Skip to content

Commit 2b826a9

Browse files
nikvas0nikvas0
authored
Merge fdbc45d into b458331 
2 parents b458331 + fdbc45d commit 2b826a9

File tree

1 file changed

+56
-0
lines changed

1 file changed

+56
-0
lines changed

ydb/core/kqp/ut/scheme/kqp_acl_ut.cpp

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -212,6 +212,62 @@ Y_UNIT_TEST_SUITE(KqpAcl) {
212212

213213
driver.Stop(true);
214214
}
215+
216+
Y_UNIT_TEST_TWIN(AclForOltpAndOlap, isOlap) {
217+
const TString query = Sprintf(R"(
218+
CREATE TABLE `/Root/test_acl` (
219+
id Int64 NOT NULL,
220+
name String,
221+
primary key (id)
222+
) WITH (STORE=%s);
223+
)", isOlap ? "COLUMN" : "ROW");
224+
225+
TKikimrRunner kikimr;
226+
227+
{
228+
auto driverConfig = TDriverConfig()
229+
.SetEndpoint(kikimr.GetEndpoint())
230+
.SetAuthToken("root@builtin");
231+
auto driver = TDriver(driverConfig);
232+
auto client = NYdb::NQuery::TQueryClient(driver);
233+
234+
AssertSuccessResult(client.ExecuteQuery(query, NYdb::NQuery::TTxControl::NoTx()).ExtractValueSync());
235+
236+
driver.Stop(true);
237+
}
238+
239+
{
240+
auto schemeClient = kikimr.GetSchemeClient();
241+
NYdb::NScheme::TPermissions permissions("user0@builtin", {});
242+
AssertSuccessResult(schemeClient.ModifyPermissions("/Root/test_acl",
243+
NYdb::NScheme::TModifyPermissionsSettings().AddGrantPermissions(permissions)
244+
).ExtractValueSync()
245+
);
246+
}
247+
248+
{
249+
auto driverConfig = TDriverConfig()
250+
.SetEndpoint(kikimr.GetEndpoint())
251+
.SetAuthToken("user0@builtin");
252+
auto driver = TDriver(driverConfig);
253+
auto client = NYdb::NQuery::TQueryClient(driver);
254+
255+
auto result = client.ExecuteQuery(R"(
256+
SELECT * FROM `/Root/test_acl`;
257+
)", NYdb::NQuery::TTxControl::BeginTx().CommitTx()).ExtractValueSync();
258+
UNIT_ASSERT_C(!result.IsSuccess(), result.GetIssues().ToString());
259+
const auto expectedIssueMessage = "Cannot find table 'db.[/Root/test_acl]' because it does not exist or you do not have access permissions.";
260+
UNIT_ASSERT_C(result.GetIssues().ToString().Contains(expectedIssueMessage), result.GetIssues().ToString());
261+
262+
auto resultWrite = client.ExecuteQuery(R"(
263+
REPLACE INTO `/Root/test_acl` (id, name) VALUES (1, 'test');
264+
)", NYdb::NQuery::TTxControl::BeginTx().CommitTx()).ExtractValueSync();
265+
UNIT_ASSERT_C(!resultWrite.IsSuccess(), resultWrite.GetIssues().ToString());
266+
UNIT_ASSERT_C(resultWrite.GetIssues().ToString().Contains(expectedIssueMessage), resultWrite.GetIssues().ToString());
267+
268+
driver.Stop(true);
269+
}
270+
}
215271
}
216272

217273
} // namespace NKqp

0 commit comments

Comments
 (0)