diff options
author | Sara Golemon <sara.golemon@mongodb.com> | 2017-12-08 18:02:15 -0500 |
---|---|---|
committer | Sara Golemon <sara.golemon@mongodb.com> | 2017-12-12 22:38:15 -0500 |
commit | 3949ed24bfe7e936384120a785c1e6ad627bc1bd (patch) | |
tree | 4796d558af34b5b8c345df9bae9ee82b962e18ed /src/mongo/db/auth/authorization_session_test.cpp | |
parent | e6f46b03cec9d5b5cd4487761a2c2c2136567473 (diff) | |
download | mongo-3949ed24bfe7e936384120a785c1e6ad627bc1bd.tar.gz |
SERVER-32278 Update auth unit tests to use SCRAM-SHA-1
Diffstat (limited to 'src/mongo/db/auth/authorization_session_test.cpp')
-rw-r--r-- | src/mongo/db/auth/authorization_session_test.cpp | 66 |
1 files changed, 26 insertions, 40 deletions
diff --git a/src/mongo/db/auth/authorization_session_test.cpp b/src/mongo/db/auth/authorization_session_test.cpp index 9a77a25de18..4d363d6fe7b 100644 --- a/src/mongo/db/auth/authorization_session_test.cpp +++ b/src/mongo/db/auth/authorization_session_test.cpp @@ -32,12 +32,14 @@ */ #include "mongo/base/status.h" #include "mongo/bson/bson_depth.h" +#include "mongo/crypto/mechanism_scram.h" #include "mongo/db/auth/action_type.h" #include "mongo/db/auth/authorization_manager.h" #include "mongo/db/auth/authorization_session_for_test.h" #include "mongo/db/auth/authz_manager_external_state_mock.h" #include "mongo/db/auth/authz_session_external_state_mock.h" #include "mongo/db/auth/restriction_environment.h" +#include "mongo/db/auth/sasl_options.h" #include "mongo/db/jsobj.h" #include "mongo/db/json.h" #include "mongo/db/namespace_string.h" @@ -91,6 +93,7 @@ public: AuthzSessionExternalStateMock* sessionState; AuthorizationManager* authzManager; std::unique_ptr<AuthorizationSessionForTest> authzSession; + BSONObj credentials; void setUp() { serverGlobalParams.featureCompatibility.setVersion( @@ -111,6 +114,9 @@ public: sessionState = localSessionState.get(); authzSession = stdx::make_unique<AuthorizationSessionForTest>(std::move(localSessionState)); authzManager->setAuthEnabled(true); + + credentials = BSON("SCRAM-SHA-1" << scram::generateCredentials( + "a", saslGlobalParams.scramIterationCount.load())); } }; @@ -173,8 +179,7 @@ TEST_F(AuthorizationSessionTest, AddUserAndCheckAuthorization) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "readWrite" @@ -202,8 +207,7 @@ TEST_F(AuthorizationSessionTest, AddUserAndCheckAuthorization) { << "db" << "admin" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "readWriteAnyDatabase" @@ -249,8 +253,7 @@ TEST_F(AuthorizationSessionTest, DuplicateRolesOK) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "readWrite" @@ -282,8 +285,7 @@ TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "readWrite" @@ -300,8 +302,7 @@ TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "userAdmin" @@ -315,8 +316,7 @@ TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "readWriteAnyDatabase" @@ -334,8 +334,7 @@ TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "userAdminAnyDatabase" @@ -430,8 +429,7 @@ TEST_F(AuthorizationSessionTest, InvalidateUser) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "readWrite" @@ -463,8 +461,7 @@ TEST_F(AuthorizationSessionTest, InvalidateUser) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "read" @@ -509,8 +506,7 @@ TEST_F(AuthorizationSessionTest, UseOldUserInfoInFaceOfConnectivityProblems) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "readWrite" @@ -543,8 +539,7 @@ TEST_F(AuthorizationSessionTest, UseOldUserInfoInFaceOfConnectivityProblems) { << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "read" @@ -580,8 +575,7 @@ TEST_F(AuthorizationSessionTest, AcquireUserObtainsAndValidatesAuthenticationRes << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSON_ARRAY(BSON("role" << "readWrite" @@ -1124,8 +1118,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsNotCoauthorizedWithEmptyUser << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSONArray()), BSONObj())); @@ -1144,8 +1137,7 @@ TEST_F(AuthorizationSessionTest, << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSONArray()), BSONObj())); @@ -1162,8 +1154,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsCoauthorizedWithIntersecting << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSONArray()), BSONObj())); @@ -1173,8 +1164,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsCoauthorizedWithIntersecting << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSONArray()), BSONObj())); @@ -1194,8 +1184,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsNotCoauthorizedWithNoninters << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSONArray()), BSONObj())); @@ -1205,8 +1194,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsNotCoauthorizedWithNoninters << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSONArray()), BSONObj())); @@ -1227,8 +1215,7 @@ TEST_F(AuthorizationSessionTest, << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSONArray()), BSONObj())); @@ -1238,8 +1225,7 @@ TEST_F(AuthorizationSessionTest, << "db" << "test" << "credentials" - << BSON("MONGODB-CR" - << "a") + << credentials << "roles" << BSONArray()), BSONObj())); |