Mercurial > gemma
annotate schema/auth_tests.sql @ 2227:9b545e470b94 pdf-export
PDF generation: logo image, adjusted templates
The default logo file will now be added to the PDF if an image element is specified without url.
author | Markus Kottlaender <markus@intevation.de> |
---|---|
date | Tue, 12 Feb 2019 14:33:36 +0100 |
parents | b66cfcde8ff7 |
children | 4374d942b23d |
rev | line source |
---|---|
1298
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
1 -- This is Free Software under GNU Affero General Public License v >= 3.0 |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
2 -- without warranty, see README.md and license for details. |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
3 |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
4 -- SPDX-License-Identifier: AGPL-3.0-or-later |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
5 -- License-Filename: LICENSES/AGPL-3.0.txt |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
6 |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
7 -- Copyright (C) 2018 by via donau |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
8 -- – Österreichische Wasserstraßen-Gesellschaft mbH |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
9 -- Software engineering by Intevation GmbH |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
10 |
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
11 -- Author(s): |
1301
2304778c4432
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
1298
diff
changeset
|
12 -- * Tom Gottfried <tom@intevation.de> |
1298
6590208e3ee1
add headers for licensing to some schema files
Fadi Abbud <fadi.abbud@intevation.de>
parents:
579
diff
changeset
|
13 |
100
7f934f77831a
Add first tests of RLS policies.
Tom Gottfried <tom@intevation.de>
parents:
diff
changeset
|
14 -- |
183
f3a09fc9c1eb
Prepare for having more than one database test script
Tom Gottfried <tom@intevation.de>
parents:
182
diff
changeset
|
15 -- pgTAP test script for privileges and RLS policies |
f3a09fc9c1eb
Prepare for having more than one database test script
Tom Gottfried <tom@intevation.de>
parents:
182
diff
changeset
|
16 -- |
100
7f934f77831a
Add first tests of RLS policies.
Tom Gottfried <tom@intevation.de>
parents:
diff
changeset
|
17 |
7f934f77831a
Add first tests of RLS policies.
Tom Gottfried <tom@intevation.de>
parents:
diff
changeset
|
18 -- |
7f934f77831a
Add first tests of RLS policies.
Tom Gottfried <tom@intevation.de>
parents:
diff
changeset
|
19 -- Run tests as unprivileged user |
104
bc1c7fa3a939
Add tests for authorisation of templates.
Tom Gottfried <tom@intevation.de>
parents:
100
diff
changeset
|
20 -- |
224
57dfab80973c
By convention, prefix all test users with 'test'
Tom Gottfried <tom@intevation.de>
parents:
207
diff
changeset
|
21 SET SESSION AUTHORIZATION test_user_at; |
100
7f934f77831a
Add first tests of RLS policies.
Tom Gottfried <tom@intevation.de>
parents:
diff
changeset
|
22 |
1853
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
23 SELECT throws_ok($$ |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
24 CREATE TABLE test() |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
25 $$, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
26 42501, NULL, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
27 'No objects can be created'); |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
28 |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
29 SELECT isnt_empty($$ |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
30 SELECT * FROM waterway.bottlenecks |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
31 $$, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
32 'Staged data should be visible'); |
100
7f934f77831a
Add first tests of RLS policies.
Tom Gottfried <tom@intevation.de>
parents:
diff
changeset
|
33 |
1853
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
34 SELECT is_empty($$ |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
35 SELECT * FROM waterway.bottlenecks WHERE NOT staging_done |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
36 $$, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
37 'Only staged data should be visible'); |
100
7f934f77831a
Add first tests of RLS policies.
Tom Gottfried <tom@intevation.de>
parents:
diff
changeset
|
38 |
2147
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
39 --SELECT isnt_empty($$ |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
40 -- SELECT * FROM users.templates |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
41 -- $$, |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
42 -- 'User should see templates associated to him'); |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
43 --SELECT is_empty($$ |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
44 -- SELECT * FROM users.templates |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
45 -- JOIN users.user_templates USING (template_name) |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
46 -- WHERE username <> current_user |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
47 -- $$, |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
48 -- 'User should only see templates associated to him'); |
104
bc1c7fa3a939
Add tests for authorisation of templates.
Tom Gottfried <tom@intevation.de>
parents:
100
diff
changeset
|
49 |
100
7f934f77831a
Add first tests of RLS policies.
Tom Gottfried <tom@intevation.de>
parents:
diff
changeset
|
50 -- |
106
ae5bb7a979ff
Test RLS policy for responsibility area.
Tom Gottfried <tom@intevation.de>
parents:
104
diff
changeset
|
51 -- Run tests as waterway administrator |
ae5bb7a979ff
Test RLS policy for responsibility area.
Tom Gottfried <tom@intevation.de>
parents:
104
diff
changeset
|
52 -- |
224
57dfab80973c
By convention, prefix all test users with 'test'
Tom Gottfried <tom@intevation.de>
parents:
207
diff
changeset
|
53 SET SESSION AUTHORIZATION test_admin_at; |
106
ae5bb7a979ff
Test RLS policy for responsibility area.
Tom Gottfried <tom@intevation.de>
parents:
104
diff
changeset
|
54 |
1983
f9f1babe52ae
Fix area generation from multipolygon input
Tom Gottfried <tom@intevation.de>
parents:
1904
diff
changeset
|
55 PREPARE bn_insert (varchar, geometry(MULTIPOLYGON, 4326)) AS |
195
5dc8e734487a
Introduce database schemas as privilege-based namespaces
Tom Gottfried <tom@intevation.de>
parents:
183
diff
changeset
|
56 INSERT INTO waterway.bottlenecks ( |
182 | 57 bottleneck_id, fk_g_fid, stretch, area, rb, lb, responsible_country, |
58 revisiting_time, limiting, source_organization) | |
59 VALUES ( | |
60 $1, | |
579
642df1164aca
Ensure gauges are identified by appropriate ISRS location code
Tom Gottfried <tom@intevation.de>
parents:
268
diff
changeset
|
61 ('AT', 'XXX', '00001', 'G0001', 1)::isrs, |
182 | 62 isrsrange(('AT', 'XXX', '00001', '00000', 0)::isrs, |
63 ('AT', 'XXX', '00001', '00000', 2)::isrs), | |
64 $2, 'AT', 'AT', 'AT', | |
65 1, 'depth', 'testorganization' | |
66 ); | |
1853
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
67 SELECT lives_ok($$ |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
68 EXECUTE bn_insert( |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
69 'test1', |
1983
f9f1babe52ae
Fix area generation from multipolygon input
Tom Gottfried <tom@intevation.de>
parents:
1904
diff
changeset
|
70 ST_geomfromtext('MULTIPOLYGON(((0 0, 0 1, 1 1, 1 0, 0 0)))', 4326)) |
1853
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
71 $$, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
72 'Waterway admin can insert data within his region'); |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
73 SELECT throws_ok($$ |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
74 EXECUTE bn_insert( |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
75 'test2', |
1983
f9f1babe52ae
Fix area generation from multipolygon input
Tom Gottfried <tom@intevation.de>
parents:
1904
diff
changeset
|
76 ST_geomfromtext('MULTIPOLYGON(((1 0, 1 1, 2 1, 2 0, 1 0)))', 4326)) |
1853
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
77 $$, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
78 42501, NULL, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
79 'Waterway admin cannot insert data outside his region'); |
106
ae5bb7a979ff
Test RLS policy for responsibility area.
Tom Gottfried <tom@intevation.de>
parents:
104
diff
changeset
|
80 |
177
4e2451d561b1
Make schema for templates more realistic
Tom Gottfried <tom@intevation.de>
parents:
175
diff
changeset
|
81 -- template management |
2147
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
82 --SELECT isnt_empty($$ |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
83 -- SELECT * FROM users.templates |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
84 -- JOIN users.user_templates USING (template_name) |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
85 -- WHERE username <> current_user |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
86 -- $$, |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
87 -- 'Waterway admin should see templates of other users'); |
180
0423eab4ad45
Improve RLS policies for template data
Tom Gottfried <tom@intevation.de>
parents:
178
diff
changeset
|
88 |
2147
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
89 --SELECT lives_ok($$ |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
90 -- INSERT INTO users.templates (template_name, template_data) |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
91 -- VALUES ('New AT', '\x'); |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
92 -- INSERT INTO users.user_templates |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
93 -- VALUES ('test_user_at', 'New AT') |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
94 -- $$, |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
95 -- 'Waterway admin can add templates for users in his country'); |
180
0423eab4ad45
Improve RLS policies for template data
Tom Gottfried <tom@intevation.de>
parents:
178
diff
changeset
|
96 |
2147
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
97 --SELECT throws_ok($$ |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
98 -- INSERT INTO users.user_templates VALUES ('waterway_user2', 'AT') |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
99 -- $$, |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
100 -- 42501, NULL, |
b66cfcde8ff7
Print templates: Stubbed endpoints under /api/templates/print/{name}
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
2070
diff
changeset
|
101 -- 'Waterway admin cannot add template for other country'); |
180
0423eab4ad45
Improve RLS policies for template data
Tom Gottfried <tom@intevation.de>
parents:
178
diff
changeset
|
102 |
1853
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
103 SELECT isnt_empty($$ |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
104 UPDATE users.templates SET template_data = '\xDABE' |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
105 WHERE template_name = 'AT' RETURNING * |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
106 $$, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
107 'Waterway admin can alter templates for own country'); |
180
0423eab4ad45
Improve RLS policies for template data
Tom Gottfried <tom@intevation.de>
parents:
178
diff
changeset
|
108 |
1853
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
109 SELECT is_empty($$ |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
110 UPDATE users.templates SET template_data = '\xDABE' |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
111 WHERE template_name = 'RO' RETURNING * |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
112 $$, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
113 'Waterway admin cannot alter templates for other country'); |
180
0423eab4ad45
Improve RLS policies for template data
Tom Gottfried <tom@intevation.de>
parents:
178
diff
changeset
|
114 |
1853
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
115 SELECT isnt_empty($$ |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
116 DELETE FROM users.templates WHERE template_name = 'AT' RETURNING * |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
117 $$, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
118 'Waterway admin can delete templates for own country'); |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
119 |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
120 SELECT is_empty($$ |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
121 DELETE FROM users.templates WHERE template_name = 'RO' RETURNING * |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
122 $$, |
cedadd4e3db5
Use dollar quoting to make tested statements more readable
Tom Gottfried <tom@intevation.de>
parents:
1339
diff
changeset
|
123 'Waterway admin cannot delete templates for other country'); |
1873
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
124 |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
125 -- import management |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
126 SELECT lives_ok($$ |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
127 WITH |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
128 job AS ( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
129 INSERT INTO import.imports (kind, username, data) VALUES ( |
1873
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
130 'test', current_user, 'test') RETURNING id), |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
131 log AS ( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
