Mercurial > gemma
view schema/auth_tests.sql @ 183:f3a09fc9c1eb
Prepare for having more than one database test script
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Wed, 18 Jul 2018 17:30:38 +0200 |
parents | schema/tap_tests.sql@4df4e4bf480e |
children | 5dc8e734487a |
line wrap: on
line source
-- -- pgTAP test script for privileges and RLS policies -- SELECT plan(16); -- Give number of tests that have to be run SET search_path TO public, gemma, gemma_waterway, gemma_fairway; -- -- Run tests as unprivileged user -- SET SESSION AUTHORIZATION waterway_user; SELECT throws_ok('CREATE TABLE test()', 42501, NULL, 'No objects can be created'); SELECT isnt_empty('SELECT * FROM bottlenecks', 'Staged data should be visible'); SELECT is_empty('SELECT * FROM bottlenecks WHERE NOT staging_done', 'Only staged data should be visible'); SELECT set_eq('SELECT count(*) FROM gemma.user_profiles', ARRAY[1], 'User should only see his own profile'); SELECT results_eq('SELECT username FROM user_profiles', 'SELECT CAST(current_user AS varchar)', 'User should only see his own profile'); SELECT isnt_empty('SELECT * FROM templates', 'User should see templates associated to him'); SELECT is_empty('SELECT * FROM templates JOIN user_templates USING (template_name) WHERE username <> current_user', 'User should only see templates associated to him'); -- -- Run tests as waterway administrator -- SET SESSION AUTHORIZATION waterway_admin; PREPARE bn_insert (varchar, geometry(POLYGON, 4326)) AS INSERT INTO bottlenecks ( bottleneck_id, fk_g_fid, stretch, area, rb, lb, responsible_country, revisiting_time, limiting, source_organization) VALUES ( $1, ('AT', 'XXX', '00001', '00000', 1)::isrs, isrsrange(('AT', 'XXX', '00001', '00000', 0)::isrs, ('AT', 'XXX', '00001', '00000', 2)::isrs), $2, 'AT', 'AT', 'AT', 1, 'depth', 'testorganization' ); SELECT lives_ok('EXECUTE bn_insert( ''test1'', ST_geomfromtext(''POLYGON((0 0, 0 1, 1 1, 1 0, 0 0))'', 4326))', 'Waterway admin can insert data within his region'); SELECT throws_ok('EXECUTE bn_insert( ''test2'', ST_geomfromtext(''POLYGON((1 0, 1 1, 2 1, 2 0, 1 0))'', 4326))', 42501, NULL, 'Waterway admin cannot insert data outside his region'); -- template management SELECT isnt_empty('SELECT * FROM templates JOIN user_templates USING (template_name) WHERE username <> current_user', 'Waterway admin should see templates of other users'); SELECT lives_ok('INSERT INTO templates (template_name, template_data) VALUES (''New AT'', ''\x''); INSERT INTO user_templates VALUES (''waterway_user'', ''New AT'')', 'Waterway admin can add templates for users in his country'); SELECT throws_ok('INSERT INTO user_templates VALUES (''waterway_user2'', ''AT'')', 42501, NULL, 'Waterway admin cannot add template for other country'); SELECT isnt_empty('UPDATE templates SET template_data = ''\xDABE'' WHERE template_name = ''AT'' RETURNING *', 'Waterway admin can alter templates for own country'); SELECT is_empty('UPDATE templates SET template_data = ''\xDABE'' WHERE template_name = ''RO'' RETURNING *', 'Waterway admin cannot alter templates for other country'); SELECT isnt_empty('DELETE FROM templates WHERE template_name = ''AT'' RETURNING *', 'Waterway admin can delete templates for own country'); SELECT is_empty('DELETE FROM templates WHERE template_name = ''RO'' RETURNING *', 'Waterway admin cannot delete templates for other country'); -- -- finish tests -- SELECT * FROM finish();