diff options
| author | Sara Golemon <sara.golemon@mongodb.com> | 2017-07-28 10:57:23 -0400 |
|---|---|---|
| committer | Sara Golemon <sara.golemon@mongodb.com> | 2017-07-30 15:15:14 -0400 |
| commit | 238cc884e33d67bbfea7a1a93d2f19b1922de675 (patch) | |
| tree | 90644568639ef8cd8d751824b83fdcd59ef5687a /jstests | |
| parent | dcb9dbffa65d8ddcf5be80e88868fd11c01397df (diff) | |
| download | mongo-238cc884e33d67bbfea7a1a93d2f19b1922de675.tar.gz | |
SERVER-30398 setFeatureCompatibilityVersion shouldn't disable custom roles
Diffstat (limited to 'jstests')
| -rw-r--r-- | jstests/auth/feature_compat_36_roles_collection.js | 18 | ||||
| -rw-r--r-- | jstests/auth/system_roles_collMod.js | 21 |
2 files changed, 39 insertions, 0 deletions
diff --git a/jstests/auth/feature_compat_36_roles_collection.js b/jstests/auth/feature_compat_36_roles_collection.js new file mode 100644 index 00000000000..57e23545a1b --- /dev/null +++ b/jstests/auth/feature_compat_36_roles_collection.js @@ -0,0 +1,18 @@ +// Verify custom roles still exist after a FeatureCompatability upgrade from 3.4 to 3.6 + +(function() { + 'use strict'; + print("START auth-feature-compat-36-roles-collection.js"); + var db = MongoRunner.runMongod({}).getDB("test"); + + assert.commandWorked(db.adminCommand({setFeatureCompatibilityVersion: "3.4"})); + assert.commandWorked(db.runCommand( + {createRole: "role1", roles: [{role: "readWrite", db: "test"}], privileges: []})); + assert(db.runCommand({rolesInfo: "role1"}).roles[0].role === "role1"); + assert.commandWorked(db.adminCommand({setFeatureCompatibilityVersion: "3.6"})); + + // Verify that the role still exists after FC upgrade to 3.6 + assert(db.runCommand({rolesInfo: "role1"}).roles[0].role === "role1"); + + print("SUCCESS auth-feature-compat-36-roles-collection.js"); +})(); diff --git a/jstests/auth/system_roles_collMod.js b/jstests/auth/system_roles_collMod.js new file mode 100644 index 00000000000..6474ace1dfb --- /dev/null +++ b/jstests/auth/system_roles_collMod.js @@ -0,0 +1,21 @@ +// Verify custom roles still exist after noop collMod calls + +(function() { + 'use strict'; + print("START auth-system-roles-collMod.js"); + var db = MongoRunner.runMongod({}).getDB("test"); + + assert.commandWorked(db.runCommand( + {createRole: "role1", roles: [{role: "readWrite", db: "test"}], privileges: []})); + assert(db.runCommand({rolesInfo: "role1"}).roles[0].role === "role1"); + + // RoleGraph not invalidated after empty collMod + assert.commandWorked(db.adminCommand({collMod: "system.roles"})); + assert(db.runCommand({rolesInfo: "role1"}).roles[0].role === "role1"); + + // RoleGraph invalidated after non-empty collMod + assert.commandWorked(db.adminCommand({collMod: "system.roles", validationLevel: "off"})); + assert(db.runCommand({rolesInfo: "role1"}).roles.length === 0); + + print("SUCCESS auth-system-roles-collMod.js"); +})(); |