Tests - Execute Command DCL execution verifiction (MSSQL/MySQL/PostgreSQL)

abhinavminhas · abhinavminhas · commit d4a7aa908b2c · 2025-02-02T22:46:41.000+11:00
diff --git a/QueryDB.Core.Tests/MSSQLTests.cs b/QueryDB.Core.Tests/MSSQLTests.cs
@@ -424,6 +424,60 @@ public void Test_MSSQL_ExecuteCommand_DML_Unsupported_SELECT_Queries()
             }
         }
 
+        [TestMethod]
+        [TestCategory(DB_TESTS), TestCategory(MSSQL_TESTS)]
+        public void Test_MSSQL_ExecuteCommand_DCL_Queries()
+        {
+            var login = "test_user";
+            var user = "test_user";
+            var password = "Test@1234";
+            var table = "agents";
+            var commands = "SELECT, UPDATE";
+            var checkCommand = "SELECT";
+
+            var createLogin = string.Format(Queries.MSSQLQueries.TestDB.DCL.CreateLoginSql_Login_Password, login, password);
+            var createUser = string.Format(Queries.MSSQLQueries.TestDB.DCL.CreateUserSql_User_Login, user, login);
+            var grantSql = string.Format(Queries.MSSQLQueries.TestDB.DCL.GrantSql_Command_Table_User, commands, table, user);
+            var revokeSql = string.Format(Queries.MSSQLQueries.TestDB.DCL.RevokeSql_Command_Table_User, commands, table, user);
+            var verifyPermissions = string.Format(Queries.MSSQLQueries.TestDB.DCL.VerifyPermission_User_Table_Command, user, table, checkCommand);
+            var removeUser = string.Format(Queries.MSSQLQueries.TestDB.DCL.RemoveUserSql_User, user);
+            var removeLogin = string.Format(Queries.MSSQLQueries.TestDB.DCL.RemoveLoginSql_Login, login);
+
+            var dbContext = new DBContext(DB.MSSQL, MSSQLConnectionString);
+
+            // Create Login
+            var result = dbContext.ExecuteCommand(createLogin);
+            Assert.AreEqual(-1, result);
+
+            // Create User
+            result = dbContext.ExecuteCommand(createUser);
+            Assert.AreEqual(-1, result);
+
+            // Existing Permissions
+            var data = dbContext.FetchData(verifyPermissions).FirstOrDefault();
+            Assert.AreEqual("0", data.ReferenceData["HasPermission"]);
+
+            // Grant
+            result = dbContext.ExecuteCommand(grantSql);
+            Assert.AreEqual(-1, result);
+            data = dbContext.FetchData(verifyPermissions).FirstOrDefault();
+            Assert.AreEqual("1", data.ReferenceData["HasPermission"]);
+
+            // Revoke
+            result = dbContext.ExecuteCommand(revokeSql);
+            Assert.AreEqual(-1, result);
+            data = dbContext.FetchData(verifyPermissions).FirstOrDefault();
+            Assert.AreEqual("0", data.ReferenceData["HasPermission"]);
+
+            // Remove User
+            result = dbContext.ExecuteCommand(removeUser);
+            Assert.AreEqual(-1, result);
+
+            // Remove Login
+            result = dbContext.ExecuteCommand(removeLogin);
+            Assert.AreEqual(-1, result);
+        }
+
         #endregion
 
         #endregion
diff --git a/QueryDB.Core.Tests/MySQLTests.cs b/QueryDB.Core.Tests/MySQLTests.cs
@@ -404,6 +404,52 @@ public void Test_MySQL_ExecuteCommand_DML_Unsupported_SELECT_Queries()
             }
         }
 
