feat: Add tests

Author: dev-mkc19

README.md

@@ -120,8 +120,8 @@ your_profile_name:
 | query_settings         | A map/dictionary of ClickHouse user level settings to be used with `INSERT` or `DELETE` statements in conjunction with this model                                                                                                                                                                                    |                |
 | ttl                    | A TTL expression to be used with the table.  The TTL expression is a string that can be used to specify the TTL for the table.                                                                                                                                                                                       |                |
 | indexes                | A list of indexes to create, available only for `table` materialization. For examples look at ([#397](https://github.com/ClickHouse/dbt-clickhouse/pull/397))                                                                                                                                                        |                |
-| sql_security           | Allow you to specify which ClickHouse user to use when executing the view's underlying query. `SQL SECURITY` has three legal values: `DEFINER`, `INVOKER`, or `NONE`.                                                                                                                                                |                |
-| definer                | If `sql_security` was set to `DEFINER`, you have to specify any existing user or `CURRENT_USER` in the `DEFINER` clause.                                                                                                                                                                                             |                |
+| sql_security           | Allow you to specify which ClickHouse user to use when executing the view's underlying query. [`SQL SECURITY`](https://clickhouse.com/docs/sql-reference/statements/create/view#sql_security) has two legal values: `definer`, `invoker`.                                                                                                                                                |                |
+| definer                | If `sql_security` was set to `definer`, you have to specify any existing user or `CURRENT_USER` in the `definer` clause.                                                                                                                                                                                             |                |
 |                        |                                                                                                                                                                                                                                                                                                                      |                |
 
 

dbt/include/clickhouse/macros/materializations/view.sql

@@ -47,11 +47,9 @@
       {%- endif %}
       DEFINER = {{ definer }} SQL SECURITY DEFINER
     {%- elif sql_security == 'invoker' %}
-      SQL SECURITY INVOKER
-    {%- elif sql_security == 'none' %}
-      SQL SECURITY NONE
+    SQL SECURITY INVOKER
     {%- else %}
-      {{ exceptions.raise_compiler_error("Invalid config parameter `sql_security`. Got: `" + sql_security + "`, but only definer | invoker | none allowed.") }}
+      {{ exceptions.raise_compiler_error("Invalid config parameter `sql_security`. Got: `" + sql_security + "`, but only definer | invoker allowed.") }}
     {%- endif %}
   {%- endif %}
 {%- endmacro -%}

tests/integration/adapter/view/test_view_sql_security.py

@@ -0,0 +1,148 @@
+"""
+Test ClickHouse view with sql security settings in dbt-clickhouse
+"""
+
+import pytest
+from dbt.tests.util import run_dbt, run_dbt_and_capture
+
+PEOPLE_SEED_CSV = """
+id,name,age,department
+1231,Dade,33,engineering
+6666,Ksenia,48,engineering
+8888,Kate,50,engineering
+""".lstrip()
+
+SEED_SCHEMA_YML = """
+version: 2
+
+sources:
+  - name: raw
+    schema: "{{ target.schema }}"
+    tables:
+      - name: people
+"""
+
+PEOPLE_VIEW_CONFIG = """
+{{ config(
+       materialized='view',
+       sql_security='invoker'
+) }}
+"""
+
+PEOPLE_VIEW_CONFIG_2 = """
+{{ config(
+       materialized='view',
+       sql_security='definer',
+       definer='admin'
+) }}
+"""
+
+PEOPLE_VIEW_CONFIG_3 = """
+{{ config(
+       materialized='view',
+       sql_security='definer'
+) }}
+"""
+
+PEOPLE_VIEW_CONFIG_4 = """
+{{ config(
+       materialized='view',
+       sql_security='definer',
+       definer=''
+) }}
+"""
+
+PEOPLE_VIEW_CONFIG_5 = """
+{{ config(
+       materialized='view',
+       sql_security='wrong'
+) }}
+"""
+
+PEOPLE_VIEW_MODEL = """
+select
+    id,
+    name,
+    age,
+    department
+from {{ source('raw', 'people') }}
+"""
+
+
+
+class TestClickHouseViewSqlSecurity:
+    @pytest.fixture(scope="class")
+    def seeds(self):
+        return {
+            "people.csv": PEOPLE_SEED_CSV,
+            "schema.yml": SEED_SCHEMA_YML,
+        }
+
+    @pytest.fixture(scope="class")
+    def models(self):
+        return {
+            "view_invoker.sql": PEOPLE_VIEW_CONFIG + PEOPLE_VIEW_MODEL,
+            "view_definer.sql": PEOPLE_VIEW_CONFIG_2 + PEOPLE_VIEW_MODEL,
+            "view_definer_empty.sql": PEOPLE_VIEW_CONFIG_3 + PEOPLE_VIEW_MODEL,
+            "view_definer_wrong.sql": PEOPLE_VIEW_CONFIG_4 + PEOPLE_VIEW_MODEL,
+            "view_sql_security.sql": PEOPLE_VIEW_CONFIG_5 + PEOPLE_VIEW_MODEL,
+        }
+
+    def test_create_view_invoker(self, project):
+        # Load seed data
+        run_dbt(["seed"])
+
+        # Run dbt to create the view
+        run_dbt(["run", "--select", "view_invoker"])
+
+        # Query system table to be sure that view query contains desired statement
+        result = project.run_sql(
+            """select 1 from system.tables
+                where table = 'view_invoker'
+                and position(create_table_query, 'SQL SECURITY INVOKER') > 0""", fetch="one")
+        assert result[0] == 1  # 1 records in the seed data
+
+    def test_create_view_definer(self, project):
+        # Load seed data
+        run_dbt(["seed"])
+
+        # Run dbt to create the view
+        run_dbt(["run", "--select", "view_definer"])
+
+        # Query system table to be sure that view query contains desired statement
+        result = project.run_sql(
+            """select 1 from system.tables
+                where table = 'view_definer'
+                and position(create_table_query, 'DEFINER = admin SQL SECURITY DEFINER') > 0""", fetch="one")
+        assert result[0] == 1  # 3 records in the seed data
+
+    def test_fail_view_definer_emty(self, project):
+        # Load seed data
+        run_dbt(["seed"])
+
+        # Run dbt to create the view
+        _, stdout = run_dbt_and_capture(["run", "--select", "view_definer_empty"], expect_pass=False)
+        
+        # Confirm that stdout/console output has error description
+        assert "Model 'model.test.view_definer_empty' does not define a required config parameter 'definer'." in stdout
+
+    def test_fail_view_definer_wrong(self, project):
+        # Load seed data
+        run_dbt(["seed"])
+
+        # Run dbt to create the view
+        _, stdout = run_dbt_and_capture(["run", "--select", "view_definer_wrong"], expect_pass=False)
+
+        # Confirm that stdout/console output has error description
+        assert "Invalid config parameter `definer`. No value was provided." in stdout
+    
+    def test_fail_view_sql_security(self, project):
+        # Load seed data
+        run_dbt(["seed"])
+
+        # Run dbt to create the view
+        _, stdout = run_dbt_and_capture(["run", "--select", "view_sql_security"], expect_pass=False)
+
+        # Confirm that stdout/console output has error description
+        assert "Invalid config parameter `sql_security`. Got: `wrong`, but only definer | invoker allowed." in stdout
+