assert.equal(err.message,"Incorrect access parameters. If you are accessing via OAuth, please check your tokens are correct. For public users, please specify a database name.");
exports['test private user can execute SELECTS on db']=function(){
varpg=newPSQL('simon');
varsql="SELECT 1 as test_sum"
pg.query(sql,function(err,result){
assert.equal(result.rows[0].test_sum,1);
pg.end();
});
};
exports['test private user can execute CREATE on db']=function(){
varpg=newPSQL('simon');
varsql="DROP TABLE IF EXISTS distributors; CREATE TABLE distributors (id integer, name varchar(40), UNIQUE(name))"
pg.query(sql,function(err,result){
assert.isNull(err);
pg.end();
});
};
exports['test private user can execute INSERT on db']=function(){
varpg=newPSQL('simon');
varsql="DROP TABLE IF EXISTS distributors1; CREATE TABLE distributors1 (id integer, name varchar(40), UNIQUE(name))"
pg.query(sql,function(err,result){
sql="INSERT INTO distributors1 (id, name) VALUES (1, 'fish')"
pg.query(sql,function(err,result){
assert.eql(result.rows,[]);
pg.end();
});
});
};
exports['test publicuser can execute SELECT on enabled tables']=function(){
varpg=newPSQL("simon");
varsql="DROP TABLE IF EXISTS distributors2; CREATE TABLE distributors2 (id integer, name varchar(40), UNIQUE(name)); GRANT SELECT ON distributors2 TO publicuser;"
pg.query(sql,function(err,result){
pg.end();
pg=newPSQL(null,'cartodb_test_user_simon_db');
pg.query("SELECT count(*) FROM distributors2",function(err,result){
assert.equal(result.rows[0].count,0);
pg.end();
});
});
}
exports['test publicuser cannot execute INSERT on db']=function(){
varpg=newPSQL("simon");
varsql="DROP TABLE IF EXISTS distributors3; CREATE TABLE distributors3 (id integer, name varchar(40), UNIQUE(name)); GRANT SELECT ON distributors3 TO publicuser;"
pg.query(sql,function(err,result){
pg.end();
pg=newPSQL(null,'cartodb_test_user_simon_db');//anonymous user
pg.query("INSERT INTO distributors3 (id, name) VALUES (1, 'fishy')",function(err,result){
assert.eql(err.message,'permission denied for relation distributors3')