summaryrefslogtreecommitdiff
path: root/src/mongo/db/auth/authorization_session_test.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/mongo/db/auth/authorization_session_test.cpp')
-rw-r--r--src/mongo/db/auth/authorization_session_test.cpp103
1 files changed, 28 insertions, 75 deletions
diff --git a/src/mongo/db/auth/authorization_session_test.cpp b/src/mongo/db/auth/authorization_session_test.cpp
index 09476aca817..a8b51dc3137 100644
--- a/src/mongo/db/auth/authorization_session_test.cpp
+++ b/src/mongo/db/auth/authorization_session_test.cpp
@@ -179,9 +179,7 @@ TEST_F(AuthorizationSessionTest, AddUserAndCheckAuthorization) {
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "readWrite"
<< "db"
@@ -207,9 +205,7 @@ TEST_F(AuthorizationSessionTest, AddUserAndCheckAuthorization) {
<< "admin"
<< "db"
<< "admin"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "readWriteAnyDatabase"
<< "db"
@@ -253,9 +249,7 @@ TEST_F(AuthorizationSessionTest, DuplicateRolesOK) {
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "readWrite"
<< "db"
@@ -285,9 +279,7 @@ TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) {
<< "rw"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "readWrite"
<< "db"
@@ -302,9 +294,7 @@ TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) {
<< "useradmin"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "userAdmin"
<< "db"
@@ -316,9 +306,7 @@ TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) {
<< "rwany"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "readWriteAnyDatabase"
<< "db"
@@ -334,9 +322,7 @@ TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) {
<< "useradminany"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "userAdminAnyDatabase"
<< "db"
@@ -413,9 +399,7 @@ TEST_F(AuthorizationSessionTest, InvalidateUser) {
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "readWrite"
<< "db"
@@ -445,9 +429,7 @@ TEST_F(AuthorizationSessionTest, InvalidateUser) {
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "read"
<< "db"
@@ -490,9 +472,7 @@ TEST_F(AuthorizationSessionTest, UseOldUserInfoInFaceOfConnectivityProblems) {
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "readWrite"
<< "db"
@@ -523,9 +503,7 @@ TEST_F(AuthorizationSessionTest, UseOldUserInfoInFaceOfConnectivityProblems) {
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "read"
<< "db"
@@ -559,9 +537,7 @@ TEST_F(AuthorizationSessionTest, AcquireUserObtainsAndValidatesAuthenticationRes
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSON_ARRAY(BSON("role"
<< "readWrite"
<< "db"
@@ -569,8 +545,7 @@ TEST_F(AuthorizationSessionTest, AcquireUserObtainsAndValidatesAuthenticationRes
<< "authenticationRestrictions"
<< BSON_ARRAY(BSON("clientSource" << BSON_ARRAY("192.168.0.0/24"
<< "192.168.2.10")
- << "serverAddress"
- << BSON_ARRAY("192.168.0.2"))
+ << "serverAddress" << BSON_ARRAY("192.168.0.2"))
<< BSON("clientSource" << BSON_ARRAY("2001:DB8::1") << "serverAddress"
<< BSON_ARRAY("2001:DB8::2"))
<< BSON("clientSource" << BSON_ARRAY("127.0.0.1"
@@ -912,11 +887,9 @@ TEST_F(AuthorizationSessionTest, CanAggregateOutWithInsertAndRemoveOnTargetNames
uassertStatusOK(authzSession->getPrivilegesForAggregate(testFooNss, cmdObj, false));
ASSERT_TRUE(authzSession->isAuthorizedForPrivileges(privileges));
- BSONObj cmdObjNoBypassDocumentValidation = BSON(
- "aggregate" << testFooNss.coll() << "pipeline" << pipeline << "bypassDocumentValidation"
- << false
- << "cursor"
- << BSONObj());
+ BSONObj cmdObjNoBypassDocumentValidation =
+ BSON("aggregate" << testFooNss.coll() << "pipeline" << pipeline
+ << "bypassDocumentValidation" << false << "cursor" << BSONObj());
