diff options
author | Jonathan Reams <jbreams@mongodb.com> | 2018-06-29 12:35:20 -0400 |
---|---|---|
committer | Jonathan Reams <jbreams@mongodb.com> | 2018-08-01 12:56:36 -0400 |
commit | 2c504892ae516f56dc127dee1146baf894a5fc59 (patch) | |
tree | 5bf4235aa14d748e29d2abac6535a5618ad200fd /src/mongo/db/auth/authorization_manager_test.cpp | |
parent | f263446414cfdcc0e0caf24e7f61a058faf382ef (diff) | |
download | mongo-2c504892ae516f56dc127dee1146baf894a5fc59.tar.gz |
SERVER-35890 refactor User cache into InvalidatingLRUCache and UserHandle
Diffstat (limited to 'src/mongo/db/auth/authorization_manager_test.cpp')
-rw-r--r-- | src/mongo/db/auth/authorization_manager_test.cpp | 40 |
1 files changed, 15 insertions, 25 deletions
diff --git a/src/mongo/db/auth/authorization_manager_test.cpp b/src/mongo/db/auth/authorization_manager_test.cpp index e0ba470d4f5..dc3701e2ecf 100644 --- a/src/mongo/db/auth/authorization_manager_test.cpp +++ b/src/mongo/db/auth/authorization_manager_test.cpp @@ -148,11 +148,11 @@ TEST_F(AuthorizationManagerTest, testAcquireV2User) { << "admin"))), BSONObj())); - User* v2read; - ASSERT_OK(authzManager->acquireUser(opCtx.get(), UserName("v2read", "test"), &v2read)); + auto swu = authzManager->acquireUser(opCtx.get(), UserName("v2read", "test")); + ASSERT_OK(swu.getStatus()); + auto v2read = std::move(swu.getValue()); ASSERT_EQUALS(UserName("v2read", "test"), v2read->getName()); ASSERT(v2read->isValid()); - ASSERT_EQUALS(1U, v2read->getRefCount()); RoleNameIterator roles = v2read->getRoles(); ASSERT_EQUALS(RoleName("read", "test"), roles.next()); ASSERT_FALSE(roles.more()); @@ -160,13 +160,12 @@ TEST_F(AuthorizationManagerTest, testAcquireV2User) { auto testDBPrivilege = privilegeMap[ResourcePattern::forDatabaseName("test")]; ASSERT(testDBPrivilege.getActions().contains(ActionType::find)); // Make sure user's refCount is 0 at the end of the test to avoid an assertion failure - authzManager->releaseUser(v2read); - User* v2cluster; - ASSERT_OK(authzManager->acquireUser(opCtx.get(), UserName("v2cluster", "admin"), &v2cluster)); + swu = authzManager->acquireUser(opCtx.get(), UserName("v2cluster", "admin")); + ASSERT_OK(swu.getStatus()); + auto v2cluster = std::move(swu.getValue()); ASSERT_EQUALS(UserName("v2cluster", "admin"), v2cluster->getName()); ASSERT(v2cluster->isValid()); - ASSERT_EQUALS(1U, v2cluster->getRefCount()); RoleNameIterator clusterRoles = v2cluster->getRoles(); ASSERT_EQUALS(RoleName("clusterAdmin", "admin"), clusterRoles.next()); ASSERT_FALSE(clusterRoles.more()); @@ -174,7 +173,6 @@ TEST_F(AuthorizationManagerTest, testAcquireV2User) { auto clusterPrivilege = privilegeMap[ResourcePattern::forClusterResource()]; ASSERT(clusterPrivilege.getActions().contains(ActionType::serverStatus)); // Make sure user's refCount is 0 at the end of the test to avoid an assertion failure - authzManager->releaseUser(v2cluster); } #ifdef MONGO_CONFIG_SSL @@ -183,9 +181,9 @@ TEST_F(AuthorizationManagerTest, testLocalX509Authorization) { session, SSLPeerInfo(buildX509Name(), {RoleName("read", "test"), RoleName("readWrite", "test")})); - User* x509User; - ASSERT_OK( - authzManager->acquireUser(opCtx.get(), UserName("CN=mongodb.com", "$external"), &x509User)); + auto swu = authzManager->acquireUser(opCtx.get(), UserName("CN=mongodb.com", "$external")); + ASSERT_OK(swu.getStatus()); + auto x509User = std::move(swu.getValue()); ASSERT(x509User->isValid()); stdx::unordered_set<RoleName> expectedRoles{RoleName("read", "test"), @@ -202,9 +200,6 @@ TEST_F(AuthorizationManagerTest, testLocalX509Authorization) { auto privilegeIt = privileges.find(ResourcePattern::forDatabaseName("test")); ASSERT(privilegeIt != privileges.end()); ASSERT(privilegeIt->second.includesAction(ActionType::insert)); - - - authzManager->releaseUser(x509User); } #endif @@ -213,17 +208,15 @@ TEST_F(AuthorizationManagerTest, testLocalX509AuthorizationInvalidUser) { session, SSLPeerInfo(buildX509Name(), {RoleName("read", "test"), RoleName("write", "test")})); - User* x509User; ASSERT_NOT_OK( - authzManager->acquireUser(opCtx.get(), UserName("CN=10gen.com", "$external"), &x509User)); + authzManager->acquireUser(opCtx.get(), UserName("CN=10gen.com", "$external")).getStatus()); } TEST_F(AuthorizationManagerTest, testLocalX509AuthenticationNoAuthorization) { setX509PeerInfo(session, {}); - User* x509User; - ASSERT_NOT_OK( - authzManager->acquireUser(opCtx.get(), UserName("CN=mongodb.com", "$external"), &x509User)); + ASSERT_NOT_OK(authzManager->acquireUser(opCtx.get(), UserName("CN=mongodb.com", "$external")) + .getStatus()); } /** @@ -320,11 +313,11 @@ TEST_F(AuthorizationManagerTest, testAcquireV2UserWithUnrecognizedActions) { << "insert")))), BSONObj())); - User* myUser; - ASSERT_OK(authzManager->acquireUser(opCtx.get(), UserName("myUser", "test"), &myUser)); + auto swu = authzManager->acquireUser(opCtx.get(), UserName("myUser", "test")); + ASSERT_OK(swu.getStatus()); + auto myUser = std::move(swu.getValue()); ASSERT_EQUALS(UserName("myUser", "test"), myUser->getName()); ASSERT(myUser->isValid()); - ASSERT_EQUALS(1U, myUser->getRefCount()); RoleNameIterator roles = myUser->getRoles(); ASSERT_EQUALS(RoleName("myRole", "test"), roles.next()); ASSERT_FALSE(roles.more()); @@ -336,9 +329,6 @@ TEST_F(AuthorizationManagerTest, testAcquireV2UserWithUnrecognizedActions) { actions.removeAction(ActionType::find); actions.removeAction(ActionType::insert); ASSERT(actions.empty()); - - // Make sure user's refCount is 0 at the end of the test to avoid an assertion failure - authzManager->releaseUser(myUser); } // These tests ensure that the AuthorizationManager registers a |