module-postgresql/spec/acceptance/server/table_grant_spec.rb

require 'spec_helper_acceptance'

describe 'postgresql::server::table_grant:' do
  after :all do
    # Cleanup after tests have ran
    apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
  end

  it 'should grant all accesses to a user' do
    begin
      pp = <<-EOS.unindent
        $db = 'table_grant'
        $user = 'psql_grant_tester'
        $password = 'psql_table_pw'

        class { 'postgresql::server': }

        # Since we are not testing pg_hba or any of that, make a local user for ident auth
        user { $user:
          ensure => present,
        }

        postgresql::server::role { $user:
          password_hash => postgresql_password($user, $password),
        }

        postgresql::server::database { $db: }

        # Create a rule for the user
        postgresql::server::pg_hba_rule { "allow ${user}":
          type        => 'local',
          database    => $db,
          user        => $user,
          auth_method => 'ident',
          order       => 1,
        }

        postgresql_psql { 'Create testing table':
          command => 'CREATE TABLE "test_table" (field integer NOT NULL)',
          db      => $db,
          unless  => "SELECT * FROM pg_tables WHERE tablename = 'test_table'",
          require => Postgresql::Server::Database[$db],
        }

        postgresql::server::table_grant { 'grant insert test':
          privilege => 'ALL',
          table     => 'test_table',
          db        => $db,
          role      => $user,
          require   => Postgresql_psql['Create testing table'],
        }
      EOS

      apply_manifest(pp, :catch_failures => true)
      apply_manifest(pp, :catch_changes => true)

      ## Check that the user can create a table in the database
      psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r|
        expect(r.stdout).to match(/CREATE TABLE/)
        expect(r.stderr).to eq('')
      end
    ensure
      psql('--command="drop table foo" postgres', 'psql_grant_tester')
    end
  end

  it 'should grant access so a user can insert in a table' do
    begin
      pp = <<-EOS.unindent
        $db = 'table_grant'
        $user = 'psql_grant_tester'
        $password = 'psql_table_pw'

        class { 'postgresql::server': }

        # Since we are not testing pg_hba or any of that, make a local user for ident auth
        user { $user:
          ensure => present,
        }

        postgresql::server::role { $user:
          password_hash => postgresql_password($user, $password),
        }

        postgresql::server::database { $db: }

        # Create a rule for the user
        postgresql::server::pg_hba_rule { "allow ${user}":
          type        => 'local',
          database    => $db,
          user        => $user,
          auth_method => 'ident',
          order       => 1,
        }

        postgresql_psql { 'Create testing table':
          command => 'CREATE TABLE "test_table" (field integer NOT NULL)',
          db      => $db,
          unless  => "SELECT * FROM pg_tables WHERE tablename = 'test_table'",
          require => Postgresql::Server::Database[$db],
        }

        postgresql::server::table_grant { 'grant insert test':
          privilege => 'INSERT',
          table     => 'test_table',
          db        => $db,
          role      => $user,
          require   => Postgresql_psql['Create testing table'],
        }
      EOS

      apply_manifest(pp, :catch_failures => true)
      apply_manifest(pp, :catch_changes => true)

      ## Check that the user can create a table in the database
      psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r|
        expect(r.stdout).to match(/CREATE TABLE/)
        expect(r.stderr).to eq('')
      end
    ensure
      psql('--command="drop table foo" postgres', 'psql_grant_tester')
    end
  end
end
Convert rspec-system tests over to beaker. This work converts all the tests over to beaker. Some things are done slightly different in beaker, we rely much more heavily on catch_failures rather than explicitly laying out the exit codes we want but I have attempted to preserve the spirit of all tests. 2014-01-22 01:45:58 +01:00			`require 'spec_helper_acceptance'`
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh> 2013-08-27 22:43:47 +02:00
			`describe 'postgresql::server::table_grant:' do`
			`after :all do`
			`# Cleanup after tests have ran`
Convert rspec-system tests over to beaker. This work converts all the tests over to beaker. Some things are done slightly different in beaker, we rely much more heavily on catch_failures rather than explicitly laying out the exit codes we want but I have attempted to preserve the spirit of all tests. 2014-01-22 01:45:58 +01:00			`apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)`
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh> 2013-08-27 22:43:47 +02:00			`end`

Fix table_grant_spec to show a bug 2013-11-12 14:23:05 +01:00			`it 'should grant all accesses to a user' do`
			`begin`
			`pp = <<-EOS.unindent`
			`$db = 'table_grant'`
			`$user = 'psql_grant_tester'`
			`$password = 'psql_table_pw'`

			`class { 'postgresql::server': }`

			`# Since we are not testing pg_hba or any of that, make a local user for ident auth`
			`user { $user:`
			`ensure => present,`
			`}`

			`postgresql::server::role { $user:`
			`password_hash => postgresql_password($user, $password),`
			`}`

			`postgresql::server::database { $db: }`

			`# Create a rule for the user`
			`postgresql::server::pg_hba_rule { "allow ${user}":`
			`type => 'local',`
			`database => $db,`
			`user => $user,`
			`auth_method => 'ident',`
			`order => 1,`
			`}`

