summaryrefslogtreecommitdiffstats
path: root/mysql-test/suite/plugins/t/server_audit.test
diff options
context:
space:
mode:
Diffstat (limited to 'mysql-test/suite/plugins/t/server_audit.test')
-rw-r--r--mysql-test/suite/plugins/t/server_audit.test235
1 files changed, 235 insertions, 0 deletions
diff --git a/mysql-test/suite/plugins/t/server_audit.test b/mysql-test/suite/plugins/t/server_audit.test
new file mode 100644
index 00000000..01da4975
--- /dev/null
+++ b/mysql-test/suite/plugins/t/server_audit.test
@@ -0,0 +1,235 @@
+--source include/have_plugin_auth.inc
+--source include/not_embedded.inc
+
+if (!$SERVER_AUDIT_SO) {
+ skip No SERVER_AUDIT plugin;
+}
+
+# An unfortunate wait for check-testcase.test to complete disconnect.
+let count_sessions= 1;
+source include/wait_until_count_sessions.inc;
+
+let $MYSQLD_DATADIR= `SELECT @@datadir`;
+let SEARCH_FILE= $MYSQLD_DATADIR/server_audit.log;
+
+install plugin server_audit soname 'server_audit';
+
+show variables like 'server_audit%';
+set global server_audit_file_path=null;
+set global server_audit_incl_users=null;
+set global server_audit_file_path='server_audit.log';
+set global server_audit_output_type=file;
+set global server_audit_logging=on;
+
+--error ER_WRONG_VALUE_FOR_VAR
+set global server_audit_incl_users= repeat("'root',", 10000);
+show variables like 'server_audit_incl_users';
+--error ER_WRONG_VALUE_FOR_VAR
+set global server_audit_excl_users= repeat("'root',", 10000);
+show variables like 'server_audit_excl_users';
+let SEARCH_COUNT= 5;
+source include/wait_for_line_count_in_file.inc;
+
+connect (con1,localhost,root,,mysql);
+disconnect con1;
+let SEARCH_COUNT= 7;
+source include/wait_for_line_count_in_file.inc;
+
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error ER_ACCESS_DENIED_ERROR
+connect (con1,localhost,no_such_user,,mysql);
+let SEARCH_COUNT= 9;
+source include/wait_for_line_count_in_file.inc;
+
+connection default;
+set global server_audit_incl_users='odin, dva, tri';
+create table t1 (id int);
+set global server_audit_incl_users='odin, root, dva, tri';
+create table t2 (id int);
+set global server_audit_excl_users='odin, dva, tri';
+insert into t1 values (1), (2);
+select * from t1;
+set global server_audit_incl_users='odin, root, dva, tri';
+insert into t2 values (1), (2);
+select * from t2;
+alter table t1 rename renamed_t1;
+set global server_audit_events='connect,query';
+select 1,
+ 2,
+# comment
+ 3;
+insert into t2 values (1), (2);
+select * from t2;
+--disable_ps_protocol
+--error ER_NO_SUCH_TABLE
+select * from t_doesnt_exist;
+--enable_ps_protocol
+--error 1064
+syntax_error_query;
+drop table renamed_t1, t2;
+show variables like 'server_audit%';
+set global server_audit_mode=1;
+set global server_audit_events='';
+create database sa_db;
+let SEARCH_COUNT= 47;
+source include/wait_for_line_count_in_file.inc;
+
+connect (con1,localhost,root,,test);
+create table t1 (id2 int);
+insert into t1 values (1), (2);
+select * from t1;
+drop table t1;
+use sa_db;
+create table sa_t1(id int);
+insert into sa_t1 values (1), (2);
+drop table sa_t1;
+drop database sa_db;
+disconnect con1;
+let SEARCH_COUNT= 80;
+source include/wait_for_line_count_in_file.inc;
+
+connection default;
+create database sa_db;
+use sa_db;
+CREATE USER u1 IDENTIFIED BY 'pwd-123';
+GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
+SET PASSWORD FOR u1 = PASSWORD('pwd 098');
+CREATE USER u3 IDENTIFIED BY '';
+ALTER USER u3 IDENTIFIED BY 'pwd-456';
+drop user u1, u2, u3;
+
+set global server_audit_events='query_ddl';
+create table t1(id int);
+insert into t1 values (1), (2);
+select * from t1;
+select 2;
+(select 2);
+/*! select 2*/;
+/*comment*/ select 2;
+drop table t1;
+
