cartodb-4.42/spec/models/user_part_database_and_cache_spec.rb
2024-04-06 05:25:13 +00:00

970 lines
43 KiB
Ruby

require_relative '../spec_helper'
require 'helpers/user_part_helper'
require 'factories/organizations_contexts'
require 'helpers/account_types_helper'
require 'factories/database_configuration_contexts'
describe User do
include UserPartHelper
include AccountTypesHelper
include_context 'user spec configuration'
it "should set default statement timeout values" do
@user.in_database["show statement_timeout"].first[:statement_timeout].should == "5min"
@user.in_database(as: :public_user)["show statement_timeout"].first[:statement_timeout].should == "5min"
end
it "should keep in sync user statement_timeout" do
@user.user_timeout = 1000000
@user.database_timeout = 300000
@user.save
@user.in_database["show statement_timeout"].first[:statement_timeout].should == "1000s"
@user.in_database(as: :public_user)["show statement_timeout"].first[:statement_timeout].should == "5min"
end
it "should keep in sync database statement_timeout" do
@user.user_timeout = 300000
@user.database_timeout = 1000000
@user.save
@user.in_database["show statement_timeout"].first[:statement_timeout].should == "5min"
@user.in_database(as: :public_user)["show statement_timeout"].first[:statement_timeout].should == "1000s"
end
it "should has their own database, created when the account is created" do
@user.database_name.should == "cartodb_test_user_#{@user.id}_db"
@user.database_username.should == "test_cartodb_user_#{@user.id}"
@user.in_database.test_connection.should == true
end
it 'creates an importer schema in the user database' do
@user.in_database[%Q(SELECT * FROM pg_namespace)]
.map { |record| record.fetch(:nspname) }
.should include 'cdb_importer'
end
it 'creates a cdb schema in the user database' do
pending "I believe cdb schema was never used"
@user.in_database[%Q(SELECT * FROM pg_namespace)]
.map { |record| record.fetch(:nspname) }
.should include 'cdb'
end
it 'allows access to the importer schema by the owner' do
@user.in_database.run(%Q{
CREATE TABLE cdb_importer.bogus ( bogus varchar(40) )
})
query = %Q(SELECT * FROM cdb_importer.bogus)
expect { @user.in_database(as: :public_user)[query].to_a }
.to raise_error(Sequel::DatabaseError)
@user.in_database[query].to_a
end
it 'allows access to the cdb schema by the owner' do
pending "I believe cdb schema was never used"
@user.in_database.run(%Q{
CREATE TABLE cdb.bogus ( bogus varchar(40) )
})
query = %Q(SELECT * FROM cdb.bogus)
expect { @user.in_database(as: :public_user)[query].to_a }
.to raise_error(Sequel::DatabaseError)
@user.in_database[query].to_a
end
it "should create a dabase user that only can read it's own database" do
connection = ::Sequel.connect(
::SequelRails.configuration.environment_for(Rails.env).merge(
'database' => @user.database_name, :logger => ::Rails.logger,
'username' => @user.database_username, 'password' => @user.database_password
)
)
connection.test_connection.should == true
connection.disconnect
connection = nil
connection = ::Sequel.connect(
::SequelRails.configuration.environment_for(Rails.env).merge(
'database' => @user2.database_name, :logger => ::Rails.logger,
'username' => @user.database_username, 'password' => @user.database_password
)
)
begin
connection.test_connection
true.should_not be_true
rescue StandardError
true.should be_true
ensure
connection.disconnect
end
connection = ::Sequel.connect(
::SequelRails.configuration.environment_for(Rails.env).merge(
'database' => @user2.database_name, :logger => ::Rails.logger,
'username' => @user2.database_username, 'password' => @user2.database_password
)
)
connection.test_connection.should == true
connection.disconnect
connection = ::Sequel.connect(
::SequelRails.configuration.environment_for(Rails.env).merge(
'database' => @user.database_name, :logger => ::Rails.logger,
'username' => @user2.database_username, 'password' => @user2.database_password
)
)
begin
connection.test_connection
true.should_not be_true
rescue StandardError
true.should be_true
ensure
connection.disconnect
end
end
it "should run valid queries against their database" do
# initial select tests
query_result = @user.db_service.run_pg_query("select * from import_csv_1 where family='Polynoidae' limit 10")
query_result[:time].should_not be_blank
