summaryrefslogtreecommitdiff
path: root/jstests/auth/user_management_commands_edge_cases.js
diff options
context:
space:
mode:
Diffstat (limited to 'jstests/auth/user_management_commands_edge_cases.js')
-rw-r--r--jstests/auth/user_management_commands_edge_cases.js499
1 files changed, 247 insertions, 252 deletions
diff --git a/jstests/auth/user_management_commands_edge_cases.js b/jstests/auth/user_management_commands_edge_cases.js
index b8f11505c58..ab42714fb9a 100644
--- a/jstests/auth/user_management_commands_edge_cases.js
+++ b/jstests/auth/user_management_commands_edge_cases.js
@@ -4,289 +4,284 @@
*/
function runTest(conn) {
-
var db = conn.getDB('test');
var admin = conn.getDB('admin');
admin.createUser({user: 'userAdmin', pwd: 'pwd', roles: ['userAdminAnyDatabase']});
admin.auth('userAdmin', 'pwd');
(function testCreateUser() {
- jsTestLog("Testing createUser");
-
- db.createUser({user: 'user1', pwd: 'pwd', roles: []});
-
- // Try to create duplicate user
- assert.throws(function() {
- db.createUser({user: 'user1', pwd: 'pwd', roles: ['read']});
- });
- assert.eq(0, db.getUser('user1').roles.length);
-
- // Try to create user with role that doesn't exist
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: 'pwd', roles: ['fakeRole']});
- });
-
- // Try to create user with invalid arguments
- assert.throws(function() {
- db.createUser({user: '', pwd: 'pwd', roles: ['read']});
- });
- assert.throws(function() {
- db.createUser({user: ['user2'], pwd: 'pwd', roles: ['read']});
- });
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: '', roles: ['read']});
- });
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: ['pwd'], roles: ['read']});
- });
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: 'pwd', roles: ['']});
- });
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: 'pwd', roles: [{}]});
- });
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: 'pwd', roles: [1]});
- });
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: 'pwd', roles: [{role: 'read'}]});
- });
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: 'pwd', roles: [{db: 'test'}]});
- });
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: 'pwd', roles: [{role: 'read',
- db:''}]});
- });
- assert.throws(function() {
- db.createUser({user: 'user2', pwd: 'pwd', roles: [{role: '',
- db: 'test'}]});
- });
- assert.throws(function() {
- db.createUser({user: 'null\u0000char', pwd: 'pwd', roles: []});
- });
- assert.throws(function() {
- db.createUser({user: 'null\0char', pwd: 'pwd', roles: []});
- });
- // Regression test for SERVER-17125
- assert.throws(function() {
- db.getSiblingDB('$external').createUser({user: '', roles: []});
- });
-
- assert.eq(1, db.getUsers().length);
- })();
+ jsTestLog("Testing createUser");
+
+ db.createUser({user: 'user1', pwd: 'pwd', roles: []});
+
+ // Try to create duplicate user
+ assert.throws(function() {
+ db.createUser({user: 'user1', pwd: 'pwd', roles: ['read']});
+ });
+ assert.eq(0, db.getUser('user1').roles.length);
+
+ // Try to create user with role that doesn't exist
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: 'pwd', roles: ['fakeRole']});
+ });
+
+ // Try to create user with invalid arguments
+ assert.throws(function() {
+ db.createUser({user: '', pwd: 'pwd', roles: ['read']});
+ });
+ assert.throws(function() {
+ db.createUser({user: ['user2'], pwd: 'pwd', roles: ['read']});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: '', roles: ['read']});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: ['pwd'], roles: ['read']});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: 'pwd', roles: ['']});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: 'pwd', roles: [{}]});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: 'pwd', roles: [1]});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: 'pwd', roles: [{role: 'read'}]});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: 'pwd', roles: [{db: 'test'}]});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: 'pwd', roles: [{role: 'read', db: ''}]});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'user2', pwd: 'pwd', roles: [{role: '', db: 'test'}]});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'null\u0000char', pwd: 'pwd', roles: []});
+ });
+ assert.throws(function() {
+ db.createUser({user: 'null\0char', pwd: 'pwd', roles: []});
+ });
+ // Regression test for SERVER-17125
+ assert.throws(function() {
+ db.getSiblingDB('$external').createUser({user: '', roles: []});
+ });
+
+ assert.eq(1, db.getUsers().length);
+ })();
(function testUpdateUser() {
- jsTestLog("Testing updateUser");
-
- // Must update something
- assert.throws(function() {
- db.updateUser('user1', {});
- });
-
- // Try to grant role that doesn't exist
- assert.throws(function() {
- db.updateUser('user1', {roles: ['fakeRole']});
- });
-
- // Try to update user that doesn't exist
- assert.throws(function() {
- db.updateUser('fakeUser', {roles: ['read']});
- });
-
- // Try to update user with invalid password
- assert.throws(function() {
- db.updateUser('user1', {pwd: ''});
- });
- assert.throws(function() {
- db.updateUser('user1', {pwd: 5});
- });
- assert.throws(function() {
- db.updateUser('user1', {pwd: ['a']});
- });
-
-
- // Try to update user with invalid customData
- assert.throws(function() {
- db.updateUser('user1', {customData: 1});
- });
- assert.throws(function() {
- db.updateUser('user1', {customData: ""});
- });
-
-
- // Try to update with invalid "roles" argument
- assert.throws(function() {
- db.updateUser('user1', {roles: 'read'});
- });
- assert.throws(function() {
- db.updateUser('user1', {roles: ['']});
- });
- assert.throws(function() {
- db.updateUser('user1', {roles: [{}]});
- });
- assert.throws(function() {
- db.updateUser('user1', {roles: [1]});
- });
- assert.throws(function() {
- db.updateUser('user1', {roles: [{role: 'read'}]});
- });
- assert.throws(function() {
- db.updateUser('user1', {roles: [{db: 'test'}]});
- });
- assert.throws(function() {
- db.updateUser('user1', {roles: [{role: '', db:'test'}]});
- });
- assert.throws(function() {
- db.updateUser('user1', {roles: [{role: 'read', db: ''}]});
- });
-
- assert.eq(0, db.getUser('user1').roles.length);
- })();
+ jsTestLog("Testing updateUser");
+
+ // Must update something
+ assert.throws(function() {
+ db.updateUser('user1', {});
+ });
+
+ // Try to grant role that doesn't exist
+ assert.throws(function() {
+ db.updateUser('user1', {roles: ['fakeRole']});
+ });
+
+ // Try to update user that doesn't exist
+ assert.throws(function() {
+ db.updateUser('fakeUser', {roles: ['read']});
+ });
+
+ // Try to update user with invalid password
+ assert.throws(function() {
+ db.updateUser('user1', {pwd: ''});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {pwd: 5});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {pwd: ['a']});
+ });
+
+ // Try to update user with invalid customData
+ assert.throws(function() {
+ db.updateUser('user1', {customData: 1});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {customData: ""});
+ });
+
+ // Try to update with invalid "roles" argument
+ assert.throws(function() {
+ db.updateUser('user1', {roles: 'read'});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {roles: ['']});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {roles: [{}]});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {roles: [1]});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {roles: [{role: 'read'}]});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {roles: [{db: 'test'}]});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {roles: [{role: '', db: 'test'}]});
