diff --git a/scenarios/1backend/mysql/schema.sql b/scenarios/1backend/mysql/schema.sql index 19785d9af..419a12708 100644 --- a/scenarios/1backend/mysql/schema.sql +++ b/scenarios/1backend/mysql/schema.sql @@ -1,7 +1,13 @@ DROP DATABASE IF EXISTS test; - CREATE DATABASE test; +CREATE USER john@'%' IDENTIFIED BY 'doe'; +CREATE USER danny@'%' IDENTIFIED BY 'white'; + +GRANT ALL PRIVILEGES ON test.* TO 'john'@'%'; +GRANT ALL PRIVILEGES ON test.* TO 'danny'@'%'; +FLUSH PRIVILEGES; + USE test; CREATE TABLE strings(value LONGTEXT); diff --git a/scenarios/base/proxysql/proxysql.cnf b/scenarios/base/proxysql/proxysql.cnf index b50345d01..75ab20289 100644 --- a/scenarios/base/proxysql/proxysql.cnf +++ b/scenarios/base/proxysql/proxysql.cnf @@ -14,5 +14,11 @@ mysql_users = username = "root" password = "root" default_hostgroup = 0 + }, + + { + username = "john" + password = "doe" + default_hostgroup = 0 } ) \ No newline at end of file diff --git a/test/authentication_test.py b/test/authentication_test.py new file mode 100644 index 000000000..53394fbf7 --- /dev/null +++ b/test/authentication_test.py @@ -0,0 +1,43 @@ +import MySQLdb +from MySQLdb import OperationalError +from nose.tools import raises + +from proxysql_base_test import ProxySQLBaseTest + +class AuthenticationTest(ProxySQLBaseTest): + + DOCKER_COMPOSE_FILE = "./scenarios/1backend" + + def test_existing_user_with_correct_password_works(self): + version1 = self.run_query_mysql( + "SELECT @@version_comment LIMIT 1", "test", + return_result=True, + username="john", password="doe") + + version2 = self.run_query_proxysql( + "SELECT @@version_comment LIMIT 1", "test", + return_result=True, + username="john", password="doe") + + self.assertEqual(version1, version2) + + @raises(OperationalError) + def test_existing_user_with_correct_password_but_not_registerd_within_proxysql_does_not_work(self): + version1 = self.run_query_proxysql( + "SELECT @@version_comment LIMIT 1", "test", + return_result=True, + username="danny", password="white") + + @raises(OperationalError) + def test_existing_user_with_incorrect_password_does_not_work(self): + version = self.run_query_proxysql( + "SELECT @@version_comment LIMIT 1", "test", + return_result=True, + username="john", password="doe2") + + @raises(OperationalError) + def test_inexisting_user_with_random_password_does_not_work(self): + version = self.run_query_proxysql( + "SELECT @@version_comment LIMIT 1", "test", + return_result=True, + username="johnny", password="randomdoe") \ No newline at end of file diff --git a/test/proxysql_base_test.py b/test/proxysql_base_test.py index 4332d3a72..08a751533 100644 --- a/test/proxysql_base_test.py +++ b/test/proxysql_base_test.py @@ -194,13 +194,17 @@ class ProxySQLBaseTest(TestCase): def tearDownClass(cls): cls._shutdown_docker_services() - def run_query_proxysql(self, query, db, return_result=True): + def run_query_proxysql(self, query, db, return_result=True, + username=None, password=None, port=None): """Run a query against the ProxySQL proxy and optionally return its results as a set of rows.""" + username = username or ProxySQLBaseTest.PROXYSQL_RW_USERNAME + password = password or ProxySQLBaseTest.PROXYSQL_RW_PASSWORD + port = port or ProxySQLBaseTest.PROXYSQL_RW_PORT proxy_connection = MySQLdb.connect("127.0.0.1", - ProxySQLBaseTest.PROXYSQL_RW_USERNAME, - ProxySQLBaseTest.PROXYSQL_RW_PASSWORD, - port=ProxySQLBaseTest.PROXYSQL_RW_PORT, + username, + password, + port=port, db=db) cursor = proxy_connection.cursor() cursor.execute(query) @@ -211,7 +215,8 @@ class ProxySQLBaseTest(TestCase): if return_result: return rows - def run_query_mysql(self, query, db, return_result=True, hostgroup=0): + def run_query_mysql(self, query, db, return_result=True, hostgroup=0, + username=None, password=None): """Run a query against the MySQL backend and optionally return its results as a set of rows. @@ -250,14 +255,11 @@ class ProxySQLBaseTest(TestCase): if exposed_port['PrivatePort'] == 3306: mysql_port = exposed_port['PublicPort'] + username = username or ProxySQLBaseTest.PROXYSQL_RW_USERNAME + password = password or ProxySQLBaseTest.PROXYSQL_RW_PASSWORD mysql_connection = MySQLdb.connect("127.0.0.1", - # Warning: this assumes that ProxySQL - # and all the backends have the same - # credentials. - # TODO(andrei): revisit this assumption - # in authentication tests. - ProxySQLBaseTest.PROXYSQL_RW_USERNAME, - ProxySQLBaseTest.PROXYSQL_RW_PASSWORD, + username, + password, port=mysql_port, db=db) cursor = mysql_connection.cursor()