+create procedure pr1() insert into test.t1 values ("foo", 42);
+create function fn1(i int) returns int deterministic return i+1;
+drop procedure pr1;
+drop function fn1;
+
+set global server_audit_events='query_ddl,query_dml';
+create table t1(id int);
+insert into t1 values (1), (2);
+select * from t1;
+select 2;
+drop table t1;
+set global server_audit_events='query_dml';
+create table t1(id int);
+insert into t1 values (1), (2);
+select * from t1;
+select 2;
+(select 2);
+/*! select 2*/;
+/*comment*/ select 2;
+drop table t1;
+set global server_audit_events='query_dcl';
+create table t1(id int);
+insert into t1 values (1), (2);
+select * from t1;
+CREATE USER u1 IDENTIFIED BY 'pwd-123';
+GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
+SET PASSWORD
+# comment
+FOR u1 = PASSWORD('pwd 098');
+--error 1064
+SET PASSWORD FOR u1=<secret>;
+CREATE USER u3 IDENTIFIED BY '';
+drop user u1, u2, u3;
+select 2;
+(select 2);
+/*! select 2*/;
+/*comment*/ select 2;
+drop table t1;
+set global server_audit_events='query_dml_no_select';
+create table t1(id int);
+insert into t1 values (1), (2);
+select * from t1;
+select 2;
+drop table t1;
+create procedure pr1() insert into test.t1 values ("foo", 42);
+create function fn1(i int) returns int deterministic return i+1;
+drop procedure pr1;
+drop function fn1;
+
+create procedure pr1() insert into test.t1 values ("foo", 42);
+create function fn1(i int) returns int deterministic return i+1;
+drop procedure pr1;
+drop function fn1;
+
+set global server_audit_events='table';
+set global server_audit_incl_users='user1';
+
+create user user1@localhost;
+grant all on sa_db.* to user1@localhost;
+
+connect (cn1,localhost,user1,,sa_db);
+connection cn1;
+
+create table t1(id int) engine=myisam;
+insert delayed into t1 values (1);
+connection default;
+--echo # Waiting until INSERT DELAYED thread does the insert.
+let $wait_condition= SELECT COUNT(*) = 1 FROM t1;
+--source include/wait_condition.inc
+drop table t1;
+
+set global server_audit_logging= off;
+set global server_audit_incl_users='root';
+set global server_audit_logging= on;
+disconnect cn1;
+let $count_sessions=1;
+source include/wait_until_count_sessions.inc;
+
+drop user user1@localhost;
+
+set global server_audit_events='';
+set global server_audit_incl_users='root, plug_dest';
+
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+--sleep 2
+--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
+--error ER_ACCESS_DENIED_ERROR : this should fail : no grant
+connect(plug_con,localhost,plug,plug_dest);
+--sleep 2
+GRANT PROXY ON plug_dest TO plug;
+--sleep 2
+connect(plug_con,localhost,plug,plug_dest);
+connection plug_con;
+select USER(),CURRENT_USER();
+connection default;
+disconnect plug_con;
+--sleep 2
+--sleep 2
+DROP USER plug;
+DROP USER plug_dest;
+
+set global server_audit_query_log_limit= 15;
+select (1), (2), (3), (4);
+select 'A', 'B', 'C', 'D';
+set global server_audit_query_log_limit= 1024;
+drop database sa_db;
+
+set global server_audit_file_path='.';
+--replace_regex /\.[\\\/]/HOME_DIR\//
+show status like 'server_audit_current_log';
+set global server_audit_file_path='';
+show status like 'server_audit_current_log';
+set global server_audit_file_path=' ';
+show status like 'server_audit_current_log';
+set global server_audit_file_path='nonexisting_dir/';
+show status like 'server_audit_current_log';
+show variables like 'server_audit%';
+uninstall plugin server_audit;
+
+# replace the timestamp and the hostname with constant values
+--replace_regex /[0-9]* [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\,[^,]*\,/TIME,HOSTNAME,/ /\,[1-9][0-9]*\,/,1,/ /\,[1-9][0-9]*/,ID/
+cat_file $MYSQLD_DATADIR/server_audit.log;
+remove_file $MYSQLD_DATADIR/server_audit.log;
+