132 INSERT INTO import.import_logs (import_id, msg) |
1873
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
133 SELECT id, 'test' FROM job) |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
134 INSERT INTO import.track_imports |
1873
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
135 SELECT id, 'waterway.bottlenecks', 0 FROM job |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
136 $$, |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
137 'Waterway admin can add import job and related data'); |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
138 |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
139 SET SESSION AUTHORIZATION test_admin_at2; |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
140 SELECT bag_has($$ |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
141 SELECT username FROM users.list_users |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
142 $$, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
143 $$ |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
144 WITH job AS ( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
145 UPDATE import.imports SET state = 'accepted' |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
146 RETURNING id, username), |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
147 log AS ( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
148 INSERT INTO import.import_logs (import_id, msg) |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
149 SELECT id, 'test continued' FROM job) |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
150 SELECT username FROM job |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
151 $$, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
152 'Waterway admin can edit import jobs from his country only'); |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
153 |
1873
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
154 SELECT lives_ok($$ |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
155 WITH |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
156 config AS ( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
157 INSERT INTO import.import_configuration (kind, username) VALUES ( |
1873
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
158 'test', current_user) RETURNING id) |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
159 INSERT INTO import.import_configuration_attributes |
1873
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
160 SELECT id, 'test key', 'test value' FROM config |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
161 $$, |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
162 'Waterway admin can add import config and related data'); |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
163 |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
164 SET SESSION AUTHORIZATION test_admin_at; |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
165 SELECT bag_has($$ |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
166 SELECT username FROM users.list_users |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
167 $$, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
168 $$ |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
169 WITH config AS ( |
2070 | 170 UPDATE import.import_configuration SET kind = 'test' |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
171 RETURNING id, username), |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
172 attrib AS ( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
173 INSERT INTO import.import_configuration_attributes |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
174 SELECT id, 'test continued', 'test value' FROM config), |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
175 attrib_upd AS ( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
176 UPDATE import.import_configuration_attributes SET v = 'test v' |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
177 WHERE import_configuration_id = (SELECT id FROM config)) |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
178 SELECT username FROM config |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
179 $$, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
180 'Waterway admin can edit import config from his country only'); |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
181 |
1873
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
182 SET SESSION AUTHORIZATION test_admin_ro; |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
183 SELECT throws_ok($$ |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
184 INSERT INTO import.import_logs (import_id, msg) |
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
185 VALUES (currval(pg_get_serial_sequence('import.imports', 'id')), |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
186 'test') |
1873
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
187 $$, |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
188 42501, NULL, |
9f8f7d3fd655
Fix policies interfering badly with integrity checks
Tom Gottfried <tom@intevation.de>
parents:
1853
diff
changeset
|
189 'Waterway admin cannot add log messages to other countries imports'); |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
190 |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
191 SELECT throws_ok($$ |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
192 DELETE FROM import.track_imports |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
193 WHERE import_id = currval( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
194 pg_get_serial_sequence('import.imports', 'id')) |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
195 $$, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
196 42501, NULL, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
197 'Waterway admin cannot delete tracking data of other countries imports'); |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
198 |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
199 SELECT throws_ok($$ |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
200 INSERT INTO import.import_configuration_attributes |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
201 VALUES (currval(pg_get_serial_sequence( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
202 'import.import_configuration', 'id')), |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
203 'test', 'test value') |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
204 $$, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
205 42501, NULL, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
206 'Waterway admin cannot add attributes to other countries import config'); |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
207 |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
208 SELECT throws_ok($$ |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
209 UPDATE import.import_configuration_attributes SET v = 'evil' |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
210 WHERE import_configuration_id = currval( |
1995
59055c8301df
Move import queue to its own database namespace
Tom Gottfried <tom@intevation.de>
parents:
1983
diff
changeset
|
211 pg_get_serial_sequence('import.import_configuration', 'id')) |
1904
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
212 $$, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
213 42501, NULL, |
931b15be6d7f
Complement authorisation tests for import management
Tom Gottfried <tom@intevation.de>
parents:
1873
diff
changeset
|
214 'Waterway admin cannot overwrite attributes of other countries config'); |