1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
(function() {
'use strict';
const runTest = function(conn, failPointConn) {
jsTestLog("Setting up users");
const db = conn.getDB("admin");
assert.commandWorked(
db.runCommand({createUser: "admin", pwd: "pwd", roles: jsTest.adminUserRoles}));
assert.eq(db.auth("admin", "pwd"), 1);
assert.commandWorked(db.runCommand({createUser: "testuser", pwd: "pwd", roles: []}));
db.grantRolesToUser("testuser", [{role: "readWrite", db: "test"}]);
assert.commandWorked(db.getSiblingDB("test").test.insert({}));
jsTestLog("blocking finds and starting parallel shell to create op");
assert.commandWorked(failPointConn.getDB("admin").runCommand(
{configureFailPoint: "waitInFindBeforeMakingBatch", mode: "alwaysOn"}));
let finderWait = startParallelShell(function() {
assert.eq(db.getSiblingDB("admin").auth("testuser", "pwd"), 1);
let testDB = db.getSiblingDB("test");
assert.eq(testDB.test.find({}).comment("curop_auth_info.js query").itcount(), 1);
}, conn.port);
let myOp;
assert.soon(function() {
const curOpResults = assert.commandWorked(db.runCommand({currentOp: 1}));
print(tojson(curOpResults));
const myOps = curOpResults["inprog"].filter((op) => {
return (op["command"]["comment"] == "curop_auth_info.js query");
});
if (myOps.length == 0) {
return false;
}
myOp = myOps[0];
return true;
});
jsTestLog("found op");
assert.commandWorked(failPointConn.getDB("admin").runCommand(
{configureFailPoint: "waitInFindBeforeMakingBatch", mode: "off"}));
finderWait();
const authedUsers = myOp["effectiveUsers"];
const impersonators = myOp["runBy"];
print(tojson(authedUsers), tojson(impersonators));
if (impersonators) {
assert.eq(authedUsers.length, 1);
assert.docEq(authedUsers[0], {user: "testuser", db: "admin"});
assert(impersonators);
assert.eq(impersonators.length, 1);
assert.docEq(impersonators[0], {user: "__system", db: "local"});
} else {
assert(authedUsers);
assert.eq(authedUsers.length, 1);
assert.docEq(authedUsers[0], {user: "testuser", db: "admin"});
}
};
const m = MongoRunner.runMongod();
runTest(m, m);
MongoRunner.stopMongod(m);
const st = new ShardingTest({shards: 1, mongos: 1, config: 1, keyFile: 'jstests/libs/key1'});
runTest(st.s0, st.shard0);
st.stop();
})();
|