[patches] [fix 1/1] fix: grant or revoke universe options

Georgy Kirichenko georgy at tarantool.org
Wed Feb 14 21:51:24 MSK 2018


Ok to push

On Wednesday, February 14, 2018 4:13:52 PM MSK imarkov wrote:
> * Add validation of object name parameter type in grant or revoke
> on universe.
> 
> Closes #3146
> 
> Signed-off-by: imarkov <imarkov at tarantool.org>
> ---
>  src/box/lua/schema.lua   |  4 ++++
>  test/box/access.result   | 41 +++++++++++++++++++++++++++++++++++++++++
>  test/box/access.test.lua | 14 ++++++++++++++
>  3 files changed, 59 insertions(+)
> 
> diff --git a/src/box/lua/schema.lua b/src/box/lua/schema.lua
> index 756134b..bf8b1db 100644
> --- a/src/box/lua/schema.lua
> +++ b/src/box/lua/schema.lua
> @@ -1664,6 +1664,10 @@ end
> 
>  local function object_resolve(object_type, object_name)
>      if object_type == 'universe' then
> +        if object_name ~= nil and type(object_name) ~= 'string'
> +                and type(object_name) ~= 'number' then
> +            box.error(box.error.ILLEGAL_PARAMS, "wrong object name type")
> +        end
>          return 0
>      end
>      if object_type == 'space' then
> diff --git a/test/box/access.result b/test/box/access.result
> index 0ee17eb..191857f 100644
> --- a/test/box/access.result
> +++ b/test/box/access.result
> @@ -1450,3 +1450,44 @@ box.session.su("admin")
>  box.schema.user.drop("tester")
>  ---
>  ...
> +-- gh-3146 gotcha for granting universe with options
> +box.schema.user.grant("guest", "read", "universe", {if_not_exists = true})
> +---
> +- error: Illegal parameters, wrong object name type
> +...
> +box.schema.user.grant("guest", "read", "universe", "useless name")
> +---
> +...
> +box.schema.user.grant("guest", "read", "universe", "useless name",
> {if_not_exists = true}) +---
> +...
> +box.schema.user.grant("guest", "read", "universe", 0, {if_not_exists =
> true}) +---
> +...
> +box.schema.user.grant("guest", "read", "universe", nil, {if_not_exists =
> true}) +---
> +...
> +box.schema.user.grant("guest", "read", "universe", {}, {if_not_exists =
> true}) +---
> +- error: Illegal parameters, wrong object name type
> +...
> +box.schema.user.revoke("guest", "read", "universe", {if_exists = true})
> +---
> +- error: Illegal parameters, wrong object name type
> +...
> +box.schema.user.revoke("guest", "read", "universe", "useless name")
> +---
> +...
> +box.schema.user.revoke("guest", "read", "universe", "useless name",
> {if_exists = true}) +---
> +...
> +box.schema.user.revoke("guest", "read", "universe", 0, {if_exists = true})
> +---
> +...
> +box.schema.user.revoke("guest", "read", "universe", nil, {if_exists =
> true}) +---
> +...
> +box.schema.user.revoke("guest", "read", "universe", {}, {if_exists = true})
> +---
> +- error: Illegal parameters, wrong object name type
> +...
> diff --git a/test/box/access.test.lua b/test/box/access.test.lua
> index 241f254..7e880a0 100644
> --- a/test/box/access.test.lua
> +++ b/test/box/access.test.lua
> @@ -561,3 +561,17 @@ box.session.su("tester", box.schema.func.drop, "test")
> 
>  box.session.su("admin")
>  box.schema.user.drop("tester")
> +
> +-- gh-3146 gotcha for granting universe with options
> +box.schema.user.grant("guest", "read", "universe", {if_not_exists = true})
> +box.schema.user.grant("guest", "read", "universe", "useless name")
> +box.schema.user.grant("guest", "read", "universe", "useless name",
> {if_not_exists = true}) +box.schema.user.grant("guest", "read", "universe",
> 0, {if_not_exists = true}) +box.schema.user.grant("guest", "read",
> "universe", nil, {if_not_exists = true}) +box.schema.user.grant("guest",
> "read", "universe", {}, {if_not_exists = true})
> +box.schema.user.revoke("guest", "read", "universe", {if_exists = true})
> +box.schema.user.revoke("guest", "read", "universe", "useless name")
> +box.schema.user.revoke("guest", "read", "universe", "useless name",
> {if_exists = true}) +box.schema.user.revoke("guest", "read", "universe", 0,
> {if_exists = true}) +box.schema.user.revoke("guest", "read", "universe",
> nil, {if_exists = true}) +box.schema.user.revoke("guest", "read",
> "universe", {}, {if_exists = true})

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.tarantool.org/pipermail/tarantool-patches/attachments/20180214/3cccf2cb/attachment.sig>


More information about the Tarantool-patches mailing list