Mercurial > gemma
view schema/tap_tests.sql @ 180:0423eab4ad45
Improve RLS policies for template data
The removed POLICY manage_templates missed a WITH CHECK (true),
because the USING clause is applied to new rows, too, if no
WITH CHECK is provided, thus implying a dead-lock
situation with the FK constraint on user_templates
(the POLICY requiring a row in user_templates while
INSERTing such row requires a row in templates).
New POLICY on user_templates prevents waterway_admin from
relating templates to users from other countries and
allows to write other policies more compact.
| author | Tom Gottfried <tom@intevation.de> |
|---|---|
| date | Tue, 17 Jul 2018 19:08:18 +0200 |
| parents | 2111ad473961 |
| children | e509eccff303 |
line wrap: on
line source
-- -- pgTAP test script -- CREATE EXTENSION pgtap; SELECT plan(16); -- Give number of tests that have to be run SET search_path TO public, gemma, gemma_waterway, gemma_fairway; \i tap_tests_data.sql -- -- Run tests as unprivileged user -- SET SESSION AUTHORIZATION waterway_user; SELECT throws_ok('CREATE TABLE test()', 42501, NULL, 'No objects can be created'); SELECT isnt_empty('SELECT * FROM bottlenecks', 'Staged data should be visible'); SELECT is_empty('SELECT * FROM bottlenecks WHERE NOT staging_done', 'Only staged data should be visible'); SELECT set_eq('SELECT count(*) FROM gemma.user_profiles', ARRAY[1], 'User should only see his own profile'); SELECT results_eq('SELECT username FROM user_profiles', 'SELECT CAST(current_user AS varchar)', 'User should only see his own profile'); SELECT isnt_empty('SELECT * FROM templates', 'User should see templates associated to him'); SELECT is_empty('SELECT * FROM templates JOIN user_templates USING (template_name) WHERE username <> current_user', 'User should only see templates associated to him'); -- -- Run tests as waterway administrator -- SET SESSION AUTHORIZATION waterway_admin; PREPARE bn_insert (varchar, geometry(POLYGON, 4326)) AS INSERT INTO bottlenecks ( bottleneck_id, fk_g_fid, stretch, area, rb, lb, responsible_country, revisiting_time, limiting, source_organization) VALUES ($1, ('AT', 'XXX', '00001', '00000', 1)::isrs, isrsrange(('AT', 'XXX', '00001', '00000', 0)::isrs, ('AT', 'XXX', '00001', '00000', 2)::isrs), $2, 'AT', 'AT', 'AT', 1, 'depth', 'testorganization'); -- XXX: In contrast to what table 240 in the PostgreSQL docs says -- (https://www.postgresql.org/docs/10/static/sql-createpolicy.html), -- the following tests seem to show that the USING expression is applied -- also to an INSERT: SELECT lives_ok('EXECUTE bn_insert(''test1'', ST_geomfromtext(''POLYGON((0 0, 0 1, 1 1, 1 0, 0 0))'', 4326))', 'Waterway admin can insert data within his region'); SELECT throws_ok('EXECUTE bn_insert(''test2'', ST_geomfromtext(''POLYGON((1 0, 1 1, 2 1, 2 0, 1 0))'', 4326))', 42501, NULL, 'Waterway admin cannot insert data outside his region'); -- template management SELECT isnt_empty('SELECT * FROM templates JOIN user_templates USING (template_name) WHERE username <> current_user', 'Waterway admin should see templates of other users'); SELECT lives_ok('INSERT INTO templates (template_name, template_data) VALUES (''New AT'', ''\x''); INSERT INTO user_templates VALUES (''waterway_user'', ''New AT'')', 'Waterway admin can add templates for users in his country'); SELECT throws_ok('INSERT INTO user_templates VALUES (''waterway_user2'', ''AT'')', 42501, NULL, 'Waterway admin cannot add template for other country'); SELECT isnt_empty('UPDATE templates SET template_data = ''\xDABE'' WHERE template_name = ''AT'' RETURNING *', 'Waterway admin can alter templates for own country'); SELECT is_empty('UPDATE templates SET template_data = ''\xDABE'' WHERE template_name = ''RO'' RETURNING *', 'Waterway admin cannot alter templates for other country'); SELECT isnt_empty('DELETE FROM templates WHERE template_name = ''AT'' RETURNING *', 'Waterway admin can delete templates for own country'); SELECT is_empty('DELETE FROM templates WHERE template_name = ''RO'' RETURNING *', 'Waterway admin cannot delete templates for other country'); -- -- finish tests -- SELECT * FROM finish();