Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

945 Update trusted-context testscripts for current cldriver messages and also allow running from remote #951

Merged
merged 1 commit into from
Jul 24, 2024
Merged

945 Update trusted-context testscripts for current cldriver messages and also allow running from remote #951

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion config.py.sample
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ if sys.platform != 'zos':

env_not_set = False
if 'DB2_USER' in os.environ:
user = os.getenv('DB2_USER') # User ID to connect with
user = os.getenv('DB2_USER') # User ID to connect with (must be secadm for trusted-context testcases)
else:
user = data['user']
env_not_set = True
Expand Down Expand Up @@ -52,3 +52,5 @@ auth_user = 'auth_user' # Authentic user of Database
auth_pass = 'auth_pass' # Password for Authentic user
tc_user = 'tc_user' # Trusted user
tc_pass = 'tc_pass' # Password to trusted user
tc_appserver_address = '' # optional. Hostname/IP-address, where trusted-context testcases run, defaults to local hostname

31 changes: 22 additions & 9 deletions ibm_db_tests/test_trusted_context_connect.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,19 @@ def test_trusted_context_connect(self):
obj.assert_expectf(self.run_test_trusted_context_connect)

def run_test_trusted_context_connect(self):
# if the Db2-server cannot resolve the remote-client hostname(where testcase runs), then use config.py tc_appserver_address to give IP-address
# and use that IP-address in the trusted-context definition, to allow operation remotely from the Db2-server.

if ( sys.platform == 'win32'): # on ms-windows get hostname from env to avoid importing other modules
this_hostname = os.environ['COMPUTERNAME']
else:
this_hostname = os.uname()[1] # get local non-windows hostname

if config.tc_appserver_address:
if config.tc_appserver_address != '':
this_hostname = config.tc_appserver_address # in case Db2-server cannot resolve remote-client hostname


sql_drop_role = "DROP ROLE role_01"
sql_create_role = "CREATE ROLE role_01"

Expand All @@ -31,7 +44,7 @@ def run_test_trusted_context_connect(self):
sql_create_trusted_context = "CREATE TRUSTED CONTEXT ctx BASED UPON CONNECTION USING SYSTEM AUTHID "
sql_create_trusted_context += config.auth_user
sql_create_trusted_context += " ATTRIBUTES (ADDRESS '"
sql_create_trusted_context += config.hostname
sql_create_trusted_context += this_hostname
sql_create_trusted_context += "') DEFAULT ROLE role_01 ENABLE WITH USE FOR "
sql_create_trusted_context += config.tc_user

Expand Down Expand Up @@ -324,7 +337,7 @@ def run_test_trusted_context_connect(self):
#But trusted user is not switched.
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "UPDATE" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "UPDATE". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Trusted connection succeeded.
#[%s][%s][%s] SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001 SQLCODE=-30082
#Trusted connection succeeded.
Expand All @@ -334,7 +347,7 @@ def run_test_trusted_context_connect(self):
#[%s][%s][%s] SQL20361N The switch user request using authorization ID "%s" within trusted context "CTX" failed with reason code "2". SQLSTATE=42517 SQLCODE=-20361
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "INSERT" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "INSERT". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Connection succeeded.
#__ZOS_EXPECTED__
#Normal connection established.
Expand All @@ -344,7 +357,7 @@ def run_test_trusted_context_connect(self):
#But trusted user is not switched.
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "UPDATE" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "UPDATE". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Trusted connection succeeded.
#[%s][%s][%s] SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001 SQLCODE=-30082
#Trusted connection succeeded.
Expand All @@ -354,7 +367,7 @@ def run_test_trusted_context_connect(self):
#[%s][%s][%s] SQL20361N The switch user request using authorization ID "%s" within trusted context "CTX" failed with reason code "2". SQLSTATE=42517 SQLCODE=-20361
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "INSERT" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "INSERT". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Connection succeeded.
#__SYSTEMI_EXPECTED__
#Normal connection established.
Expand All @@ -364,7 +377,7 @@ def run_test_trusted_context_connect(self):
#But trusted user is not switched.
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "UPDATE" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "UPDATE". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Trusted connection succeeded.
#[%s][%s][%s] SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001 SQLCODE=-30082
#Trusted connection succeeded.
Expand All @@ -374,7 +387,7 @@ def run_test_trusted_context_connect(self):
#[%s][%s][%s] SQL20361N The switch user request using authorization ID "%s" within trusted context "CTX" failed with reason code "2". SQLSTATE=42517 SQLCODE=-20361
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "INSERT" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "INSERT". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Connection succeeded.
#__IDS_EXPECTED__
#Normal connection established.
Expand All @@ -384,7 +397,7 @@ def run_test_trusted_context_connect(self):
#But trusted user is not switched.
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "UPDATE" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "UPDATE". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Trusted connection succeeded.
#[%s][%s][%s] SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001 SQLCODE=-30082
#Trusted connection succeeded.
Expand All @@ -394,5 +407,5 @@ def run_test_trusted_context_connect(self):
#[%s][%s][%s] SQL20361N The switch user request using authorization ID "%s" within trusted context "CTX" failed with reason code "2". SQLSTATE=42517 SQLCODE=-20361
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "INSERT" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "INSERT". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Connection succeeded.
21 changes: 16 additions & 5 deletions ibm_db_tests/test_trusted_context_pconnect.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,17 @@ def test_trusted_context_pconnect(self):
obj.assert_expectf(self.run_test_trusted_context_pconnect)

