def test_hacker_trying_to_create_schema(self): db = "test_db" admin_on_test_db = CLI({**creds, **{"PGDATABASE": db}}) try: # Create tables admin_on_test_db.execute( "GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA pg_catalog TO " + "user_x") hacker_user = Expect({ **creds, **{ "PGUSER": '******', "PGDATABASE": db, "PGPASSWORD": Expect.TMP_PASSWORD } }) hacker_user.execute_template("sql/test_table.sql.tpl", TABLE='user_x_table') admin_on_test_db.execute_template("sql/query_permissions.sql.tpl", USER='******') hacker_user.expect_execute( "CREATE SCHEMA %s;" % 'new_schema', 'permission denied for database test_db') hacker_user.close() finally: admin_on_test_db.close() return self
def test_cross_project_attempt_to_grant_usage(self): admin = CLI(creds) db = "test_db" try: hacker_user = Expect({ **creds, **{ "PGUSER": '******', "PGDATABASE": db, "PGPASSWORD": Expect.TMP_PASSWORD } }) hacker_user.execute_template("sql/test_data_force_grant_1.sql.tpl", WORKSPACE=db, USER='******') con = Expect({ **creds, **{ "PGUSER": '******', "PGDATABASE": 'project_1', "PGPASSWORD": Expect.TMP_PASSWORD } }) con.expect_execute( "SELECT * from test_db.protected_data.table_1", 'cross-database references are not implemented') con.close() hacker_user.close() finally: admin.close() return self
def test_simple_user_creating_database(self): admin = Expect(creds) try: user = '******' admin.execute('show search_path') admin.execute_template("sql/original_db_prep.sql", POSTGRES_APP_USERNAME=user, POSTGRES_APP_PASSWORD=Expect.TMP_PASSWORD) admin.execute("ALTER USER %s CREATEDB" % user, True) enduser_on_db = Expect({ **creds, **{ "PGUSER": user, "PGPASSWORD": Expect.TMP_PASSWORD } }) db = "temp_db" try: enduser_on_db.execute("CREATE DATABASE %s" % db, True) finally: enduser_on_db.execute("DROP ROLE %s_contribute" % db, False) enduser_on_db.execute("DROP ROLE %s_readonly" % db, False) enduser_on_db.execute("DROP DATABASE %s" % db, False) enduser_on_db.close() finally: admin.close()
def test_hacker_granting_access_with_connect(self): db = "test_db" admin_on_test_db = CLI({**creds, **{"PGDATABASE": db}}) try: hacker_user = Expect({ **creds, **{ "PGUSER": '******', "PGDATABASE": db, "PGPASSWORD": Expect.TMP_PASSWORD } }) hacker_user.execute_template("sql/test_data_force_grant_1.sql.tpl", WORKSPACE=db, USER='******') # grant user connect admin_on_test_db.execute_template("sql/user_connect.sql.tpl", APP_DATABASE=db, USER='******') con = Expect({ **creds, **{ "PGUSER": '******', "PGDATABASE": db, "PGPASSWORD": Expect.TMP_PASSWORD } }) con.expect_execute("SELECT * from protected_data.table_1", 'permission denied for schema protected_data') admin_on_test_db.execute_template("sql/query_permissions.sql.tpl", USER='******') con.close() admin_on_test_db.close() finally: admin_on_test_db.close() return self
def test_single_project(self): admin = CLI(creds) try: db = "test_db" prep_db = Expect({**creds, **{"PGDATABASE": db}}) prep_db.execute_template("sql/test_data_project.sql.tpl") prep_db.close() user = Expect({ **creds, **{ "PGUSER": '******', "PGDATABASE": db, "PGPASSWORD": Expect.TMP_PASSWORD } }) user.expect_execute("SELECT * from pg_settings", 'permission denied for relation pg_settings') user.expect_success("SELECT * from protected_data.table_1") user.expect_execute( "CREATE TABLE protected_data.table_2 (name varchar(20));", 'permission denied for schema protected_data') user.expect_success( "CREATE TABLE working_data.table_2 (name varchar(20));") admin_on_test_db = Expect({**creds, **{"PGDATABASE": db}}) admin_on_test_db.match_results( "sql/query_permissions.sql.tpl", 'results/test_single_project/perms.txt', USER='******') admin_on_test_db.close() user.close() finally: admin.close()
def test_set_search_path(self): admin = Expect(creds) try: databases = ['orig_db'] for db in databases: admin.execute("CREATE DATABASE %s;" % db, True) admin.execute_template( "sql/original_db_prep.sql", APP_DATABASE=db, POSTGRES_APP_USERNAME='******' % db, POSTGRES_APP_PASSWORD=Expect.TMP_PASSWORD) admin_on_db = Expect({**creds, **{"PGDATABASE": db}}) admin_on_db.execute_template( "sql/original_db_setup.sql", APP_DATABASE=db, WORKSPACE=db, POSTGRES_APP_PASSWORD=Expect.TMP_PASSWORD) admin_on_db.execute_template("sql/original_db_user_setup.sql", WORKSPACE=db, USER='******' % db, PASSWORD=Expect.TMP_PASSWORD) admin_on_db.close() admin.execute( "ALTER DATABASE %s SET search_path = working_data" % db, True) enduser_on_db = Expect({ **creds, **{ "PGDATABASE": db, "PGUSER": "******" % db, "PGPASSWORD": Expect.TMP_PASSWORD } }) enduser_on_db.match_results( 'sql/query_search_path.sql', 'results/test_set_search_path/results.txt') enduser_on_db.close() finally: admin.close()
def test_incremental_user_access(self): db = "test_db" admin_on_test_db = CLI({**creds, **{"PGDATABASE": db}}) try: prep_db = Expect({**creds, **{"PGDATABASE": db}}) prep_db.execute_template("sql/test_data_project.sql.tpl") user = "******" admin_on_test_db.execute_template("sql/user.sql.tpl", USER=user, PASSWORD=Expect.TMP_PASSWORD) prep_db.expect_connect(db, user, 'User does not have CONNECT privilege.') admin_on_test_db.execute_template("sql/user_connect.sql.tpl", APP_DATABASE=db, USER=user) user_db = Expect({ **creds, **{ "PGUSER": user, "PGDATABASE": db, "PGPASSWORD": Expect.TMP_PASSWORD } }) user_db.expect_execute( "SELECT * from pg_settings", 'permission denied for relation pg_settings') user_db.expect_execute( "SELECT * from protected_data.table_1", 'permission denied for schema protected_data') admin_on_test_db.execute_template("sql/setup_user.sql.tpl", WORKSPACE=db, USER=user) user_db.expect_success("SELECT * from protected_data.table_1") user_db.expect_execute( "CREATE TABLE protected_data.table_2 (name varchar(20));", 'permission denied for schema protected_data') user_db.expect_execute( "CREATE TABLE working_data.table_2 (name varchar(20));", 'permission denied for schema pg_catalog') admin_on_test_db.execute_template("sql/setup_user_2.sql.tpl", WORKSPACE=db, USER=user) user_db.expect_success( "CREATE TABLE working_data.table_2 (name varchar(20));") prep_db.match_results( "sql/query_permissions.sql.tpl", 'results/test_incremental_user_access/perms.txt', USER=user) user_db.close() prep_db.close() finally: admin_on_test_db.close()