forked from cockroachdb/cockroach
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
tenantcapabilitiesccl: rewrite some capability tests to datadriven tests
Now that we have a datadriven framework available to exercise tenant capabilities, we can move tests in `TestMultiTenantAdminFunction` to make use of this. This patch rewrites SPLIT/SCATTER related tests to make use of the datadriven test framework. As is, the construction is cumbersome to work with. The move is done with the next commit in mind, where we will change the default behavior of split/scatter capabilities. To that end, I've only moved the tests that were in my way. At some point we should get rid of this entire thing and rewrite it to use the datadriven test framework. That day is not today. Epic: none Release note: None
- Loading branch information
1 parent
c31c1ac
commit 6c148e3
Showing
5 changed files
with
168 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
79 changes: 79 additions & 0 deletions
79
pkg/ccl/multitenantccl/tenantcapabilitiesccl/testdata/can_admin_scatter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
query-sql-system | ||
SELECT * FROM [SHOW TENANT [10] WITH CAPABILITIES] WHERE capability_id = 'can_admin_scatter' | ||
---- | ||
10 tenant-10 ready none can_admin_scatter true | ||
|
||
exec-sql-tenant | ||
CREATE TABLE t(a INT) | ||
---- | ||
ok | ||
|
||
exec-sql-tenant | ||
CREATE INDEX idx on t(a) | ||
---- | ||
ok | ||
|
||
# By default, we should be able to scatter. | ||
exec-privileged-op-tenant | ||
ALTER TABLE t SCATTER | ||
---- | ||
ok | ||
|
||
# ditto for the index. | ||
exec-privileged-op-tenant | ||
ALTER INDEX t@idx SCATTER | ||
---- | ||
ok | ||
|
||
|
||
update-capabilities | ||
ALTER TENANT [10] GRANT CAPABILITY can_admin_scatter=false | ||
---- | ||
ok | ||
|
||
exec-privileged-op-tenant | ||
ALTER TABLE t SCATTER | ||
---- | ||
pq: ba: AdminScatter [/Tenant/10/Table/104/1,/Tenant/10/Table/104/2) RPC error: rpc error: code = Unauthenticated desc = client tenant does not have capability "can_admin_scatter" (*kvpb.AdminScatterRequest) | ||
|
||
# Check the index as well. | ||
exec-privileged-op-tenant | ||
ALTER INDEX t@idx SCATTER | ||
---- | ||
pq: ba: AdminScatter [/Tenant/10/Table/104/2,/Tenant/10/Table/104/3) RPC error: rpc error: code = Unauthenticated desc = client tenant does not have capability "can_admin_scatter" (*kvpb.AdminScatterRequest) | ||
|
||
# Grant the capability without providing an explicit value. | ||
update-capabilities | ||
ALTER TENANT [10] GRANT CAPABILITY can_admin_scatter | ||
---- | ||
ok | ||
|
||
# Scatters should work now. | ||
exec-privileged-op-tenant | ||
ALTER TABLE t SCATTER | ||
---- | ||
ok | ||
|
||
# Revoke the capability using REVOKE syntax. | ||
update-capabilities | ||
ALTER TENANT [10] REVOKE CAPABILITY can_admin_scatter | ||
---- | ||
ok | ||
|
||
# Scatters should no longer work. | ||
exec-privileged-op-tenant | ||
ALTER TABLE t SCATTER | ||
---- | ||
pq: ba: AdminScatter [/Tenant/10/Table/104/1,/Tenant/10/Table/104/2) RPC error: rpc error: code = Unauthenticated desc = client tenant does not have capability "can_admin_scatter" (*kvpb.AdminScatterRequest) | ||
|
||
# Lastly, use the explicitly set to true syntax. | ||
update-capabilities | ||
ALTER TENANT [10] GRANT CAPABILITY can_admin_scatter=true | ||
---- | ||
ok | ||
|
||
# Scatters should now work. | ||
exec-privileged-op-tenant | ||
ALTER TABLE t SCATTER | ||
---- | ||
ok |
49 changes: 47 additions & 2 deletions
49
pkg/ccl/multitenantccl/tenantcapabilitiesccl/testdata/can_admin_split
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,34 +1,79 @@ | ||
query-sql-system | ||
SELECT * FROM [SHOW TENANT [10] WITH CAPABILITIES] WHERE capability_id = 'can_admin_split' | ||
---- | ||