			`postgresql_psql { 'Create testing table':`
			`command => 'CREATE TABLE "test_table" (field integer NOT NULL)',`
			`db => $db,`
			`unless => "SELECT * FROM pg_tables WHERE tablename = 'test_table'",`
			`require => Postgresql::Server::Database[$db],`
			`}`

			`postgresql::server::table_grant { 'grant insert test':`
			`privilege => 'ALL',`
			`table => 'test_table',`
			`db => $db,`
			`role => $user,`
			`require => Postgresql_psql['Create testing table'],`
			`}`
			`EOS`

Convert rspec-system tests over to beaker. This work converts all the tests over to beaker. Some things are done slightly different in beaker, we rely much more heavily on catch_failures rather than explicitly laying out the exit codes we want but I have attempted to preserve the spirit of all tests. 2014-01-22 01:45:58 +01:00			`apply_manifest(pp, :catch_failures => true)`
			`apply_manifest(pp, :catch_changes => true)`
Fix table_grant_spec to show a bug 2013-11-12 14:23:05 +01:00
			`## Check that the user can create a table in the database`
			`psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do \|r\|`
Convert rspec-system tests over to beaker. This work converts all the tests over to beaker. Some things are done slightly different in beaker, we rely much more heavily on catch_failures rather than explicitly laying out the exit codes we want but I have attempted to preserve the spirit of all tests. 2014-01-22 01:45:58 +01:00			`expect(r.stdout).to match(/CREATE TABLE/)`
			`expect(r.stderr).to eq('')`
Fix table_grant_spec to show a bug 2013-11-12 14:23:05 +01:00			`end`
			`ensure`
			`psql('--command="drop table foo" postgres', 'psql_grant_tester')`
			`end`
			`end`

Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh> 2013-08-27 22:43:47 +02:00			`it 'should grant access so a user can insert in a table' do`
			`begin`
Various cleanups Signed-off-by: Ken Barber <ken@bob.sh> 2013-09-18 23:25:51 +02:00			`pp = <<-EOS.unindent`
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh> 2013-08-27 22:43:47 +02:00			`$db = 'table_grant'`
Fix table_grant tests Signed-off-by: Ken Barber <ken@bob.sh> 2013-09-19 00:11:10 +02:00			`$user = 'psql_grant_tester'`
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh> 2013-08-27 22:43:47 +02:00			`$password = 'psql_table_pw'`

			`class { 'postgresql::server': }`

			`# Since we are not testing pg_hba or any of that, make a local user for ident auth`
			`user { $user:`
			`ensure => present,`
			`}`

			`postgresql::server::role { $user:`
			`password_hash => postgresql_password($user, $password),`
			`}`

			`postgresql::server::database { $db: }`

Fix table_grant tests Signed-off-by: Ken Barber <ken@bob.sh> 2013-09-19 00:11:10 +02:00			`# Create a rule for the user`
			`postgresql::server::pg_hba_rule { "allow ${user}":`
			`type => 'local',`
			`database => $db,`
			`user => $user,`
			`auth_method => 'ident',`
			`order => 1,`
			`}`

Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh> 2013-08-27 22:43:47 +02:00			`postgresql_psql { 'Create testing table':`
			`command => 'CREATE TABLE "test_table" (field integer NOT NULL)',`
			`db => $db,`
			`unless => "SELECT * FROM pg_tables WHERE tablename = 'test_table'",`
			`require => Postgresql::Server::Database[$db],`
			`}`

			`postgresql::server::table_grant { 'grant insert test':`
			`privilege => 'INSERT',`
			`table => 'test_table',`
			`db => $db,`
			`role => $user,`
			`require => Postgresql_psql['Create testing table'],`
			`}`
			`EOS`

Convert rspec-system tests over to beaker. This work converts all the tests over to beaker. Some things are done slightly different in beaker, we rely much more heavily on catch_failures rather than explicitly laying out the exit codes we want but I have attempted to preserve the spirit of all tests. 2014-01-22 01:45:58 +01:00			`apply_manifest(pp, :catch_failures => true)`
			`apply_manifest(pp, :catch_changes => true)`
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh> 2013-08-27 22:43:47 +02:00
			`## Check that the user can create a table in the database`
Various cleanups Signed-off-by: Ken Barber <ken@bob.sh> 2013-09-18 23:25:51 +02:00			`psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do \|r\|`
Convert rspec-system tests over to beaker. This work converts all the tests over to beaker. Some things are done slightly different in beaker, we rely much more heavily on catch_failures rather than explicitly laying out the exit codes we want but I have attempted to preserve the spirit of all tests. 2014-01-22 01:45:58 +01:00			`expect(r.stdout).to match(/CREATE TABLE/)`
			`expect(r.stderr).to eq('')`
Various cleanups Signed-off-by: Ken Barber <ken@bob.sh> 2013-09-18 23:25:51 +02:00			`end`
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh> 2013-08-27 22:43:47 +02:00			`ensure`
Various cleanups Signed-off-by: Ken Barber <ken@bob.sh> 2013-09-18 23:25:51 +02:00			`psql('--command="drop table foo" postgres', 'psql_grant_tester')`
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh> 2013-08-27 22:43:47 +02:00			`end`
			`end`
			`end`