query_result[:time].to_s.match(/^\d+\.\d+$/).should be_true
query_result[:total_rows].should == 2
query_result[:rows].first.keys.sort.should == [:cartodb_id, :the_geom, :the_geom_webmercator, :id, :name_of_species, :kingdom, :family, :lat, :lon, :views].sort
query_result[:rows][0][:name_of_species].should == "Barrukia cristata"
query_result[:rows][1][:name_of_species].should == "Eulagisca gigantea"
# update and reselect
query_result = @user.db_service.run_pg_query("update import_csv_1 set family='polynoidae' where family='Polynoidae'")
query_result = @user.db_service.run_pg_query("select * from import_csv_1 where family='Polynoidae' limit 10")
query_result[:total_rows].should == 0
# check counts
query_result = @user.db_service.run_pg_query("select * from import_csv_1 where family='polynoidae' limit 10")
query_result[:total_rows].should == 2
# test a product
query_result = @user.db_service.run_pg_query("select import_csv_1.family as fam, twitters.login as login from import_csv_1, twitters where family='polynoidae' limit 10")
query_result[:total_rows].should == 10
query_result[:rows].first.keys.should == [:fam, :login]
query_result[:rows][0].should == { :fam=>"polynoidae", :login=>"vzlaturistica " }
# test counts
query_result = @user.db_service.run_pg_query("select count(*) from import_csv_1 where family='polynoidae' ")
query_result[:time].should_not be_blank
query_result[:time].to_s.match(/^\d+\.\d+$/).should be_true
query_result[:total_rows].should == 1
query_result[:rows].first.keys.should == [:count]
query_result[:rows][0].should == {:count => 2}
end
it "should raise errors when running invalid queries against their database" do
lambda {
@user.db_service.run_pg_query("selectttt * from import_csv_1 where family='Polynoidae' limit 10")
}.should raise_error(CartoDB::ErrorRunningQuery)
end
it "should run valid queries against their database in pg mode" do
reload_user_data(@user) && @user.reload
# initial select tests
# tests results and modified flags
query_result = @user.db_service.run_pg_query("select * from import_csv_1 where family='Polynoidae' limit 10")
query_result[:time].should_not be_blank
query_result[:time].to_s.match(/^\d+\.\d+$/).should be_true
query_result[:total_rows].should == 2
query_result[:rows].first.keys.sort.should == [:cartodb_id, :the_geom, :the_geom_webmercator, :id, :name_of_species, :kingdom, :family, :lat, :lon, :views].sort
query_result[:rows][0][:name_of_species].should == "Barrukia cristata"
query_result[:rows][1][:name_of_species].should == "Eulagisca gigantea"
query_result[:results].should == true
query_result[:modified].should == false
# update and reselect
query_result = @user.db_service.run_pg_query("update import_csv_1 set family='polynoidae' where family='Polynoidae'")
query_result[:modified].should == true
query_result[:results].should == false
query_result = @user.db_service.run_pg_query("select * from import_csv_1 where family='Polynoidae' limit 10")
query_result[:total_rows].should == 0
query_result[:modified].should == false
query_result[:results].should == true
# # check counts
query_result = @user.db_service.run_pg_query("select * from import_csv_1 where family='polynoidae' limit 10")
query_result[:total_rows].should == 2
query_result[:results].should == true
# test a product
query_result = @user.db_service.run_pg_query("select import_csv_1.family as fam, twitters.login as login from import_csv_1, twitters where family='polynoidae' limit 10")
query_result[:total_rows].should == 10
query_result[:rows].first.keys.should == [:fam, :login]
query_result[:rows][0].should == { :fam=>"polynoidae", :login=>"vzlaturistica " }
# test counts
query_result = @user.db_service.run_pg_query("select count(*) from import_csv_1 where family='polynoidae' ")
query_result[:time].should_not be_blank
query_result[:time].to_s.match(/^\d+\.\d+$/).should be_true
query_result[:total_rows].should == 1
query_result[:rows].first.keys.should == [:count]
query_result[:rows][0].should == {:count => 2}
end
it "should raise errors when running invalid queries against their database in pg mode" do
lambda {
@user.db_service.run_pg_query("selectttt * from import_csv_1 where family='Polynoidae' limit 10")
}.should raise_error(CartoDB::ErrorRunningQuery)
end
it "should raise errors when invalid table name used in pg mode" do
