dolt
Last updated
Was this helpful?
Last updated
Was this helpful?
Here, we will go through a fix for this to demonstrate how to make a change to .
Follow these .
Dolt has the ability to host a SQL server and take in user queries to create, modify, and drop tables. The server allows users to provide a config file through the --config
option. A customer claimed that the read_only
flag in their config file was not being respected when using the dolt server; this means that the server was allowing users to run queries that modified data on the server.
First off, let's try to reproduce the issue. Create a dolt database:
Create a config file named config.yml
and put this in it:
We have a file called pytest.py
located in ~/dolt_workspace/dolt/integration-tests/bats/helper
, which contains many useful helper methods for testing dolt sql-server. I wrote a quick Python script using methods from pytest.py
to send queries and look at the results manually.
In one terminal, start the dolt sql-server:
In another, run the python script.
In this case "no problems" is actually bad, since we expected the server to return an error.
After poking around in the code, we see that the config file containing user permissions is used to create a new sqlengine
.
For some reason, the NewSqlEngine
constructor creates a new authenticator using auth.None
, which always gives users full permissions. Instead, we should be passing in the authenticator already created that is based on permissions specified in the config file.
The method call to NewSqlEngine
now looks like this:
This test basically creates a config file (with the read-only flag set to true), starts a dolt sql-server using the config file, sends a query to create a table, and checks to see if that table was created. So, it's an automated way to do everything we did earlier.
Then, I ran the test using this shell script placed in the ~/dolt_workspace/dolt
directory:
As expected, this test passes.
Use git to commit and push our changes.
I highly recommend using an IDE like especially when debugging larger projects.
After dolt and running the python script, we get an exception as expected.
A better way to test this is to use a tests, which are located in . You can install bats through npm
If you are unfamiliar with how to create a Pull Request, follow the instructions .