BEGIN;

CREATE EXTENSION anon CASCADE;
SELECT anon.init();

CREATE ROLE mallory_the_masked_user;
SECURITY LABEL FOR anon ON ROLE mallory_the_masked_user IS 'MASKED';

CREATE TABLE t1(i INT);
ALTER TABLE t1 ADD COLUMN t TEXT;

SECURITY LABEL FOR anon ON COLUMN t1.t
IS 'MASKED WITH VALUE NULL';

INSERT INTO t1 VALUES (1,'test');

--
-- We're checking the owner's permissions
--
-- see
-- https://postgresql-anonymizer.readthedocs.io/en/latest/SECURITY/#permissions
--

SET ROLE mallory_the_masked_user;

SELECT anon.pseudo_first_name(0) IS NOT NULL;

-- SHOULD FAIL
DO $$
BEGIN
  PERFORM anon.init();
  EXCEPTION WHEN insufficient_privilege
  THEN RAISE NOTICE 'insufficient_privilege';
END$$;


-- SHOULD FAIL
DO $$
BEGIN
  PERFORM anon.anonymize_table('t1');
  EXCEPTION WHEN insufficient_privilege
  THEN RAISE NOTICE 'insufficient_privilege';
END$$;

-- SHOULD FAIL
SAVEPOINT fail_start_engine;
SELECT anon.start_dynamic_masking();
ROLLBACK TO fail_start_engine;

RESET ROLE;
SELECT anon.start_dynamic_masking();
SET ROLE mallory_the_masked_user;

SELECT * FROM mask.t1;

-- SHOULD FAIL
DO $$
BEGIN
  SELECT * FROM public.t1;
  EXCEPTION WHEN insufficient_privilege
  THEN RAISE NOTICE 'insufficient_privilege';
END$$;

-- SHOULD FAIL
SAVEPOINT fail_stop_engine;
SELECT anon.stop_dynamic_masking();
ROLLBACK TO fail_stop_engine;

RESET ROLE;
SELECT anon.stop_dynamic_masking();
SET ROLE mallory_the_masked_user;

SELECT COUNT(*)=1 FROM anon.pg_masking_rules;

-- SHOULD FAIL
SAVEPOINT fail_seclabel_on_role;
SECURITY LABEL FOR anon ON ROLE mallory_the_masked_user IS NULL;
ROLLBACK TO fail_seclabel_on_role;


ROLLBACK;