From 477e6df2697d5445aa8c32bfcc04d12db7bfcc32 Mon Sep 17 00:00:00 2001 From: Michael Gaffney Date: Thu, 25 May 2023 15:19:42 +0000 Subject: [PATCH] feat(sql): Add target and host history tables to session recording This adds four columns to the `recording_session` table which are foreign keys to the `iam_scope_hst`, `target_ssh_hst`, `host_history_base`, and `host_catalog_history_base` tables. The foreign key to the `iam_scope_hst` table references the project scope of the target at the time of the recording. --- .../postgres/70/11_session_recording.up.sql | 117 +++++++++++++----- .../db/sqltest/initdb.d/01_colors_persona.sql | 73 +++++++---- .../tests/recording/recording_channel_ssh.sql | 12 +- .../tests/recording/recording_connection.sql | 16 +-- .../tests/recording/recording_session.sql | 40 ++++-- .../session/delete_session_auth_token.sql | 4 +- .../tests/session/delete_session_host.sql | 8 +- .../tests/session/delete_session_host_set.sql | 8 +- .../tests/session/delete_session_project.sql | 8 +- .../tests/session/delete_session_target.sql | 14 ++- .../session/delete_session_target_address.sql | 8 +- .../tests/session/delete_session_user.sql | 6 +- .../tests/target/target_storage_bucket.sql | 24 ++-- .../tests/wh/session_connection/update.sql | 2 +- 14 files changed, 221 insertions(+), 119 deletions(-) diff --git a/internal/db/schema/migrations/oss/postgres/70/11_session_recording.up.sql b/internal/db/schema/migrations/oss/postgres/70/11_session_recording.up.sql index fa4fe985d7..819f3f9393 100644 --- a/internal/db/schema/migrations/oss/postgres/70/11_session_recording.up.sql +++ b/internal/db/schema/migrations/oss/postgres/70/11_session_recording.up.sql @@ -7,7 +7,6 @@ begin; comment on domain rec_timestamp is 'a nullable timestamp with a time zone used for start and end times of recordings'; - create table recording_session ( public_id wt_public_id primary key, storage_bucket_id wt_public_id not null @@ -22,7 +21,7 @@ begin; on update cascade constraint recording_session_session_id_uq unique, user_scope_hst_id wt_url_safe_id not null - constraint iam_scope_hst_fk + constraint user_iam_scope_hst_fk references iam_scope_hst (history_id) on delete restrict -- History records with session recordings cannot be deleted on update cascade, @@ -31,6 +30,26 @@ begin; references iam_user_hst (history_id) on delete restrict -- History records with session recordings cannot be deleted on update cascade, + target_project_hst_id wt_url_safe_id not null + constraint project_iam_scope_hst_fk + references iam_scope_hst (history_id) + on delete restrict -- History records with session recordings cannot be deleted + on update cascade, + target_hst_id wt_url_safe_id not null + constraint target_ssh_hst_fk + references target_ssh_hst (history_id) + on delete restrict -- History records with session recordings cannot be deleted + on update cascade, + host_catalog_hst_id wt_url_safe_id not null + constraint host_catalog_history_base_fk + references host_catalog_history_base (history_id) + on delete restrict -- History records with session recordings cannot be deleted + on update cascade, + host_hst_id wt_url_safe_id not null + constraint host_history_base_fk + references host_history_base (history_id) + on delete restrict -- History records with session recordings cannot be deleted + on update cascade, create_time wt_timestamp not null, update_time wt_timestamp not null, start_time rec_timestamp null, -- When the session recording was started in the worker @@ -61,40 +80,78 @@ begin; create function insert_session_recording() returns trigger as $$ declare - _usr_ids record; + _session session%rowtype; + _host host%rowtype; begin if new.session_id is null then raise exception 'a new recorded session must have a session_id'; end if; - with - session_values(user_id, user_scope_id) as ( - select session.user_id, iam_user.scope_id - from session - join iam_user on iam_user.public_id = session.user_id - where session.public_id = new.session_id - ), - user_hst(id) as ( - select iam_user_hst.history_id - from iam_user_hst - join session_values on iam_user_hst.public_id = session_values.user_id - where iam_user_hst.valid_range @> current_timestamp - ), - user_scope_hst(id) as ( - select iam_scope_hst.history_id - from iam_scope_hst - join session_values on iam_scope_hst.public_id = session_values.user_scope_id - where iam_scope_hst.valid_range @> current_timestamp - ) - select user_hst.id as user_hst_id, - user_scope_hst.id as user_scope_hst_id - into strict _usr_ids - from user_hst, user_scope_hst; - - new.user_scope_hst_id := _usr_ids.user_scope_hst_id; - new.user_hst_id := _usr_ids.user_hst_id; - return new; + select * into strict _session + from session + where public_id = new.session_id; + + select history_id into strict new.user_hst_id + from iam_user_hst + where public_id = _session.user_id + and valid_range @> current_timestamp; + + select iam_scope_hst.history_id into strict new.user_scope_hst_id + from iam_scope_hst + where public_id = (select scope_id + from iam_user + where public_id = _session.user_id) + and valid_range @> current_timestamp; + + select history_id into strict new.target_project_hst_id + from iam_scope_hst + where public_id = _session.project_id + and valid_range @> current_timestamp; + + select history_id into strict new.target_hst_id + from target_ssh_hst + where public_id = _session.target_id + and valid_range @> current_timestamp; + + select * into _host + from host + where public_id = (select host_id + from session_host_set_host + where session_id = _session.public_id); + + case when found then + select history_id into strict new.host_hst_id + from ( + select history_id + from static_host_hst + where public_id = _host.public_id + and valid_range @> current_timestamp + union + select history_id + from host_plugin_host_hst + where public_id = _host.public_id + and valid_range @> current_timestamp + ) as h; + select history_id into strict new.host_catalog_hst_id + from ( + select history_id + from static_host_catalog_hst + where public_id = _host.catalog_id + and valid_range @> current_timestamp + union + select history_id + from host_plugin_catalog_hst + where public_id = _host.catalog_id + and valid_range @> current_timestamp + ) as h; + else + select history_id into strict new.host_hst_id + from no_host_history; + select history_id into strict new.host_catalog_hst_id + from no_host_catalog_history; + end case; + return new; end; $$ language plpgsql; comment on function insert_session_recording is diff --git a/internal/db/sqltest/initdb.d/01_colors_persona.sql b/internal/db/sqltest/initdb.d/01_colors_persona.sql index 6bb487e819..c5e33a41c1 100644 --- a/internal/db/sqltest/initdb.d/01_colors_persona.sql +++ b/internal/db/sqltest/initdb.d/01_colors_persona.sql @@ -346,15 +346,8 @@ begin; where h.catalog_id = s.catalog_id and h.external_id like '%color'; - insert into target_tcp - (project_id, public_id, name) - values - ('p____bcolors', 't_________cb', 'Blue Color Target'), - ('p____rcolors', 't_________cr', 'Red Color Target'), - ('p____gcolors', 't_________cg', 'Green Color Target'); - insert into plugin - (scope_id, public_id, name) + (scope_id, public_id, name) values ('global', 'plg____sb-plg', 'Storage Bucket Plugin'); @@ -364,24 +357,42 @@ begin; ('plg____sb-plg'); insert into storage_plugin_storage_bucket - (public_id, scope_id, plugin_id, bucket_name, worker_filter, secrets_hmac) + (plugin_id, scope_id, public_id, bucket_name, worker_filter, secrets_hmac) values - ('sb_________o','o_____colors', 'plg____sb-plg', 'test bucket name', 'test worker filter', '\xdeadbeef'), - ('sb_________g','global', 'plg____sb-plg', 'test bucket name', 'test worker filter', '\xdeadbeef'); + ('plg____sb-plg', 'global', 'sb____global', 'Global Storage Bucket', 'test worker filter', '\xdeadbeef'), + ('plg____sb-plg', 'o_____colors', 'sb____colors', 'Colors Storage Bucket', 'test worker filter', '\xdeadbeef'); + insert into target_tcp + (project_id, public_id, name) + values + ('p____bcolors', 't_________cb', 'Blue Color Target'), + ('p____rcolors', 't_________cr', 'Red Color Target'), + ('p____gcolors', 't_________cg', 'Green Color Target'); + + insert into target_ssh + (project_id, public_id, name, enable_session_recording, storage_bucket_id) + values + ('p____bcolors', 'tssh______cb', 'Blue Color SSH Target', true, 'sb____global'), + ('p____rcolors', 'tssh______cr', 'Red Color SSH Target', false, null), + ('p____gcolors', 'tssh______cg', 'Green Color SSH Target', true, 'sb____colors'); insert into target_host_set - (project_id, target_id, host_set_id) + (project_id, target_id, host_set_id) values ('p____bcolors', 