lambda {
@user.db_service.run_pg_query("select * from this_table_is_not_here where family='Polynoidae' limit 10")
}.should raise_error(CartoDB::TableNotExists)
end
it "should raise errors when invalid column used in pg mode" do
lambda {
@user.db_service.run_pg_query("select not_a_col from import_csv_1 where family='Polynoidae' limit 10")
}.should raise_error(CartoDB::ColumnNotExists)
end
it "should invalidate all their vizjsons when their account type changes" do
@account_type = create_account_type_fg('WADUS')
@user.account_type = 'WADUS'
CartoDB::Varnish.any_instance.expects(:purge)
.with("#{@user.database_name}.*:vizjson").times(1).returns(true)
@user.save
end
it "should return the result from the last select query if multiple selects" do
reload_user_data(@user) && @user.reload
query_result = @user.db_service.run_pg_query("select * from import_csv_1 where family='Polynoidae' limit 1; select * from import_csv_1 where family='Polynoidae' limit 10")
query_result[:time].should_not be_blank
query_result[:time].to_s.match(/^\d+\.\d+$/).should be_true
query_result[:total_rows].should == 2
query_result[:rows][0][:name_of_species].should == "Barrukia cristata"
query_result[:rows][1][:name_of_species].should == "Eulagisca gigantea"
end
it "should allow multiple queries in the format: insert_query; select_query" do
query_result = @user.db_service.run_pg_query("insert into import_csv_1 (name_of_species,family) values ('cristata barrukia','Polynoidae'); select * from import_csv_1 where family='Polynoidae' ORDER BY name_of_species ASC limit 10")
query_result[:total_rows].should == 3
query_result[:rows].map { |i| i[:name_of_species] }.should =~ ["Barrukia cristata", "Eulagisca gigantea", "cristata barrukia"]
end
it "should fail with error if table doesn't exist" do
reload_user_data(@user) && @user.reload
lambda {
@user.db_service.run_pg_query("select * from wadus")
}.should raise_error(CartoDB::TableNotExists)
end
it "should have a method that generates users redis users_metadata key" do
@user.key.should == "rails:users:#{@user.username}"
end
it "replicates some user metadata in redis after saving" do
@user.stubs(:database_name).returns('wadus')
@user.save
$users_metadata.HGET(@user.key, 'id').should == @user.id.to_s
$users_metadata.HGET(@user.key, 'database_name').should == 'wadus'
$users_metadata.HGET(@user.key, 'database_password').should == @user.database_password
$users_metadata.HGET(@user.key, 'database_host').should == @user.database_host
$users_metadata.HGET(@user.key, 'map_key').should == @user.api_key
end
it "should store its metadata automatically after creation" do
user = FactoryGirl.create :user
$users_metadata.HGET(user.key, 'id').should == user.id.to_s
$users_metadata.HGET(user.key, 'database_name').should == user.database_name
$users_metadata.HGET(user.key, 'database_password').should == user.database_password
$users_metadata.HGET(user.key, 'database_host').should == user.database_host
$users_metadata.HGET(user.key, 'map_key').should == user.api_key
user.destroy
end
it "should have a method that generates users redis limits metadata key" do
@user.timeout_key.should == "limits:timeout:#{@user.username}"
end
it "replicates db timeout limits in redis after saving and applies them to db" do
@user.user_timeout = 200007
@user.database_timeout = 100007
@user.save
$users_metadata.HGET(@user.timeout_key, 'db').should == '200007'
$users_metadata.HGET(@user.timeout_key, 'db_public').should == '100007'
@user.in_database do |db|
db[%{SHOW statement_timeout}].first.should eq({ statement_timeout: '200007ms' })
end
@user.in_database(as: :public_user) do |db|
db[%{SHOW statement_timeout}].first.should eq({ statement_timeout: '100007ms' })
end
end
it "replicates render timeout limits in redis after saving" do
@user.user_render_timeout = 200001
@user.database_render_timeout = 100001
@user.save
$users_metadata.HGET(@user.timeout_key, 'render').should == '200001'
$users_metadata.HGET(@user.timeout_key, 'render_public').should == '100001'
end
it "should store db timeout limits in redis after creation" do
user = FactoryGirl.create :user, user_timeout: 200002, database_timeout: 100002
user.user_timeout.should == 200002
user.database_timeout.should == 100002
$users_metadata.HGET(user.timeout_key, 'db').should == '200002'
