mirror of https://gitee.com/bigwinds/arangodb
237 lines
9.4 KiB
C++
237 lines
9.4 KiB
C++
////////////////////////////////////////////////////////////////////////////////
|
|
/// DISCLAIMER
|
|
///
|
|
/// Copyright 2019 ArangoDB GmbH, Cologne, Germany
|
|
///
|
|
/// Licensed under the Apache License, Version 2.0 (the "License");
|
|
/// you may not use this file except in compliance with the License.
|
|
/// You may obtain a copy of the License at
|
|
///
|
|
/// http://www.apache.org/licenses/LICENSE-2.0
|
|
///
|
|
/// Unless required by applicable law or agreed to in writing, software
|
|
/// distributed under the License is distributed on an "AS IS" BASIS,
|
|
/// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
/// See the License for the specific language governing permissions and
|
|
/// limitations under the License.
|
|
///
|
|
/// Copyright holder is ArangoDB GmbH, Cologne, Germany
|
|
///
|
|
/// @author Andrey Abramov
|
|
/// @author Vasiliy Nabatchikov
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
#include "catch.hpp"
|
|
#include "../Mocks/StorageEngineMock.h"
|
|
#include "ApplicationFeatures/ApplicationServer.h"
|
|
#include "Aql/QueryRegistry.h"
|
|
|
|
#if USE_ENTERPRISE
|
|
#include "Enterprise/Ldap/LdapFeature.h"
|
|
#endif
|
|
|
|
#include "GeneralServer/AuthenticationFeature.h"
|
|
#include "RestServer/QueryRegistryFeature.h"
|
|
#include "RestServer/ViewTypesFeature.h"
|
|
#include "StorageEngine/EngineSelectorFeature.h"
|
|
#include "Utils/ExecContext.h"
|
|
#include "velocypack/Parser.h"
|
|
#include "VocBase/LogicalView.h"
|
|
#include "VocBase/vocbase.h"
|
|
|
|
namespace {
|
|
|
|
struct TestView: public arangodb::LogicalView {
|
|
arangodb::Result _appendVelocyPackResult;
|
|
arangodb::velocypack::Builder _properties;
|
|
|
|
TestView(TRI_vocbase_t& vocbase, arangodb::velocypack::Slice const& definition, uint64_t planVersion)
|
|
: arangodb::LogicalView(vocbase, definition, planVersion) {
|
|
}
|
|
virtual arangodb::Result appendVelocyPackImpl(arangodb::velocypack::Builder& builder, bool, bool) const override {
|
|
builder.add("properties", _properties.slice());
|
|
return _appendVelocyPackResult;
|
|
}
|
|
virtual arangodb::Result dropImpl() override { return arangodb::LogicalViewHelperStorageEngine::drop(*this); }
|
|
virtual void open() override {}
|
|
virtual arangodb::Result renameImpl(std::string const& oldName) override { return arangodb::LogicalViewHelperStorageEngine::rename(*this, oldName); }
|
|
virtual arangodb::Result properties(arangodb::velocypack::Slice const& properties, bool partialUpdate) override { _properties = arangodb::velocypack::Builder(properties); return arangodb::Result(); }
|
|
virtual bool visitCollections(CollectionVisitor const& visitor) const override { return true; }
|
|
};
|
|
|
|
struct ViewFactory: public arangodb::ViewFactory {
|
|
virtual arangodb::Result create(
|
|
arangodb::LogicalView::ptr& view,
|
|
TRI_vocbase_t& vocbase,
|
|
arangodb::velocypack::Slice const& definition
|
|
) const override {
|
|
view = vocbase.createView(definition);
|
|
|
|
return arangodb::Result();
|
|
}
|
|
|
|
virtual arangodb::Result instantiate(
|
|
arangodb::LogicalView::ptr& view,
|
|
TRI_vocbase_t& vocbase,
|
|
