summaryrefslogtreecommitdiff
path: root/jstests/auth/secondary_invalidation.js
blob: 4809c3c30fc25bbd83d319b4b3d79e1ebd2e72ff (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

/**
 * Test that user modifications on replica set primaries 
 * will invalidate cached user credentials on secondaries
 */

var NUM_NODES = 3;
var rsTest = new ReplSetTest({ nodes: NUM_NODES });
rsTest.startSet({ oplogSize: 10, keyFile: 'jstests/libs/key1' });
rsTest.initiate();
rsTest.awaitSecondaryNodes();

var primary = rsTest.getPrimary();
var secondary = rsTest.getSecondary();
var admin = primary.getDB('admin');

// Setup initial data
admin.createUser({ user:'admin', pwd: 'password', roles: jsTest.adminUserRoles });
admin.auth('admin', 'password');

primary.getDB('foo').createUser({ user: 'foo', pwd: 'foopwd', roles: [] },
                                  { w: NUM_NODES });

secondaryFoo = secondary.getDB('foo');
secondaryFoo.auth('foo', 'foopwd');
assert.throws(function (){secondaryFoo.col.findOne();}, [], "Secondary read worked without permissions");

primary.getDB('foo').updateUser('foo', {roles: jsTest.basicUserRoles}, { w: NUM_NODES });
assert.doesNotThrow(function (){secondaryFoo.col.findOne();}, [], "Secondary read did not work with permissions");

rsTest.stopSet();
View Lorry Controller Status