$users_metadata.HGET(user.timeout_key, 'db_public').should == '100002'
user.in_database do |db|
db[%{SHOW statement_timeout}].first.should eq({ statement_timeout: '200002ms' })
end
user.in_database(as: :public_user) do |db|
db[%{SHOW statement_timeout}].first.should eq({ statement_timeout: '100002ms' })
end
user.destroy
end
it "should store render timeout limits in redis after creation" do
user = FactoryGirl.create :user, user_render_timeout: 200003, database_render_timeout: 100003
user.reload
user.user_render_timeout.should == 200003
user.database_render_timeout.should == 100003
$users_metadata.HGET(user.timeout_key, 'render').should == '200003'
$users_metadata.HGET(user.timeout_key, 'render_public').should == '100003'
user.destroy
end
it "should have valid non-zero db timeout limits by default" do
user = FactoryGirl.create :user
user.user_timeout.should > 0
user.database_timeout.should > 0
$users_metadata.HGET(user.timeout_key, 'db').should == user.user_timeout.to_s
$users_metadata.HGET(user.timeout_key, 'db_public').should == user.database_timeout.to_s
user.in_database do |db|
result = db[%{SELECT setting FROM pg_settings WHERE name = 'statement_timeout'}]
result.first.should eq(setting: user.user_timeout.to_s)
end
user.in_database(as: :public_user) do |db|
result = db[%{SELECT setting FROM pg_settings WHERE name = 'statement_timeout'}]
result.first.should eq(setting: user.database_timeout.to_s)
end
user.destroy
end
it "should have zero render timeout limits by default" do
user = FactoryGirl.create :user
user.user_render_timeout.should eq 0
user.database_render_timeout.should eq 0
$users_metadata.HGET(user.timeout_key, 'render').should eq '0'
$users_metadata.HGET(user.timeout_key, 'render_public').should eq '0'
user.destroy
end
it "should remove its metadata from redis after deletion" do
doomed_user = create_user :email => 'doomed@example.com', :username => 'doomed', :password => 'doomed123'
$users_metadata.HGET(doomed_user.key, 'id').should == doomed_user.id.to_s
$users_metadata.HGET(doomed_user.timeout_key, 'db').should_not be_nil
$users_metadata.HGET(doomed_user.timeout_key, 'db_public').should_not be_nil
key = doomed_user.key
timeout_key = doomed_user.timeout_key
doomed_user.destroy
$users_metadata.HGET(key, 'id').should be_nil
$users_metadata.HGET(timeout_key, 'db').should be_nil
$users_metadata.HGET(timeout_key, 'db_public').should be_nil
$users_metadata.HGET(timeout_key, 'render').should be_nil
$users_metadata.HGET(timeout_key, 'render_public').should be_nil
end
it "should remove its database and database user after deletion" do
doomed_user = create_user :email => 'doomed1@example.com', :username => 'doomed1', :password => 'doomed123'
create_table :user_id => doomed_user.id, :name => 'My first table', :privacy => UserTable::PRIVACY_PUBLIC
doomed_user.reload
SequelRails.connection["select count(*) from pg_catalog.pg_database where datname = '#{doomed_user.database_name}'"]
.first[:count].should == 1
SequelRails.connection["select count(*) from pg_catalog.pg_user where usename = '#{doomed_user.database_username}'"]
.first[:count].should == 1
doomed_user.destroy
SequelRails.connection["select count(*) from pg_catalog.pg_database where datname = '#{doomed_user.database_name}'"]
.first[:count].should == 0
SequelRails.connection["select count(*) from pg_catalog.pg_user where usename = '#{doomed_user.database_username}'"]
.first[:count].should == 0
end
it "should invalidate its Varnish cache after deletion" do
doomed_user = create_user :email => 'doomed2@example.com', :username => 'doomed2', :password => 'doomed123'
CartoDB::Varnish.any_instance.expects(:purge).with("#{doomed_user.database_name}.*").at_least(2).returns(true)
doomed_user.destroy
end
it "should invalidate all their vizjsons when their disqus_shortname changes" do
@user.disqus_shortname = 'WADUS'
CartoDB::Varnish.any_instance.expects(:purge)
.with("#{@user.database_name}.*:vizjson").times(1).returns(true)
@user.save
end
it "should not invalidate anything when their quota_in_bytes changes" do
@user.quota_in_bytes = @user.quota_in_bytes + 1.megabytes
CartoDB::Varnish.any_instance.expects(:purge).times(0)
@user.save
end
describe '#cartodb_postgresql_extension_versioning' do
it 'should report pre multi user for known <0.3.0 versions' do
before_mu_known_versions = %w(0.1.0 0.1.1 0.2.0 0.2.1)