't_________cb', 's___1cb-sths'), ('p____bcolors', 't_________cb', 's___2cb-sths'), ('p____rcolors', 't_________cr', 's___1cr-sths'), - ('p____rcolors', 't_________cr', 's___2cr-sths'); + ('p____rcolors', 't_________cr', 's___2cr-sths'), + ('p____bcolors', 'tssh______cb', 's___1cb-sths'), + ('p____bcolors', 'tssh______cb', 's___2cb-sths'), + ('p____rcolors', 'tssh______cr', 's___1cr-sths'), + ('p____rcolors', 'tssh______cr', 's___2cr-sths'); insert into target_address - (target_id, address) + (target_id, address) values - ('t_________cg', '8.8.8.8'); + ('t_________cg', '8.8.8.8'), + ('tssh______cg', '8.8.8.8'); insert into credential_vault_store (project_id, public_id, name, description, vault_address, namespace) @@ -398,32 +409,46 @@ begin; insert into target_credential_library (project_id, target_id, credential_library_id, credential_purpose) values - ('p____bcolors', 't_________cb', 'vl______cvl', 'brokered'); + ('p____bcolors', 't_________cb', 'vl______cvl', 'brokered'), + ('p____bcolors', 'tssh______cb', 'vl______cvl', 'brokered'); insert into session - ( project_id, target_id, user_id, auth_token_id, certificate, endpoint, public_id) + (project_id, target_id, user_id, auth_token_id, certificate, endpoint, public_id) values - ('p____bcolors', 't_________cb', 'u______clare', 'tok____clare', 'abc'::bytea, 'ep1', 's1_____clare'), + ('p____bcolors', 'tssh______cb', 'u______clare', 'tok____clare', 'abc'::bytea, 'ep1', 's1_____clare'), ('p____bcolors', 't_________cb', 'u______cindy', 'tok____cindy', 'abc'::bytea, 'ep1', 's1_____cindy'), ('p____bcolors', 't_________cb', 'u______cindy', 'tok____cindy', 'abc'::bytea, 'ep1', 's1_____ciara'), ('p____bcolors', 't_________cb', 'u______carly', 'tok____carly', 'abc'::bytea, 'ep1', 's1_____carly'), - ('p____gcolors', 't_________cg', 'u_______cora', 'tok_____cora', 'abc'::bytea, 'ep1', 's1______cora'); + ('p____gcolors', 'tssh______cg', 'u_______cora', 'tok_____cora', 'abc'::bytea, 'ep1', 's1______cora'), + --- the next two are used in recording_session tests + ('p____bcolors', 'tssh______cb', 'u______clare', 'tok____clare', 'abc'::bytea, 'ep1', 's2_____clare'), + ('p____gcolors', 'tssh______cg', 'u_______cora', 'tok_____cora', 'abc'::bytea, 'ep1', 's2______cora'); insert into session_host_set_host - (session_id, host_set_id, host_id) + (session_id, host_set_id, host_id) values ('s1_____clare', 's___1cb-sths', 'h_____cb__01'), + ('s2_____clare', 's___1cb-sths', 'h_____cb__01'), ('s1_____cindy', 's___1cb-sths', 'h_____cb__01'), ('s1_____ciara', 's___1cb-sths', 'h_____cb__01'), ('s1_____carly', 's___1cb-sths', 'h_____cb__01'); insert into session_target_address - (session_id, target_id) + (session_id, target_id) values - ('s1______cora', 't_________cg'); + ('s1______cora', 't_________cg'), + ('s2______cora', 't_________cg'); insert into session_connection - (session_id, public_id) + (session_id, public_id) + values + ('s1_____clare', 'sc1_____clare'), + ('s2_____clare', 'sc2_____clare'); + + insert into recording_session + (session_id, storage_bucket_id, public_id) values - ('s1_____clare', 'sc1_____clare'); + ('s1_____clare', 'sb____global', 'sr1____clare'), + ('s1______cora', 'sb____colors', 'sr1_____cora'); + commit; diff --git a/internal/db/sqltest/tests/recording/recording_channel_ssh.sql b/internal/db/sqltest/tests/recording/recording_channel_ssh.sql index d1a7c6a8e8..eff7c0ccbc 100644 --- a/internal/db/sqltest/tests/recording/recording_channel_ssh.sql +++ b/internal/db/sqltest/tests/recording/recording_channel_ssh.sql @@ -12,19 +12,19 @@ begin; select plan(9); select wtt_load('widgets', 'iam', 'kms', 'auth', 'hosts', 'targets', 'sessions'); - + insert into recording_session (public_id, storage_bucket_id, session_id) values - ('sr_123456789', 'sb_________g', 's1_____clare'); + ('sr_123456789', 'sb____global', 's2_____clare'); insert into session_connection (public_id, session_id) values - ('sc_123456789', 's1_____clare'); + ('sc_123456789', 's2_____clare'); insert into recording_connection (public_id, session_id, session_connection_id, recording_session_id) values - ('cr_123456789', 's1_____clare', 'sc_123456789', 'sr_123456789'); + ('cr_123456789', 's2_____clare', 'sc_123456789', 'sr_123456789'); -- Try to set end_time before start_time prepare end_time_before_start_time as @@ -60,14 +60,14 @@ begin; -- Check that a row was inserted select is(count(*), 1::bigint) from recording_channel where public_id = 'chr_123456789' and recording_connection_id = 'cr_123456789'; - + -- Deleting the session connection should leave the recording in place delete from session_connection where public_id = 'sc_123456789'; -- Row should still be present select is(count(*), 1::bigint) from recording_channel where public_id = 'chr_123456789'; -- Deleting the session should leave the recording in place - delete from session where public_id = 's1_____clare'; + delete from session where public_id = 's2_____clare'; -- Row should still be present select is(count(*), 1::bigint) from recording_channel where public_id = 'chr_123456789'; diff --git a/internal/db/sqltest/tests/recording/recording_connection.sql b/internal/db/sqltest/tests/recording/recording_connection.sql index 9b9cc0ef49..12f1fb29e3 100644 --- a/internal/db/sqltest/tests/recording/recording_connection.sql +++ b/internal/db/sqltest/tests/recording/recording_connection.sql @@ -12,15 +12,15 @@ begin; select plan(10); select wtt_load('widgets', 'iam', 'kms', 'auth', 'hosts', 'targets', 'sessions'); - + insert into recording_session (public_id, storage_bucket_id, session_id) values - ('sr_123456789', 'sb_________g', 's1_____clare'); + ('sr_123456789', 'sb____global', 's2_____clare'); insert into session_connection (public_id, session_id) values - ('sc_123456789', 's1_____clare'); + ('sc_123456789', 's2_____clare'); -- Try to insert row with null session id prepare insert_recording_connection_with_null_session_id as @@ -29,19 +29,19 @@ begin; values ('cr_123456789', null, 'sc_123456789', 'sr_123456789'); select throws_ok('insert_recording_connection_with_null_session_id', null, null, 'insert recording_connection with null session_id succeeded'); - + -- Try to insert row with null session connection id prepare insert_recording_connection_with_null_session_connection_id as insert into recording_connection (public_id, session_id, session_connection_id, recording_session_id) values - ('cr_123456789', 's1_____clare', null, 'sr_123456789'); + ('cr_123456789', 's2_____clare', null, 'sr_123456789'); select throws_ok('insert_recording_connection_with_null_session_connection_id', null, null, 'insert recording_connection with null session_connection_id succeeded'); insert into recording_connection (public_id, session_id, session_connection_id, recording_session_id) values - ('cr_123456789', 's1_____clare', 'sc_123456789', 'sr_123456789'); + ('cr_123456789', 's2_____clare', 'sc_123456789', 'sr_123456789'); -- Try to set end_time before start_time prepare set_end_time_before_start_time as @@ -84,14 +84,14 @@ begin; -- Closing again should fail select throws_ok('close_recording_connection', '23602', null, 'closing a recording_connection twice succeeded'); - + -- Deleting the session connection should leave the recording in place delete from session_connection where public_id = 'sc_123456789'; -- Row should still be present select is(count(*), 1::bigint) from recording_connection where public_id = 'cr_123456789'; -- Deleting the session should leave the recording in place - delete from session where public_id = 's1_____clare'; + delete from session where public_id = 's2_____clare'; -- Row should still be present select is(count(*), 1::bigint) from recording_connection where public_id = 'cr_123456789'; diff --git a/internal/db/sqltest/tests/recording/recording_session.sql b/internal/db/sqltest/tests/recording/recording_session.sql index fe2a73b13b..d9d886b24c 100644 --- a/internal/db/sqltest/tests/recording/recording_session.sql +++ b/internal/db/sqltest/tests/recording/recording_session.sql @@ -2,13 +2,13 @@ -- SPDX-License-Identifier: MPL-2.0 -- recording_session tests the following triggers: --- check_session_id_not_null +-- insert_session_recording -- set_once_columns -- and the following constraints: -- end_time_null_or_after_start_time begin; - select plan(21); + select plan(44); select wtt_load('widgets', 'iam', 'kms', 'auth', 'hosts', 'targets', 'sessions'); select has_view('session_recording_aggregate', 'view for aggregating session recording info does not exist'); @@ -29,6 +29,10 @@ begin; -- check the recording_session scheme select hst_fk_column('user_scope_hst_id', 'iam_scope_hst'); select hst_fk_column('user_hst_id', 'iam_user_hst'); + select