// Bootstrap sets up the database and tables, also creating the notary server user with appropriate db permission func (rdb RethinkDB) Bootstrap() error { if err := rethinkdb.SetupDB(rdb.sess, rdb.dbName, []rethinkdb.Table{ TUFFilesRethinkTable, }); err != nil { return err } return rethinkdb.CreateAndGrantDBUser(rdb.sess, rdb.dbName, rdb.user, rdb.password) }
func rethinkDBSetup(t *testing.T) (RethinkDB, func()) { session, _ := rethinkSessionSetup(t) dbName := "servertestdb" var cleanup = func() { gorethink.DBDrop(dbName).Exec(session) } cleanup() require.NoError(t, rethinkdb.SetupDB(session, dbName, []rethinkdb.Table{ TUFFilesRethinkTable, })) return NewRethinkDBStorage(dbName, "", "", session), cleanup }
func rethinkDBSetup(t *testing.T, dbName string) (*RethinkDBKeyStore, func()) { session, _ := rethinkSessionSetup(t) var cleanup = func() { gorethink.DBDrop(dbName).Exec(session) } cleanup() err := rethinkdb.SetupDB(session, dbName, []rethinkdb.Table{PrivateKeysRethinkTable}) require.NoError(t, err) dbStore := NewRethinkDBKeyStore(dbName, "", "", multiAliasRetriever, validAliases[0], session) require.Equal(t, "RethinkDB", dbStore.Name()) dbStore.nowFunc = func() time.Time { return rdbNow } return dbStore, cleanup }
func TestRethinkBootstrapSetsUsernamePassword(t *testing.T) { adminSession, source := rethinkSessionSetup(t) dbname, username, password := "******", "testuser", "testpassword" otherDB, otherUser, otherPass := "******", "otheruser", "otherpassword" // create a separate user with access to a different DB require.NoError(t, rethinkdb.SetupDB(adminSession, otherDB, nil)) defer gorethink.DBDrop(otherDB).Exec(adminSession) require.NoError(t, rethinkdb.CreateAndGrantDBUser(adminSession, otherDB, otherUser, otherPass)) // Bootstrap s := NewRethinkDBKeyStore(dbname, username, password, constRetriever, "ignored", adminSession) require.NoError(t, s.Bootstrap()) defer gorethink.DBDrop(dbname).Exec(adminSession) // A user with an invalid password cannot connect to rethink DB at all _, err := rethinkdb.UserConnection(tlsOpts, source, username, "wrongpass") require.Error(t, err) // the other user cannot access rethink, causing health checks to fail userSession, err := rethinkdb.UserConnection(tlsOpts, source, otherUser, otherPass) require.NoError(t, err) s = NewRethinkDBKeyStore(dbname, otherUser, otherPass, constRetriever, "ignored", userSession) _, _, err = s.GetPrivateKey("nonexistent") require.Error(t, err) require.IsType(t, gorethink.RQLRuntimeError{}, err) key := s.GetKey("nonexistent") require.Nil(t, key) require.Error(t, s.CheckHealth()) // our user can access the DB though userSession, err = rethinkdb.UserConnection(tlsOpts, source, username, password) require.NoError(t, err) s = NewRethinkDBKeyStore(dbname, username, password, constRetriever, "ignored", userSession) _, _, err = s.GetPrivateKey("nonexistent") require.Error(t, err) require.IsType(t, trustmanager.ErrKeyNotFound{}, err) require.NoError(t, s.CheckHealth()) }
func TestRethinkBootstrapSetsUsernamePassword(t *testing.T) { adminSession, source := rethinkSessionSetup(t) dbname, username, password := "******", "testuser", "testpassword" otherDB, otherUser, otherPass := "******", "otheruser", "otherpassword" // create a separate user with access to a different DB require.NoError(t, rethinkdb.SetupDB(adminSession, otherDB, nil)) defer gorethink.DBDrop(otherDB).Exec(adminSession) require.NoError(t, rethinkdb.CreateAndGrantDBUser(adminSession, otherDB, otherUser, otherPass)) // Bootstrap s := NewRethinkDBStorage(dbname, username, password, adminSession) require.NoError(t, s.Bootstrap()) defer gorethink.DBDrop(dbname).Exec(adminSession) // A user with an invalid password cannot connect to rethink DB at all _, err := rethinkdb.UserConnection(tlsOpts, source, username, "wrongpass") require.Error(t, err) // the other user cannot access rethink, causing health checks to fail userSession, err := rethinkdb.UserConnection(tlsOpts, source, otherUser, otherPass) require.NoError(t, err) s = NewRethinkDBStorage(dbname, otherUser, otherPass, userSession) _, _, err = s.GetCurrent("gun", data.CanonicalRootRole) require.Error(t, err) require.IsType(t, gorethink.RQLRuntimeError{}, err) require.Error(t, s.CheckHealth()) // our user can access the DB though userSession, err = rethinkdb.UserConnection(tlsOpts, source, username, password) require.NoError(t, err) s = NewRethinkDBStorage(dbname, username, password, userSession) _, _, err = s.GetCurrent("gun", data.CanonicalRootRole) require.Error(t, err) require.IsType(t, ErrNotFound{}, err) require.NoError(t, s.CheckHealth()) }