summaryrefslogtreecommitdiff
path: root/jstests/tool/dumprestore_auth2.js
diff options
context:
space:
mode:
Diffstat (limited to 'jstests/tool/dumprestore_auth2.js')
-rw-r--r--jstests/tool/dumprestore_auth2.js216
1 files changed, 112 insertions, 104 deletions
diff --git a/jstests/tool/dumprestore_auth2.js b/jstests/tool/dumprestore_auth2.js
index 4d410d34ca9..275b47ceac6 100644
--- a/jstests/tool/dumprestore_auth2.js
+++ b/jstests/tool/dumprestore_auth2.js
@@ -4,110 +4,118 @@
var dumpRestoreAuth2 = function(backup_role, restore_role) {
- t = new ToolTest("dumprestore_auth2", {auth: ""});
-
- coll = t.startDB("foo");
- admindb = coll.getDB().getSiblingDB("admin");
-
- // Create the relevant users and roles.
- admindb.createUser({user: "root", pwd: "pass", roles: ["root"]});
- admindb.auth("root", "pass");
-
- admindb.createUser({user: "backup", pwd: "pass", roles: [backup_role]});
- admindb.createUser({user: "restore", pwd: "pass", roles: [restore_role]});
-
- admindb.createRole({role: "customRole",
- privileges:[{resource: {db: "jstests_tool_dumprestore_auth2",
- collection: "foo"},
- actions: ["find"]}],
- roles:[]});
- admindb.createUser({user: "test", pwd: "pass", roles: ["customRole"]});
-
- coll.insert({word: "tomato"});
- assert.eq(1, coll.count());
-
- assert.eq(4, admindb.system.users.count(), "setup users");
- assert.eq(2, admindb.system.users.getIndexes().length,
- "setup2: " + tojson( admindb.system.users.getIndexes() ) );
- assert.eq(1, admindb.system.roles.count(), "setup3");
- assert.eq(2, admindb.system.roles.getIndexes().length, "setup4");
- assert.eq(1, admindb.system.version.count());
- var versionDoc = admindb.system.version.findOne();
-
- // Logout root user.
- admindb.logout();
-
- // Verify that the custom role works as expected.
- admindb.auth("test", "pass");
- assert.eq("tomato", coll.findOne().word);
- admindb.logout();
-
- // Dump the database.
- t.runTool("dump", "--out", t.ext, "--username", "backup", "--password", "pass");
-
- // Drop the relevant data in the database.
- admindb.auth("root", "pass");
- coll.getDB().dropDatabase();
- admindb.dropUser("backup");
- admindb.dropUser("test");
- admindb.dropRole("customRole");
-
- assert.eq(2, admindb.system.users.count(), "didn't drop backup and test users");
- assert.eq(0, admindb.system.roles.count(), "didn't drop roles");
- assert.eq(0, coll.count(), "didn't drop foo coll");
-
- // This test depends on W=0 to mask unique index violations.
- // This should be fixed once we implement TOOLS-341
- t.runTool("restore",
- "--dir", t.ext,
- "--username", "restore",
- "--password", "pass",
- "--writeConcern", "0");
-
- assert.soon("admindb.system.users.findOne()", "no data after restore");
- assert.eq(4, admindb.system.users.count(), "didn't restore users");
- assert.eq(2, admindb.system.users.getIndexes().length,
- "didn't restore user indexes");
- assert.eq(1, admindb.system.roles.find({role:'customRole'}).count(), "didn't restore roles");
- assert.eq(2, admindb.system.roles.getIndexes().length,
- "didn't restore role indexes");
-
- admindb.logout();
-
- // Login as user with customRole to verify privileges are restored.
- admindb.auth("test", "pass");
- assert.eq("tomato", coll.findOne().word);
- admindb.logout();
-
- admindb.auth("root", "pass");
- admindb.createUser({user: "root2", pwd: "pass", roles: ["root"]});
- admindb.dropRole("customRole");
- admindb.createRole({role: "customRole2", roles: [], privileges:[]});
- admindb.dropUser("root");
- admindb.logout();
-
- t.runTool("restore",
- "--dir", t.ext,
- "--username", "restore",
- "--password", "pass",
- "--drop",
- "--writeConcern", "0");
-
- admindb.auth("root", "pass");
- assert.soon("1 == admindb.system.users.find({user:'root'}).count()", "didn't restore users 2");
- assert.eq(0, admindb.system.users.find({user:'root2'}).count(), "didn't drop users");
- assert.eq(0, admindb.system.roles.find({role:'customRole2'}).count(), "didn't drop roles");
- assert.eq(1, admindb.system.roles.find({role:'customRole'}).count(), "didn't restore roles");
- assert.eq(2, admindb.system.users.getIndexes().length,
- "didn't maintain user indexes");
- assert.eq(2, admindb.system.roles.getIndexes().length,
- "didn't maintain role indexes");
- assert.eq(1, admindb.system.version.count(), "didn't restore version");
- assert.docEq(versionDoc, admindb.system.version.findOne(),
- "version doc wasn't restored properly");
- admindb.logout();
-
- t.stop();
+ t = new ToolTest("dumprestore_auth2", {auth: ""});
+
+ coll = t.startDB("foo");
+ admindb = coll.getDB().getSiblingDB("admin");
+
+ // Create the relevant users and roles.
+ admindb.createUser({user: "root", pwd: "pass", roles: ["root"]});
+ admindb.auth("root", "pass");
+
+ admindb.createUser({user: "backup", pwd: "pass", roles: [backup_role]});
+ admindb.createUser({user: "restore", pwd: "pass", roles: [restore_role]});
+
+ admindb.createRole({
+ role: "customRole",
+ privileges: [{
+ resource: {db: "jstests_tool_dumprestore_auth2", collection: "foo"},
+ actions: ["find"]
+ }],
+ roles: []
+ });
+ admindb.createUser({user: "test", pwd: "pass", roles: ["customRole"]});
+
+ coll.insert({word: "tomato"});
+ assert.eq(1, coll.count());
+
+ assert.eq(4, admindb.system.users.count(), "setup users");
+ assert.eq(2,
+ admindb.system.users.getIndexes().length,
+ "setup2: " + tojson(admindb.system.users.getIndexes()));
+ assert.eq(1, admindb.system.roles.count(), "setup3");
+ assert.eq(2, admindb.system.roles.getIndexes().length, "setup4");
+ assert.eq(1, admindb.system.version.count());
+ var versionDoc = admindb.system.version.findOne();
+
+ // Logout root user.
+ admindb.logout();
+
+ // Verify that the custom role works as expected.
+ admindb.auth("test", "pass");
+ assert.eq("tomato", coll.findOne().word);
+ admindb.logout();
+
+ // Dump the database.
+ t.runTool("dump", "--out", t.ext, "--username", "backup", "--password", "pass");
+
+ // Drop the relevant data in the database.
+ admindb.auth("root", "pass");
+ coll.getDB().dropDatabase();
+ admindb.dropUser("backup");
+ admindb.dropUser("test");
+ admindb.dropRole("customRole");
+
+ assert.eq(2, admindb.system.users.count(), "didn't drop backup and test users");
+ assert.eq(0, admindb.system.roles.count(), "didn't drop roles");
+ assert.eq(0, coll.count(), "didn't drop foo coll");
+
+ // This test depends on W=0 to mask unique index violations.
+ // This should be fixed once we implement TOOLS-341
+ t.runTool("restore",
+ "--dir",
+ t.ext,
+ "--username",
+ "restore",
+ "--password",
+ "pass",
+ "--writeConcern",
+ "0");
+
+ assert.soon("admindb.system.users.findOne()", "no data after restore");
+ assert.eq(4, admindb.system.users.count(), "didn't restore users");
+ assert.eq(2, admindb.system.users.getIndexes().length, "didn't restore user indexes");
+ assert.eq(1, admindb.system.roles.find({role: 'customRole'}).count(), "didn't restore roles");
+ assert.eq(2, admindb.system.roles.getIndexes().length, "didn't restore role indexes");
+
+ admindb.logout();
+
+ // Login as user with customRole to verify privileges are restored.
+ admindb.auth("test", "pass");
+ assert.eq("tomato", coll.findOne().word);
+ admindb.logout();
+
+ admindb.auth("root", "pass");
+ admindb.createUser({user: "root2", pwd: "pass", roles: ["root"]});
+ admindb.dropRole("customRole");
+ admindb.createRole({role: "customRole2", roles: [], privileges: []});
+ admindb.dropUser("root");
+ admindb.logout();
+
+ t.runTool("restore",
+ "--dir",
+ t.ext,
+ "--username",
+ "restore",
+ "--password",
+ "pass",
+ "--drop",
+ "--writeConcern",
+ "0");
+
+ admindb.auth("root", "pass");
+ assert.soon("1 == admindb.system.users.find({user:'root'}).count()", "didn't restore users 2");
+ assert.eq(0, admindb.system.users.find({user: 'root2'}).count(), "didn't drop users");
+ assert.eq(0, admindb.system.roles.find({role: 'customRole2'}).count(), "didn't drop roles");
+ assert.eq(1, admindb.system.roles.find({role: 'customRole'}).count(), "didn't restore roles");
+ assert.eq(2, admindb.system.users.getIndexes().length, "didn't maintain user indexes");
+ assert.eq(2, admindb.system.roles.getIndexes().length, "didn't maintain role indexes");
+ assert.eq(1, admindb.system.version.count(), "didn't restore version");
+ assert.docEq(
+ versionDoc, admindb.system.version.findOne(), "version doc wasn't restored properly");
+ admindb.logout();
+
+ t.stop();
};
View Lorry Controller Status