tandem
/
numerus
2
0
Fork 0
Code Issues 39 Pull Requests Packages Projects 1 Releases 1 Wiki Activity

Compare commits

base: tandem:c369364642ffd44d3f7992d9c81f96ddfe0492a5
Branches Tags
tandem:master
tandem:v1.1
tandem:v1
tandem:v0
...
compare: tandem:afd4bc16b7a7f7b29068de03545ef2e8bf42d503
Branches Tags
tandem:master
tandem:v1.1
tandem:v1
tandem:v0

2 Commits
c369364642 ... afd4bc16b7

Author SHA1 Message Date
jordi fita mas afd4bc16b7 Add the schema for all function’s tests 
With that check_cookie function i realized that the schema of functions
is important, otherwise pgTAP could give me the OK when it finds the
function in a different schema than what i intended.
 2023-01-18 14:13:58 +01:00
jordi fita mas c4fc37349b Move check_cookie to public and give access to authenticator 
I do not want to give access to authenticator until i know who the user
is, herefore that function can not be in the numerus schema as the
authenticator user can not see it.
 2023-01-18 14:12:59 +01:00
10 changed files with 50 additions and 49 deletions
Show Stats Expand all files Collapse all files

2
deploy/check_cookie.sql
View File

@ -4,7 +4,7 @@
begin; begin;
set search_path to numerus, auth, public; set search_path to public, numerus, auth;
create or replace function check_cookie(input_cookie text) returns record as create or replace function check_cookie(input_cookie text) returns record as
$$ $$

1
deploy/schema_public.sql
View File

@ -6,6 +6,7 @@ begin;
revoke create on schema public from public; revoke create on schema public from public;
revoke usage on schema public from public; revoke usage on schema public from public;
grant usage on schema public to authenticator;
grant usage on schema public to guest; grant usage on schema public to guest;
grant usage on schema public to invoicer; grant usage on schema public to invoicer;
grant usage on schema public to admin; grant usage on schema public to admin;

2
revert/check_cookie.sql
View File

@ -2,6 +2,6 @@
begin; begin;
drop function if exists numerus.check_cookie(text); drop function if exists public.check_cookie(text);
commit; commit;

18
test/check_cookie.sql
View File

@ -9,15 +9,15 @@ select plan(15);
set search_path to auth, numerus, public; set search_path to auth, numerus, public;
select has_function('check_cookie'); select has_function('public', 'check_cookie', array ['text']);
select function_lang_is('check_cookie', array ['text'], 'plpgsql'); select function_lang_is('public', 'check_cookie', array ['text'], 'plpgsql');
select function_returns('check_cookie', array ['text'], 'record'); select function_returns('public', 'check_cookie', array ['text'], 'record');
select is_definer('check_cookie', array ['text']); select is_definer('public', 'check_cookie', array ['text']);
select volatility_is('check_cookie', array ['text'], 'stable'); select volatility_is('public', 'check_cookie', array ['text'], 'stable');
select function_privs_are('check_cookie', array ['text'], 'guest', array []::text[]); select function_privs_are('public', 'check_cookie', array ['text'], 'guest', array []::text[]);
select function_privs_are('check_cookie', array ['text'], 'invoicer', array []::text[]); select function_privs_are('public', 'check_cookie', array ['text'], 'invoicer', array []::text[]);
select function_privs_are('check_cookie', array ['text'], 'admin', array []::text[]); select function_privs_are('public', 'check_cookie', array ['text'], 'admin', array []::text[]);
select function_privs_are('check_cookie', array ['text'], 'authenticator', array ['EXECUTE']); select function_privs_are('public', 'check_cookie', array ['text'], 'authenticator', array ['EXECUTE']);
set client_min_messages to warning; set client_min_messages to warning;
truncate auth."user" cascade; truncate auth."user" cascade;

18
test/encrypt_password.sql
View File

@ -9,15 +9,15 @@ select plan(11);
set search_path to auth, numerus, public; set search_path to auth, numerus, public;
select has_function('encrypt_password'); select has_function('auth', 'encrypt_password', array []::name[]);
select function_lang_is('encrypt_password', array []::name[], 'plpgsql'); select function_lang_is('auth', 'encrypt_password', array []::name[], 'plpgsql');
select function_returns('encrypt_password', array []::name[], 'trigger'); select function_returns('auth', 'encrypt_password', array []::name[], 'trigger');
select isnt_definer('encrypt_password', array []::name[]); select isnt_definer('auth', 'encrypt_password', array []::name[]);
select volatility_is('encrypt_password', array []::name[], 'volatile'); select volatility_is('auth', 'encrypt_password', array []::name[], 'volatile');
select function_privs_are('encrypt_password', array []::name[], 'guest', array []::text[]); select function_privs_are('auth', 'encrypt_password', array []::name[], 'guest', array []::text[]);
select function_privs_are('encrypt_password', array []::name[], 'invoicer', array []::text[]); select function_privs_are('auth', 'encrypt_password', array []::name[], 'invoicer', array []::text[]);
select function_privs_are('encrypt_password', array []::name[], 'admin', array []::text[]); select function_privs_are('auth', 'encrypt_password', array []::name[], 'admin', array []::text[]);
select function_privs_are('encrypt_password', array []::name[], 'authenticator', array []::text[]); select function_privs_are('auth', 'encrypt_password', array []::name[], 'authenticator', array []::text[]);
select trigger_is('user', 'encrypt_password', 'encrypt_password'); select trigger_is('user', 'encrypt_password', 'encrypt_password');

18
test/ensure_role_exists.sql
View File

@ -9,15 +9,15 @@ select plan(14);
set search_path to auth, public; set search_path to auth, public;
select has_function('ensure_role_exists'); select has_function('auth', 'ensure_role_exists', array []::name[]);
select function_lang_is('ensure_role_exists', array []::name[], 'plpgsql'); select function_lang_is('auth', 'ensure_role_exists', array []::name[], 'plpgsql');
select function_returns('ensure_role_exists', array []::name[], 'trigger'); select function_returns('auth', 'ensure_role_exists', array []::name[], 'trigger');
select isnt_definer('ensure_role_exists', array []::name[]); select isnt_definer('auth', 'ensure_role_exists', array []::name[]);
select volatility_is('ensure_role_exists', array []::name[], 'volatile'); select volatility_is('auth', 'ensure_role_exists', array []::name[], 'volatile');
select function_privs_are('ensure_role_exists', array []::name[], 'guest', array []::text[]); select function_privs_are('auth', 'ensure_role_exists', array []::name[], 'guest', array []::text[]);
select function_privs_are('ensure_role_exists', array []::name[], 'invoicer', array []::text[]); select function_privs_are('auth', 'ensure_role_exists', array []::name[], 'invoicer', array []::text[]);
select function_privs_are('ensure_role_exists', array []::name[], 'admin', array []::text[]); select function_privs_are('auth', 'ensure_role_exists', array []::name[], 'admin', array []::text[]);
select function_privs_are('ensure_role_exists', array []::name[], 'authenticator', array []::text[]); select function_privs_are('auth', 'ensure_role_exists', array []::name[], 'authenticator', array []::text[]);
select trigger_is('user', 'ensure_role_exists', 'ensure_role_exists'); select trigger_is('user', 'ensure_role_exists', 'ensure_role_exists');

18
test/login.sql
View File

@ -9,15 +9,15 @@ select plan(20);
set search_path to auth, numerus, public; set search_path to auth, numerus, public;
select has_function('login'); select has_function('numerus', 'login', array ['email', 'text', 'inet']);
select function_lang_is('login', array ['email', 'text', 'inet'], 'plpgsql'); select function_lang_is('numerus', 'login', array ['email', 'text', 'inet'], 'plpgsql');
select function_returns('login', array ['email', 'text', 'inet'], 'text'); select function_returns('numerus', 'login', array ['email', 'text', 'inet'], 'text');
select is_definer('login', array ['email', 'text', 'inet']); select is_definer('numerus', 'login', array ['email', 'text', 'inet']);
select volatility_is('login', array ['email', 'text', 'inet'], 'volatile'); select volatility_is('numerus', 'login', array ['email', 'text', 'inet'], 'volatile');
select function_privs_are('login', array ['email', 'text', 'inet'], 'guest', array ['EXECUTE']); select function_privs_are('numerus', 'login', array ['email', 'text', 'inet'], 'guest', array ['EXECUTE']);
select function_privs_are('login', array ['email', 'text', 'inet'], 'invoicer', array []::text[]); select function_privs_are('numerus', 'login', array ['email', 'text', 'inet'], 'invoicer', array []::text[]);
select function_privs_are('login', array ['email', 'text', 'inet'], 'admin', array []::text[]); select function_privs_are('numerus', 'login', array ['email', 'text', 'inet'], 'admin', array []::text[]);
select function_privs_are('login', array ['email', 'text', 'inet'], 'authenticator', array []::text[]); select function_privs_are('numerus', 'login', array ['email', 'text', 'inet'], 'authenticator', array []::text[]);
set client_min_messages to warning; set client_min_messages to warning;
truncate auth."user" cascade; truncate auth."user" cascade;

18
test/logout.sql
View File

@ -9,15 +9,15 @@ select plan(15);
set search_path to auth, numerus, public; set search_path to auth, numerus, public;
select has_function('logout'); select has_function('numerus', 'logout', array []::name[]);
select function_lang_is('logout', array []::text[], 'sql'); select function_lang_is('numerus', 'logout', array []::name[], 'sql');
select function_returns('logout', array []::text[], 'void'); select function_returns('numerus', 'logout', array []::name[], 'void');
select is_definer('logout', array []::text[]); select is_definer('numerus', 'logout', array []::name[]);
select volatility_is('logout', array []::text[], 'volatile'); select volatility_is('numerus', 'logout', array []::name[], 'volatile');
select function_privs_are('logout', array []::text[], 'guest', array []::text[]); select function_privs_are('numerus', 'logout', array []::name[], 'guest', array []::text[]);
select function_privs_are('logout', array []::text[], 'invoicer', array ['EXECUTE']); select function_privs_are('numerus', 'logout', array []::name[], 'invoicer', array ['EXECUTE']);
select function_privs_are('logout', array []::text[], 'admin', array ['EXECUTE']); select function_privs_are('numerus', 'logout', array []::name[], 'admin', array ['EXECUTE']);
select function_privs_are('logout', array []::text[], 'authenticator', array []::text[]); select function_privs_are('numerus', 'logout', array []::name[], 'authenticator', array []::text[]);
set client_min_messages to warning; set client_min_messages to warning;
truncate auth."user" cascade; truncate auth."user" cascade;

2
test/schemas.sql
View File

@ -27,7 +27,7 @@ select schema_privs_are('numerus', 'authenticator', array[]::text[]);
select schema_privs_are('public', 'guest', array['USAGE']); select schema_privs_are('public', 'guest', array['USAGE']);
select schema_privs_are('public', 'invoicer', array['USAGE']); select schema_privs_are('public', 'invoicer', array['USAGE']);
select schema_privs_are('public', 'admin', array['USAGE']); select schema_privs_are('public', 'admin', array['USAGE']);
select schema_privs_are('public', 'authenticator', array[]::text[]); select schema_privs_are('public', 'authenticator', array['USAGE']);
select schema_privs_are('sqitch', 'guest', array[]::text[]); select schema_privs_are('sqitch', 'guest', array[]::text[]);
select schema_privs_are('sqitch', 'invoicer', array[]::text[]); select schema_privs_are('sqitch', 'invoicer', array[]::text[]);

2
verify/check_cookie.sql
View File

@ -2,6 +2,6 @@
begin; begin;
select has_function_privilege('numerus.check_cookie(text)', 'execute'); select has_function_privilege('public.check_cookie(text)', 'execute');
rollback; rollback;