feat(spanner): add tests for database roles in PG dialect (#7898)

Co-authored-by: rahul2393 <[email protected]>
googleapis · Jun 6, 2023 · dc84649 · dc84649
1 parent 96f167f
commit dc84649
Showing 1 changed file with 111 additions and 52 deletions.
diff --git a/spanner/integration_test.go b/spanner/integration_test.go
@@ -2495,9 +2495,8 @@ func TestIntegration_TransactionRunner(t *testing.T) {
 
 func TestIntegration_QueryWithRoles(t *testing.T) {
 	t.Parallel()
-	// Database roles are not currently available in emulator and PG dialect
+	// Database roles are not currently available in emulator
 	skipEmulatorTest(t)
-	skipUnsupportedPGTest(t)
 
 	// Set up testing environment.
 	var (
@@ -2511,22 +2510,38 @@ func TestIntegration_QueryWithRoles(t *testing.T) {
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	stmts := []string{
-		`CREATE TABLE Singers (
-				SingerId	INT64 NOT NULL,
-				FirstName	STRING(1024),
-				LastName	STRING(1024),
-				SingerInfo	BYTES(MAX)
-			) PRIMARY KEY (SingerId)`,
 		`CREATE ROLE singers_reader`,
 		`CREATE ROLE singers_unauthorized`,
 		`CREATE ROLE singers_reader_revoked`,
 		`CREATE ROLE dropped`,
-		`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_reader`,
-		`GRANT SELECT(SingerId, FirstName) ON TABLE Singers TO ROLE singers_unauthorized`,
-		`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_reader_revoked`,
-		`REVOKE SELECT(LastName) ON TABLE Singers FROM ROLE singers_reader_revoked`,
 		`DROP ROLE dropped`,
 	}
+	if testDialect == adminpb.DatabaseDialect_POSTGRESQL {
+		stmts = append(stmts,
+			`CREATE TABLE Singers (
+					SingerId	BIGINT NOT NULL,
+					FirstName	VARCHAR(1024),
+					LastName	VARCHAR(1024),
+					SingerInfo	BYTEA,
+					PRIMARY KEY (SingerId)
+				)`,
+			`GRANT SELECT(SingerId, FirstName, LastName) ON Singers TO singers_reader`,
+			`GRANT SELECT(SingerId, FirstName) ON TABLE Singers TO singers_unauthorized`,
+			`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO singers_reader_revoked`,
+			`REVOKE SELECT(LastName) ON TABLE Singers FROM singers_reader_revoked`)
+	} else {
+		stmts = append(stmts,
+			`CREATE TABLE Singers (
+					SingerId	INT64 NOT NULL,
+					FirstName	STRING(1024),
+					LastName	STRING(1024),
+					SingerInfo	BYTES(MAX)
+				) PRIMARY KEY (SingerId)`,
+			`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_reader`,
+			`GRANT SELECT(SingerId, FirstName) ON TABLE Singers TO ROLE singers_unauthorized`,
+			`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_reader_revoked`,
+			`REVOKE SELECT(LastName) ON TABLE Singers FROM ROLE singers_reader_revoked`)
+	}
 	client, dbPath, cleanup := prepareIntegrationTest(ctx, t, DefaultSessionPoolConfig, stmts)
 	defer cleanup()
 
@@ -2609,9 +2624,8 @@ func TestIntegration_QueryWithRoles(t *testing.T) {
 
 func TestIntegration_ReadWithRoles(t *testing.T) {
 	t.Parallel()
-	// Database roles are not currently available in emulator and PG dialect
+	// Database roles are not currently available in emulator
 	skipEmulatorTest(t)
-	skipUnsupportedPGTest(t)
 
 	// Set up testing environment.
 	var (
@@ -2625,22 +2639,38 @@ func TestIntegration_ReadWithRoles(t *testing.T) {
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	stmts := []string{
-		`CREATE TABLE Singers (
-				SingerId	INT64 NOT NULL,
-				FirstName	STRING(1024),
-				LastName	STRING(1024),
-				SingerInfo	BYTES(MAX)
-			) PRIMARY KEY (SingerId)`,
 		`CREATE ROLE singers_reader`,
 		`CREATE ROLE singers_unauthorized`,
 		`CREATE ROLE singers_reader_revoked`,
 		`CREATE ROLE dropped`,
-		`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_reader`,
-		`GRANT SELECT(SingerId, FirstName) ON TABLE Singers TO ROLE singers_unauthorized`,
-		`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_reader_revoked`,
-		`REVOKE SELECT(LastName) ON TABLE Singers FROM ROLE singers_reader_revoked`,
 		`DROP ROLE dropped`,
 	}
+	if testDialect == adminpb.DatabaseDialect_POSTGRESQL {
+		stmts = append(stmts,
+			`CREATE TABLE Singers (
+					SingerId	BIGINT NOT NULL,
+					FirstName	VARCHAR(1024),
+					LastName	VARCHAR(1024),
+					SingerInfo	BYTEA,
+					PRIMARY KEY (SingerId)
+				)`,
+			`GRANT SELECT(SingerId, FirstName, LastName) ON Singers TO singers_reader`,
+			`GRANT SELECT(SingerId, FirstName) ON TABLE Singers TO singers_unauthorized`,
+			`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO singers_reader_revoked`,
+			`REVOKE SELECT(LastName) ON TABLE Singers FROM singers_reader_revoked`)
+	} else {
+		stmts = append(stmts,
+			`CREATE TABLE Singers (
+					SingerId	INT64 NOT NULL,
+					FirstName	STRING(1024),
+					LastName	STRING(1024),
+					SingerInfo	BYTES(MAX)
+				) PRIMARY KEY (SingerId)`,
+			`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_reader`,
+			`GRANT SELECT(SingerId, FirstName) ON TABLE Singers TO ROLE singers_unauthorized`,
+			`GRANT SELECT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_reader_revoked`,
+			`REVOKE SELECT(LastName) ON TABLE Singers FROM ROLE singers_reader_revoked`)
+	}
 	client, dbPath, cleanup := prepareIntegrationTest(ctx, t, DefaultSessionPoolConfig, stmts)
 	defer cleanup()
 
@@ -2722,9 +2752,8 @@ func TestIntegration_ReadWithRoles(t *testing.T) {
 
 func TestIntegration_DMLWithRoles(t *testing.T) {
 	t.Parallel()
-	// Database roles are not currently available in emulator and PG dialect
+	// Database roles are not currently available in emulator
 	skipEmulatorTest(t)
-	skipUnsupportedPGTest(t)
 
 	// Set up testing environment.
 	var (
@@ -2734,20 +2763,36 @@ func TestIntegration_DMLWithRoles(t *testing.T) {
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	stmts := []string{
-		`CREATE TABLE Singers (
-				SingerId	INT64 NOT NULL,
-				FirstName	STRING(1024),
-				LastName	STRING(1024),
-				SingerInfo	BYTES(MAX)
-			) PRIMARY KEY (SingerId)`,
 		`CREATE ROLE singers_updater`,
 		`CREATE ROLE singers_unauthorized`,
 		`CREATE ROLE singers_creator`,
 		`CREATE ROLE singers_deleter`,
-		`GRANT SELECT(SingerId), UPDATE(FirstName, LastName) ON TABLE Singers TO ROLE singers_updater`,
-		`GRANT SELECT(SingerId), UPDATE(FirstName) ON TABLE Singers TO ROLE singers_unauthorized`,
-		`GRANT INSERT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_creator`,
-		`GRANT SELECT(SingerId), DELETE ON TABLE Singers TO ROLE singers_deleter`,
+	}
+	if testDialect == adminpb.DatabaseDialect_POSTGRESQL {
+		stmts = append(stmts,
+			`CREATE TABLE Singers (
+					SingerId	BIGINT NOT NULL,
+					FirstName	VARCHAR(1024),
+					LastName	VARCHAR(1024),
+					SingerInfo	BYTEA,
+					PRIMARY KEY (SingerId)
+				)`,
+			`GRANT SELECT(SingerId), UPDATE(FirstName, LastName) ON Singers TO singers_updater`,
+			`GRANT SELECT(SingerId), UPDATE(FirstName) ON TABLE Singers TO singers_unauthorized`,
+			`GRANT INSERT(SingerId, FirstName, LastName) ON TABLE Singers TO singers_creator`,
+			`GRANT SELECT(SingerId), DELETE ON TABLE Singers TO singers_deleter`)
+	} else {
+		stmts = append(stmts,
+			`CREATE TABLE Singers (
+					SingerId	INT64 NOT NULL,
+					FirstName	STRING(1024),
+					LastName	STRING(1024),
+					SingerInfo	BYTES(MAX)
+				) PRIMARY KEY (SingerId)`,
+			`GRANT SELECT(SingerId), UPDATE(FirstName, LastName) ON TABLE Singers TO ROLE singers_updater`,
+			`GRANT SELECT(SingerId), UPDATE(FirstName) ON TABLE Singers TO ROLE singers_unauthorized`,
+			`GRANT INSERT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_creator`,
+			`GRANT SELECT(SingerId), DELETE ON TABLE Singers TO ROLE singers_deleter`)
 	}
 	client, dbPath, cleanup := prepareIntegrationTest(ctx, t, DefaultSessionPoolConfig, stmts)
 	defer cleanup()
@@ -2759,7 +2804,7 @@ func TestIntegration_DMLWithRoles(t *testing.T) {
 	if _, err := client.Apply(ctx, ms, ApplyAtLeastOnce()); err != nil {
 		t.Fatalf("Could not insert rows to table. Got error %v", err)
 	}
-	updateStmt := Statement{SQL: `UPDATE Singers SET FirstName = "Mark", LastName = "Richards" WHERE SingerId = 1`}
+	updateStmt := Statement{SQL: `UPDATE Singers SET FirstName = 'Mark', LastName = 'Richards' WHERE SingerId = 1`}
 
 	// A request with sufficient privileges should update the row
 	for _, dbRole := range []string{
@@ -2812,7 +2857,7 @@ func TestIntegration_DMLWithRoles(t *testing.T) {
 
 	// A request with sufficient privileges should insert the row
 	getInsertStmt := func(vals []interface{}) Statement {
-		sql := fmt.Sprintf(`INSERT INTO Singers (SingerId, FirstName, LastName) VALUES (%d, "%s", "%s")`, vals...)
+		sql := fmt.Sprintf(`INSERT INTO Singers (SingerId, FirstName, LastName) VALUES (%d, '%s', '%s')`, vals...)
 		return Statement{SQL: sql}
 	}
 	for _, test := range []struct {
@@ -2863,9 +2908,8 @@ func TestIntegration_DMLWithRoles(t *testing.T) {
 
 func TestIntegration_MutationWithRoles(t *testing.T) {
 	t.Parallel()
-	// Database roles are not currently available in emulator and PG dialect
+	// Database roles are not currently available in emulator
 	skipEmulatorTest(t)
-	skipUnsupportedPGTest(t)
 
 	// Set up testing environment.
 	var (
@@ -2875,20 +2919,36 @@ func TestIntegration_MutationWithRoles(t *testing.T) {
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	stmts := []string{
-		`CREATE TABLE Singers (
-				SingerId	INT64 NOT NULL,
-				FirstName	STRING(1024),
-				LastName	STRING(1024),
-				SingerInfo	BYTES(MAX)
-			) PRIMARY KEY (SingerId)`,
 		`CREATE ROLE singers_updater`,
 		`CREATE ROLE singers_unauthorized`,
 		`CREATE ROLE singers_creator`,
 		`CREATE ROLE singers_deleter`,
-		`GRANT SELECT(SingerId), UPDATE(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_updater`,
-		`GRANT SELECT(SingerId), UPDATE(SingerId, FirstName) ON TABLE Singers TO ROLE singers_unauthorized`,
-		`GRANT INSERT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_creator`,
-		`GRANT SELECT(SingerId), DELETE ON TABLE Singers TO ROLE singers_deleter`,
+	}
+	if testDialect == adminpb.DatabaseDialect_POSTGRESQL {
+		stmts = append(stmts,
+			`CREATE TABLE Singers (
+					SingerId	BIGINT NOT NULL,
+					FirstName	VARCHAR(1024),
+					LastName	VARCHAR(1024),
+					SingerInfo	BYTEA,
+					PRIMARY KEY (SingerId)
+				)`,
+			`GRANT SELECT(SingerId), UPDATE(SingerId, FirstName, LastName) ON Singers TO singers_updater`,
+			`GRANT SELECT(SingerId), UPDATE(SingerId, FirstName) ON TABLE Singers TO singers_unauthorized`,
+			`GRANT INSERT(SingerId, FirstName, LastName) ON TABLE Singers TO singers_creator`,
+			`GRANT SELECT(SingerId), DELETE ON TABLE Singers TO singers_deleter`)
+	} else {
+		stmts = append(stmts,
+			`CREATE TABLE Singers (
+					SingerId	INT64 NOT NULL,
+					FirstName	STRING(1024),
+					LastName	STRING(1024),
+					SingerInfo	BYTES(MAX)
+				) PRIMARY KEY (SingerId)`,
+			`GRANT SELECT(SingerId), UPDATE(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_updater`,
+			`GRANT SELECT(SingerId), UPDATE(SingerId, FirstName) ON TABLE Singers TO ROLE singers_unauthorized`,
+			`GRANT INSERT(SingerId, FirstName, LastName) ON TABLE Singers TO ROLE singers_creator`,
+			`GRANT SELECT(SingerId), DELETE ON TABLE Singers TO ROLE singers_deleter`)
 	}
 	client, dbPath, cleanup := prepareIntegrationTest(ctx, t, DefaultSessionPoolConfig, stmts)
 	defer cleanup()
@@ -2994,9 +3054,8 @@ func TestIntegration_MutationWithRoles(t *testing.T) {
 
 func TestIntegration_ListDatabaseRoles(t *testing.T) {
 	t.Parallel()
-	// Database roles are not currently available in emulator and PG dialect
+	// Database roles are not currently available in emulator
 	skipEmulatorTest(t)
-	skipUnsupportedPGTest(t)
 
 	// Set up testing environment.
 	var (