diff options
| author | Andy Schwerin <schwerin@10gen.com> | 2013-07-10 16:28:51 -0400 |
|---|---|---|
| committer | Andy Schwerin <schwerin@10gen.com> | 2013-07-10 16:43:31 -0400 |
| commit | 2e2a6fdffdba369a0594962267e5bc7bb47a3f3a (patch) | |
| tree | 298e07cfc6b4e93bf88d33b88f25585eba0a7c73 /jstests | |
| parent | 2d09800f72846436b5d560a5d21e240d944c316e (diff) | |
| download | mongo-2e2a6fdffdba369a0594962267e5bc7bb47a3f3a.tar.gz | |
Revert "SERVER-1891 Consolidate command authorization checking logic."
This reverts commit d430713c403fa6b065337cf7e480ed70940631ab.
Diffstat (limited to 'jstests')
| -rw-r--r-- | jstests/auth/auth1.js | 8 | ||||
| -rw-r--r-- | jstests/auth/renameSystemCollections.js | 14 | ||||
| -rw-r--r-- | jstests/auth/show_log_auth.js | 8 | ||||
| -rw-r--r-- | jstests/auth/system_user_privileges.js | 3 | ||||
| -rw-r--r-- | jstests/sharding/auth.js | 2 |
5 files changed, 14 insertions, 21 deletions
diff --git a/jstests/auth/auth1.js b/jstests/auth/auth1.js index ad5a579feb8..0a995ea9655 100644 --- a/jstests/auth/auth1.js +++ b/jstests/auth/auth1.js @@ -26,11 +26,9 @@ db.getSisterDB( "admin" ).addUser( "super", "super" ); assert.throws( function() { t.findOne() }, [], "read without login" ); print("make sure we can't run certain commands w/out auth"); -var codeUnauthorized = 13; -var rslt = db.runCommand({eval : "function() { return 1; }"}); -assert.eq(rslt.code, codeUnauthorized, tojson(rslt)); -var rslt = db.runCommand({getLog : "global"}); -assert.eq(rslt.code, codeUnauthorized, tojson(rslt)); +var errmsg = "unauthorized"; +assert.eq(db.runCommand({eval : "function() { return 1; }"}).errmsg, errmsg); +assert.eq(db.adminCommand({getLog : "global"}).errmsg, errmsg); assert(!db.auth("eliot", "eliot2"), "auth succeeded with wrong password"); assert(db.auth("eliot", "eliot"), "auth failed"); diff --git a/jstests/auth/renameSystemCollections.js b/jstests/auth/renameSystemCollections.js index 96ea309b3d3..20296070bb3 100644 --- a/jstests/auth/renameSystemCollections.js +++ b/jstests/auth/renameSystemCollections.js @@ -5,8 +5,6 @@ var adminDB = conn.getDB("admin"); var testDB = conn.getDB("testdb"); var testDB2 = conn.getDB("testdb2"); -var CodeUnauthorized = 13; - testDB.addUser({user:'spencer', pwd:'password', roles:['readWrite']}); @@ -26,13 +24,13 @@ userAdminConn.getDB('admin').addUser({user:'readWriteAdmin', testDB.auth('spencer', 'password'); res = testDB.system.profile.renameCollection("profile"); assert.eq(0, res.ok); -assert.eq(CodeUnauthorized, res.code); +assert.eq("unauthorized", res.errmsg); // Test that a readWrite user can't rename system.users to something they can read. var res = testDB.system.users.renameCollection("users"); assert.eq(0, res.ok); -assert.eq(CodeUnauthorized, res.code); +assert.eq("unauthorized", res.errmsg); assert.eq(0, testDB.users.count()); @@ -42,7 +40,7 @@ testDB.users.insert({user:'backdoor', roles:'userAdmin'}); res = testDB.users.renameCollection("system.users", true); assert.eq(0, res.ok); -assert.eq(CodeUnauthorized, res.code); +assert.eq("unauthorized", res.errmsg); assert.eq(null, userAdminConn.getDB('testdb').system.users.findOne({user:'backdoor'})); @@ -53,7 +51,7 @@ testDB2.users.insert({user:'backdoor', roles:'userAdmin'}); res = testDB2.users.renameCollection("system.users"); assert.eq(0, res.ok); -assert.eq(CodeUnauthorized, res.code); +assert.eq("unauthorized", res.errmsg); assert.eq(0, userAdminConn.getDB('testdb2').system.users.count()); @@ -61,7 +59,7 @@ assert.eq(0, userAdminConn.getDB('testdb2').system.users.count()); testDB2.users.drop(); var res = adminDB.runCommand({renameCollection:'testdb.system.users', to:'testdb2.users'}); assert.eq(0, res.ok); -assert.eq(CodeUnauthorized, res.code); +assert.eq("unauthorized", res.errmsg); assert.eq(0, testDB2.users.count()); @@ -69,7 +67,7 @@ assert.eq(0, testDB2.users.count()); testDB.users.drop(); var res = userAdminConn.getDB('testdb').system.users.renameCollection("users"); assert.eq(0, res.ok); -assert.eq(CodeUnauthorized, res.code); +assert.eq("unauthorized", res.errmsg); assert.eq(0, testDB.users.count()); diff --git a/jstests/auth/show_log_auth.js b/jstests/auth/show_log_auth.js index e28703aa1f1..bef5180ba9d 100644 --- a/jstests/auth/show_log_auth.js +++ b/jstests/auth/show_log_auth.js @@ -21,12 +21,8 @@ finally { print = oldprint; } -function assertStartsWith(s, prefix) { - assert.eq(s.substr(0, prefix.length), prefix); -} - -assertStartsWith(printed[0], 'Error while trying to show logs'); -assertStartsWith(printed[1], 'Error while trying to show ' + baseName + ' log'); +assert(printed[0]=='Error while trying to show logs: unauthorized'); +assert(printed[1]=='Error while trying to show ' + baseName + ' log: unauthorized'); db.auth( "admin" , "pass" ); db.shutdownServer(); diff --git a/jstests/auth/system_user_privileges.js b/jstests/auth/system_user_privileges.js index 4bbabc77e2b..6d397e70999 100644 --- a/jstests/auth/system_user_privileges.js +++ b/jstests/auth/system_user_privileges.js @@ -22,7 +22,8 @@ // Asserts that on the given "conn", "dbName"."collectionName".count() fails as unauthorized. function assertCountUnauthorized(conn, dbName, collectionName) { - assert.eq(runCountCommand(conn, dbName, collectionName).code, 13, + assert.eq(runCountCommand(conn, dbName, collectionName).errmsg, + "unauthorized", "On " + dbName + "." + collectionName); } diff --git a/jstests/sharding/auth.js b/jstests/sharding/auth.js index f9bcb881d36..230e2429467 100644 --- a/jstests/sharding/auth.js +++ b/jstests/sharding/auth.js @@ -80,7 +80,7 @@ logout(adminUser); var result = s.getDB("admin").runCommand({addShard : shardName}); printjson(result); -assert.eq(result.code, 13); +assert.eq(result.errmsg, "unauthorized"); login(adminUser); |