arangodb::velocypack::Slice const& definition,
|
|
uint64_t planVersion
|
|
) const override {
|
|
view = std::make_shared<TestView>(vocbase, definition, planVersion);
|
|
|
|
return arangodb::Result();
|
|
}
|
|
};
|
|
|
|
}
|
|
|
|
// -----------------------------------------------------------------------------
|
|
// --SECTION-- setup / tear-down
|
|
// -----------------------------------------------------------------------------
|
|
|
|
struct LogicalViewSetup {
|
|
StorageEngineMock engine;
|
|
arangodb::application_features::ApplicationServer server;
|
|
std::vector<std::pair<arangodb::application_features::ApplicationFeature*, bool>> features;
|
|
ViewFactory viewFactory;
|
|
|
|
LogicalViewSetup(): engine(server), server(nullptr, nullptr) {
|
|
arangodb::EngineSelectorFeature::ENGINE = &engine;
|
|
|
|
// suppress INFO {authentication} Authentication is turned on (system only), authentication for unix sockets is turned on
|
|
arangodb::LogTopic::setLogLevel(arangodb::Logger::AUTHENTICATION.name(), arangodb::LogLevel::WARN);
|
|
|
|
features.emplace_back(new arangodb::AuthenticationFeature(server), false); // required for ExecContext
|
|
features.emplace_back(new arangodb::QueryRegistryFeature(server), false); // required for TRI_vocbase_t
|
|
features.emplace_back(new arangodb::ViewTypesFeature(server), false); // required for LogicalView::create(...)
|
|
|
|
#if USE_ENTERPRISE
|
|
features.emplace_back(new arangodb::LdapFeature(server), false); // required for AuthenticationFeature with USE_ENTERPRISE
|
|
#endif
|
|
|
|
for (auto& f: features) {
|
|
arangodb::application_features::ApplicationServer::server->addFeature(f.first);
|
|
}
|
|
|
|
for (auto& f: features) {
|
|
f.first->prepare();
|
|
}
|
|
|
|
for (auto& f: features) {
|
|
if (f.second) {
|
|
f.first->start();
|
|
}
|
|
}
|
|
|
|
auto* viewTypesFeature =
|
|
arangodb::application_features::ApplicationServer::lookupFeature<arangodb::ViewTypesFeature>();
|
|
|
|
viewTypesFeature->emplace(
|
|
arangodb::LogicalDataSource::Type::emplace(arangodb::velocypack::StringRef("testViewType")),
|
|
viewFactory
|
|
);
|
|
}
|
|
|
|
~LogicalViewSetup() {
|
|
arangodb::application_features::ApplicationServer::server = nullptr;
|
|
arangodb::EngineSelectorFeature::ENGINE = nullptr;
|
|
|
|
// destroy application features
|
|
for (auto& f: features) {
|
|
if (f.second) {
|
|
f.first->stop();
|
|
}
|
|
}
|
|
|
|
for (auto& f: features) {
|
|
f.first->unprepare();
|
|
}
|
|
|
|
arangodb::LogTopic::setLogLevel(arangodb::Logger::AUTHENTICATION.name(), arangodb::LogLevel::DEFAULT);
|
|
}
|
|
};
|
|
|
|
// -----------------------------------------------------------------------------
|
|
// --SECTION-- test suite
|
|
// -----------------------------------------------------------------------------
|
|
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
/// @brief setup
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
TEST_CASE("LogicalViewTest", "[vocbase]") {
|
|
LogicalViewSetup s;
|
|
(void)(s);
|
|
|
|
SECTION("test_auth") {
|
|
auto viewJson = arangodb::velocypack::Parser::fromJson("{ \"name\": \"testView\", \"type\": \"testViewType\" }");
|
|
|
|
// no ExecContext
|
|
{
|
|
TRI_vocbase_t vocbase(TRI_vocbase_type_e::TRI_VOCBASE_TYPE_NORMAL, 1, "testVocbase");