10 tenant-10 ready none can_admin_split false | ||
10 tenant-10 ready none can_admin_split true | ||
|
||
exec-sql-tenant | ||
CREATE TABLE t(a INT) | ||
---- | ||
ok | ||
|
||
exec-sql-tenant | ||
CREATE INDEX idx on t(a) | ||
---- | ||
ok | ||
|
||
# By default, we should be able to split. | ||
exec-privileged-op-tenant | ||
ALTER TABLE t SPLIT AT VALUES (0) | ||
---- | ||
ok | ||
|
||
# ditto for the index. | ||
exec-privileged-op-tenant | ||
ALTER INDEX t@idx SPLIT AT VALUES (1) | ||
---- | ||
ok | ||
|
||
|
||
update-capabilities | ||
ALTER TENANT [10] GRANT CAPABILITY can_admin_split=false | ||
---- | ||
ok | ||
|
||
exec-privileged-op-tenant | ||
ALTER TABLE t SPLIT AT VALUES (0) | ||
---- | ||
pq: ba: AdminSplit [/Tenant/10/Table/104/1/0,/Min) RPC error: rpc error: code = Unauthenticated desc = client tenant does not have capability "can_admin_split" (*kvpb.AdminSplitRequest) | ||
|
||
# Check the index as well. | ||
exec-privileged-op-tenant | ||
ALTER INDEX t@idx SPLIT AT VALUES (1) | ||
---- | ||
pq: ba: AdminSplit [/Tenant/10/Table/104/2/1,/Min) RPC error: rpc error: code = Unauthenticated desc = client tenant does not have capability "can_admin_split" (*kvpb.AdminSplitRequest) | ||
|
||
# Grant the capability without providing an explicit value. | ||
update-capabilities | ||
ALTER TENANT [10] GRANT CAPABILITY can_admin_split=true | ||
ALTER TENANT [10] GRANT CAPABILITY can_admin_split | ||
---- | ||
ok | ||
|
||
# Splits should work now. | ||
exec-privileged-op-tenant | ||
ALTER TABLE t SPLIT AT VALUES (0) | ||
---- | ||
ok | ||
|
||
# Revoke the capability using REVOKE syntax. | ||
update-capabilities | ||
ALTER TENANT [10] REVOKE CAPABILITY can_admin_split | ||
---- | ||
ok | ||
|
||
# Splits should no longer work. | ||
exec-privileged-op-tenant | ||
ALTER TABLE t SPLIT AT VALUES (0) | ||
---- | ||
pq: ba: AdminSplit [/Tenant/10/Table/104/1/0,/Min) RPC error: rpc error: code = Unauthenticated desc = client tenant does not have capability "can_admin_split" (*kvpb.AdminSplitRequest) | ||
|
||
# Lastly, use the explicitly set to true syntax. | ||
update-capabilities | ||
ALTER TENANT [10] GRANT CAPABILITY can_admin_split=true | ||
---- | ||
ok | ||
|
||
# Splits should now work. | ||
exec-privileged-op-tenant | ||
ALTER TABLE t SPLIT AT VALUES (0) | ||
---- | ||
ok |
34 changes: 34 additions & 0 deletions
34
pkg/ccl/multitenantccl/tenantcapabilitiesccl/testdata/can_admin_unsplit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
query-sql-system | ||
SELECT * FROM [SHOW TENANT [10] WITH CAPABILITIES] WHERE capability_id = 'can_admin_unsplit' | ||
---- | ||
10 tenant-10 ready none can_admin_unsplit false | ||
|
||
exec-sql-tenant | ||
CREATE TABLE t(a INT) | ||
---- | ||
ok | ||
|
||
exec-privileged-op-tenant | ||
ALTER TABLE t UNSPLIT AT VALUES (0) | ||
---- | ||
pq: could not UNSPLIT AT (0): ba: AdminUnsplit [/Tenant/10/Table/104/1/0,/Min) RPC error: grpc: client tenant does not have capability "can_admin_unsplit" (*kvpb.AdminUnsplitRequest) [code 16/Unauthenticated] | ||
|
||
update-capabilities | ||
ALTER TENANT [10] GRANT CAPABILITY can_admin_unsplit=true | ||
---- | ||
ok | ||
|
||
exec-privileged-op-tenant | ||
ALTER TABLE t UNSPLIT AT VALUES (0) | ||
---- | ||
pq: could not UNSPLIT AT (0): key /Tenant/10/Table/104/1/0 is not the start of a range | ||
|
||
update-capabilities | ||
ALTER TENANT [10] REVOKE CAPABILITY can_admin_unsplit | ||
---- | ||
ok | ||
|
||
exec-privileged-op-tenant | ||
ALTER TABLE t UNSPLIT AT VALUES (0) | ||
---- | ||
pq: could not UNSPLIT AT (0): ba: AdminUnsplit [/Tenant/10/Table/104/1/0,/Min) RPC error: grpc: client tenant does not have capability "can_admin_unsplit" (*kvpb.AdminUnsplitRequest) [code 16/Unauthenticated] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters