Skip to content
Snippets Groups Projects
Commit 9e53528e authored by Konstantin Osipov's avatar Konstantin Osipov
Browse files

A fix and a test case for gh-530 - assertion failed 

A dropped user structure could still be accessed from sessions
which were authenticated with this user.

Check that a user is dropped when accessing it from the authenticated
session.
parent 957f3659
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/box/access.h
+ 6
3
View file @ 9e53528e
......@@ -142,9 +142,12 @@ user_by_name(const char *name, uint32_t len);
#define user() \
({ \
struct session *s = session(); \
uint8_t auth_token = s ? s->auth_token : (int) ADMIN; \
struct user *u = &users[auth_token]; \
assert(u->auth_token == auth_token); \
struct user *u = &users[s->auth_token]; \
if (u->auth_token != s->auth_token || \
u->uid != s->uid) { \
tnt_raise(ClientError, ER_NO_SUCH_USER, \
int2str(s->uid)); \
} \
u; \
})
......
test/box/access_bin.result
+ 45
0
View file @ 9e53528e
......@@ -102,3 +102,48 @@ setuid_space:drop()
---
...
--
-- gh-530 "assertion failed"
-- If a user is dropped, its session should not be usable
-- any more
--
test = box.schema.space.create('test')
---
...
test:create_index('primary')
---
...
box.schema.user.create('test', {password='test'})
---
...
box.schema.user.grant('test', 'read,write', 'space','test')
---
...
box.schema.user.grant('test', 'read', 'space', '_space')
---
...
box.schema.user.grant('test', 'read', 'space', '_index')
---
...
net = require('net.box')
---
...
c = net.new(LISTEN.host, LISTEN.service, {user = 'test', password='test'})
---
...
c.space.test:insert{1}
---
- [1]
...
box.schema.user.drop('test')
---
...
c.space.test:insert{1}
---
- error: User '3' is not found
...
c:close()
---
...
test:drop()
---
...
test/box/access_bin.test.lua
+ 18
0
View file @ 9e53528e
......@@ -36,3 +36,21 @@ c:close()
box.schema.func.drop('setuid_func')
setuid_space:drop()
--
-- gh-530 "assertion failed"
-- If a user is dropped, its session should not be usable
-- any more
--
test = box.schema.space.create('test')
test:create_index('primary')
box.schema.user.create('test', {password='test'})
box.schema.user.grant('test', 'read,write', 'space','test')
box.schema.user.grant('test', 'read', 'space', '_space')
box.schema.user.grant('test', 'read', 'space', '_index')
net = require('net.box')
c = net.new(LISTEN.host, LISTEN.service, {user = 'test', password='test'})
c.space.test:insert{1}
box.schema.user.drop('test')
c.space.test:insert{1}
c:close()
test:drop()
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment