From 36ad74c058e788b39987546f9816a202411b0afd Mon Sep 17 00:00:00 2001
From: Zhao Chao <zhaochao1984@gmail.com>
Date: Fri, 2 Mar 2018 20:40:40 +0800
Subject: [PATCH] Fix client recreation in Redis root-disable test

In the Redis root-disable scenario test, when the root user is disabled,
a check for ensuring the old password is not valid for connecting to
Redis sever fails because connected Redis clients are not affected by
the change of the 'requirepass' parameter, they can still issue commands
like 'PING'. So when a password is provided, a new client should always
be created.

Change-Id: I4e948a20f2b67e49c36bac5c20f411d0b84969ef
---
 trove/tests/scenario/helpers/redis_helper.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/trove/tests/scenario/helpers/redis_helper.py b/trove/tests/scenario/helpers/redis_helper.py
index b1e0452408..1caf7e139c 100644
--- a/trove/tests/scenario/helpers/redis_helper.py
+++ b/trove/tests/scenario/helpers/redis_helper.py
@@ -51,12 +51,22 @@ class RedisHelper(TestHelper):
         # created.
         recreate_client = True
 
-        if host in self._ds_client_cache:
-            new_password = kwargs.get('password')
+        # NOTE(zhaochao): Another problem about caching clients is,  when
+        # the 'requirepass' paramter of Redis server is changed, already
+        # connected client can still issue commands. If we want to make sure
+        # old passwords cannot be used to connect to the server, cached
+        # clients shouldn't be used, a new one should be created instead.
+        # We cannot easily tell whether the 'requirepass' paramter is changed.
+        # So we have to always recreate a client when a password is explicitly
+        # specified. The cached client is only used when no password
+        # specified(i.e. we're going to use the default password) and the
+        # cached password is same as the default one.
+        if (host in self._ds_client_cache and 'password' not in kwargs):
+            default_password = self.get_helper_credentials()['password']
             cached_password = (self._ds_client_cache[host]
                                .connection_pool
                                .connection_kwargs.get('password'))
-            if new_password == cached_password:
+            if cached_password == default_password:
                 recreate_client = False
 
         if recreate_client: