
func TestQueryExecutorTableAcl(t *testing.T) {
aclName := fmt.Sprintf("simpleacl-test-%d", rand.Int63())
tableacl.Register(aclName, &simpleacl.Factory{})
tableacl.SetDefaultACL(aclName)
db := setUpQueryExecutorTest()
query := "select * from test_table limit 1000"
want := &mproto.QueryResult{
Fields: getTestTableFields(),
RowsAffected: 0,
Rows: [][]sqltypes.Value{},
}
db.AddQuery(query, want)
db.AddQuery("select * from test_table where 1 != 1", &mproto.QueryResult{
Fields: getTestTableFields(),
})
username := "u2"
callerID := &querypb.VTGateCallerID{
Username: username,
}
ctx := callerid.NewContext(context.Background(), nil, callerID)
config := &tableaclpb.Config{
TableGroups: []*tableaclpb.TableGroupSpec{{
Name: "group01",
TableNamesOrPrefixes: []string{"test_table"},
Readers: []string{username},
}},
}
if err := tableacl.InitFromProto(config); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
tsv := newTestTabletServer(ctx, enableRowCache|enableSchemaOverrides|enableStrict, db)
qre := newTestQueryExecutor(ctx, tsv, query, 0)
defer tsv.StopService()
checkPlanID(t, planbuilder.PlanPassSelect, qre.plan.PlanID)
got, err := qre.Execute()
if err != nil {
t.Fatalf("got: %v, want nil", err)
}
if !reflect.DeepEqual(got, want) {
t.Fatalf("qre.Execute() = %v, want: %v", got, want)
}
}
开发者ID:hadmagic,项目名称:vitess,代码行数:44,代码来源:query_executor_test.go
示例8: TestQueryExecutorTableAclNoPermission
func TestQueryExecutorTableAclNoPermission(t *testing.T) {
aclName := fmt.Sprintf("simpleacl-test-%d", rand.Int63())
tableacl.Register(aclName, &simpleacl.Factory{})
tableacl.SetDefaultACL(aclName)
db := setUpQueryExecutorTest()
query := "select * from test_table limit 1000"
want := &mproto.QueryResult{
Fields: getTestTableFields(),
RowsAffected: 0,
Rows: [][]sqltypes.Value{},
}
db.AddQuery(query, want)
db.AddQuery("select * from test_table where 1 != 1", &mproto.QueryResult{
Fields: getTestTableFields(),
})
username := "u2"
callerID := &querypb.VTGateCallerID{
Username: username,
}
ctx := callerid.NewContext(context.Background(), nil, callerID)
config := &tableaclpb.Config{
TableGroups: []*tableaclpb.TableGroupSpec{{
Name: "group02",
TableNamesOrPrefixes: []string{"test_table"},
Readers: []string{"superuser"},
}},
}
if err := tableacl.InitFromProto(config); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
// without enabling Config.StrictTableAcl
sqlQuery := newTestSQLQuery(ctx, enableRowCache|enableSchemaOverrides|enableStrict)
qre := newTestQueryExecutor(ctx, sqlQuery, query, 0)
checkPlanID(t, planbuilder.PLAN_PASS_SELECT, qre.plan.PlanId)
got, err := qre.Execute()
if err != nil {
t.Fatalf("got: %v, want nil", err)
}
if !reflect.DeepEqual(got, want) {
t.Fatalf("qre.Execute() = %v, want: %v", got, want)
}
sqlQuery.disallowQueries()
// enable Config.StrictTableAcl
sqlQuery = newTestSQLQuery(ctx, enableRowCache|enableSchemaOverrides|enableStrict|enableStrictTableAcl)
qre = newTestQueryExecutor(ctx, sqlQuery, query, 0)
defer sqlQuery.disallowQueries()
checkPlanID(t, planbuilder.PLAN_PASS_SELECT, qre.plan.PlanId)
// query should fail because current user do not have read permissions
_, err = qre.Execute()
if err == nil {
t.Fatal("got: nil, want: error")
}
tabletError, ok := err.(*TabletError)
if !ok {
t.Fatalf("got: %v, want: *TabletError", err)
}
if tabletError.ErrorType != ErrFail {
t.Fatalf("got: %s, want: ErrFail", getTabletErrorString(tabletError.ErrorType))
}
}
开发者ID:fengshao0907,项目名称:vitess,代码行数:63,代码来源:query_executor_test.go
示例9: TestQueryExecutorTableAclExemptACL
func TestQueryExecutorTableAclExemptACL(t *testing.T) {
aclName := fmt.Sprintf("simpleacl-test-%d", rand.Int63())
tableacl.Register(aclName, &simpleacl.Factory{})
tableacl.SetDefaultACL(aclName)
db := setUpQueryExecutorTest()
query := "select * from test_table limit 1000"
want := &mproto.QueryResult{
Fields: getTestTableFields(),
RowsAffected: 0,
Rows: [][]sqltypes.Value{},
}
db.AddQuery(query, want)
db.AddQuery("select * from test_table where 1 != 1", &mproto.QueryResult{
Fields: getTestTableFields(),
})
username := "u2"
callInfo := &fakeCallInfo{
remoteAddr: "1.2.3.4",
username: username,
}
ctx := callinfo.NewContext(context.Background(), callInfo)
config := &tableaclpb.Config{
TableGroups: []*tableaclpb.TableGroupSpec{{
Name: "group02",
TableNamesOrPrefixes: []string{"test_table"},
Readers: []string{"u1"},
}},
}
if err := tableacl.InitFromProto(config); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
// enable Config.StrictTableAcl
sqlQuery := newTestSQLQuery(ctx, enableRowCache|enableSchemaOverrides|enableStrict|enableStrictTableAcl)
qre := newTestQueryExecutor(ctx, sqlQuery, query, 0)
defer sqlQuery.disallowQueries()
checkPlanID(t, planbuilder.PLAN_PASS_SELECT, qre.plan.PlanId)
// query should fail because current user do not have read permissions
_, err := qre.Execute()
if err == nil {
t.Fatal("got: nil, want: error")
}
tabletError, ok := err.(*TabletError)
if !ok {
t.Fatalf("got: %v, want: *TabletError", err)
}
if tabletError.ErrorType != ErrFail {
t.Fatalf("got: %s, want: ErrFail", getTabletErrorString(tabletError.ErrorType))
}
if !strings.Contains(tabletError.Error(), "table acl error") {
t.Fatalf("got %s, want tablet errorL table acl error", tabletError.Error())
}
// table acl should be ignored since this is an exempt user.
username = "exempt-acl"
sqlQuery.qe.exemptACL = username
callInfo = &fakeCallInfo{
remoteAddr: "1.2.3.4",
username: username,
}
ctx = callinfo.NewContext(context.Background(), callInfo)
qre = newTestQueryExecutor(ctx, sqlQuery, query, 0)
_, err = qre.Execute()
if err != nil {
t.Fatal("qre.Execute: nil, want: error")
}
}
开发者ID:afrolovskiy,项目名称:vitess,代码行数:70,代码来源:query_executor_test.go
示例10: TestQueryExecutorTableAclExemptACL
func TestQueryExecutorTableAclExemptACL(t *testing.T) {
aclName := fmt.Sprintf("simpleacl-test-%d", rand.Int63())
tableacl.Register(aclName, &simpleacl.Factory{})
tableacl.SetDefaultACL(aclName)
db := setUpQueryExecutorTest()
query := "select * from test_table limit 1000"
want := &mproto.QueryResult{
Fields: getTestTableFields(),
RowsAffected: 0,
Rows: [][]sqltypes.Value{},
}
db.AddQuery(query, want)
db.AddQuery("select * from test_table where 1 != 1", &mproto.QueryResult{
Fields: getTestTableFields(),
})
username := "u2"
callerID := &querypb.VTGateCallerID{
Username: username,
}
ctx := callerid.NewContext(context.Background(), nil, callerID)
config := &tableaclpb.Config{
TableGroups: []*tableaclpb.TableGroupSpec{{
Name: "group02",
TableNamesOrPrefixes: []string{"test_table"},
Readers: []string{"u1"},
}},
}
if err := tableacl.InitFromProto(config); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
// enable Config.StrictTableAcl
tsv := newTestTabletServer(ctx, enableRowCache|enableSchemaOverrides|enableStrict|enableStrictTableAcl, db)
qre := newTestQueryExecutor(ctx, tsv, query, 0)
defer tsv.StopService()
checkPlanID(t, planbuilder.PlanPassSelect, qre.plan.PlanID)
// query should fail because current user do not have read permissions
_, err := qre.Execute()
if err == nil {
t.Fatal("got: nil, want: error")
}
tabletError, ok := err.(*TabletError)
if !ok {
t.Fatalf("got: %v, want: *TabletError", err)
}
if tabletError.ErrorType != ErrFail {
t.Fatalf("got: %s, want: ErrFail", getTabletErrorString(tabletError.ErrorType))
}
if !strings.Contains(tabletError.Error(), "table acl error") {
t.Fatalf("got %s, want tablet errorL table acl error", tabletError.Error())
}
// table acl should be ignored since this is an exempt user.
