diff options
Diffstat (limited to 'jstests/auth/impersonation-deny.js')
-rw-r--r-- | jstests/auth/impersonation-deny.js | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/jstests/auth/impersonation-deny.js b/jstests/auth/impersonation-deny.js index 3f1f16eabfe..e3a962942ca 100644 --- a/jstests/auth/impersonation-deny.js +++ b/jstests/auth/impersonation-deny.js @@ -29,12 +29,22 @@ function testMongod(mongod, systemuserpwd = undefined) { const kImpersonatedHello = { hello: 1, "$audit": { - "$impersonatedUsers": [{user: 'admin', db: 'admin'}], + "$impersonatedUser": {user: 'admin', db: 'admin'}, "$impersonatedRoles": [{role: 'root', db: 'admin'}], } }; assertUnauthorized(kImpersonatedHello, 'Unauthorized use of impersonation metadata'); + // TODO SERVER-72448: Remove + const kImpersonatedHelloLegacy = { + hello: 1, + "$audit": { + "$impersonatedUsers": [{user: 'admin', db: 'admin'}], + "$impersonatedRoles": [{role: 'root', db: 'admin'}], + } + }; + assertUnauthorized(kImpersonatedHelloLegacy, 'Unauthorized use of impersonation metadata'); + // Try as admin (root role), should still fail. admin.auth('admin', 'admin'); assertUnauthorized(kImpersonatedHello, 'Unauthorized use of impersonation metadata'); |