hst_fk_column('target_project_hst_id', 'iam_scope_hst'); + select hst_fk_column('target_hst_id', 'target_ssh_hst'); + select hst_fk_column('host_catalog_hst_id', 'host_catalog_history_base'); + select hst_fk_column('host_hst_id', 'host_history_base'); -- test insert trigger can handle more than one row of history -- update the iam_scope of test user 's1_____clare' @@ -44,59 +48,73 @@ begin; from iam_scope_hst where public_id = 'p____bcolors'; + select results_eq( + 'select host_catalog_hst_id from recording_session where public_id = ''sr1_____cora''', + 'select history_id from no_host_catalog_history'); + select results_eq( + 'select host_hst_id from recording_session where public_id = ''sr1_____cora''', + 'select history_id from no_host_history'); + -- Try to insert row with null session id prepare insert_invalid_recording_session as insert into recording_session (public_id, storage_bucket_id, session_id) values - ('sr_123456789', 'sb_________g', null); + ('sr_________1', 'sb____global', null); select throws_ok('insert_invalid_recording_session', null, null, 'insert invalid recording_session succeeded'); prepare insert_recording_session as insert into recording_session (public_id, storage_bucket_id, session_id) values - ('sr_123456789', 'sb_________g', 's1_____clare'); + ('sr_________1', 'sb____global', 's2_____clare'); select lives_ok('insert_recording_session'); + prepare insert_recording_session_target_address as + insert into recording_session + (public_id, storage_bucket_id, session_id) + values + ('sr_________2', 'sb____global', 's2______cora'); + select lives_ok('insert_recording_session_target_address'); + -- Try to set end_time before start_time prepare invalid_close_recording_session as update recording_session set start_time = clock_timestamp()::timestamptz, end_time = clock_timestamp()::timestamptz - '1s'::interval - where public_id = 'sr_123456789'; + where public_id = 'sr_________1'; select throws_ok('invalid_close_recording_session', '23514', null, 'setting end_time before start_time succeeded'); prepare close_recording_session as update recording_session set start_time = clock_timestamp()::timestamptz, end_time = clock_timestamp()::timestamptz + '1s'::interval - where public_id = 'sr_123456789'; + where public_id = 'sr_________1'; select lives_ok('close_recording_session'); prepare select_session_recordings as select public_id::text, storage_bucket_id::text, storage_bucket_scope_id::text, session_id::text, user_history_public_id::text, user_history_name::text, user_history_scope_id::text, user_scope_history_type::text from session_recording_aggregate - where public_id in ('sr_123456789') + where public_id in ('sr_________1') order by public_id; select results_eq( 'select_session_recordings', $$VALUES - ('sr_123456789', 'sb_________g', 'global', 's1_____clare', 'u______clare', 'Clare', 'o_____colors', 'org')$$ + ('sr_________1', 'sb____global', 'global', 's2_____clare', 'u______clare', 'Clare', 'o_____colors', 'org')$$ ); -- Closing a second time should error select throws_ok('close_recording_session', '23602', null, 'closing a recording_session twice succeeded'); -- Deleting the session should leave the recording in place - delete from session where public_id = 's1_____clare'; + delete from session where public_id = 's2_____clare'; -- Row should still be present - select is(count(*), 1::bigint) from recording_session where public_id = 'sr_123456789'; + select is(count(*), 1::bigint) from recording_session where public_id = 'sr_________1'; -- Deleting the storage bucket with active recordings should fail prepare delete_bucket as - delete from storage_plugin_storage_bucket where public_id = 'sb_________g'; + delete from storage_plugin_storage_bucket where public_id = 'sb____global'; select throws_ok('delete_bucket', null, null, 'deleting a storage_plugin_storage_bucket with recordings succeeded'); select * from finish(); diff --git a/internal/db/sqltest/tests/session/delete_session_auth_token.sql b/internal/db/sqltest/tests/session/delete_session_auth_token.sql index 956c77531a..9a6e7dd48b 100644 --- a/internal/db/sqltest/tests/session/delete_session_auth_token.sql +++ b/internal/db/sqltest/tests/session/delete_session_auth_token.sql @@ -11,7 +11,7 @@ begin; select is(count(*), 1::bigint) from session_state where session_id = 's1_____carly' and state='active'; -- Check that we have a session for both auth token - select is(count(*), 1::bigint) from session where auth_token_id = 'tok____clare'; + select is(count(*), 2::bigint) from session where auth_token_id = 'tok____clare'; select is(count(*), 1::bigint) from session where auth_token_id = 'tok____carly'; -- Delete auth tokens, expect no errors @@ -28,4 +28,4 @@ begin; select is(count(*), 1::bigint) from session_state where state = 'canceling' and session_id = 's1_____carly'; select * from finish(); -rollback; \ No newline at end of file +rollback; diff --git a/internal/db/sqltest/tests/session/delete_session_host.sql b/internal/db/sqltest/tests/session/delete_session_host.sql index 8dc8578ecb..c3a43f9514 100644 --- a/internal/db/sqltest/tests/session/delete_session_host.sql +++ b/internal/db/sqltest/tests/session/delete_session_host.sql @@ -10,9 +10,9 @@ begin; select is(count(*), 1::bigint) from session_state where session_id = 's1_____ciara' and state='canceling'; select is(count(*), 1::bigint) from session_state where session_id = 's1_____carly' and state='active'; - -- Check that we have 4 sessions using this host - select is(count(*), 4::bigint) from session_host_set_host where host_id = 'h_____cb__01'; - + -- Check that we have 5 sessions using this host + select is(count(*), 5::bigint) from session_host_set_host where host_id = 'h_____cb__01'; + -- Delete host, expect no errors delete from host where public_id = 'h_____cb__01'; select is(count(*), 0::bigint) from host where public_id = 'h_____cb__01'; @@ -25,4 +25,4 @@ begin; select is(count(*), 1::bigint) from session_state where state = 'canceling' and session_id = 's1_____carly'; select * from finish(); -rollback; \ No newline at end of file +rollback; diff --git a/internal/db/sqltest/tests/session/delete_session_host_set.sql b/internal/db/sqltest/tests/session/delete_session_host_set.sql index 83b9b477b4..843446ff03 100644 --- a/internal/db/sqltest/tests/session/delete_session_host_set.sql +++ b/internal/db/sqltest/tests/session/delete_session_host_set.sql @@ -10,9 +10,9 @@ begin; select is(count(*), 1::bigint) from session_state where session_id = 's1_____ciara' and state='canceling'; select is(count(*), 1::bigint) from session_state where session_id = 's1_____carly' and state='active'; - -- Check that we have 4 sessions using this host set - select is(count(*), 4::bigint) from session_host_set_host where host_set_id = 's___1cb-sths'; - + -- Check that we have 5 sessions using this host set + select is(count(*), 5::bigint) from session_host_set_host where host_set_id = 's___1cb-sths'; + -- Delete host set, expect no errors delete from host_set where public_id = 's___1cb-sths'; select is(count(*), 0::bigint) from host_set where public_id = 's___1cb-sths'; @@ -25,4 +25,4 @@ begin; select is(count(*), 1::bigint) from session_state where state = 'canceling' and session_id = 's1_____carly'; select * from finish(); -rollback; \ No newline at end of file +rollback; diff --git a/internal/db/sqltest/tests/session/delete_session_project.sql b/internal/db/sqltest/tests/session/delete_session_project.sql index fb50e6b7d1..5e336fd9a2 100644 --- a/internal/db/sqltest/tests/session/delete_session_project.sql +++ b/internal/db/sqltest/tests/session/delete_session_project.sql @@ -10,9 +10,9 @@ begin; select is(count(*), 1::bigint) from session_state where session_id = 's1_____ciara' and state='canceling'; select is(count(*), 1::bigint) from session_state where session_id = 's1_____carly' and state='active'; - -- Check that we have 4 sessions using this project - select is(count(*), 4::bigint) from session where project_id = 'p____bcolors'; - + -- Check that we have 5 sessions using this project + select is(count(*), 5::bigint) from session where project_id = 'p____bcolors'; + -- Delete project, expect no errors delete from iam_scope_project where scope_id = 'p____bcolors'; select is(count(*), 0::bigint) from iam_scope_project where scope_id = 'p____bcolors'; @@ -25,4 +25,4 @@ begin; select is(count(*), 1::bigint) from session_state where state = 'canceling' and session_id = 's1_____carly'; select * from finish(); -rollback; \ No newline at end of file +rollback; diff --git a/internal/db/sqltest/tests/session/delete_session_target.sql b/internal/db/sqltest/tests/session/delete_session_target.sql