@@ 102,7 102,6 @@ func compile(
// Given each user's set of lines, assemble permissions for them.
userPerms := map[string]*Permissions{}
for u, lines := range userLines {
- fmt.Println("USER LINES", u)
var err error
userPerms[u], err = permsForLines(schema, allStatements,
a.vars, lines)
@@ 412,7 411,6 @@ func permsForLines(
) (*Permissions, error) {
perms := permsForSchema(schema, allStatements)
for _, l := range ls {
- fmt.Println("APPLY", l)
if err := perms.apply(vars, l); err != nil {
return nil, fmt.Errorf("apply line %d: %w", l.line, err)
}
@@ 14,26 14,26 @@ func TestPermissionsApply(t *testing.T) {
t.Parallel()
tcs := []struct {
have *line
- want permissions
+ want Permissions
}{
{ // 0
have: &line{verb: "deny"},
- want: permissions{
+ want: Permissions{
Deny: true,
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
Deny: true,
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
Deny: true,
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
@@ 48,18 48,18 @@ func TestPermissionsApply(t *testing.T) {
},
{ // 1
have: &line{verb: "allow"},
- want: permissions{
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ want: Permissions{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Columns: map[string]bool{
"column": false,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Columns: map[string]bool{
"column": false,
},
@@ 73,22 73,22 @@ func TestPermissionsApply(t *testing.T) {
},
{ // 2
have: &line{verb: "deny", databases: []string{"db"}},
- want: permissions{
+ want: Permissions{
Deny: true,
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
Deny: true,
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
Deny: true,
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
@@ 107,19 107,19 @@ func TestPermissionsApply(t *testing.T) {
databases: []string{"db"},
statements: []string{"select"},
},
- want: permissions{
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ want: Permissions{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Columns: map[string]bool{
"column": false,
},
@@ 139,22 139,22 @@ func TestPermissionsApply(t *testing.T) {
tables: []string{"table"},
columns: []string{"column"},
},
- want: permissions{
+ want: Permissions{
Deny: true,
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
Deny: true,
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
Deny: true,
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
@@ 204,25 204,25 @@ func TestPermsForLines(t *testing.T) {
t.Parallel()
tcs := []struct {
have []*line
- want permissions
+ want Permissions
}{
{ // 0
have: []*line{
{verb: "deny"},
{verb: "allow"},
},
- want: permissions{
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ want: Permissions{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Columns: map[string]bool{
"column": false,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Columns: map[string]bool{
"column": false,
},
@@ 240,19 240,19 @@ func TestPermsForLines(t *testing.T) {
{verb: "allow", databases: []string{"db"}},
{verb: "deny", databases: []string{"db"}, statements: []string{"select"}},
},
- want: permissions{
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ want: Permissions{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Columns: map[string]bool{
"column": false,
},
@@ 300,26 300,26 @@ func TestPermsForLines(t *testing.T) {
func TestGrants(t *testing.T) {
tcs := []struct {
- have *permissions
+ have *Permissions
want []string
}{
{ // 0 - deny all
- have: &permissions{
+ have: &Permissions{
Deny: true,
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
Deny: true,
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
Deny: true,
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
@@ 334,19 334,19 @@ func TestGrants(t *testing.T) {
want: nil,
},
{ // 1 - allow insert on db
- have: &permissions{
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ have: &Permissions{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Deny: true,
Columns: map[string]bool{
"column": true,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Columns: map[string]bool{
"column": false,
},
@@ 360,18 360,18 @@ func TestGrants(t *testing.T) {
want: []string{"GRANT insert ON db.table TO user@'%'"},
},
{ // 2 - grant all
- have: &permissions{
- Databases: map[string]*dbPermission{
- "db": &dbPermission{
- Tables: map[string]*tablePermission{
- "table": &tablePermission{
- Statements: map[string]*statementPermission{
- "select": &statementPermission{
+ have: &Permissions{
+ Databases: map[string]*DBPermission{
+ "db": &DBPermission{
+ Tables: map[string]*TablePermission{
+ "table": &TablePermission{
+ Statements: map[string]*StatementPermission{
+ "select": &StatementPermission{
Columns: map[string]bool{
"column": false,
},
},
- "insert": &statementPermission{
+ "insert": &StatementPermission{
Columns: map[string]bool{
"column": false,
},