summaryrefslogtreecommitdiff
path: root/jstests
diff options
context:
space:
mode:
authorJonathan Reams <jbreams@mongodb.com>2019-04-15 18:01:23 -0400
committerJonathan Reams <jbreams@mongodb.com>2019-05-28 12:27:34 -0400
commitc926e1a80996bb41997e2ec28b117cc3a1c25e7d (patch)
tree370b9fc8e20c2177cf85f6df3eed374c0b187e35 /jstests
parent757b6e216c2e6fb7c48cbf29a044feb6d8fba8fe (diff)
downloadmongo-c926e1a80996bb41997e2ec28b117cc3a1c25e7d.tar.gz
SERVER-40529 Refresh pinned users in background thread
Diffstat (limited to 'jstests')
-rw-r--r--jstests/auth/pinned_users.js60
1 files changed, 56 insertions, 4 deletions
diff --git a/jstests/auth/pinned_users.js b/jstests/auth/pinned_users.js
index 758905f7503..f57bfa85f74 100644
--- a/jstests/auth/pinned_users.js
+++ b/jstests/auth/pinned_users.js
@@ -30,10 +30,10 @@
// the deadlock
assert.commandWorked(admin.runCommand({
setParameter: 1,
+ logLevel: 2,
authorizationManagerPinnedUsers: [
{user: "admin2", db: "admin"},
],
- logLevel: 1
}));
admin.createUser({user: "admin2", pwd: "admin", roles: ["root"]});
@@ -44,8 +44,13 @@
// Invalidate the user cache so we know only "admin" is in there
assert.commandWorked(admin.runCommand({invalidateUserCache: 1}));
- print("User cache after initialization: ",
- tojson(admin.aggregate([{$listCachedAndActiveUsers: {}}]).toArray()));
+ assert.soon(function() {
+ let cacheContents = admin.aggregate([{$listCachedAndActiveUsers: {}}]).toArray();
+ print("User cache after initialization: ", tojson(cacheContents));
+
+ const admin2Doc = sortDoc({"username": "admin2", "db": "admin", "active": true});
+ return cacheContents.some((doc) => friendlyEqual(admin2Doc, sortDoc(doc)));
+ });
const waitForCommand = function(waitingFor, opFilter) {
let opId = -1;
@@ -123,7 +128,7 @@
// Mark the "admin2" user as pinned in memory
assert.commandWorked(admin.runCommand({
setParameter: 1,
- logLevel: 1,
+ logLevel: 2,
authorizationManagerPinnedUsers: [
{user: "admin2", db: "admin"},
],
@@ -144,3 +149,50 @@
assert.eq(admin.auth("admin2", "admin"), 0);
MongoRunner.stopMongod(mongod);
})();
+
+// This checks that clearing the pinned user list actually unpins a user.
+(function() {
+ 'use strict';
+ jsTest.setOption("enableTestCommands", true);
+ // Start a mongod with the user cache size set to zero, so we know that users who have
+ // logged out always get fetched cleanly from disk.
+ const mongod =
+ MongoRunner.runMongod({auth: "", setParameter: "authorizationManagerCacheSize=0"});
+ let admin = mongod.getDB("admin");
+
+ admin.createUser({user: "admin", pwd: "admin", roles: ["root"]});
+ admin.auth("admin", "admin");
+
+ // Mark the "admin2" user as pinned in memory
+ assert.commandWorked(admin.runCommand({
+ setParameter: 1,
+ logLevel: 2,
+ authorizationManagerPinnedUsers: [
+ {user: "admin2", db: "admin"},
+ ],
+ }));
+
+ admin.createUser({user: "admin2", pwd: "admin", roles: ["root"]});
+ assert.soon(function() {
+ let cacheContents = admin.aggregate([{$listCachedAndActiveUsers: {}}]).toArray();
+ print("User cache after initialization: ", tojson(cacheContents));
+
+ const admin2Doc = sortDoc({"username": "admin2", "db": "admin", "active": true});
+ return cacheContents.some((doc) => friendlyEqual(admin2Doc, sortDoc(doc)));
+ });
+
+ // Clear the pinned users list
+ assert.commandWorked(admin.runCommand({setParameter: 1, authorizationManagerPinnedUsers: []}));
+
+ // Check that admin2 gets removed from the cache
+ assert.commandWorked(admin.runCommand({invalidateUserCache: 1}));
+ assert.soon(function() {
+ let cacheContents = admin.aggregate([{$listCachedAndActiveUsers: {}}]).toArray();
+ print("User cache after initialization: ", tojson(cacheContents));
+
+ const admin2Doc = sortDoc({"username": "admin2", "db": "admin", "active": true});
+ return !cacheContents.some((doc) => friendlyEqual(admin2Doc, sortDoc(doc)));
+ });
+
+ MongoRunner.stopMongod(mongod);
+})();