index 2be6d54b06..b29ece5a21 100644 --- a/internal/db/sqltest/tests/session/delete_session_target.sql +++ b/internal/db/sqltest/tests/session/delete_session_target.sql @@ -2,7 +2,7 @@ -- SPDX-License-Identifier: MPL-2.0 begin; - select plan(9); + select plan(12); -- Ensure session state table is populated select is(count(*), 1::bigint) from session_state where session_id = 's1_____clare' and state='pending'; @@ -10,19 +10,23 @@ begin; select is(count(*), 1::bigint) from session_state where session_id = 's1_____ciara' and state='canceling'; select is(count(*), 1::bigint) from session_state where session_id = 's1_____carly' and state='active'; - -- Check that we have 4 sessions using this target - select is(count(*), 4::bigint) from session where target_id = 't_________cb'; - + select is(count(*), 3::bigint) from session where target_id = 't_________cb'; + select is(count(*), 2::bigint) from session where target_id = 'tssh______cb'; + -- Delete target, expect no errors delete from target where public_id='t_________cb'; select is(count(*), 0::bigint) from target where public_id='t_________cb'; + delete from target where public_id='tssh______cb'; + select is(count(*), 0::bigint) from target where public_id='tssh______cb'; + -- Ensure we no longer have sessions associated with this target select is(count(*), 0::bigint) from session where target_id = 't_________cb'; + select is(count(*), 0::bigint) from session where target_id = 'tssh______cb'; -- Ensure sessions that were pending or active are now in canceling state select is(count(*), 1::bigint) from session_state where state = 'canceling' and session_id = 's1_____clare'; select is(count(*), 1::bigint) from session_state where state = 'canceling' and session_id = 's1_____carly'; select * from finish(); -rollback; \ No newline at end of file +rollback; diff --git a/internal/db/sqltest/tests/session/delete_session_target_address.sql b/internal/db/sqltest/tests/session/delete_session_target_address.sql index d9c6e9a01d..2b71a02234 100644 --- a/internal/db/sqltest/tests/session/delete_session_target_address.sql +++ b/internal/db/sqltest/tests/session/delete_session_target_address.sql @@ -11,9 +11,9 @@ begin; select is(count(*), 1::bigint) from session_state where session_id = 's1_____ciara' and state='canceling'; select is(count(*), 1::bigint) from session_state where session_id = 's1_____carly' and state='active'; - -- Check that we have a session using this target address - select is(count(*), 1::bigint) from session_target_address where target_id = 't_________cg'; - + -- Check that we have 2 sessions using this target address + select is(count(*), 2::bigint) from session_target_address where target_id = 't_________cg'; + -- Delete target address, expect no errors delete from target_address where target_id = 't_________cg'; select is(count(*), 0::bigint) from target_address where target_id = 't_________cg'; @@ -25,4 +25,4 @@ begin; select is(count(*), 1::bigint) from session_state where state = 'canceling' and session_id = 's1______cora'; select * from finish(); -rollback; \ No newline at end of file +rollback; diff --git a/internal/db/sqltest/tests/session/delete_session_user.sql b/internal/db/sqltest/tests/session/delete_session_user.sql index 039508508a..5dfea89c27 100644 --- a/internal/db/sqltest/tests/session/delete_session_user.sql +++ b/internal/db/sqltest/tests/session/delete_session_user.sql @@ -11,9 +11,9 @@ begin; select is(count(*), 1::bigint) from session_state where session_id = 's1_____carly' and state='active'; -- Check that we have a session for both users - select is(count(*), 1::bigint) from session where user_id = 'u______clare'; + select is(count(*), 2::bigint) from session where user_id = 'u______clare'; select is(count(*), 1::bigint) from session where user_id = 'u______carly'; - + -- Delete users, expect no errors delete from iam_user where public_id = 'u______clare' or public_id = 'u______carly'; select is(count(*), 0::bigint) from iam_user where public_id = 'u______clare'; @@ -28,4 +28,4 @@ begin; select is(count(*), 1::bigint) from session_state where state = 'canceling' and session_id = 's1_____carly'; select * from finish(); -rollback; \ No newline at end of file +rollback; diff --git a/internal/db/sqltest/tests/target/target_storage_bucket.sql b/internal/db/sqltest/tests/target/target_storage_bucket.sql