Skip to content

Commit 1ffe2e3

Browse files
kangmingtaykangmingtay
authored
chore: add test for pgbouncer.get_auth (#1567)
1 parent 8d32169 commit 1ffe2e3

File tree

3 files changed

+37
-5
lines changed

3 files changed

+37
-5
lines changed

ansible/vars.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,9 @@ postgres_major:
99

1010
# Full version strings for each major version
1111
postgres_release:
12-
postgresorioledb-17: "17.0.1.068-orioledb"
13-
postgres17: "17.4.1.018"
14-
postgres15: "15.8.1.075"
12+
postgresorioledb-17: "17.0.1.069-orioledb"
13+
postgres17: "17.4.1.019"
14+
postgres15: "15.8.1.076"
1515

1616
# Non Postgres Extensions
1717
pgbouncer_release: "1.19.0"

nix/tests/expected/pgbouncer.out

+20-1
Original file line numberDiff line numberDiff line change
@@ -58,11 +58,30 @@ SELECT
5858
FROM pg_proc p
5959
JOIN schema_obj s ON s.oid = p.pronamespace
6060
CROSS JOIN LATERAL aclexplode(p.proacl) AS acl
61-
ORDER BY object_name, grantee, privilege_type;
61+
ORDER BY object_name, grantee, privilege_type;
6262
schema | object_name | grantee | privilege_type
6363
-----------+-------------+----------------+----------------
6464
pgbouncer | get_auth | pgbouncer | EXECUTE
6565
pgbouncer | get_auth | postgres | EXECUTE
6666
pgbouncer | get_auth | supabase_admin | EXECUTE
6767
(3 rows)
6868

69+
-- Ensure that pgbouncer.get_auth() function does not return an expired password
70+
create role test_expired_user_password with login password 'expired_password' valid until '2000-01-01 00:00:00+00';
71+
create role test_valid_user_password with login password 'valid_password' valid until '2100-01-01 00:00:00+00';
72+
-- Update the pg_authid catalog directly to replace with a known SCRAM hash
73+
update pg_authid set rolpassword = 'SCRAM-SHA-256$4096:testsaltbase64$storedkeybase64$serverkeybase64' where rolname = 'test_valid_user_password';
74+
select pgbouncer.get_auth('test_expired_user_password');
75+
get_auth
76+
-------------------------------
77+
(test_expired_user_password,)
78+
(1 row)
79+
80+
select pgbouncer.get_auth('test_valid_user_password');
81+
get_auth
82+
----------------------------------------------------------------------------------------------
83+
(test_valid_user_password,SCRAM-SHA-256$4096:testsaltbase64$storedkeybase64$serverkeybase64)
84+
(1 row)
85+
86+
drop role test_expired_user_password;
87+
drop role test_valid_user_password;

nix/tests/sql/pgbouncer.sql

+14-1
Original file line numberDiff line numberDiff line change
@@ -50,4 +50,17 @@ SELECT
5050
FROM pg_proc p
5151
JOIN schema_obj s ON s.oid = p.pronamespace
5252
CROSS JOIN LATERAL aclexplode(p.proacl) AS acl
53-
ORDER BY object_name, grantee, privilege_type;
53+
ORDER BY object_name, grantee, privilege_type;
54+
55+
-- Ensure that pgbouncer.get_auth() function does not return an expired password
56+
create role test_expired_user_password with login password 'expired_password' valid until '2000-01-01 00:00:00+00';
57+
create role test_valid_user_password with login password 'valid_password' valid until '2100-01-01 00:00:00+00';
58+
-- Update the pg_authid catalog directly to replace with a known SCRAM hash
59+
update pg_authid set rolpassword = 'SCRAM-SHA-256$4096:testsaltbase64$storedkeybase64$serverkeybase64' where rolname = 'test_valid_user_password';
60+
61+
select pgbouncer.get_auth('test_expired_user_password');
62+
63+
select pgbouncer.get_auth('test_valid_user_password');
64+
65+
drop role test_expired_user_password;
66+
drop role test_valid_user_password;

0 commit comments

Comments
 (0)