diff options
| author | Spencer T Brody <spencer@10gen.com> | 2012-09-26 11:54:55 -0400 |
|---|---|---|
| committer | Eric Milkie <milkie@10gen.com> | 2012-10-02 16:48:24 -0400 |
| commit | 5eb79913ff0ceb6fbf782d8a1ec965ae95880fb4 (patch) | |
| tree | 9f1da128c0c883b5f77757b1576f31351371b337 | |
| parent | 6bebf26b4fce1bf5aaceceedae5365d1952b8e88 (diff) | |
| download | mongo-5eb79913ff0ceb6fbf782d8a1ec965ae95880fb4.tar.gz | |
SERVER-7160 Full mongorestore with auth should auth only against the admin db
| -rw-r--r-- | jstests/tool/dumprestore_auth.js | 28 | ||||
| -rw-r--r-- | src/mongo/shell/servers_misc.js | 16 | ||||
| -rw-r--r-- | src/mongo/tools/tool.cpp | 6 |
3 files changed, 45 insertions, 5 deletions
diff --git a/jstests/tool/dumprestore_auth.js b/jstests/tool/dumprestore_auth.js new file mode 100644 index 00000000000..6f0e6c0a05c --- /dev/null +++ b/jstests/tool/dumprestore_auth.js @@ -0,0 +1,28 @@ +// dumprestore_auth.js + +t = new ToolTest("dumprestore_auth", { auth : "" }); + +c = t.startDB("foo"); + +adminDB = c.getDB().getSiblingDB('admin'); +adminDB.addUser('admin', 'password'); +adminDB.auth('admin','password'); + +assert.eq(0 , c.count() , "setup1"); +c.save({ a : 22 }); +assert.eq(1 , c.count() , "setup2"); + +t.runTool("dump" , "--out" , t.ext, "--username", "admin", "--password", "password"); + +c.drop(); +assert.eq(0 , c.count() , "after drop"); + +t.runTool("restore" , "--dir" , t.ext); // Should fail +assert.eq(0 , c.count() , "after restore without auth"); + +t.runTool("restore" , "--dir" , t.ext, "--username", "admin", "--password", "password"); +assert.soon("c.findOne()" , "no data after sleep"); +assert.eq(1 , c.count() , "after restore 2"); +assert.eq(22 , c.findOne().a , "after restore 2"); + +t.stop(); diff --git a/src/mongo/shell/servers_misc.js b/src/mongo/shell/servers_misc.js index f66db5709fe..5018e19dbaf 100644 --- a/src/mongo/shell/servers_misc.js +++ b/src/mongo/shell/servers_misc.js @@ -55,8 +55,9 @@ MongodRunner.prototype.port = function() { return this.port_; } MongodRunner.prototype.toString = function() { return [ this.port_, this.dbpath_, this.peer_, this.arbiter_ ].toString(); } -ToolTest = function( name ){ +ToolTest = function( name, extraOptions ){ this.name = name; + this.options = extraOptions; this.port = allocatePorts(1)[0]; this.baseName = "jstests_tool_" + name; this.root = "/data/db/" + this.baseName; @@ -69,8 +70,17 @@ ToolTest = function( name ){ ToolTest.prototype.startDB = function( coll ){ assert( ! this.m , "db already running" ); - - this.m = startMongoProgram( "mongod" , "--port", this.port , "--dbpath" , this.dbpath , "--nohttpinterface", "--noprealloc" , "--smallfiles" , "--bind_ip", "127.0.0.1" ); + + var options = {port : this.port, + dbpath : this.dbpath, + nohttpinterface : "", + noprealloc : "", + smallfiles : "", + bind_ip : "127.0.0.1"}; + + Object.extend(options, this.options); + + this.m = startMongoProgram.apply(null, MongoRunner.arrOptions("mongod", options)); this.db = this.m.getDB( this.baseName ); if ( coll ) return this.db.getCollection( coll ); diff --git a/src/mongo/tools/tool.cpp b/src/mongo/tools/tool.cpp index c092cdbd51a..0502588e326 100644 --- a/src/mongo/tools/tool.cpp +++ b/src/mongo/tools/tool.cpp @@ -423,8 +423,10 @@ namespace mongo { } string errmsg; - if ( _conn->auth( dbname , _username , _password , errmsg, true, level ) ) { - return; + if (dbname.size()) { + if ( _conn->auth( dbname , _username , _password , errmsg, true, level ) ) { + return; + } } // try against the admin db |