def run_test_trusted_context_pconnect(self):
if ( sys.platform == 'win32'): # on ms-windows get hostname from env to avoid importing other modules
this_hostname = os.environ['COMPUTERNAME']
else:
this_hostname = os.uname()[1] # get local non-windows hostname

if config.tc_appserver_address:
if config.tc_appserver_address != '':
this_hostname = config.tc_appserver_address # in case Db2-server cannot resolve remote-client hostname



sql_drop_role = "DROP ROLE role_01"
sql_create_role = "CREATE ROLE role_01"

Expand All @@ -31,7 +42,7 @@ def run_test_trusted_context_pconnect(self):
sql_create_trusted_context = "CREATE TRUSTED CONTEXT ctx BASED UPON CONNECTION USING SYSTEM AUTHID "
sql_create_trusted_context += config.auth_user
sql_create_trusted_context += " ATTRIBUTES (ADDRESS '"
sql_create_trusted_context += config.hostname
sql_create_trusted_context += this_hostname
sql_create_trusted_context += "') DEFAULT ROLE role_01 ENABLE WITH USE FOR "
sql_create_trusted_context += config.tc_user

Expand Down Expand Up @@ -154,7 +165,7 @@ def run_test_trusted_context_pconnect(self):
#__LUW_EXPECTED__
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "UPDATE" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "UPDATE". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Explicit Trusted Connection succeeded.
#Explicit Trusted Connection succeeded.
#Explicit Trusted Connection succeeded.
Expand All @@ -169,7 +180,7 @@ def run_test_trusted_context_pconnect(self):
#__ZOS_EXPECTED__
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "UPDATE" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "UPDATE". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Explicit Trusted Connection succeeded.
#Explicit Trusted Connection succeeded.
#Explicit Trusted Connection succeeded.
Expand All @@ -184,7 +195,7 @@ def run_test_trusted_context_pconnect(self):
#__SYSTEMI_EXPECTED__
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the privilege to perform operation "UPDATE" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "UPDATE". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Explicit Trusted Connection succeeded.
#Explicit Trusted Connection succeeded.
#Explicit Trusted Connection succeeded.
Expand All @@ -199,7 +210,7 @@ def run_test_trusted_context_pconnect(self):
#__IDS_EXPECTED__
#Trusted connection succeeded.
#User has been switched.
#[%s][%s][%s] SQL0551N "%s" does not have the %s privilege to perform operation "UPDATE" on object "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#[%s][%s][%s] SQL0551N The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "%s". Operation: "UPDATE". Object: "%s.TRUSTED_TABLE". SQLSTATE=42501 SQLCODE=-551
#Explicit Trusted Connection succeeded.
#Explicit Trusted Connection succeeded.
#Explicit Trusted Connection succeeded.
Expand Down
Loading