Re: Add regular expression testing for user name mapping in the peer authentication TAP test

Bertrand Drouvot <bertranddrouvot.pg@gmail.com>

From: "Drouvot, Bertrand" <bertranddrouvot.pg@gmail.com>
To: Michael Paquier <michael@paquier.xyz>
Cc: PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2022-10-15T05:54:30Z
Lists: pgsql-hackers

Attachments

Hi,

On 10/15/22 5:11 AM, Michael Paquier wrote:
> On Fri, Oct 14, 2022 at 06:31:15PM +0200, Drouvot, Bertrand wrote:
>> while working on [1], I thought it could also be useful to add regular
>> expression testing for user name mapping in the peer authentication TAP
>> test.
> 
> Good idea now that we have a bit more coverage in the authentication
> tests.

Thanks for looking at it!

>> +# Test with regular expression in user name map.
>> +my $last_system_user_char = substr($system_user, -1);
> 
> This would attach to the regex the last character of the system user.

Right.

> I would perhaps have used more characters than that (-3?), as substr()
> with a negative number larger than the string given in input would
> give the entire string.  That's a nit, though.

I don't have a strong opinion on this, so let's extract the last 3 
characters. This is what v2 attached does.

> 
>> +# The regular expression does not match.
>> +reset_pg_ident($node, 'mypeermap', '/^$', 'testmapuser');
> 
> This matches only an empty string, my brain gets that right?

Right. Giving a second thought to the non matching case, I think I'd 
prefer to concatenate the system_user to the system_user instead. This 
is what v2 does.

Regards,

-- 
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com

Commits

  1. Add checks for regexes with user name map in test for peer authentication