diff options
author | Benety Goh <benety@mongodb.com> | 2021-08-24 17:39:43 -0400 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2021-08-24 22:01:51 +0000 |
commit | 04016761a49ca1e9ff7a466bf33ba442a658f5f1 (patch) | |
tree | a0664511cb2031ce5bcfe3a1dffe562c4fd1b8a9 /jstests/auth | |
parent | c960f3ae62d8152c8157639ad59913e031384d2f (diff) | |
download | mongo-04016761a49ca1e9ff7a466bf33ba442a658f5f1.tar.gz |
SERVER-59502 split auth/commands_builtin_roles.js
Diffstat (limited to 'jstests/auth')
-rw-r--r-- | jstests/auth/commands_builtin_roles_nonexistent.js | 36 | ||||
-rw-r--r-- | jstests/auth/commands_builtin_roles_sharded.js | 35 | ||||
-rw-r--r-- | jstests/auth/commands_builtin_roles_standalone.js | 27 | ||||
-rw-r--r-- | jstests/auth/lib/commands_builtin_roles.js (renamed from jstests/auth/commands_builtin_roles.js) | 81 |
4 files changed, 118 insertions, 61 deletions
diff --git a/jstests/auth/commands_builtin_roles_nonexistent.js b/jstests/auth/commands_builtin_roles_nonexistent.js new file mode 100644 index 00000000000..c817e064091 --- /dev/null +++ b/jstests/auth/commands_builtin_roles_nonexistent.js @@ -0,0 +1,36 @@ +/** + * Validates the test configuration in commands_builtin_roles.js + * + * Makes sure that none of the test cases reference roles + * that aren't part of the global "roles" array. + */ + +(function() { +'use strict'; + +load('jstests/auth/lib/commands_builtin_roles.js'); + +function checkForNonExistentRoles() { + const tests = authCommandsLib.tests; + for (let i = 0; i < tests.length; i++) { + const test = tests[i]; + for (let j = 0; j < test.testcases.length; j++) { + let testcase = test.testcases[j]; + for (let role in testcase.roles) { + let roleExists = false; + for (let k = 0; k < roles.length; k++) { + if (roles[k].key === role) { + roleExists = true; + break; + } + } + assert(roleExists, + "Role " + role + " found in test: " + test.testname + + ", but doesn't exist in roles array"); + } + } + } +} + +checkForNonExistentRoles(); +})(); diff --git a/jstests/auth/commands_builtin_roles_sharded.js b/jstests/auth/commands_builtin_roles_sharded.js new file mode 100644 index 00000000000..ab3e1505100 --- /dev/null +++ b/jstests/auth/commands_builtin_roles_sharded.js @@ -0,0 +1,35 @@ +/** + * Exhaustive test for authorization of commands with builtin roles. + * + * Runs tests on a sharded cluster. + * + * The test logic implemented here operates on the test cases defined + * in jstests/auth/lib/commands_lib.js + * + * @tags: [requires_sharding] + */ + +(function() { +'use strict'; + +load('jstests/auth/lib/commands_builtin_roles.js'); + +const dbPath = MongoRunner.toRealDir("$dataDir/commands_built_in_roles_sharded/"); +mkdir(dbPath); +const opts = { + auth: "", + enableExperimentalStorageDetailsCmd: "", + setParameter: "trafficRecordingDirectory=" + dbPath +}; +// run all tests sharded +const conn = new ShardingTest({ + shards: 1, + mongos: 1, + config: 1, + keyFile: "jstests/libs/key1", + other: + {shardOptions: opts, mongosOptions: {setParameter: "trafficRecordingDirectory=" + dbPath}} +}); +runAllCommandsBuiltinRoles(conn); +conn.stop(); +})(); diff --git a/jstests/auth/commands_builtin_roles_standalone.js b/jstests/auth/commands_builtin_roles_standalone.js new file mode 100644 index 00000000000..630ed098429 --- /dev/null +++ b/jstests/auth/commands_builtin_roles_standalone.js @@ -0,0 +1,27 @@ +/** + * Exhaustive test for authorization of commands with builtin roles. + * + * Runs tests on a standalone server. + * + * The test logic implemented here operates on the test cases defined + * in jstests/auth/lib/commands_lib.js + */ + +(function() { +'use strict'; + +load('jstests/auth/lib/commands_builtin_roles.js'); + +const dbPath = MongoRunner.toRealDir("$dataDir/commands_built_in_roles_standalone/"); +mkdir(dbPath); +const opts = { + auth: "", + enableExperimentalStorageDetailsCmd: "", + setParameter: "trafficRecordingDirectory=" + dbPath +}; + +// run all tests standalone +const conn = MongoRunner.runMongod(opts); +runAllCommandsBuiltinRoles(conn); +MongoRunner.stopMongod(conn); +})(); diff --git a/jstests/auth/commands_builtin_roles.js b/jstests/auth/lib/commands_builtin_roles.js index 3d24eb72fff..e478598ce2b 100644 --- a/jstests/auth/commands_builtin_roles.js +++ b/jstests/auth/lib/commands_builtin_roles.js @@ -1,13 +1,9 @@ -/* - -Exhaustive test for authorization of commands with builtin roles. - -The test logic implemented here operates on the test cases defined -in jstests/auth/lib/commands_lib.js - -@tags: [requires_sharding] - -*/ +/** + * Library for testing authorization of commands with builtin roles. + * + * The test logic implemented here operates on the test cases defined + * in jstests/auth/lib/commands_lib.js + */ // This test involves killing all sessions, which will not work as expected if the kill command is // sent with an implicit session. @@ -91,6 +87,10 @@ function testProperAuthorization(conn, t, testcase, r) { return out; } +/** + * First of two entry points for this test library. + * To be invoked as an test argument to authCommandsLib.runTests(). + */ function runOneTest(conn, t) { var failures = []; @@ -122,6 +122,10 @@ function runOneTest(conn, t) { return failures; } +/** + * Second entry point for this test library. + * To be invoked as an test argument to authCommandsLib.runTests(). + */ function createUsers(conn) { var adminDb = conn.getDB(adminDbName); adminDb.createUser({user: "admin", pwd: "password", roles: ["__system"]}); @@ -135,56 +139,11 @@ function createUsers(conn) { adminDb.logout(); } -/* - * Makes sure that none of the test cases reference roles - * that aren't part of the global "roles" array. +/** + * This tests the authorization of commands with builtin roles for a given server configuration + * represented in 'conn'. */ -function checkForNonExistentRoles() { - var tests = authCommandsLib.tests; - for (var i = 0; i < tests.length; i++) { - var test = tests[i]; - for (var j = 0; j < test.testcases.length; j++) { - var testcase = test.testcases[j]; - for (role in testcase.roles) { - var roleExists = false; - for (var k = 0; k < roles.length; k++) { - if (roles[k].key === role) { - roleExists = true; - break; - } - } - assert(roleExists, - "Role " + role + " found in test: " + test.testname + - ", but doesn't exist in roles array"); - } - } - } +function runAllCommandsBuiltinRoles(conn) { + const testFunctionImpls = {createUsers: createUsers, runOneTest: runOneTest}; + authCommandsLib.runTests(conn, testFunctionImpls); } - -const dbPath = MongoRunner.toRealDir("$dataDir/commands_built_in_roles/"); -mkdir(dbPath); -var opts = { - auth: "", - enableExperimentalStorageDetailsCmd: "", - setParameter: "trafficRecordingDirectory=" + dbPath -}; -var impls = {createUsers: createUsers, runOneTest: runOneTest}; - -checkForNonExistentRoles(); - -// run all tests standalone -var conn = MongoRunner.runMongod(opts); -authCommandsLib.runTests(conn, impls); -MongoRunner.stopMongod(conn); - -// run all tests sharded -conn = new ShardingTest({ - shards: 1, - mongos: 1, - config: 1, - keyFile: "jstests/libs/key1", - other: - {shardOptions: opts, mongosOptions: {setParameter: "trafficRecordingDirectory=" + dbPath}} -}); -authCommandsLib.runTests(conn, impls); -conn.stop(); |