|
|
auto logicalView = vocbase.createView(viewJson->slice());
|
|
CHECK((true == logicalView->canUse(arangodb::auth::Level::RW)));
|
|
}
|
|
|
|
// no read access
|
|
{
|
|
TRI_vocbase_t vocbase(TRI_vocbase_type_e::TRI_VOCBASE_TYPE_NORMAL, 1, "testVocbase");
|
|
auto logicalView = vocbase.createView(viewJson->slice());
|
|
struct ExecContext: public arangodb::ExecContext {
|
|
ExecContext(): arangodb::ExecContext(
|
|
arangodb::ExecContext::Type::Default, "", "testVocbase", arangodb::auth::Level::NONE, arangodb::auth::Level::NONE
|
|
) {}
|
|
} execContext;
|
|
arangodb::ExecContextScope execContextScope(&execContext);
|
|
auto* authFeature = arangodb::AuthenticationFeature::instance();
|
|
auto* userManager = authFeature->userManager();
|
|
arangodb::aql::QueryRegistry queryRegistry(0); // required for UserManager::loadFromDB()
|
|
userManager->setQueryRegistry(&queryRegistry);
|
|
CHECK((false == logicalView->canUse(arangodb::auth::Level::RO)));
|
|
}
|
|
|
|
// no write access
|
|
{
|
|
TRI_vocbase_t vocbase(TRI_vocbase_type_e::TRI_VOCBASE_TYPE_NORMAL, 1, "testVocbase");
|
|
auto logicalView = vocbase.createView(viewJson->slice());
|
|
struct ExecContext: public arangodb::ExecContext {
|
|
ExecContext(): arangodb::ExecContext(
|
|
arangodb::ExecContext::Type::Default, "", "testVocbase", arangodb::auth::Level::NONE, arangodb::auth::Level::RO
|
|
) {}
|
|
} execContext;
|
|
arangodb::ExecContextScope execContextScope(&execContext);
|
|
auto* authFeature = arangodb::AuthenticationFeature::instance();
|
|
auto* userManager = authFeature->userManager();
|
|
arangodb::aql::QueryRegistry queryRegistry(0); // required for UserManager::loadFromDB()
|
|
userManager->setQueryRegistry(&queryRegistry);
|
|
CHECK((true == logicalView->canUse(arangodb::auth::Level::RO)));
|
|
CHECK((false == logicalView->canUse(arangodb::auth::Level::RW)));
|
|
}
|
|
|
|
// write access (view access is db access as per https://github.com/arangodb/backlog/issues/459)
|
|
{
|
|
TRI_vocbase_t vocbase(TRI_vocbase_type_e::TRI_VOCBASE_TYPE_NORMAL, 1, "testVocbase");
|
|
auto logicalView = vocbase.createView(viewJson->slice());
|
|
struct ExecContext: public arangodb::ExecContext {
|
|
ExecContext(): arangodb::ExecContext(
|
|
arangodb::ExecContext::Type::Default, "", "testVocbase", arangodb::auth::Level::NONE, arangodb::auth::Level::RW
|
|
) {}
|
|
} execContext;
|
|
arangodb::ExecContextScope execContextScope(&execContext);
|
|
auto* authFeature = arangodb::AuthenticationFeature::instance();
|
|
auto* userManager = authFeature->userManager();
|
|
arangodb::aql::QueryRegistry queryRegistry(0); // required for UserManager::loadFromDB()
|
|
userManager->setQueryRegistry(&queryRegistry);
|
|
CHECK((true == logicalView->canUse(arangodb::auth::Level::RO)));
|
|
CHECK((true == logicalView->canUse(arangodb::auth::Level::RW)));
|
|
}
|
|
}
|
|
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
/// @brief generate tests
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
}
|
|
|
|
// -----------------------------------------------------------------------------
|
|
// --SECTION-- END-OF-FILE
|
|
// -----------------------------------------------------------------------------
|