Thread: Add regular expression testing for user name mapping in the peer authentication TAP test
Add regular expression testing for user name mapping in the peer authentication TAP test
From
"Drouvot, Bertrand"
Date:
Hi hackers, while working on [1], I thought it could also be useful to add regular expression testing for user name mapping in the peer authentication TAP test. This kind of test already exists in kerberos/t/001_auth.pl but the proposed one in the peer authentication testing would probably be more widely tested. Please find attached a patch proposal to do so. [1]: https://www.postgresql.org/message-id/4f55303e-62c1-1072-61db-fbfb30bd66c8%40gmail.com Looking forward to your feedback, Regards, -- Bertrand Drouvot PostgreSQL Contributors Team RDS Open Source Databases Amazon Web Services: https://aws.amazon.com
Attachment
Re: Add regular expression testing for user name mapping in the peer authentication TAP test
From
Michael Paquier
Date:
On Fri, Oct 14, 2022 at 06:31:15PM +0200, Drouvot, Bertrand wrote: > while working on [1], I thought it could also be useful to add regular > expression testing for user name mapping in the peer authentication TAP > test. Good idea now that we have a bit more coverage in the authentication tests. > +# Test with regular expression in user name map. > +my $last_system_user_char = substr($system_user, -1); This would attach to the regex the last character of the system user. I would perhaps have used more characters than that (-3?), as substr() with a negative number larger than the string given in input would give the entire string. That's a nit, though. > +# The regular expression does not match. > +reset_pg_ident($node, 'mypeermap', '/^$', 'testmapuser'); This matches only an empty string, my brain gets that right? -- Michael
Attachment
Re: Add regular expression testing for user name mapping in the peer authentication TAP test
From
"Drouvot, Bertrand"
Date:
Hi, On 10/15/22 5:11 AM, Michael Paquier wrote: > On Fri, Oct 14, 2022 at 06:31:15PM +0200, Drouvot, Bertrand wrote: >> while working on [1], I thought it could also be useful to add regular >> expression testing for user name mapping in the peer authentication TAP >> test. > > Good idea now that we have a bit more coverage in the authentication > tests. Thanks for looking at it! >> +# Test with regular expression in user name map. >> +my $last_system_user_char = substr($system_user, -1); > > This would attach to the regex the last character of the system user. Right. > I would perhaps have used more characters than that (-3?), as substr() > with a negative number larger than the string given in input would > give the entire string. That's a nit, though. I don't have a strong opinion on this, so let's extract the last 3 characters. This is what v2 attached does. > >> +# The regular expression does not match. >> +reset_pg_ident($node, 'mypeermap', '/^$', 'testmapuser'); > > This matches only an empty string, my brain gets that right? Right. Giving a second thought to the non matching case, I think I'd prefer to concatenate the system_user to the system_user instead. This is what v2 does. Regards, -- Bertrand Drouvot PostgreSQL Contributors Team RDS Open Source Databases Amazon Web Services: https://aws.amazon.com
Attachment
Re: Add regular expression testing for user name mapping in the peer authentication TAP test
From
Michael Paquier
Date:
On Sat, Oct 15, 2022 at 07:54:30AM +0200, Drouvot, Bertrand wrote: > Right. Giving a second thought to the non matching case, I think I'd prefer > to concatenate the system_user to the system_user instead. This is what v2 > does. Fine by me, so applied v2. Thanks! -- Michael
Attachment
Re: Add regular expression testing for user name mapping in the peer authentication TAP test
From
"Drouvot, Bertrand"
Date:
Hi, On 10/17/22 4:07 AM, Michael Paquier wrote: > On Sat, Oct 15, 2022 at 07:54:30AM +0200, Drouvot, Bertrand wrote: >> Right. Giving a second thought to the non matching case, I think I'd prefer >> to concatenate the system_user to the system_user instead. This is what v2 >> does. > > Fine by me, so applied v2. Thanks! Thanks! Regards, -- Bertrand Drouvot PostgreSQL Contributors Team RDS Open Source Databases Amazon Web Services: https://aws.amazon.com