Add regular expression testing for user name mapping in the peer authentication TAP test
Hi hackers,
while working on [1]/messages/by-id/4f55303e-62c1-1072-61db-fbfb30bd66c8@gmail.com, I thought it could also be useful to add regular
expression testing for user name mapping in the peer authentication TAP
test.
This kind of test already exists in kerberos/t/001_auth.pl but the
proposed one in the peer authentication testing would probably be more
widely tested.
Please find attached a patch proposal to do so.
[1]: /messages/by-id/4f55303e-62c1-1072-61db-fbfb30bd66c8@gmail.com
/messages/by-id/4f55303e-62c1-1072-61db-fbfb30bd66c8@gmail.com
Looking forward to your feedback,
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
Attachments:
v1-0001-tap-peer-test-with-regexp.patchtext/plain; charset=UTF-8; name=v1-0001-tap-peer-test-with-regexp.patchDownload+48-5
On Fri, Oct 14, 2022 at 06:31:15PM +0200, Drouvot, Bertrand wrote:
while working on [1], I thought it could also be useful to add regular
expression testing for user name mapping in the peer authentication TAP
test.
Good idea now that we have a bit more coverage in the authentication
tests.
+# Test with regular expression in user name map. +my $last_system_user_char = substr($system_user, -1);
This would attach to the regex the last character of the system user.
I would perhaps have used more characters than that (-3?), as substr()
with a negative number larger than the string given in input would
give the entire string. That's a nit, though.
+# The regular expression does not match. +reset_pg_ident($node, 'mypeermap', '/^$', 'testmapuser');
This matches only an empty string, my brain gets that right?
--
Michael
Hi,
On 10/15/22 5:11 AM, Michael Paquier wrote:
On Fri, Oct 14, 2022 at 06:31:15PM +0200, Drouvot, Bertrand wrote:
while working on [1], I thought it could also be useful to add regular
expression testing for user name mapping in the peer authentication TAP
test.Good idea now that we have a bit more coverage in the authentication
tests.
Thanks for looking at it!
+# Test with regular expression in user name map. +my $last_system_user_char = substr($system_user, -1);This would attach to the regex the last character of the system user.
Right.
I would perhaps have used more characters than that (-3?), as substr()
with a negative number larger than the string given in input would
give the entire string. That's a nit, though.
I don't have a strong opinion on this, so let's extract the last 3
characters. This is what v2 attached does.
+# The regular expression does not match. +reset_pg_ident($node, 'mypeermap', '/^$', 'testmapuser');This matches only an empty string, my brain gets that right?
Right. Giving a second thought to the non matching case, I think I'd
prefer to concatenate the system_user to the system_user instead. This
is what v2 does.
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
Attachments:
v2-0001-tap-peer-test-with-regexp.patchtext/plain; charset=UTF-8; name=v2-0001-tap-peer-test-with-regexp.patchDownload+55-5
On Sat, Oct 15, 2022 at 07:54:30AM +0200, Drouvot, Bertrand wrote:
Right. Giving a second thought to the non matching case, I think I'd prefer
to concatenate the system_user to the system_user instead. This is what v2
does.
Fine by me, so applied v2. Thanks!
--
Michael
Hi,
On 10/17/22 4:07 AM, Michael Paquier wrote:
On Sat, Oct 15, 2022 at 07:54:30AM +0200, Drouvot, Bertrand wrote:
Right. Giving a second thought to the non matching case, I think I'd prefer
to concatenate the system_user to the system_user instead. This is what v2
does.Fine by me, so applied v2. Thanks!
Thanks!
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com