+        [TestMethod]
+        [TestCategory(DB_TESTS), TestCategory(MYSQL_TESTS)]
+        public void Test_MySQL_ExecuteCommand_DCL_Queries()
+        {
+            var user = "test_user";
+            var password = "Test@1234";
+            var table = "Agents";
+            var commands = "SELECT, UPDATE";
+            var checkCommand = "SELECT";
+
+            var createUser = string.Format(Queries.MySQLQueries.TestDB.DCL.CreateUserSql_User_Password, user, password);
+            var grantSql = string.Format(Queries.MySQLQueries.TestDB.DCL.GrantSql_Command_Table_User, commands, table, user);
+            var revokeSql = string.Format(Queries.MySQLQueries.TestDB.DCL.RevokeSql_Command_Table_User, commands, table, user);
+            var verifyPermissions = string.Format(Queries.MySQLQueries.TestDB.DCL.VerifyPermission_User, user);
+            var removeUser = string.Format(Queries.MySQLQueries.TestDB.DCL.RemoveUserSql_User, user);
+
+            var dbContext = new DBContext(DB.MySQL, MySQLConnectionString);
+
+            // Create User
+            var result = dbContext.ExecuteCommand(createUser);
+            Assert.AreEqual(0, result);
+
+            // Existing Permissions
+            var data = dbContext.FetchData(verifyPermissions);
+            Assert.AreEqual(1, data.Count);
+            Assert.IsFalse(data.Any(data => data.ReferenceData.Values.Any(value => value.Contains(checkCommand))));
+
+            // Grant
+            result = dbContext.ExecuteCommand(grantSql);
+            Assert.AreEqual(0, result);
+            data = dbContext.FetchData(verifyPermissions);
+            Assert.AreEqual(2, data.Count);
+            Assert.IsTrue(data.Any(data => data.ReferenceData.Values.Any(value => value.Contains(checkCommand))));
+
+            // Revoke
+            result = dbContext.ExecuteCommand(revokeSql);
+            Assert.AreEqual(0, result);
+            data = dbContext.FetchData(verifyPermissions);
+            Assert.AreEqual(1, data.Count);
+            Assert.IsFalse(data.Any(data => data.ReferenceData.Values.Any(value => value.Contains(checkCommand))));
+
+            //Remove User
+            result = dbContext.ExecuteCommand(removeUser);
+            Assert.AreEqual(0, result);
+        }
+
         #endregion
 
         #endregion
diff --git a/QueryDB.Core.Tests/PostgreSQLTests.cs b/QueryDB.Core.Tests/PostgreSQLTests.cs
@@ -398,6 +398,52 @@ public void Test_PostgreSQL_ExecuteCommand_DML_Unsupported_SELECT_Queries()
             }
         }
 
+        [TestMethod]
+        [TestCategory(DB_TESTS), TestCategory(POSTGRESQL_TESTS)]
+        public void Test_PostgreSQL_ExecuteCommand_DCL_Queries()
+        {
+            var user = "test_user";
+            var password = "Test@1234";
+            var table = "Agents";
+            var commands = "SELECT, UPDATE";
+            var checkCommand = "SELECT";
+
+            var createUser = string.Format(Queries.PostgreSQLQueries.TestDB.DCL.CreateUserSql_User_Password, user, password);
+            var grantSql = string.Format(Queries.PostgreSQLQueries.TestDB.DCL.GrantSql_Command_Table_User, commands, table, user);
+            var revokeSql = string.Format(Queries.PostgreSQLQueries.TestDB.DCL.RevokeSql_Command_Table_User, commands, table, user);
+            var verifyPermissions = string.Format(Queries.PostgreSQLQueries.TestDB.DCL.VerifyPermission_User, user);
+            var removeUser = string.Format(Queries.PostgreSQLQueries.TestDB.DCL.RemoveUserSql_User, user);
+
+            var dbContext = new DBContext(DB.PostgreSQL, PostgreSQLConnectionString);
+
+            // Create User
+            var result = dbContext.ExecuteCommand(createUser);
+            Assert.AreEqual(-1, result);
+
+            // Existing Permissions
+            var data = dbContext.FetchData(verifyPermissions);
+            Assert.AreEqual(0, data.Count);
+            Assert.IsFalse(data.Any(data => data.ReferenceData.Values.Any(value => value.Contains(checkCommand))));
+
+            // Grant
+            result = dbContext.ExecuteCommand(grantSql);
+            Assert.AreEqual(-1, result);
+            data = dbContext.FetchData(verifyPermissions);
+            Assert.AreEqual(2, data.Count);
+            Assert.IsTrue(data.Any(data => data.ReferenceData.Values.Any(value => value.Contains(checkCommand))));
+
+            // Revoke
+            result = dbContext.ExecuteCommand(revokeSql);
+            Assert.AreEqual(-1, result);
+            data = dbContext.FetchData(verifyPermissions);
+            Assert.AreEqual(0, data.Count);
+            Assert.IsFalse(data.Any(data => data.ReferenceData.Values.Any(value => value.Contains(checkCommand))));
+
+            // Remove User
+            result = dbContext.ExecuteCommand(removeUser);
+            Assert.AreEqual(-1, result);
+        }
+
         #endregion
 
