tests/sentinel/tests/09-acl-support.tcl


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

source "../tests/includes/init-tests.tcl"

set ::user "testuser"
set ::password "secret"

proc setup_acl {} {
    foreach_sentinel_id id {
        assert_equal {OK} [S $id ACL SETUSER $::user >$::password +@all on]
        assert_equal {OK} [S $id ACL SETUSER default off]

        S $id CLIENT KILL USER default SKIPME no
        assert_equal {OK} [S $id AUTH $::user $::password]
    }
}

proc teardown_acl {} {
    foreach_sentinel_id id {
        assert_equal {OK} [S $id ACL SETUSER default on]
        assert_equal {1} [S $id ACL DELUSER $::user]

        S $id SENTINEL CONFIG SET sentinel-user ""
        S $id SENTINEL CONFIG SET sentinel-pass ""
    }
}

test "(post-init) Set up ACL configuration" {
    setup_acl
    assert_equal $::user [S 1 ACL WHOAMI]
}

test "SENTINEL CONFIG SET handles on-the-fly credentials reconfiguration" {
    # Make sure we're starting with a broken state...
    wait_for_condition 200 50 {
        [catch {S 1 SENTINEL CKQUORUM mymaster}] == 1
    } else {
        fail "Expected: Sentinel to be disconnected from master due to wrong password"
    }
    assert_error "*NOQUORUM*" {S 1 SENTINEL CKQUORUM mymaster}

    foreach_sentinel_id id {
        assert_equal {OK} [S $id SENTINEL CONFIG SET sentinel-user $::user]
        assert_equal {OK} [S $id SENTINEL CONFIG SET sentinel-pass $::password]
    }

    wait_for_condition 200 50 {
        [catch {S 1 SENTINEL CKQUORUM mymaster}] == 0
    } else {
         fail "Expected: Sentinel to be connected to master after setting password"
    }
    assert_match {*OK*} [S 1 SENTINEL CKQUORUM mymaster]
}

test "(post-cleanup) Tear down ACL configuration" {
    teardown_acl
}