diff options
author | Sophia Tan <sophia_tll@hotmail.com> | 2022-11-21 16:27:51 +0000 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2022-11-21 18:48:38 +0000 |
commit | 4f92dfc82e28e028415f95cc0a50fc2e01bc7487 (patch) | |
tree | a01690289bf7ed0a603b047ed0e1e5a24a059374 /jstests | |
parent | d90030950c7f205d2a1354de0fc7efec15a9b6fb (diff) | |
download | mongo-4f92dfc82e28e028415f95cc0a50fc2e01bc7487.tar.gz |
SERVER-70975 Exclude commands which are not allowed with security token from NTDI core passthrough (Part 4)
Diffstat (limited to 'jstests')
41 files changed, 88 insertions, 1 deletions
diff --git a/jstests/core/profile3.js b/jstests/core/profile3.js index 13e0c17d714..1e75c08b0c2 100644 --- a/jstests/core/profile3.js +++ b/jstests/core/profile3.js @@ -1,4 +1,7 @@ +// The test runs commands that are not allowed with security token: createUser, logout, +// setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // assumes_superuser_permissions, // creates_and_authenticates_user, // requires_profiling, diff --git a/jstests/core/profile_agg.js b/jstests/core/profile_agg.js index d6611fa98ab..c3a163ad81e 100644 --- a/jstests/core/profile_agg.js +++ b/jstests/core/profile_agg.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_profiling, // ] diff --git a/jstests/core/profile_count.js b/jstests/core/profile_count.js index 466f8bb6fc2..02a581948c6 100644 --- a/jstests/core/profile_count.js +++ b/jstests/core/profile_count.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_fastcount, // requires_profiling, diff --git a/jstests/core/profile_delete.js b/jstests/core/profile_delete.js index a1251944be1..e10f820ce03 100644 --- a/jstests/core/profile_delete.js +++ b/jstests/core/profile_delete.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // # Asserts on the number of index keys deleted. // assumes_no_implicit_index_creation, // does_not_support_stepdowns, diff --git a/jstests/core/profile_distinct.js b/jstests/core/profile_distinct.js index 2e10a830c70..86eaf488286 100644 --- a/jstests/core/profile_distinct.js +++ b/jstests/core/profile_distinct.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_profiling, // ] diff --git a/jstests/core/profile_find.js b/jstests/core/profile_find.js index 05d9ee3a757..4fae247a2bd 100644 --- a/jstests/core/profile_find.js +++ b/jstests/core/profile_find.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_profiling, // ] diff --git a/jstests/core/profile_findandmodify.js b/jstests/core/profile_findandmodify.js index 42a8be46fe2..1ba5a5dc885 100644 --- a/jstests/core/profile_findandmodify.js +++ b/jstests/core/profile_findandmodify.js @@ -1,5 +1,7 @@ // Confirms that profiled findAndModify execution contains all expected metrics with proper values. +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // # Asserts on the number of index keys modified. // assumes_no_implicit_index_creation, // requires_profiling, diff --git a/jstests/core/profile_getmore.js b/jstests/core/profile_getmore.js index b6f4ecf3ac7..eb2a2428e21 100644 --- a/jstests/core/profile_getmore.js +++ b/jstests/core/profile_getmore.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_getmore, // requires_profiling, diff --git a/jstests/core/profile_hide_index.js b/jstests/core/profile_hide_index.js index 5d8b8043db6..95c5bd0e8a6 100644 --- a/jstests/core/profile_hide_index.js +++ b/jstests/core/profile_hide_index.js @@ -1,7 +1,9 @@ /** * Ensure the 'hidden' flag can be found in currentOp and profiler. * + * The test runs commands that are not allowed with security token: setProfilingLevel. * @tags: [ + * not_allowed_with_security_token, * assumes_read_concern_unchanged, * assumes_read_preference_unchanged, * requires_non_retryable_writes, diff --git a/jstests/core/profile_insert.js b/jstests/core/profile_insert.js index 580c70fdcd0..83cc920e200 100644 --- a/jstests/core/profile_insert.js +++ b/jstests/core/profile_insert.js @@ -1,6 +1,8 @@ // Confirms that profiled insert execution contains all expected metrics with proper values. // +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // # Asserts on the number of index keys inserted. // assumes_no_implicit_index_creation, // assumes_write_concern_unchanged, diff --git a/jstests/core/profile_list_collections.js b/jstests/core/profile_list_collections.js index a242146eaff..1d2a40578c9 100644 --- a/jstests/core/profile_list_collections.js +++ b/jstests/core/profile_list_collections.