         #endregion
diff --git a/QueryDB.Core.Tests/Queries.cs b/QueryDB.Core.Tests/Queries.cs
@@ -42,6 +42,19 @@ internal static class DML
                     internal static string VerifyDMLExecution = @"SELECT * FROM Agents WHERE Agent_Code = 'A020'";
                     internal static string SelectSql = @"SELECT * FROM Agents";
                 }
+                internal static class DCL
+                {
+                    internal static string CreateLoginSql_Login_Password = @"CREATE LOGIN {0} WITH PASSWORD = '{1}'";
+                    internal static string CreateUserSql_User_Login = @"CREATE USER {0} FOR LOGIN {1}";
+                    internal static string GrantSql_Command_Table_User = @"GRANT {0} ON {1} TO {2}";
+                    internal static string RevokeSql_Command_Table_User = @"REVOKE {0} ON {1} TO {2}";
+                    internal static string VerifyPermission_User_Table_Command = @"SELECT COUNT(*) AS HasPermission FROM sys.database_permissions dp 
+                                                                                 JOIN sys.database_principals pr ON dp.grantee_principal_id = pr.principal_id 
+                                                                                 JOIN sys.objects obj ON dp.major_id = obj.object_id 
+                                                                                 WHERE pr.name = '{0}' AND obj.name = '{1}' AND dp.permission_name = '{2}'";
+                    internal static string RemoveUserSql_User = @"DROP USER {0}";
+                    internal static string RemoveLoginSql_Login = @"DROP LOGIN {0}";
+                }
             }
         }
          
@@ -85,6 +98,14 @@ internal static class DML
                     internal static string VerifyDMLExecution = @"SELECT * FROM Agents WHERE Agent_Code = 'A020'";
                     internal static string SelectSql = @"SELECT * FROM Agents";
                 }
+                internal static class DCL
+                {
+                    internal static string CreateUserSql_User_Password = @"CREATE USER '{0}' IDENTIFIED BY '{1}'";
+                    internal static string GrantSql_Command_Table_User = @"GRANT {0} ON {1} TO '{2}'";
+                    internal static string RevokeSql_Command_Table_User = @"REVOKE {0} ON {1} FROM '{2}'";
+                    internal static string VerifyPermission_User = @"SHOW GRANTS FOR '{0}'";
+                    internal static string RemoveUserSql_User = "DROP USER '{0}'";
+                }
             }
         }
 
@@ -171,6 +192,16 @@ internal static class DML
                     internal static string VerifyDMLExecution = @"SELECT * FROM Agents WHERE Agent_Code = 'A020'";
                     internal static string SelectSql = @"SELECT * FROM Agents";
                 }
+                internal static class DCL
+                {
+                    internal static string CreateUserSql_User_Password = @"CREATE USER {0} WITH PASSWORD '{1}'";
+                    internal static string GrantSql_Command_Table_User = @"GRANT {0} ON {1} TO {2}";
+                    internal static string RevokeSql_Command_Table_User = @"REVOKE {0} ON {1} FROM {2}";
+                    internal static string VerifyPermission_User = @"SELECT grantee, privilege_type 
+                                                                   FROM information_schema.role_table_grants 
+                                                                   WHERE grantee = '{0}'";
+                    internal static string RemoveUserSql_User = @"DROP USER {0}";
+                }
             }
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -42,6 +42,19 @@ internal static class DML`
`42`	`42`	`internal static string VerifyDMLExecution = @"SELECT * FROM Agents WHERE Agent_Code = 'A020'";`
`43`	`43`	`internal static string SelectSql = @"SELECT * FROM Agents";`
`44`	`44`	`}`
	`45`	`+ internal static class DCL`
	`46`	`+ {`
	`47`	`+ internal static string CreateLoginSql_Login_Password = @"CREATE LOGIN {0} WITH PASSWORD = '{1}'";`
	`48`	`+ internal static string CreateUserSql_User_Login = @"CREATE USER {0} FOR LOGIN {1}";`
	`49`	`+ internal static string GrantSql_Command_Table_User = @"GRANT {0} ON {1} TO {2}";`
	`50`	`+ internal static string RevokeSql_Command_Table_User = @"REVOKE {0} ON {1} TO {2}";`
	`51`	`+ internal static string VerifyPermission_User_Table_Command = @"SELECT COUNT(*) AS HasPermission FROM sys.database_permissions dp`
	`52`	`+ JOIN sys.database_principals pr ON dp.grantee_principal_id = pr.principal_id`
	`53`	`+ JOIN sys.objects obj ON dp.major_id = obj.object_id`
	`54`	`+ WHERE pr.name = '{0}' AND obj.name = '{1}' AND dp.permission_name = '{2}'";`
	`55`	`+ internal static string RemoveUserSql_User = @"DROP USER {0}";`
	`56`	`+ internal static string RemoveLoginSql_Login = @"DROP LOGIN {0}";`
	`57`	`+ }`
`45`	`58`	`}`
`46`	`59`	`}`
`47`	`60`
`@@ -85,6 +98,14 @@ internal static class DML`
`85`	`98`	`internal static string VerifyDMLExecution = @"SELECT * FROM Agents WHERE Agent_Code = 'A020'";`
`86`	`99`	`internal static string SelectSql = @"SELECT * FROM Agents";`
`87`	`100`	`}`
	`101`	`+ internal static class DCL`
	`102`	`+ {`
	`103`	`+ internal static string CreateUserSql_User_Password = @"CREATE USER '{0}' IDENTIFIED BY '{1}'";`
	`104`	`+ internal static string GrantSql_Command_Table_User = @"GRANT {0} ON {1} TO '{2}'";`
	`105`	`+ internal static string RevokeSql_Command_Table_User = @"REVOKE {0} ON {1} FROM '{2}'";`
	`106`	`+ internal static string VerifyPermission_User = @"SHOW GRANTS FOR '{0}'";`
	`107`	`+ internal static string RemoveUserSql_User = "DROP USER '{0}'";`
	`108`	`+ }`
`88`	`109`	`}`
`89`	`110`	`}`
`90`	`111`
`@@ -171,6 +192,16 @@ internal static class DML`
`171`	`192`	`internal static string VerifyDMLExecution = @"SELECT * FROM Agents WHERE Agent_Code = 'A020'";`
`172`	`193`	`internal static string SelectSql = @"SELECT * FROM Agents";`
`173`	`194`	`}`
	`195`	`+ internal static class DCL`
	`196`	`+ {`
	`197`	`+ internal static string CreateUserSql_User_Password = @"CREATE USER {0} WITH PASSWORD '{1}'";`
	`198`	`+ internal static string GrantSql_Command_Table_User = @"GRANT {0} ON {1} TO {2}";`
	`199`	`+ internal static string RevokeSql_Command_Table_User = @"REVOKE {0} ON {1} FROM {2}";`
	`200`	`+ internal static string VerifyPermission_User = @"SELECT grantee, privilege_type`
	`201`	`+ FROM information_schema.role_table_grants`
	`202`	`+ WHERE grantee = '{0}'";`
	`203`	`+ internal static string RemoveUserSql_User = @"DROP USER {0}";`
	`204`	`+ }`
`174`	`205`	`}`
`175`	`206`	`}`
`176`	`207`	`}`