diff options
Diffstat (limited to 'jstests/auth/js_scope_leak.js')
| -rw-r--r-- | jstests/auth/js_scope_leak.js | 80 |
1 files changed, 45 insertions, 35 deletions
diff --git a/jstests/auth/js_scope_leak.js b/jstests/auth/js_scope_leak.js index 57e0b112937..f1d5d192876 100644 --- a/jstests/auth/js_scope_leak.js +++ b/jstests/auth/js_scope_leak.js @@ -7,23 +7,24 @@ // // These transitions are tested for dbEval, $where, MapReduce and $group -var conn = MongoRunner.runMongod({ smallfiles: ""}); +var conn = MongoRunner.runMongod({smallfiles: ""}); var test = conn.getDB("test"); // insert a single document and add two test users -test.foo.insert({a:1}); +test.foo.insert({a: 1}); assert.eq(1, test.foo.findOne().a); -test.createUser({user:'a', pwd: 'a', roles: jsTest.basicUserRoles}); -test.createUser({user:'b', pwd: 'b', roles: jsTest.basicUserRoles}); +test.createUser({user: 'a', pwd: 'a', roles: jsTest.basicUserRoles}); +test.createUser({user: 'b', pwd: 'b', roles: jsTest.basicUserRoles}); function missingOrEquals(string) { - return 'function() { ' - + 'var global = function(){return this;}.call();' - // Uncomment the next line when debugging. - // + 'print(global.hasOwnProperty("someGlobal") ? someGlobal : "MISSING" );' - + 'return !global.hasOwnProperty("someGlobal")' - + ' || someGlobal == unescape("' + escape(string) + '");' - +'}()'; + return 'function() { ' + + 'var global = function(){return this;}.call();' + // Uncomment the next line when debugging. + // + 'print(global.hasOwnProperty("someGlobal") ? someGlobal : "MISSING" );' + + + 'return !global.hasOwnProperty("someGlobal")' + + ' || someGlobal == unescape("' + escape(string) + '");' + + '}()'; } function testDbEval() { @@ -50,20 +51,19 @@ testDbEval(); // test $where function testWhere() { // set the global variable 'someGlobal' before authenticating - test.foo.findOne({$where:'someGlobal = "noUsers";'}); + test.foo.findOne({$where: 'someGlobal = "noUsers";'}); // test new user auth causes scope to be cleared test.auth('a', 'a'); - assert.eq(1, - test.foo.count({$where: 'return ' + missingOrEquals('a')}), - "$where: Auth user 'a"); + assert.eq( + 1, test.foo.count({$where: 'return ' + missingOrEquals('a')}), "$where: Auth user 'a"); // test auth as another user causes scope to be cleared - test.foo.findOne({$where:'someGlobal = "a";'}); + test.foo.findOne({$where: 'someGlobal = "a";'}); test.auth('b', 'b'); assert(test.foo.count({$where: 'return ' + missingOrEquals('a&b')}), "$where: Auth user 'b'"); // test user logout causes scope to be cleared - test.foo.findOne({$where:'someGlobal = "a&b";'}); + test.foo.findOne({$where: 'someGlobal = "a&b";'}); test.logout(); assert(test.foo.count({$where: 'return ' + missingOrEquals('noUsers')}), "$where: log out"); } @@ -71,14 +71,18 @@ testWhere(); testWhere(); function testMapReduce() { - var mapSet = function(string) { return Function('someGlobal = "' + string + '"'); }; - var mapGet = function(string) { return Function('assert(' + missingOrEquals(string) +')'); }; - var reduce = function(k, v) { }; + var mapSet = function(string) { + return Function('someGlobal = "' + string + '"'); + }; + var mapGet = function(string) { + return Function('assert(' + missingOrEquals(string) + ')'); + }; + var reduce = function(k, v) {}; var setGlobalInMap = function(string) { - test.foo.mapReduce(mapSet(string), reduce, {out:{inline:1}}); + test.foo.mapReduce(mapSet(string), reduce, {out: {inline: 1}}); }; var getGlobalFromMap = function(string) { - test.foo.mapReduce(mapGet(string), reduce, {out:{inline:1}}); + test.foo.mapReduce(mapGet(string), reduce, {out: {inline: 1}}); }; // set the global variable 'someGlobal' before authenticating @@ -86,33 +90,41 @@ function testMapReduce() { // test new user auth causes scope to be cleared test.auth('a', 'a'); - assert.doesNotThrow(function() { getGlobalFromMap('a'); }, [], "M/R: Auth user 'a'"); + assert.doesNotThrow(function() { + getGlobalFromMap('a'); + }, [], "M/R: Auth user 'a'"); // test auth as another user causes scope to be cleared setGlobalInMap('a'); test.auth('b', 'b'); - assert.doesNotThrow(function() { getGlobalFromMap('a&b'); }, [], "M/R: Auth user 'b'"); + assert.doesNotThrow(function() { + getGlobalFromMap('a&b'); + }, [], "M/R: Auth user 'b'"); // test user logout causes scope to be cleared setGlobalInMap('a&b'); test.logout(); - assert.doesNotThrow(function() { getGlobalFromMap('noUsers'); }, [], "M/R: Log out"); + assert.doesNotThrow(function() { + getGlobalFromMap('noUsers'); + }, [], "M/R: Log out"); } testMapReduce(); testMapReduce(); function testGroup() { var setGlobalInGroup = function(string) { - return test.foo.group({key: 'a', - reduce: Function('doc1', 'agg', - 'someGlobal = "' + string + '"'), - initial:{}}); + return test.foo.group({ + key: 'a', + reduce: Function('doc1', 'agg', 'someGlobal = "' + string + '"'), + initial: {} + }); }; var getGlobalFromGroup = function(string) { - return test.foo.group({key: 'a', - reduce: Function('doc1', 'agg', - 'assert(' + missingOrEquals(string) +')'), - initial:{}}); + return test.foo.group({ + key: 'a', + reduce: Function('doc1', 'agg', 'assert(' + missingOrEquals(string) + ')'), + initial: {} + }); }; // set the global variable 'someGlobal' before authenticating @@ -134,5 +146,3 @@ function testGroup() { } testGroup(); testGroup(); - - |