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_getmore, // requires_profiling, diff --git a/jstests/core/profile_list_indexes.js b/jstests/core/profile_list_indexes.js index b876c788dc6..0d9a260e93d 100644 --- a/jstests/core/profile_list_indexes.js +++ b/jstests/core/profile_list_indexes.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_getmore, // requires_profiling, diff --git a/jstests/core/profile_mapreduce.js b/jstests/core/profile_mapreduce.js index c719ec8b47b..ddad8e50137 100644 --- a/jstests/core/profile_mapreduce.js +++ b/jstests/core/profile_mapreduce.js @@ -1,4 +1,7 @@ +// The test runs commands that are not allowed with security token: mapReduce, +// setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // # mapReduce does not support afterClusterTime. // does_not_support_causal_consistency, // does_not_support_stepdowns, diff --git a/jstests/core/profile_no_such_db.js b/jstests/core/profile_no_such_db.js index 1ac30b7c22e..141be56b201 100644 --- a/jstests/core/profile_no_such_db.js +++ b/jstests/core/profile_no_such_db.js @@ -1,4 +1,6 @@ -// @tags: [does_not_support_stepdowns, requires_profiling] +// The test runs commands that are not allowed with security token: setProfilingLevel. +// @tags: [ +// not_allowed_with_security_token,does_not_support_stepdowns, requires_profiling] // Test that reading the profiling level doesn't create databases, but setting it does. (function(db) { diff --git a/jstests/core/profile_query_hash.js b/jstests/core/profile_query_hash.js index 1984a530252..d8ddaf06f36 100644 --- a/jstests/core/profile_query_hash.js +++ b/jstests/core/profile_query_hash.js @@ -1,6 +1,8 @@ // Confirms that profile entries for find commands contain the appropriate query hash. // +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // assumes_against_mongod_not_mongos, // assumes_read_concern_unchanged, // does_not_support_stepdowns, diff --git a/jstests/core/profile_sampling.js b/jstests/core/profile_sampling.js index e9ba1019b03..0841c6c7cc5 100644 --- a/jstests/core/profile_sampling.js +++ b/jstests/core/profile_sampling.js @@ -1,5 +1,7 @@ // Confirms that the number of profiled operations is consistent with the sampleRate, if set. +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_fastcount, // requires_profiling, diff --git a/jstests/core/profile_update.js b/jstests/core/profile_update.js index ebd0505e58d..bd07ba42251 100644 --- a/jstests/core/profile_update.js +++ b/jstests/core/profile_update.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // # Asserts on the number of index keys modified. // assumes_no_implicit_index_creation, // does_not_support_stepdowns, diff --git a/jstests/core/queryoptimizera.js b/jstests/core/queryoptimizera.js index 55d0d5c424a..2f3f2266847 100644 --- a/jstests/core/queryoptimizera.js +++ b/jstests/core/queryoptimizera.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: getLog. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_capped, // ] diff --git a/jstests/core/recursion.js b/jstests/core/recursion.js index a7a3a3b8d9b..ce4ed5dc401 100644 --- a/jstests/core/recursion.js +++ b/jstests/core/recursion.js @@ -1,7 +1,9 @@ // Basic tests for a form of stack recursion that's been shown to cause C++ side stack overflows in // the past. See SERVER-19614. // +// The test runs commands that are not allowed with security token: mapReduce. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_non_retryable_commands, // uses_map_reduce_with_temp_collections, diff --git a/jstests/core/rename_collection_staytemp.js b/jstests/core/rename_collection_staytemp.js index 594169d65e1..5db125f1a23 100644 --- a/jstests/core/rename_collection_staytemp.js +++ b/jstests/core/rename_collection_staytemp.js @@ -1,5 +1,7 @@ /* + * The test runs commands that are not allowed with security token: applyOps. * @tags: [ + * not_allowed_with_security_token, * requires_non_retryable_commands, * requires_replication, * # applyOps is not supported on mongos diff --git a/jstests/core/resume_query.js b/jstests/core/resume_query.js index 6085a82e504..711c19980a1 100644 --- a/jstests/core/resume_query.js +++ b/jstests/core/resume_query.js @@ -1,6 +1,8 @@ /** * Test that we can use the $_resumeAfter and $_requestResumeToken options to resume a query. + * The test runs commands that are not allowed with security token: killCursors. * @tags: [ + * not_allowed_with_security_token, * assumes_against_mongod_not_mongos, * multiversion_incompatible, * requires_getmore, diff --git a/jstests/core/resume_query_from_non_existent_record.js b/jstests/core/resume_query_from_non_existent_record.js index 4ae452762bd..8dba152a979 100644 --- a/jstests/core/resume_query_from_non_existent_record.js +++ b/jstests/core/resume_query_from_non_existent_record.js @@ -5,7 +5,9 @@ * of the test. However, $_requestResumeToken and a subsequent $_resumeAfter must be directed at the * same node, since they rely on a record id which is assigned internally by a given node. * + * The test runs commands that are not allowed with security token: killCursors. * @tags: [ + * not_allowed_with_security_token, * assumes_against_mongod_not_mongos, * multiversion_incompatible, * requires_non_retryable_writes, diff --git a/jstests/core/role_management_helpers.js b/jstests/core/role_management_helpers.js index 312c07618ae..9fd3d28ce55 100644 --- a/jstests/core/role_management_helpers.js +++ b/jstests/core/role_management_helpers.js @@ -1,4 +1,7 @@ +// The test runs commands that are not allowed with security token: createRole, dropRole, +// grantPrivilegesToRole, grantRolesToRole, revokeRolesFromRole, updateRole. // @tags: [ +// not_allowed_with_security_token, // assumes_superuser_permissions, // assumes_write_concern_unchanged, // requires_auth, diff --git a/jstests/core/roles_info.js b/jstests/core/roles_info.js index b6330c5ad49..0e1b7f01318 100644 --- a/jstests/core/roles_info.js +++ b/jstests/core/roles_info.js @@ -1,5 +1,7 @@ // Test invocations of {rolesInfo: ...} command +// The test runs commands that are not allowed with security token: createRole, dropRole. // @tags: [ +// not_allowed_with_security_token, // requires_multi_updates, // requires_non_retryable_commands, // ] diff --git a/jstests/core/sbe/from_plan_cache_flag.js b/jstests/core/sbe/from_plan_cache_flag.js index 675578b0d4b..ef910b42513 100644 --- a/jstests/core/sbe/from_plan_cache_flag.js +++ b/jstests/core/sbe/from_plan_cache_flag.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setProfilingLevel. // @tags: [ +// not_allowed_with_security_token, // requires_profiling, // does_not_support_stepdowns, // # TODO SERVER-67607: Test plan cache with CQF enabled. diff --git a/jstests/core/set_param1.js b/jstests/core/set_param1.js index df8619e6f49..dfe71da85d2 100644 --- a/jstests/core/set_param1.js +++ b/jstests/core/set_param1.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: setParameter. // @tags: [ +// not_allowed_with_security_token, // assumes_superuser_permissions, // does_not_support_stepdowns, // requires_fcv_62, diff --git a/jstests/core/shell_connection_strings.js b/jstests/core/shell_connection_strings.js index bd0646e3647..92207fcc941 100644 --- a/jstests/core/shell_connection_strings.js +++ b/jstests/core/shell_connection_strings.js @@ -1,5 +1,7 @@ // Test mongo shell connect strings. +// The test runs commands that are not allowed with security token: eval. // @tags: [ +// not_allowed_with_security_token, // uses_multiple_connections, // docker_incompatible, // ] diff --git a/jstests/core/shellkillop.js b/jstests/core/shellkillop.js index 0ac2ad681ed..78e757c5726 100644 --- a/jstests/core/shellkillop.js +++ b/jstests/core/shellkillop.js @@ -1,3 +1,5 @@ +// The test runs commands that are not allowed with security token: killop. +// @tags: [not_allowed_with_security_token] baseName = "jstests_shellkillop"; // 'retry' should be set to true in contexts where an exception should cause the test to be retried diff --git a/jstests/core/splitvector.js b/jstests/core/splitvector.js index c99c634824f..a33a9aefa13 100644 --- a/jstests/core/splitvector.js +++ b/jstests/core/splitvector.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: datasize, splitVector. // @tags: [ +// not_allowed_with_security_token, // assumes_superuser_permissions, // # Cannot implicitly shard accessed collections because the "splitVector" command cannot be run // # on a sharded collection diff --git a/jstests/core/stages_and_hash.js b/jstests/core/stages_and_hash.js index 6e56ee51106..4e75dace007 100644 --- a/jstests/core/stages_and_hash.js +++ b/jstests/core/stages_and_hash.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: stageDebug. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // uses_testing_only_commands, // no_selinux, diff --git a/jstests/core/stages_and_sorted.js b/jstests/core/stages_and_sorted.js index add65759578..34826baaa32 100644 --- a/jstests/core/stages_and_sorted.js +++ b/jstests/core/stages_and_sorted.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: stageDebug. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // uses_testing_only_commands, // no_selinux, diff --git a/jstests/core/stages_collection_scan.js b/jstests/core/stages_collection_scan.js index 8246b123d7f..08b3eb2eeb6 100644 --- a/jstests/core/stages_collection_scan.js +++ b/jstests/core/stages_collection_scan.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: stageDebug. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // uses_testing_only_commands, // tenant_migration_incompatible, diff --git a/jstests/core/stages_delete.js b/jstests/core/stages_delete.js index 76e6f29f870..0136650f27d 100644 --- a/jstests/core/stages_delete.js +++ b/jstests/core/stages_delete.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: stageDebug. // @tags: [ +// not_allowed_with_security_token, // # This test attempts to remove documents using the stageDebug command, which doesn't support // # specifying a writeConcern. // assumes_write_concern_unchanged, diff --git a/jstests/core/stages_fetch.js b/jstests/core/stages_fetch.js index e0e6cb0dd20..bdec393ce1c 100644 --- a/jstests/core/stages_fetch.js +++ b/jstests/core/stages_fetch.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: stageDebug. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // uses_testing_only_commands, // no_selinux, diff --git a/jstests/core/stages_ixscan.js b/jstests/core/stages_ixscan.js index cc0b7efabd3..de345fabb02 100644 --- a/jstests/core/stages_ixscan.js +++ b/jstests/core/stages_ixscan.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: stageDebug. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // uses_testing_only_commands, // no_selinux, diff --git a/jstests/core/stages_limit_skip.js b/jstests/core/stages_limit_skip.js index 1d6c092683e..623e403c504 100644 --- a/jstests/core/stages_limit_skip.js +++ b/jstests/core/stages_limit_skip.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: stageDebug. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // uses_testing_only_commands, // no_selinux, diff --git a/jstests/core/stages_mergesort.js b/jstests/core/stages_mergesort.js index e2959669acc..c202a3ca827 100644 --- a/jstests/core/stages_mergesort.js +++ b/jstests/core/stages_mergesort.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: stageDebug. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // uses_testing_only_commands, // no_selinux, diff --git a/jstests/core/stages_or.js b/jstests/core/stages_or.js index e3db379771b..6eb2e9812fb 100644 --- a/jstests/core/stages_or.js +++ b/jstests/core/stages_or.js @@ -1,4 +1,6 @@ +// The test runs commands that are not allowed with security token: stageDebug. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // uses_testing_only_commands, // no_selinux, diff --git a/jstests/core/stages_sort.js b/jstests/core/stages_sort.js index 60f22c680eb..2fd682edc3c 100644 --- a/jstests/core/stages_sort.js +++ b/jstests/core/stages_sort.js @@ -1,4 +1,7 @@ // Test query stage sorting. +// The test runs commands that are not allowed with security token: stageDebug. +// @tags: [not_allowed_with_security_token] + if (false) { t = db.stages_sort; t.drop(); diff --git a/jstests/core/startup_log.js b/jstests/core/startup_log.js index f905e4a34e0..6fbfb8df72a 100644 --- a/jstests/core/startup_log.js +++ b/jstests/core/startup_log.js @@ -3,7 +3,9 @@ * entry matching the server's response from the "getCmdLineOpts" command. The former operation may * be routed to a secondary in the replica set, whereas the latter must be routed to the primary. * + * The test runs commands that are not allowed with security token: getCmdLineOpts. * @tags: [ + * not_allowed_with_security_token, * assumes_read_preference_unchanged, * requires_collstats, * requires_capped, diff --git a/jstests/core/system_profile.js b/jstests/core/system_profile.js index 2624853cd0a..ba03b39dbd0 100644 --- a/jstests/core/system_profile.js +++ b/jstests/core/system_profile.js @@ -1,4 +1,7 @@ +// The test runs commands that are not allowed with security token: convertToCapped, mapReduce, +// profile. // @tags: [ +// not_allowed_with_security_token, // does_not_support_stepdowns, // requires_capped, // requires_collstats, |