+ });
+ assert.throws(function() {
+ db.updateUser('user1', {roles: [{role: 'read', db: ''}]});
+ });
+
+ assert.eq(0, db.getUser('user1').roles.length);
+ })();
(function testGrantRolesToUser() {
- jsTestLog("Testing grantRolesToUser");
-
- // Try to grant role that doesn't exist
- assert.throws(function() {
- db.grantRolesToUser('user1', {roles: ['fakeRole']});
- });
-
- // Try to grant to user that doesn't exist
- assert.throws(function() {
- db.grantRolesToUser('fakeUser', {roles: ['read']});
- });
-
- // Must grant something
- assert.throws(function() {
- db.grantRolesToUser('user1', []);
- });
-
- // Try to grant with invalid arguments
- assert.throws(function() {
- db.grantRolesToUser('user1', 1);
- });
- assert.throws(function() {
- db.grantRolesToUser('user1', [{}]);
- });
- assert.throws(function() {
- db.grantRolesToUser('user1', [1]);
- });
- assert.throws(function() {
- db.grantRolesToUser('user1', 'read');
- });
- assert.throws(function() {
- db.grantRolesToUser('user1', [{role: 'read'}]);
- });
- assert.throws(function() {
- db.grantRolesToUser('user1', [{db: 'test'}]);
- });
- assert.throws(function() {
- db.grantRolesToUser('user1', [{role: 'read', db: ''}]);
- });
- assert.throws(function() {
- db.grantRolesToUser('user1', [{role: '', db: 'test'}]);
- });
-
- assert.eq(0, db.getUser('user1').roles.length);
- assert.eq(null, db.getUser('user1').customData);
- // Make sure password didn't change
- assert(new Mongo(db.getMongo().host).getDB(db.getName()).auth('user1', 'pwd'));
- })();
+ jsTestLog("Testing grantRolesToUser");
+
+ // Try to grant role that doesn't exist
+ assert.throws(function() {
+ db.grantRolesToUser('user1', {roles: ['fakeRole']});
+ });
+
+ // Try to grant to user that doesn't exist
+ assert.throws(function() {
+ db.grantRolesToUser('fakeUser', {roles: ['read']});
+ });
+
+ // Must grant something
+ assert.throws(function() {
+ db.grantRolesToUser('user1', []);
+ });
+
+ // Try to grant with invalid arguments
+ assert.throws(function() {
+ db.grantRolesToUser('user1', 1);
+ });
+ assert.throws(function() {
+ db.grantRolesToUser('user1', [{}]);
+ });
+ assert.throws(function() {
+ db.grantRolesToUser('user1', [1]);
+ });
+ assert.throws(function() {
+ db.grantRolesToUser('user1', 'read');
+ });
+ assert.throws(function() {
+ db.grantRolesToUser('user1', [{role: 'read'}]);
+ });
+ assert.throws(function() {
+ db.grantRolesToUser('user1', [{db: 'test'}]);
+ });
+ assert.throws(function() {
+ db.grantRolesToUser('user1', [{role: 'read', db: ''}]);
+ });
+ assert.throws(function() {
+ db.grantRolesToUser('user1', [{role: '', db: 'test'}]);
+ });
+
+ assert.eq(0, db.getUser('user1').roles.length);
+ assert.eq(null, db.getUser('user1').customData);
+ // Make sure password didn't change
+ assert(new Mongo(db.getMongo().host).getDB(db.getName()).auth('user1', 'pwd'));
+ })();
(function testRevokeRolesFromUser() {
- jsTestLog("Testing revokeRolesFromUser");
-
- // Revoking a role the user doesn't have should succeed but do nothing
- db.revokeRolesFromUser('user1', ['read']);
-
- // Try to revoke role that doesn't exist
- assert.throws(function() {
- db.revokeRolesFromUser('user1', {roles: ['fakeRole']});
- });
-
- // Try to revoke from user that doesn't exist
- assert.throws(function() {
- db.revokeRolesFromUser('fakeUser', {roles: ['read']});
- });
-
- // Must revoke something
- assert.throws(function() {
- db.revokeRolesFromUser('user1', []);
- });
-
- // Try to revoke with invalid arguments
- assert.throws(function() {
- db.revokeRolesFromUser('user1', 1);
- });
- assert.throws(function() {
