-
Notifications
You must be signed in to change notification settings - Fork 1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[#18886] YSQL: Supporting login limit per user with Ysql Connection M…
…anager Summary: This diff adds the support for login limit connections per user in ysql connection manager. The only known limitation of this implementation is that the client has to wait for few seconds (by default 10seconds) for connection manager stats to get updated which is used to calculate current number of connections made by a particular user. Track Here: [[ #21645 | GH #21645 ]] One of the existing java unit tests (`org.yb.pgsql.TestPgAuthorization#testAttributes`) which tests connection limit per user is not fixed as part of this diff, as it still fails while dropping the user which is not supported in ysql connection manager at the time of creating this diff. (Tracked by [[ #21862 | GH #21862 ]] ). Added a TODO comment to fix conn per limit user part of the test. Jira: DB-7747 Test Plan: Added java unit test: ```./yb_build.sh --enable-ysql-conn-mgr-test --java-test org.yb.ysqlconnmgr.TestUserLoginLimit``` Reviewers: rbarigidad Reviewed By: rbarigidad Subscribers: rbarigidad, nkumar, yql Differential Revision: https://phorge.dev.yugabyte.com/D33469
- Loading branch information
Manav Kumar
committed
May 3, 2024
1 parent
cd5b86e
commit cb41960
Showing
3 changed files
with
134 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
92 changes: 92 additions & 0 deletions
92
java/yb-ysql-conn-mgr/src/test/java/org/yb/ysqlconnmgr/TestUserLoginLimit.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
// Copyright (c) YugabyteDB, Inc. | ||
// | ||
// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except | ||
// in compliance with the License. You may obtain a copy of the License at | ||
// | ||
// http://www.apache.org/licenses/LICENSE-2.0 | ||
// | ||
// Unless required by applicable law or agreed to in writing, software distributed under the License | ||
// is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express | ||
// or implied. See the License for the specific language governing permissions and limitations | ||
// under the License. | ||
// | ||
package org.yb.ysqlconnmgr; | ||
|
||
import static org.yb.AssertionWrappers.*; | ||
|
||
import java.sql.Connection; | ||
import java.sql.SQLException; | ||
import java.sql.Statement; | ||
import java.util.Collections; | ||
import java.util.HashMap; | ||
import java.util.Map; | ||
|
||
import org.hamcrest.CoreMatchers; | ||
import org.junit.Test; | ||
import org.junit.runner.RunWith; | ||
import org.yb.minicluster.MiniYBClusterBuilder; | ||
import org.yb.pgsql.BasePgSQLTest; | ||
import org.yb.pgsql.ConnectionBuilder; | ||
import org.yb.pgsql.ConnectionEndpoint; | ||
|
||
@RunWith(value = YBTestRunnerYsqlConnMgr.class) | ||
public class TestUserLoginLimit extends BaseYsqlConnMgr { | ||
|
||
@Override | ||
protected void customizeMiniClusterBuilder(MiniYBClusterBuilder builder) { | ||
super.customizeMiniClusterBuilder(builder); | ||
|
||
builder.addCommonTServerFlag("ysql_conn_mgr_stats_interval", | ||
Integer.toString(BasePgSQLTest.CONNECTIONS_STATS_UPDATE_INTERVAL_SECS)); | ||
} | ||
|
||
@Test | ||
public void testUserLoginLimit() throws Exception { | ||
try (Connection connection = getConnectionBuilder() | ||
.withConnectionEndpoint(ConnectionEndpoint.YSQL_CONN_MGR) | ||
.withUser("yugabyte") | ||
.withPassword("yugabyte") | ||
.connect(); | ||
Statement statement = connection.createStatement()) { | ||
|
||
statement.execute("CREATE ROLE limit_role LOGIN CONNECTION LIMIT 2"); | ||
|
||
ConnectionBuilder limitRoleUserConnBldr = | ||
getConnectionBuilder() | ||
.withConnectionEndpoint(ConnectionEndpoint.YSQL_CONN_MGR) | ||
.withUser("limit_role"); | ||
try (Connection ignored1 = limitRoleUserConnBldr.connect()) { | ||
BasePgSQLTest.waitForStatsToGetUpdated(); | ||
try (Connection connection2 = limitRoleUserConnBldr.connect()) { | ||
BasePgSQLTest.waitForStatsToGetUpdated(); | ||
// Third concurrent connection causes error. | ||
try (Connection ignored3 = limitRoleUserConnBldr.connect()) { | ||
fail("Expected third login attempt to fail"); | ||
} catch (SQLException sqle) { | ||
assertThat( | ||
sqle.getMessage(), | ||
CoreMatchers.containsString("too many connections for " + | ||
"role \"limit_role\"") | ||
); | ||
} | ||
|
||
// Close second connection. | ||
connection2.close(); | ||
BasePgSQLTest.waitForStatsToGetUpdated(); | ||
|
||
// New connection now succeeds. | ||
try (Connection ignored2 = limitRoleUserConnBldr.connect()) { | ||
// No-op. | ||
} | ||
} | ||
} | ||
|
||
} catch (Exception e) { | ||
LOG.error("Allowing unexpected number of connections than what limit has been " + | ||
"set for given user: ", e); | ||
fail ("Creating unexpected number of connections than what limit has been set for " + | ||
"given user"); | ||
} | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters