summaryrefslogtreecommitdiff
path: root/jstests/auth/autocomplete_auth.js
blob: c0057bf1e5224ff2d17da9b444664247a3fdc98e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
/**
 * Tests that when a user who lacks the listCollections privilege types 'db.<tab>' in the shell,
 * autocompletion shows the collections on which she has permissions.
 *
 * @tags: [
 *   assumes_superuser_permissions,
 *   assumes_write_concern_unchanged,
 *   creates_and_authenticates_user,
 *   requires_auth,
 *   requires_non_retryable_commands,
 * ]
 */

// Get shell's global scope.
const self = this;

(function() {
    'use strict';

    const testName = jsTest.name();
    const conn = MongoRunner.runMongod({auth: ''});
    const admin = conn.getDB('admin');
    admin.createUser({user: 'admin', pwd: 'pass', roles: jsTest.adminUserRoles});
    assert(admin.auth('admin', 'pass'));

    admin.getSiblingDB(testName).createRole({
        role: 'coachTicket',
        privileges: [{resource: {db: testName, collection: 'coachClass'}, actions: ['find']}],
        roles: []
    });

    admin.getSiblingDB(testName).createUser(
        {user: 'coachPassenger', pwd: 'password', roles: ['coachTicket']});

    const testDB = conn.getDB(testName);
    testDB.coachClass.insertOne({});
    testDB.businessClass.insertOne({});

    // Must use 'db' to test autocompletion.
    self.db = new Mongo(conn.host).getDB(testName);
    assert(db.auth('coachPassenger', 'password'));
    const authzErrorCode = 13;
    assert.commandFailedWithCode(db.runCommand({listCollections: 1}), authzErrorCode);
    assert.commandWorked(db.runCommand({find: 'coachClass'}));
    assert.commandFailedWithCode(db.runCommand({find: 'businessClass'}), authzErrorCode);
    shellAutocomplete('db.');
    assert(__autocomplete__.includes('db.coachClass'),
           `Completions should include 'coachClass': ${__autocomplete__}`);
    assert(!__autocomplete__.includes('db.businessClass'),
           `Completions should NOT include 'businessClass': ${__autocomplete__}`);
    MongoRunner.stopMongod(conn);
})();