diff options
Diffstat (limited to 'jstests/auth/list_sessions.js')
| -rw-r--r-- | jstests/auth/list_sessions.js | 158 |
1 files changed, 79 insertions, 79 deletions
diff --git a/jstests/auth/list_sessions.js b/jstests/auth/list_sessions.js index 2b6c8a0f8f1..f91218d22e4 100644 --- a/jstests/auth/list_sessions.js +++ b/jstests/auth/list_sessions.js @@ -4,85 +4,85 @@ */ (function() { - 'use strict'; - load('jstests/aggregation/extras/utils.js'); - - // This test makes assertions about the number of sessions, which are not compatible with - // implicit sessions. - TestData.disableImplicitSessions = true; - - function runListSessionsTest(mongod) { - assert(mongod); - const admin = mongod.getDB('admin'); - const config = mongod.getDB('config'); - - const pipeline = [{'$listSessions': {}}]; - function listSessions() { - return config.system.sessions.aggregate(pipeline); - } - - admin.createUser({user: 'admin', pwd: 'pass', roles: jsTest.adminUserRoles}); - assert(admin.auth('admin', 'pass')); - - admin.createUser({user: 'user1', pwd: 'pass', roles: jsTest.basicUserRoles}); - admin.createUser({user: 'user2', pwd: 'pass', roles: jsTest.basicUserRoles}); - admin.logout(); - - // Fail when not logged in. - assertErrorCode(config.system.sessions, pipeline, ErrorCodes.Unauthorized); - - // Start a new session and capture its sessionId. - assert(admin.auth('user1', 'pass')); - const myid = assert.commandWorked(admin.runCommand({startSession: 1})).id.id; - assert(myid !== undefined); - - // Sync cache to collection and ensure it arrived. - assert.commandWorked(admin.runCommand({refreshLogicalSessionCacheNow: 1})); - const resultArray = listSessions().toArray(); - assert.eq(resultArray.length, 1); - const cacheid = resultArray[0]._id.id; - assert(cacheid !== undefined); - assert.eq(bsonWoCompare(cacheid, myid), 0); - - // Ask again using explicit UID. - const user1Pipeline = [{'$listSessions': {users: [{user: "user1", db: "admin"}]}}]; - function listUser1Sessions() { - return config.system.sessions.aggregate(user1Pipeline); - } - const resultArrayMine = listUser1Sessions().toArray(); - assert.eq(bsonWoCompare(resultArray, resultArrayMine), 0); - - // Make sure pipelining other collections fail - assertErrorCode(admin.system.collections, pipeline, ErrorCodes.InvalidNamespace); - - // Ensure that changing users hides the session everwhere. - assert(admin.auth('user2', 'pass')); - assert.eq(listSessions().toArray().length, 0); - - // Ensure users can't view either other's sessions. - assertErrorCode(config.system.sessions, user1Pipeline, ErrorCodes.Unauthorized); - - if (true) { - // TODO SERVER-29141: Support forcing pipelines to run on mongos - return; - } - function listLocalSessions() { - return config.aggregate([{'$listLocalSessions': {}}]); - } - assert.eq(listLocalSessions().toArray().length, 0); +'use strict'; +load('jstests/aggregation/extras/utils.js'); + +// This test makes assertions about the number of sessions, which are not compatible with +// implicit sessions. +TestData.disableImplicitSessions = true; + +function runListSessionsTest(mongod) { + assert(mongod); + const admin = mongod.getDB('admin'); + const config = mongod.getDB('config'); + + const pipeline = [{'$listSessions': {}}]; + function listSessions() { + return config.system.sessions.aggregate(pipeline); + } + + admin.createUser({user: 'admin', pwd: 'pass', roles: jsTest.adminUserRoles}); + assert(admin.auth('admin', 'pass')); + + admin.createUser({user: 'user1', pwd: 'pass', roles: jsTest.basicUserRoles}); + admin.createUser({user: 'user2', pwd: 'pass', roles: jsTest.basicUserRoles}); + admin.logout(); + + // Fail when not logged in. + assertErrorCode(config.system.sessions, pipeline, ErrorCodes.Unauthorized); + + // Start a new session and capture its sessionId. + assert(admin.auth('user1', 'pass')); + const myid = assert.commandWorked(admin.runCommand({startSession: 1})).id.id; + assert(myid !== undefined); + + // Sync cache to collection and ensure it arrived. + assert.commandWorked(admin.runCommand({refreshLogicalSessionCacheNow: 1})); + const resultArray = listSessions().toArray(); + assert.eq(resultArray.length, 1); + const cacheid = resultArray[0]._id.id; + assert(cacheid !== undefined); + assert.eq(bsonWoCompare(cacheid, myid), 0); + + // Ask again using explicit UID. + const user1Pipeline = [{'$listSessions': {users: [{user: "user1", db: "admin"}]}}]; + function listUser1Sessions() { + return config.system.sessions.aggregate(user1Pipeline); } + const resultArrayMine = listUser1Sessions().toArray(); + assert.eq(bsonWoCompare(resultArray, resultArrayMine), 0); - const mongod = MongoRunner.runMongod({auth: ""}); - runListSessionsTest(mongod); - MongoRunner.stopMongod(mongod); - - // TODO: Remove 'shardAsReplicaSet: false' when SERVER-32672 is fixed. - const st = new ShardingTest({ - shards: 1, - mongos: 1, - config: 1, - other: {keyFile: 'jstests/libs/key1', shardAsReplicaSet: false} - }); - runListSessionsTest(st.s0); - st.stop(); + // Make sure pipelining other collections fail + assertErrorCode(admin.system.collections, pipeline, ErrorCodes.InvalidNamespace); + + // Ensure that changing users hides the session everwhere. + assert(admin.auth('user2', 'pass')); + assert.eq(listSessions().toArray().length, 0); + + // Ensure users can't view either other's sessions. + assertErrorCode(config.system.sessions, user1Pipeline, ErrorCodes.Unauthorized); + + if (true) { + // TODO SERVER-29141: Support forcing pipelines to run on mongos + return; + } + function listLocalSessions() { + return config.aggregate([{'$listLocalSessions': {}}]); + } + assert.eq(listLocalSessions().toArray().length, 0); +} + +const mongod = MongoRunner.runMongod({auth: ""}); +runListSessionsTest(mongod); +MongoRunner.stopMongod(mongod); + +// TODO: Remove 'shardAsReplicaSet: false' when SERVER-32672 is fixed. +const st = new ShardingTest({ + shards: 1, + mongos: 1, + config: 1, + other: {keyFile: 'jstests/libs/key1', shardAsReplicaSet: false} +}); +runListSessionsTest(st.s0); +st.stop(); })(); |