1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
// Auth tests for the $listLocalSessions {allUsers:true} aggregation stage.
(function() {
'use strict';
load('jstests/aggregation/extras/utils.js');
function runListAllLocalSessionsTest(mongod) {
assert(mongod);
const admin = mongod.getDB("admin");
const db = mongod.getDB("test");
const pipeline = [{'$listLocalSessions': {allUsers: true}}];
function listAllLocalSessions() {
return admin.aggregate(pipeline);
}
admin.createUser({user: 'admin', pwd: 'pass', roles: jsTest.adminUserRoles});
assert(admin.auth('admin', 'pass'));
db.createUser({user: 'user1', pwd: 'pass', roles: jsTest.basicUserRoles});
admin.logout();
// Shouldn't be able to listLocalSessions when not logged in.
assertErrorCode(admin, pipeline, ErrorCodes.Unauthorized);
// Start a new session and capture its sessionId.
assert(db.auth('user1', 'pass'));
const myid = assert.commandWorked(db.runCommand({startSession: 1})).id.id;
assert(myid !== undefined);
// Ensure that a normal user can NOT listAllLocalSessions to view their session.
assertErrorCode(admin, pipeline, ErrorCodes.Unauthorized);
db.logout();
// Ensure that the cache now contains the session and is visible by admin.
assert(admin.auth('admin', 'pass'));
const resultArray = assert.doesNotThrow(listAllLocalSessions).toArray();
assert.eq(resultArray.length, 1);
const cacheid = resultArray[0]._id.id;
assert(cacheid !== undefined);
assert.eq(0, bsonWoCompare({x: cacheid}, {x: myid}));
}
const mongod = MongoRunner.runMongod({auth: ""});
runListAllLocalSessionsTest(mongod);
MongoRunner.stopMongod(mongod);
// TODO: Remove 'shardAsReplicaSet: false' when SERVER-32672 is fixed.
const st = new ShardingTest({
shards: 1,
mongos: 1,
config: 1,
other: {keyFile: 'jstests/libs/key1', shardAsReplicaSet: false}
});
runListAllLocalSessionsTest(st.s0);
st.stop();
})();
|