- db.revokeRolesFromUser('user1', [{}]);
- });
- assert.throws(function() {
- db.revokeRolesFromUser('user1', [1]);
- });
- assert.throws(function() {
- db.revokeRolesFromUser('user1', 'read');
- });
- assert.throws(function() {
- db.revokeRolesFromUser('user1', [{role: 'read'}]);
- });
- assert.throws(function() {
- db.revokeRolesFromUser('user1', [{db: 'test'}]);
- });
- assert.throws(function() {
- db.revokeRolesFromUser('user1', [{role: 'read', db: ''}]);
- });
- assert.throws(function() {
- db.revokeRolesFromUser('user1', [{role: '', db: 'test'}]);
- });
-
- assert.eq(0, db.getUser('user1').roles.length);
- })();
+ jsTestLog("Testing revokeRolesFromUser");
+
+ // Revoking a role the user doesn't have should succeed but do nothing
+ db.revokeRolesFromUser('user1', ['read']);
+
+ // Try to revoke role that doesn't exist
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', {roles: ['fakeRole']});
+ });
+
+ // Try to revoke from user that doesn't exist
+ assert.throws(function() {
+ db.revokeRolesFromUser('fakeUser', {roles: ['read']});
+ });
+
+ // Must revoke something
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', []);
+ });
+
+ // Try to revoke with invalid arguments
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', 1);
+ });
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', [{}]);
+ });
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', [1]);
+ });
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', 'read');
+ });
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', [{role: 'read'}]);
+ });
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', [{db: 'test'}]);
+ });
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', [{role: 'read', db: ''}]);
+ });
+ assert.throws(function() {
+ db.revokeRolesFromUser('user1', [{role: '', db: 'test'}]);
+ });
+
+ assert.eq(0, db.getUser('user1').roles.length);
+ })();
(function testUsersInfo() {
- jsTestLog("Testing usersInfo");
+ jsTestLog("Testing usersInfo");
- // Try to get user that does not exist
- assert.eq(null, db.getUser('fakeUser'));
+ // Try to get user that does not exist
+ assert.eq(null, db.getUser('fakeUser'));
- // Pass wrong type for user name
- assert.throws(function() {
- db.getUser(5);
- });
+ // Pass wrong type for user name
+ assert.throws(function() {
+ db.getUser(5);
+ });
- assert.throws(function() {
- db.getUser([]);
- });
+ assert.throws(function() {
+ db.getUser([]);
+ });
- assert.throws(function() {
- db.getUser(['user1']);
- });
+ assert.throws(function() {
+ db.getUser(['user1']);
+ });
- })();
+ })();
(function testDropUser() {
- jsTestLog("Testing dropUser");
+ jsTestLog("Testing dropUser");
- // Try to drop a user that doesn't exist
- // Should not error but should do nothing
- assert.doesNotThrow(function() {
- db.dropUser('fakeUser');
- });
+ // Try to drop a user that doesn't exist
+ // Should not error but should do nothing
+ assert.doesNotThrow(function() {
+ db.dropUser('fakeUser');
+ });
- assert.eq(1, db.getUsers().length);
- })();
+ assert.eq(1, db.getUsers().length);
+ })();
// dropAllUsersFromDatabase ignores its arguments, so there's nothing to test for it.
}
jsTest.log('Test standalone');
-var conn = MongoRunner.runMongod({ auth: '' });
-conn.getDB('admin').runCommand({setParameter:1, newCollectionsUsePowerOf2Sizes: false});
+var conn = MongoRunner.runMongod({auth: ''});
+conn.getDB('admin').runCommand({setParameter: 1, newCollectionsUsePowerOf2Sizes: false});
runTest(conn);
MongoRunner.stopMongod(conn.port);
jsTest.log('Test sharding');
-var st = new ShardingTest({ shards: 2, config: 3, keyFile: 'jstests/libs/key1' });
+var st = new ShardingTest({shards: 2, config: 3, keyFile: 'jstests/libs/key1'});
runTest(st.s);
st.stop();
View Lorry Controller Status