index ef7527b430..84faafb953 100644 --- a/internal/db/sqltest/tests/target/target_storage_bucket.sql +++ b/internal/db/sqltest/tests/target/target_storage_bucket.sql @@ -21,53 +21,51 @@ begin; insert into target_ssh (project_id, public_id, enable_session_recording, storage_bucket_id, name) values - ('p____swidget', 'tssh___small', false, 'sb_________o', 'Small Widget SSH Target'); + ('p____swidget', 'tssh___small', false, 'sb____colors', 'Small Widget SSH Target'); select throws_ok('invalid_storage_bucket_insert', null, null, 'insert of invalid storage bucket state succeeded'); -- insert targets with valid storage buckets insert into target_ssh (project_id, public_id, enable_session_recording, storage_bucket_id, name) values - ('p____bcolors', 'tssh_______b', true, 'sb_________o', 'Blue Color SSH Target'), - ('p____rcolors', 'tssh_______r', true, 'sb_________g', 'Red Color SSH Target'), ('p____bwidget', 'tssh_____big', false, null, 'Big Widget SSH Target'); - select is(count(*), 1::bigint) from target_ssh where public_id = 'tssh_______b' and storage_bucket_id = 'sb_________o'; - select is(count(*), 1::bigint) from target_ssh where public_id = 'tssh_______r' and storage_bucket_id = 'sb_________g'; + select is(count(*), 1::bigint) from target_ssh where public_id = 'tssh______cb' and storage_bucket_id = 'sb____global'; + select is(count(*), 1::bigint) from target_ssh where public_id = 'tssh______cg' and storage_bucket_id = 'sb____colors'; select is(count(*), 1::bigint) from target_ssh where public_id = 'tssh_____big' and storage_bucket_id is null; -- update storage bucket to null without disabling session recording prepare invalid_session_recording_update as update target_ssh set storage_bucket_id = null - where public_id = 'tssh_______b'; + where public_id = 'tssh______cb'; select throws_ok('invalid_session_recording_enabled', null, null, 'update to invalid session recording state succeeded'); - + prepare valid_session_recording_update as update target_ssh set storage_bucket_id = null, enable_session_recording = false - where public_id = 'tssh_______b'; + where public_id = 'tssh______cb'; select lives_ok('valid_session_recording_update', 'update to valid session recording state failed'); -- Update target with storage bucket from an org not the parent of its project prepare invalid_storage_bucket_update as update target_ssh - set storage_bucket_id = 'sb_________o' + set storage_bucket_id = 'sb____colors' where public_id = 'tssh_____big'; select throws_ok('invalid_storage_bucket_update', null, null, 'update to invalid storage bucket state succeeded'); - -- update storage bucket to global scope + -- update storage bucket to global scope prepare valid_storage_bucket_global_update as update target_ssh - set storage_bucket_id = 'sb_________g' - where public_id = 'tssh_______r'; + set storage_bucket_id = 'sb____global' + where public_id = 'tssh______cr'; select lives_ok('valid_storage_bucket_global_update', 'update to valid storage bucket state failed'); -- disable session recording without removing storage bucket prepare valid_disable_session_recording as update target_ssh set enable_session_recording = false - where public_id = 'tssh_______r'; + where public_id = 'tssh______cr'; select lives_ok('valid_disable_session_recording', 'update to valid storage bucket state failed'); select * from finish(); diff --git a/internal/db/sqltest/tests/wh/session_connection/update.sql b/internal/db/sqltest/tests/wh/session_connection/update.sql index b248ac6e33..fdd4a92f22 100644 --- a/internal/db/sqltest/tests/wh/session_connection/update.sql +++ b/internal/db/sqltest/tests/wh/session_connection/update.sql @@ -15,7 +15,7 @@ begin; closed_reason = 'closed by end-user' where public_id = 'sc1_____clare'; - select is(count(*), 1::bigint) from wh_session_connection_accumulating_fact; + select is(count(*), 2::bigint) from wh_session_connection_accumulating_fact; select is(bytes_up, 10::wh_bytes_transmitted) from wh_session_connection_accumulating_fact where connection_id = 'sc1_____clare'; select is(bytes_down, 5::wh_bytes_transmitted) from wh_session_connection_accumulating_fact where connection_id = 'sc1_____clare'; select is(connection_closed_time, now()::wh_timestamp) from wh_session_connection_accumulating_fact where connection_id = 'sc1_____clare';