summaryrefslogtreecommitdiff
path: root/jstests/auth/curop_auth_info.js
blob: 3092893394151978fb0dfad3ac2859cd0ed840aa (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

(function() {
'use strict';

const runTest = function(conn, failPointConn) {
    jsTestLog("Setting up users");
    const db = conn.getDB("admin");
    assert.commandWorked(
        db.runCommand({createUser: "admin", pwd: "pwd", roles: jsTest.adminUserRoles}));
    assert.eq(db.auth("admin", "pwd"), 1);
    assert.commandWorked(db.runCommand({createUser: "testuser", pwd: "pwd", roles: []}));
    db.grantRolesToUser("testuser", [{role: "readWrite", db: "test"}]);

    assert.commandWorked(db.getSiblingDB("test").test.insert({}));

    jsTestLog("blocking finds and starting parallel shell to create op");
    assert.commandWorked(failPointConn.getDB("admin").runCommand(
        {configureFailPoint: "waitInFindBeforeMakingBatch", mode: "alwaysOn"}));
    let finderWait = startParallelShell(function() {
        assert.eq(db.getSiblingDB("admin").auth("testuser", "pwd"), 1);
        let testDB = db.getSiblingDB("test");
        assert.eq(testDB.test.find({}).comment("curop_auth_info.js query").itcount(), 1);
    }, conn.port);

    let myOp;
    assert.soon(function() {
        const curOpResults = assert.commandWorked(db.runCommand({currentOp: 1}));
        print(tojson(curOpResults));
        const myOps = curOpResults["inprog"].filter((op) => {
            return (op["command"]["comment"] == "curop_auth_info.js query");
        });

        if (myOps.length == 0) {
            return false;
        }
        myOp = myOps[0];
        return true;
    });

    jsTestLog("found op");
    assert.commandWorked(failPointConn.getDB("admin").runCommand(
        {configureFailPoint: "waitInFindBeforeMakingBatch", mode: "off"}));
    finderWait();

    const authedUsers = myOp["effectiveUsers"];
    const impersonators = myOp["runBy"];
    print(tojson(authedUsers), tojson(impersonators));
    if (impersonators) {
        assert.eq(authedUsers.length, 1);
        assert.docEq(authedUsers[0], {user: "testuser", db: "admin"});
        assert(impersonators);
        assert.eq(impersonators.length, 1);
        assert.docEq(impersonators[0], {user: "__system", db: "local"});
    } else {
        assert(authedUsers);
        assert.eq(authedUsers.length, 1);
        assert.docEq(authedUsers[0], {user: "testuser", db: "admin"});
    }
};

const m = MongoRunner.runMongod();
runTest(m, m);
MongoRunner.stopMongod(m);

if (jsTestOptions().storageEngine != "inMemory") {
    const st = new ShardingTest({shards: 1, mongos: 1, config: 1, keyFile: 'jstests/libs/key1'});
    runTest(st.s0, st.shard0);
    st.stop();
}
})();
View Lorry Controller Status