before_mu_known_versions.each { |version|
stub_and_check_version_pre_mu(version, true)
}
end
it 'should report post multi user for >=0.3.0 versions' do
after_mu_known_versions = %w(0.3.0 0.3.1 0.3.2 0.3.3 0.3.4 0.3.5 0.4.0 0.5.5 0.10.0)
after_mu_known_versions.each { |version|
stub_and_check_version_pre_mu(version, false)
}
end
it 'should report post multi user for versions with minor<3 but major>0' do
minor_version_edge_cases = %w(1.0.0 1.0.1 1.2.0 1.2.1 1.3.0 1.4.4)
minor_version_edge_cases.each { |version|
stub_and_check_version_pre_mu(version, false)
}
end
it 'should report correct version with old version strings' do
before_mu_old_known_versions = [
'0.1.0 0.1.0',
'0.1.1 0.1.1',
'0.2.0 0.2.0',
'0.2.1 0.2.1'
]
before_mu_old_known_versions.each { |version|
stub_and_check_version_pre_mu(version, true)
}
end
it 'should report correct version with old version strings' do
after_mu_old_known_versions = [
'0.3.0 0.3.0',
'0.3.1 0.3.1',
'0.3.2 0.3.2',
'0.3.3 0.3.3',
'0.3.4 0.3.4',
'0.3.5 0.3.5',
'0.4.0 0.4.0',
'0.5.5 0.5.5',
'0.10.0 0.10.0'
]
after_mu_old_known_versions.each { |version|
stub_and_check_version_pre_mu(version, false)
}
end
it 'should report correct version with `git describe` not being a tag' do
stub_and_check_version_pre_mu('0.2.1 0.2.0-8-g7840e7c', true)
after_mu_old_known_versions = [
'0.3.6 0.3.5-8-g7840e7c',
'0.4.0 0.3.6-8-g7840e7c'
]
after_mu_old_known_versions.each { |version|
stub_and_check_version_pre_mu(version, false)
}
end
def stub_and_check_version_pre_mu(version, is_pre_mu)
@user.db_service.stubs(:cartodb_extension_version).returns(version)
@user.db_service.cartodb_extension_version_pre_mu?.should eq is_pre_mu
end
end
describe 'User creation and DB critical calls' do
it 'Properly setups a new user (not belonging to an organization)' do
CartoDB::UserModule::DBService.any_instance.stubs(
cartodb_extension_version_pre_mu?: nil,
monitor_user_notification: nil,
enable_remote_db_user: nil
)
user_timeout_secs = 666
user = ::User.new
user.username = unique_name('user')
user.email = unique_email
user.password = user.email.split('@').first
user.password_confirmation = user.password
user.admin = false
user.private_tables_enabled = true
user.private_maps_enabled = true
user.enabled = true
user.table_quota = 500
user.quota_in_bytes = 1234567890
user.user_timeout = user_timeout_secs * 1000
user.database_timeout = 123000
user.geocoding_quota = 1000
user.geocoding_block_price = 1500
user.sync_tables_enabled = false
user.organization = nil
user.twitter_datasource_enabled = false
user.avatar_url = user.default_avatar
user.valid?.should == true
user.save
user.nil?.should == false
# To avoid connection pool caching
CartoDB::UserModule::DBService.terminate_database_connections(user.database_name, user.database_host)
user.reload
# Just to be sure all following checks will not falsely report ok using wrong schema
user.database_schema.should eq CartoDB::UserModule::DBService::SCHEMA_PUBLIC
user.database_schema.should_not eq user.username
test_table_name = "table_perm_test"
# Safety check
user.in_database.fetch(%{
SELECT * FROM pg_extension WHERE extname='postgis';
}).first.nil?.should == false
# Replicate functionality inside ::UserModule::DBService.configure_database
# -------------------------------------------------------------------
user.in_database.fetch(%{
SHOW search_path;
}).first[:search_path].should == user.db_service.build_search_path(user.database_schema, false)
# @see http://www.postgresql.org/docs/current/static/functions-info.html#FUNCTIONS-INFO-ACCESS-TABLE
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_database_privilege('#{user.database_username}', '#{user.database_name}', 'CONNECT');
}).first[:has_database_privilege].should == true
# Careful as PG formatter timeout output changes to XXmin if too big
user.in_database.fetch(%{
SHOW statement_timeout;
}).first[:statement_timeout].should eq "#{user_timeout_secs}s"
# No check for `set_user_as_organization_member` as cartodb-postgresql already tests it
# Checks for "grant_read_on_schema_queries(SCHEMA_CARTODB, db_user)"
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_CARTODB}', 'USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege('#{user.database_username}',
'#{user.database_schema}._cdb_userquotainbytes()', 'EXECUTE');
}).first[:has_function_privilege].should == true
# SCHEMA_CARTODB has no tables to select from, except CDB_CONF on which has no permission
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{user.database_username}',
'cartodb.CDB_CONF',
'SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER');
}).first[:has_table_privilege].should == false
# Checks on SCHEMA_PUBLIC
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}', 'USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.spatial_ref_sys', 'SELECT');
}).first[:has_table_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}._postgis_stats(regclass, text, text)',
'EXECUTE');
}).first[:has_function_privilege].should == true
# Checks on own schema
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{user.database_username}',
'#{user.database_schema}', 'CREATE, USAGE');
}).first[:has_schema_privilege].should == true
user.in_database.run(%{
CREATE TABLE #{test_table_name}(x int);
})
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{user.database_username}',
'#{user.database_schema}.#{test_table_name}', 'SELECT');
}).first[:has_table_privilege].should == true
# _cdb_userquotainbytes is always created on the user schema
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege('#{user.database_username}',
'#{user.database_schema}._cdb_userquotainbytes()', 'EXECUTE');
}).first[:has_function_privilege].should == true
# Checks on non-org "owned" schemas
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_IMPORTER}', 'CREATE, USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_GEOCODING}', 'CREATE, USAGE');
}).first[:has_schema_privilege].should == true
# Special raster and geo columns
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.geometry_columns', 'SELECT');
}).first[:has_table_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.geography_columns', 'SELECT');
}).first[:has_table_privilege].should == true
# PG12_DEPRECATED
if user.in_database(as: :superuser).table_exists?('raster_overviews')
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.raster_overviews', 'SELECT');
}).first[:has_table_privilege].should == true
end
# PG12_DEPRECATED
if user.in_database(as: :superuser).table_exists?('raster_columns')
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.raster_columns', 'SELECT');
}).first[:has_table_privilege].should == true
end
# quota check
user.in_database(as: :superuser).fetch(%{
SELECT #{user.database_schema}._CDB_UserQuotaInBytes();
}).first[:_cdb_userquotainbytes].nil?.should == false
# Varnish invalidation function
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege(
'#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.cdb_invalidate_varnish(text)', 'EXECUTE');
}).first[:has_function_privilege].should == true
# Checks of publicuser
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{user.database_schema}', 'USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_database_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{user.database_name}', 'CONNECT');
}).first[:has_database_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_CARTODB}', 'USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege(
'#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_CARTODB}.CDB_LatLng (NUMERIC, NUMERIC)',
'EXECUTE');
}).first[:has_function_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_CARTODB}.CDB_CONF',
'SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER');
}).first[:has_table_privilege].should == false
# Additional public user grants/revokes
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_CARTODB}.cdb_tablemetadata',
'SELECT');
}).first[:has_table_privilege].should == false
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}', 'USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege(
'#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}._postgis_stats(regclass, text, text)',
'EXECUTE');
}).first[:has_function_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.spatial_ref_sys', 'SELECT');
}).first[:has_table_privilege].should == true
user.destroy
end
it 'Properly setups a new organization user' do
CartoDB::UserModule::DBService.any_instance.stubs(
cartodb_extension_version_pre_mu?: nil,
monitor_user_notification: nil,
enable_remote_db_user: nil
)
disk_quota = 1234567890
user_timeout_secs = 666
max_import_file_size = 6666666666
max_import_table_row_count = 55555555
max_concurrent_import_count = 44
max_layers = 11
# create an owner
organization = create_org('org-user-creation-db-checks-organization', disk_quota * 10, 10)
user1 = create_user email: 'user1@whatever.com', username: 'creation-db-checks-org-owner', password: 'user11'
user1.organization = organization
user1.max_import_file_size = max_import_file_size
user1.max_import_table_row_count = max_import_table_row_count
user1.max_concurrent_import_count = max_concurrent_import_count
user1.max_layers = 11
user1.save
organization.owner_id = user1.id
organization.save
organization.reload
user1.reload
user = ::User.new
user.username = unique_name('user')
user.email = unique_email
user.password = user.email.split('@').first
user.password_confirmation = user.password
user.admin = false
user.private_tables_enabled = true
user.private_maps_enabled = true
user.enabled = true
user.table_quota = 500
user.quota_in_bytes = disk_quota
user.user_timeout = user_timeout_secs * 1000
user.database_timeout = 123000
user.geocoding_quota = 1000
user.geocoding_block_price = 1500
user.sync_tables_enabled = false
user.organization = organization
user.twitter_datasource_enabled = false
user.avatar_url = user.default_avatar
user.valid?.should == true
user.save
user.nil?.should == false
# To avoid connection pool caching
CartoDB::UserModule::DBService.terminate_database_connections(user.database_name, user.database_host)
user.reload
user.max_import_file_size.should eq max_import_file_size
user.max_import_table_row_count.should eq max_import_table_row_count
user.max_concurrent_import_count.should eq max_concurrent_import_count
user.max_layers.should eq max_layers
# Just to be sure all following checks will not falsely report ok using wrong schema
user.database_schema.should_not eq CartoDB::UserModule::DBService::SCHEMA_PUBLIC
user.database_schema.should eq user.username
test_table_name = "table_perm_test"
# Safety check
user.in_database.fetch(%{
SELECT * FROM pg_extension WHERE extname='postgis';
}).first.nil?.should == false
# Replicate functionality inside ::UserModule::DBService.configure_database
# -------------------------------------------------------------------
user.in_database.fetch(%{
SHOW search_path;
}).first[:search_path].should == user.db_service.build_search_path(user.database_schema, false)
# @see http://www.postgresql.org/docs/current/static/functions-info.html#FUNCTIONS-INFO-ACCESS-TABLE
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_database_privilege('#{user.database_username}', '#{user.database_name}', 'CONNECT');
}).first[:has_database_privilege].should == true
# Careful as PG formatter timeout output changes to XXmin if too big
user.in_database.fetch(%{
SHOW statement_timeout;
}).first[:statement_timeout].should eq "#{user_timeout_secs}s"
# No check for `set_user_as_organization_member` as cartodb-postgresql already tests it
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege('#{user.database_username}',
'#{user.database_schema}._cdb_userquotainbytes()', 'EXECUTE');
}).first[:has_function_privilege].should == true
# SCHEMA_CARTODB has no tables to select from, except CDB_CONF on which has no permission
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{user.database_username}',
'cartodb.CDB_CONF',
'SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER');
}).first[:has_table_privilege].should == false
# Checks on SCHEMA_PUBLIC
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}', 'USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.spatial_ref_sys', 'SELECT');
}).first[:has_table_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege('#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}._postgis_stats(regclass, text, text)',
'EXECUTE');
}).first[:has_function_privilege].should == true
# Checks on own schema
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{user.database_username}',
'#{user.database_schema}', 'CREATE, USAGE');
}).first[:has_schema_privilege].should == true
user.in_database.run(%{
CREATE TABLE #{test_table_name}(x int);
})
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{user.database_username}',
'#{user.database_schema}.#{test_table_name}', 'SELECT');
}).first[:has_table_privilege].should == true
