1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
// @tags: [
// assumes_superuser_permissions,
// assumes_write_concern_unchanged,
// creates_and_authenticates_user,
// requires_auth,
// requires_non_retryable_commands,
// ]
var mydb = db.getSiblingDB('auth1_db');
mydb.dropAllUsers();
pass = "a" + Math.random();
// print( "password [" + pass + "]" );
mydb.createUser({user: "eliot", pwd: pass, roles: jsTest.basicUserRoles});
assert(mydb.auth("eliot", pass), "auth failed");
assert(!mydb.auth("eliot", pass + "a"), "auth should have failed");
pass2 = "b" + Math.random();
mydb.changeUserPassword("eliot", pass2);
assert(!mydb.auth("eliot", pass), "failed to change password failed");
assert(mydb.auth("eliot", pass2), "new password didn't take");
assert(mydb.auth("eliot", pass2), "what?");
mydb.dropUser("eliot");
assert(!mydb.auth("eliot", pass2), "didn't drop user");
var a = mydb.getMongo().getDB("admin");
a.dropAllUsers();
pass = "c" + Math.random();
a.createUser({user: "super", pwd: pass, roles: jsTest.adminUserRoles});
assert(a.auth("super", pass), "auth failed");
assert(!a.auth("super", pass + "a"), "auth should have failed");
mydb.dropAllUsers();
pass = "a" + Math.random();
mydb.createUser({user: "eliot", pwd: pass, roles: jsTest.basicUserRoles});
assert.commandFailed(mydb.runCommand({authenticate: 1, user: "eliot", nonce: "foo", key: "bar"}));
// check sanity check SERVER-3003
var before = a.system.users.count({db: mydb.getName()});
assert.throws(function() {
mydb.createUser({user: "", pwd: "abc", roles: jsTest.basicUserRoles});
}, [], "C1");
assert.throws(function() {
mydb.createUser({user: "abc", pwd: "", roles: jsTest.basicUserRoles});
}, [], "C2");
var after = a.system.users.count({db: mydb.getName()});
assert(before > 0, "C3");
assert.eq(before, after, "C4");
// Clean up after ourselves so other tests using authentication don't get messed up.
mydb.dropAllUsers();
|