privileges = uassertStatusOK(authzSession->getPrivilegesForAggregate(
testFooNss, cmdObjNoBypassDocumentValidation, false));
ASSERT_TRUE(authzSession->isAuthorizedForPrivileges(privileges));
@@ -929,10 +902,8 @@ TEST_F(AuthorizationSessionTest,
Privilege(testBarCollResource, {ActionType::insert, ActionType::remove})});
BSONArray pipeline = BSON_ARRAY(BSON("$out" << testBarNss.coll()));
- BSONObj cmdObj =
- BSON("aggregate" << testFooNss.coll() << "pipeline" << pipeline << "cursor" << BSONObj()
- << "bypassDocumentValidation"
- << true);
+ BSONObj cmdObj = BSON("aggregate" << testFooNss.coll() << "pipeline" << pipeline << "cursor"
+ << BSONObj() << "bypassDocumentValidation" << true);
PrivilegeVector privileges =
uassertStatusOK(authzSession->getPrivilegesForAggregate(testFooNss, cmdObj, false));
ASSERT_FALSE(authzSession->isAuthorizedForPrivileges(privileges));
@@ -947,10 +918,8 @@ TEST_F(AuthorizationSessionTest,
{ActionType::insert, ActionType::remove, ActionType::bypassDocumentValidation})});
BSONArray pipeline = BSON_ARRAY(BSON("$out" << testBarNss.coll()));
- BSONObj cmdObj =
- BSON("aggregate" << testFooNss.coll() << "pipeline" << pipeline << "cursor" << BSONObj()
- << "bypassDocumentValidation"
- << true);
+ BSONObj cmdObj = BSON("aggregate" << testFooNss.coll() << "pipeline" << pipeline << "cursor"
+ << BSONObj() << "bypassDocumentValidation" << true);
PrivilegeVector privileges =
uassertStatusOK(authzSession->getPrivilegesForAggregate(testFooNss, cmdObj, true));
ASSERT_TRUE(authzSession->isAuthorizedForPrivileges(privileges));
@@ -1145,9 +1114,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsNotCoauthorizedWithEmptyUser
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSONArray()),
BSONObj()));
ASSERT_OK(authzSession->addAndAuthorizeUser(_opCtx.get(), UserName("spencer", "test")));
@@ -1164,9 +1131,7 @@ TEST_F(AuthorizationSessionTest,
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSONArray()),
BSONObj()));
ASSERT_OK(authzSession->addAndAuthorizeUser(_opCtx.get(), UserName("spencer", "test")));
@@ -1181,9 +1146,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsCoauthorizedWithIntersecting
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSONArray()),
BSONObj()));
ASSERT_OK(managerState->insertPrivilegeDocument(_opCtx.get(),
@@ -1191,9 +1154,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsCoauthorizedWithIntersecting
<< "admin"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSONArray()),
BSONObj()));
ASSERT_OK(authzSession->addAndAuthorizeUser(_opCtx.get(), UserName("spencer", "test")));
@@ -1211,9 +1172,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsNotCoauthorizedWithNoninters
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSONArray()),
BSONObj()));
ASSERT_OK(managerState->insertPrivilegeDocument(_opCtx.get(),
@@ -1221,9 +1180,7 @@ TEST_F(AuthorizationSessionTest, AuthorizedSessionIsNotCoauthorizedWithNoninters
<< "admin"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSONArray()),
BSONObj()));
ASSERT_OK(authzSession->addAndAuthorizeUser(_opCtx.get(), UserName("spencer", "test")));
@@ -1242,9 +1199,7 @@ TEST_F(AuthorizationSessionTest,
<< "spencer"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSONArray()),
BSONObj()));
ASSERT_OK(managerState->insertPrivilegeDocument(_opCtx.get(),
@@ -1252,9 +1207,7 @@ TEST_F(AuthorizationSessionTest,
<< "admin"
<< "db"
<< "test"
- << "credentials"
- << credentials
- << "roles"
+ << "credentials" << credentials << "roles"
<< BSONArray()),
BSONObj()));
ASSERT_OK(authzSession->addAndAuthorizeUser(_opCtx.get(), UserName("spencer", "test")));
View Lorry Controller Status