diff options
| author | Spencer Jackson <spencer.jackson@mongodb.com> | 2020-01-15 16:30:37 +0000 |
|---|---|---|
| committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2020-01-29 19:59:40 +0000 |
| commit | a93cfd354467981c9cf944a4ada748d0226fdfb0 (patch) | |
| tree | f7c2d82ba8e5dc19dec375b24d1264bf1e3d9018 /jstests | |
| parent | c8868f90d0268db3bd597b334c3651979f458780 (diff) | |
| download | mongo-a93cfd354467981c9cf944a4ada748d0226fdfb0.tar.gz | |
SERVER-45472 Ensure RoleGraph can serialize authentication restrictions to BSON
(cherry picked from commit 521e56b407ac72bc69a97a24d1253f51a5b6e81b)
(cherry picked from commit a10d0a22d5d009d27664967181042933ec1bef36)
(cherry picked from commit fb87cc88ecb5d300f14cda7bc238d7d5132118f5)
Diffstat (limited to 'jstests')
| -rw-r--r-- | jstests/auth/authentication_restrictions_role.js | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/jstests/auth/authentication_restrictions_role.js b/jstests/auth/authentication_restrictions_role.js index 759d874de3c..29b56aca933 100644 --- a/jstests/auth/authentication_restrictions_role.js +++ b/jstests/auth/authentication_restrictions_role.js @@ -57,6 +57,14 @@ assert.commandWorked(admin.runCommand({createRole: "role3", roles: [], privileges: []})); print("=== Role creation tests"); + print("When a role is updated, it retains authenticationRestrictions"); + assert.commandWorked(admin.runCommand({updateRole: "role2", roles: ["root"]})); + const role2Info = assert.commandWorked( + admin.runCommand({rolesInfo: "role2", showAuthenticationRestrictions: true})); + printjson(role2Info); + assert.eq(JSON.stringify([[{clientSource: ["127.0.0.1/32"]}]]), + JSON.stringify(role2Info.roles[0].authenticationRestrictions)); + print( "When a client creates roles with empty authenticationRestrictions, the operation succeeds, though it has no effect"); assert.commandWorked(admin.runCommand( |