# _cdb_userquotainbytes is always created on the user schema
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege('#{user.database_username}',
'#{user.database_schema}._cdb_userquotainbytes()', 'EXECUTE');
}).first[:has_function_privilege].should == true
# quota check
user.in_database(as: :superuser).fetch(%{
SELECT #{user.database_schema}._CDB_UserQuotaInBytes();
}).first[:_cdb_userquotainbytes].nil?.should == false
# Varnish invalidation function
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege(
'#{user.database_username}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.cdb_invalidate_varnish(text)', 'EXECUTE');
}).first[:has_function_privilege].should == true
# Checks of publicuser
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_database_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{user.database_name}', 'CONNECT');
}).first[:has_database_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{user.database_schema}', 'USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_CARTODB}', 'USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege(
'#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_CARTODB}.CDB_LatLng (NUMERIC, NUMERIC)',
'EXECUTE');
}).first[:has_function_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_CARTODB}.CDB_CONF',
'SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER');
}).first[:has_table_privilege].should == false
# Additional public user grants/revokes
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_CARTODB}.cdb_tablemetadata',
'SELECT');
}).first[:has_table_privilege].should == false
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_schema_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}', 'USAGE');
}).first[:has_schema_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_function_privilege(
'#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}._postgis_stats(regclass, text, text)',
'EXECUTE');
}).first[:has_function_privilege].should == true
user.in_database(as: :superuser).fetch(%{
SELECT * FROM has_table_privilege('#{CartoDB::PUBLIC_DB_USER}',
'#{CartoDB::UserModule::DBService::SCHEMA_PUBLIC}.spatial_ref_sys', 'SELECT');
}).first[:has_table_privilege].should == true
user.in_database.run(%{
DROP TABLE #{user.database_schema}.#{test_table_name};
})
user.destroy
organization.destroy
end
end
describe "Write locking" do
it "detects locking properly" do
@user.db_service.writes_enabled?.should eq true
@user.db_service.disable_writes
@user.db_service.terminate_database_connections
@user.db_service.writes_enabled?.should eq false
@user.db_service.enable_writes
@user.db_service.terminate_database_connections
@user.db_service.writes_enabled?.should eq true
end
it "enables and disables writes in user database" do
@user.db_service.run_pg_query("create table foo_1(a int);")
@user.db_service.disable_writes
@user.db_service.terminate_database_connections
lambda {
@user.db_service.run_pg_query("create table foo_2(a int);")
}.should raise_error(CartoDB::ErrorRunningQuery)
@user.db_service.enable_writes
@user.db_service.terminate_database_connections
@user.db_service.run_pg_query("create table foo_3(a int);")
end
end
describe 'ghost tables event trigger' do
before(:all) do
CartoDB::UserModule::DBService.any_instance.unstub(:create_ghost_tables_event_trigger)
@ghost_tables_user = create_user
end
after(:all) do
@ghost_tables_user.destroy
CartoDB::UserModule::DBService.any_instance.stubs(:create_ghost_tables_event_trigger)
end
it 'creates the cdb_ddl_execution table with the user' do
table_name = @ghost_tables_user.in_database(as: :superuser)
.fetch("SELECT to_regclass('cartodb.cdb_ddl_execution');")
.first[:to_regclass]
table_name.should eql 'cdb_ddl_execution'
end
it 'removes the cdb_ddl_execution table when calling drop_ghost_tables_event_trigger' do
@ghost_tables_user.db_service.drop_ghost_tables_event_trigger
table_name = @ghost_tables_user.in_database(as: :superuser)
.fetch("SELECT to_regclass('cartodb.cdb_ddl_execution');")
.first[:to_regclass]
table_name.should be_nil
@ghost_tables_user.db_service.create_ghost_tables_event_trigger
end
it 'saves the TIS config from app_config.yml to cdb_conf' do
cdb_conf = @ghost_tables_user.in_database(as: :superuser)
.fetch("SELECT cartodb.CDB_Conf_GetConf('invalidation_service')")
.first[:cdb_conf_getconf]
cdb_conf.should be
end
end
end