Mercurial > gemma
view schema/auth_tests.sql @ 196:b67208d82543
Make test output more comprehensive
Running all tests in one transaction ensures the final output tells
about any failing test, not just in the last transaction (i.e.
test script).
The price is that no traces of the tests are left in the database
because we have to rollback in order to have no left-over test roles
in the cluster.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Fri, 20 Jul 2018 18:31:45 +0200 |
parents | 5dc8e734487a |
children | 88d21c29cf04 |
line wrap: on
line source
-- -- pgTAP test script for privileges and RLS policies -- -- -- Run tests as unprivileged user -- SET SESSION AUTHORIZATION waterway_user; SELECT throws_ok('CREATE TABLE test()', 42501, NULL, 'No objects can be created'); SELECT isnt_empty('SELECT * FROM waterway.bottlenecks', 'Staged data should be visible'); SELECT is_empty('SELECT * FROM waterway.bottlenecks WHERE NOT staging_done', 'Only staged data should be visible'); SELECT set_eq('SELECT count(*) FROM users.user_profiles', ARRAY[1], 'User should only see his own profile'); SELECT results_eq('SELECT username FROM users.user_profiles', 'SELECT CAST(current_user AS varchar)', 'User should only see his own profile'); SELECT isnt_empty('SELECT * FROM users.templates', 'User should see templates associated to him'); SELECT is_empty('SELECT * FROM users.templates JOIN users.user_templates USING (template_name) WHERE username <> current_user', 'User should only see templates associated to him'); -- -- Run tests as waterway administrator -- SET SESSION AUTHORIZATION waterway_admin; PREPARE bn_insert (varchar, geometry(POLYGON, 4326)) AS INSERT INTO waterway.bottlenecks ( bottleneck_id, fk_g_fid, stretch, area, rb, lb, responsible_country, revisiting_time, limiting, source_organization) VALUES ( $1, ('AT', 'XXX', '00001', '00000', 1)::isrs, isrsrange(('AT', 'XXX', '00001', '00000', 0)::isrs, ('AT', 'XXX', '00001', '00000', 2)::isrs), $2, 'AT', 'AT', 'AT', 1, 'depth', 'testorganization' ); SELECT lives_ok('EXECUTE bn_insert( ''test1'', ST_geomfromtext(''POLYGON((0 0, 0 1, 1 1, 1 0, 0 0))'', 4326))', 'Waterway admin can insert data within his region'); SELECT throws_ok('EXECUTE bn_insert( ''test2'', ST_geomfromtext(''POLYGON((1 0, 1 1, 2 1, 2 0, 1 0))'', 4326))', 42501, NULL, 'Waterway admin cannot insert data outside his region'); -- template management SELECT isnt_empty('SELECT * FROM users.templates JOIN users.user_templates USING (template_name) WHERE username <> current_user', 'Waterway admin should see templates of other users'); SELECT lives_ok('INSERT INTO users.templates (template_name, template_data) VALUES (''New AT'', ''\x''); INSERT INTO users.user_templates VALUES (''waterway_user'', ''New AT'')', 'Waterway admin can add templates for users in his country'); SELECT throws_ok('INSERT INTO users.user_templates VALUES (''waterway_user2'', ''AT'')', 42501, NULL, 'Waterway admin cannot add template for other country'); SELECT isnt_empty('UPDATE users.templates SET template_data = ''\xDABE'' WHERE template_name = ''AT'' RETURNING *', 'Waterway admin can alter templates for own country'); SELECT is_empty('UPDATE users.templates SET template_data = ''\xDABE'' WHERE template_name = ''RO'' RETURNING *', 'Waterway admin cannot alter templates for other country'); SELECT isnt_empty('DELETE FROM users.templates WHERE template_name = ''AT'' RETURNING *', 'Waterway admin can delete templates for own country'); SELECT is_empty('DELETE FROM users.templates WHERE template_name = ''RO'' RETURNING *', 'Waterway admin cannot delete templates for other country');