def configure_servers(options): """Check if some MySQL's addresses were specified and the number is greater than NUMBER_OF_SERVERS. """ import tests.utils as _test_utils from mysql.fabric.server import ( MySQLServer, ConnectionPool, ) try: servers = _test_utils.MySQLInstances() servers.state_store_address = "{host}:{port}".format( host=options.host, port=options.port ) servers.user = options.db_user servers.passwd = None servers.root_user = options.user servers.root_passwd = options.password if options.servers: for address in options.servers.split(): servers.add_address(address) uuid = MySQLServer.discover_uuid( address=address, user=servers.root_user, passwd=servers.root_passwd ) server = MySQLServer( _uuid.UUID(uuid), address=address, user=servers.root_user, passwd=servers.root_passwd ) server.connect() server.set_session_binlog(False) server.exec_stmt( "GRANT {privileges} ON *.* TO '{user}'@'%%'".format( privileges=", ".join(MySQLServer.ALL_PRIVILEGES), user=servers.user) ) server.exec_stmt("FLUSH PRIVILEGES") server.set_session_binlog(True) server.disconnect() ConnectionPool().purge_connections(server.uuid) if servers.get_number_addresses() < NUMBER_OF_SERVERS: print "<<<<<<<<<< Some unit tests need %s MySQL Instances. " \ ">>>>>>>>>> " % (NUMBER_OF_SERVERS, ) return False except Exception as error: print "Error configuring servers:", error return False return True
def configure_servers(options, config): """Check if some MySQL's addresses were specified and the number is greater than NUMBER_OF_SERVERS. """ import tests.utils as _test_utils from mysql.fabric.server import ( MySQLServer, ConnectionManager, ) from mysql.fabric.backup import ( MySQLDump, ) try: servers = _test_utils.MySQLInstances() # The administrative user as given in --user and --password options. # In simple use cases "root" is used. servers.user = options.user servers.passwd = options.password # Backing store - "fabric_store/storepw". servers.state_store_address = config.get("storage", "address") servers.store_user = config.get("storage", "user") servers.store_passwd = config.get("storage", "password") servers.store_db = config.get("storage", "database") # Server user - "fabric_server/serverpw". servers.server_user = config.get("servers", "user") servers.server_passwd = config.get("servers", "password") # Backup user - "fabric_backup/backuppw". servers.backup_user = config.get("servers", "backup_user") servers.backup_passwd = config.get("servers", "backup_password") # Restore user - "fabric_restore/restorepw". servers.restore_user = config.get("servers", "restore_user") servers.restore_passwd = config.get("servers", "restore_password") # Set up the backing store. from mysql.fabric import persistence uuid = MySQLServer.discover_uuid( address=servers.state_store_address, user=servers.user, passwd=servers.passwd ) server = MySQLServer( _uuid.UUID(uuid), address=servers.state_store_address, user=servers.user, passwd=servers.passwd ) server.connect() # Precautionary cleanup. server.exec_stmt("DROP DATABASE IF EXISTS %s" % (servers.store_db,)) # Create store user. _test_utils.create_test_user( server, servers.store_user, servers.store_passwd, [(persistence.required_privileges(), "{db}.*".format(db=servers.store_db))] ) # Set up managed servers. if options.servers: for address in options.servers.split(): servers.add_address(address) uuid = MySQLServer.discover_uuid( address=address, user=servers.user, passwd=servers.passwd ) server = MySQLServer( _uuid.UUID(uuid), address=address, user=servers.user, passwd=servers.passwd ) server.connect() server.set_session_binlog(False) server.read_only = False # Drop user databases server.set_foreign_key_checks(False) databases = server.exec_stmt("SHOW DATABASES") for database in databases: if database[0] not in MySQLServer.NO_USER_DATABASES: server.exec_stmt("DROP DATABASE IF EXISTS %s" % (database[0],)) server.set_foreign_key_checks(True) # Create server user. _test_utils.create_test_user( server, servers.server_user, servers.server_passwd, [(MySQLServer.SERVER_PRIVILEGES, "*.*"), (MySQLServer.SERVER_PRIVILEGES_DB, "mysql_fabric.*")] ) # Create backup user. _test_utils.create_test_user( server, servers.backup_user, servers.backup_passwd, [(MySQLDump.BACKUP_PRIVILEGES, "*.*")] ) # Create restore user. _test_utils.create_test_user( server, servers.restore_user, servers.restore_passwd, [(MySQLDump.RESTORE_PRIVILEGES, "*.*")] ) server.set_session_binlog(True) server.disconnect() ConnectionManager().purge_connections(server) if servers.get_number_addresses() < NUMBER_OF_SERVERS: sys.stderr.write( "<<<<<<<<<< Some unit tests need {0} MySQL " \ "Instances. >>>>>>>>>>\n".format(NUMBER_OF_SERVERS) ) return False except Exception as error: sys.stderr.write( "Error configuring servers: {0}\n".format(str(error)) ) import traceback traceback.print_exc() return False return True
def test_privileges(self): """Test whether user's have the appropriate privileges. """ # Some privileges MINIMUM_PRIVILEGES = [ "REPLICATION SLAVE", "REPLICATION CLIENT", "SUPER", "SHOW DATABASES", "RELOAD" ] # Connect to server as admin and create temporary user. uuid = MySQLServer.discover_uuid(OPTIONS["address"]) server = MySQLServer(_uuid.UUID(uuid), OPTIONS["address"], tests.utils.MySQLInstances().user, tests.utils.MySQLInstances().passwd) ConnectionManager().purge_connections(server) server.connect() server.set_session_binlog(False) server.exec_stmt("CREATE USER 'jeffrey'@'%%' IDENTIFIED BY 'mypass'") # Check if jeffrey (temporary user) has the appropriate privileges. # There is not privilege associate to jeffrey. new_server = MySQLServer(_uuid.UUID(uuid), OPTIONS["address"], "jeffrey", "mypass") new_server.connect() self.assertFalse(new_server.has_privileges(MINIMUM_PRIVILEGES)) # Check if jeffrey (temporary user) has the appropriate privileges. # Grant required privileges except RELOAD # There is no RELOAD on a global level. privileges = ", ".join( [priv for priv in MINIMUM_PRIVILEGES if priv != "RELOAD"]) server.exec_stmt("GRANT {privileges} ON *.* TO 'jeffrey'@'%%'".format( privileges=privileges)) self.assertFalse(new_server.has_privileges(MINIMUM_PRIVILEGES)) # Check if jeffrey (temporary user) has the appropriate privileges. # The RELOAD on a global level was granted. server.exec_stmt("GRANT RELOAD ON *.* TO 'jeffrey'@'%%'") self.assertTrue(new_server.has_privileges(MINIMUM_PRIVILEGES)) # Check if jeffrey (temporary user) has the appropriate privileges. # Revoke privilegs from temporary user. # There is no ALL on a global level. server.exec_stmt("REVOKE ALL PRIVILEGES, GRANT OPTION FROM " "'jeffrey'@'%%'") server.exec_stmt("GRANT ALL ON fabric.* TO 'jeffrey'@'%%'") self.assertFalse(new_server.has_privileges(MINIMUM_PRIVILEGES)) # Check if jeffrey (temporary user) has the appropriate privileges. # Grant all privileges, which the administrative user has to have. server.exec_stmt("GRANT" " ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE," " CREATE TEMPORARY TABLES, CREATE USER," " CREATE VIEW, DELETE, DROP, EVENT, EXECUTE," " GRANT OPTION, INDEX, INSERT, LOCK TABLES, PROCESS, " " RELOAD, REPLICATION CLIENT, REPLICATION SLAVE," " SELECT, SHOW DATABASES, SHOW VIEW, SHUTDOWN," " SUPER, TRIGGER, UPDATE" " ON *.* TO 'jeffrey'@'%%'") self.assertTrue(new_server.has_privileges(MINIMUM_PRIVILEGES)) # Drop temporary user. server.exec_stmt("DROP USER 'jeffrey'@'%%'") server.set_session_binlog(True) server.disconnect() new_server.disconnect() ConnectionManager().purge_connections(server)
def test_privileges(self): """Test whether user's have the appropriate privileges. """ # Some privileges MINIMUM_PRIVILEGES = [ "REPLICATION SLAVE", "REPLICATION CLIENT", "SUPER", "SHOW DATABASES", "RELOAD" ] # Connect to server as root and create temporary user. uuid = MySQLServer.discover_uuid(OPTIONS["address"]) server = MySQLServer( _uuid.UUID(uuid), OPTIONS["address"], tests.utils.MySQLInstances().root_user, tests.utils.MySQLInstances().root_passwd ) ConnectionPool().purge_connections(_uuid.UUID(uuid)) server.connect() server.set_session_binlog(False) server.exec_stmt( "CREATE USER 'jeffrey'@'%%' IDENTIFIED BY 'mypass'" ) # Check if jeffrey (temporary user) has the appropriate privileges. # There is not privilege associate to jeffrey. new_server = MySQLServer( _uuid.UUID(uuid), OPTIONS["address"], "jeffrey", "mypass" ) new_server.connect() self.assertFalse( new_server.has_privileges(MINIMUM_PRIVILEGES) ) # Check if jeffrey (temporary user) has the appropriate privileges. # Grant required privileges except RELOAD # There is no RELOAD on a global level. privileges=", ".join([priv for priv in MINIMUM_PRIVILEGES if priv != "RELOAD"] ) server.exec_stmt( "GRANT {privileges} ON *.* TO 'jeffrey'@'%%'".format( privileges=privileges) ) server.exec_stmt("FLUSH PRIVILEGES") self.assertFalse( new_server.has_privileges(MINIMUM_PRIVILEGES) ) # Check if jeffrey (temporary user) has the appropriate privileges. # The RELOAD on a global level was granted. server.exec_stmt("GRANT RELOAD ON *.* TO 'jeffrey'@'%%'") server.exec_stmt("FLUSH PRIVILEGES") self.assertTrue( new_server.has_privileges(MINIMUM_PRIVILEGES) ) # Check if jeffrey (temporary user) has the appropriate privileges. # Revoke privilegs from temporary user. # There is no ALL on a global level. server.exec_stmt("REVOKE ALL PRIVILEGES, GRANT OPTION FROM " "'jeffrey'@'%%'" ) server.exec_stmt("GRANT ALL ON fabric.* TO 'jeffrey'@'%%'") server.exec_stmt("FLUSH PRIVILEGES") self.assertFalse( new_server.has_privileges(MINIMUM_PRIVILEGES) ) # Check if jeffrey (temporary user) has the appropriate privileges. # The ALL on a global level was granted. server.exec_stmt("GRANT ALL ON *.* TO 'jeffrey'@'%%'") server.exec_stmt("FLUSH PRIVILEGES") self.assertTrue( new_server.has_privileges(MINIMUM_PRIVILEGES) ) # Drop temporary user. server.exec_stmt("DROP USER 'jeffrey'@'%%'") server.set_session_binlog(True) server.disconnect() new_server.disconnect() ConnectionPool().purge_connections(_uuid.UUID(uuid))