username = "exempt-acl"
f, _ := tableacl.GetCurrentAclFactory()
if tsv.qe.exemptACL, err = f.New([]string{username}); err != nil {
t.Fatalf("Cannot load exempt ACL for Table ACL: %v", err)
}
callerID = &querypb.VTGateCallerID{
Username: username,
}
ctx = callerid.NewContext(context.Background(), nil, callerID)
qre = newTestQueryExecutor(ctx, tsv, query, 0)
_, err = qre.Execute()
if err != nil {
t.Fatal("qre.Execute: nil, want: error")
}
}
开发者ID:hadmagic,项目名称:vitess,代码行数:72,代码来源:query_executor_test.go
示例11: TestQueryExecutorTableAclNoPermission
func TestQueryExecutorTableAclNoPermission(t *testing.T) {
aclName := fmt.Sprintf("simpleacl-test-%d", rand.Int63())
tableacl.Register(aclName, &simpleacl.Factory{})
tableacl.SetDefaultACL(aclName)
db := setUpQueryExecutorTest()
query := "select * from test_table limit 1000"
want := &sqltypes.Result{
Fields: getTestTableFields(),
RowsAffected: 0,
Rows: [][]sqltypes.Value{},
}
db.AddQuery(query, want)
db.AddQuery("select * from test_table where 1 != 1", &sqltypes.Result{
Fields: getTestTableFields(),
})
username := "u2"
callerID := &querypb.VTGateCallerID{
Username: username,
}
ctx := callerid.NewContext(context.Background(), nil, callerID)
config := &tableaclpb.Config{
TableGroups: []*tableaclpb.TableGroupSpec{{
Name: "group02",
TableNamesOrPrefixes: []string{"test_table"},
Readers: []string{"superuser"},
}},
}
if err := tableacl.InitFromProto(config); err != nil {
t.Fatalf("unable to load tableacl config, error: %v", err)
}
// without enabling Config.StrictTableAcl
tsv := newTestTabletServer(ctx, enableStrict, db)
qre := newTestQueryExecutor(ctx, tsv, query, 0)
checkPlanID(t, planbuilder.PlanPassSelect, qre.plan.PlanID)
got, err := qre.Execute()
if err != nil {
t.Fatalf("got: %v, want nil", err)
}
if !reflect.DeepEqual(got, want) {
t.Fatalf("qre.Execute() = %v, want: %v", got, want)
}
tsv.StopService()
// enable Config.StrictTableAcl
tsv = newTestTabletServer(ctx, enableStrict|enableStrictTableAcl, db)
qre = newTestQueryExecutor(ctx, tsv, query, 0)
defer tsv.StopService()
checkPlanID(t, planbuilder.PlanPassSelect, qre.plan.PlanID)
// query should fail because current user do not have read permissions
_, err = qre.Execute()
if err == nil {
t.Fatal("got: nil, want: error")
}
tabletError, ok := err.(*TabletError)
if !ok {
t.Fatalf("got: %v, want: *TabletError", err)
}
if tabletError.ErrorCode != vtrpcpb.ErrorCode_PERMISSION_DENIED {
t.Fatalf("got: %s, want: PERMISSION_DENIED", tabletError.ErrorCode)
}
}
开发者ID:erzel,项目名称:vitess,代码行数:63,代码来源:query_executor_test.go
注:本文中的github.com/youtube/vitess/go/vt/tableacl.SetDefaultACL函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论