jstests/sharding/authwhere.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

// Verify that a user with read access to database "test" cannot access database "test2" via a where
// clause.

(function() {

    //
    // User document declarations.  All users in this test are added to the admin database.
    //

    var adminUser = {
        user: "admin",
        pwd: "a",
        roles:
            ["readWriteAnyDatabase", "dbAdminAnyDatabase", "userAdminAnyDatabase", "clusterAdmin"]
    };

    var test1Reader = {
        user: "test",
        pwd: "a",
        roles: [{role: 'read', db: 'test1', hasRole: true, canDelegate: false}]
    };

    function assertRemove(collection, pattern) {
        assert.writeOK(collection.remove(pattern));
    }

    function assertInsert(collection, obj) {
        assert.writeOK(collection.insert(obj));
    }

    var cluster = new ShardingTest({
        name: "authwhere",
        shards: 1,
        mongos: 1,
        other: {extraOptions: {keyFile: "jstests/libs/key1"}}
    });

    // Set up the test data.
    (function() {
        var adminDB = cluster.getDB('admin');
        var test1DB = adminDB.getSiblingDB('test1');
        var test2DB = adminDB.getSiblingDB('test2');
        var ex;
        try {
            adminDB.createUser(adminUser);
            assert(adminDB.auth(adminUser.user, adminUser.pwd));

            adminDB.dropUser(test1Reader.user);
            adminDB.createUser(test1Reader);

            assertInsert(test1DB.foo, {a: 1});
            assertInsert(test2DB.foo, {x: 1});
        } finally {
            adminDB.logout();
        }
    }());

    (function() {
        var adminDB = cluster.getDB('admin');
        var test1DB;
        var test2DB;
        assert(adminDB.auth(test1Reader.user, test1Reader.pwd));
        try {
            test1DB = adminDB.getSiblingDB("test1");
            test2DB = adminDB.getSiblingDB("test2");

            // Sanity check.  test1Reader can count (read) test1, but not test2.
            assert.eq(test1DB.foo.count(), 1);
            assert.throws(test2DB.foo.count);

            // Cannot examine second database from a where clause.
            assert.throws(test1DB.foo.count, ["db.getSiblingDB('test2').foo.count() == 1"]);

            // Cannot write test1 via tricky where clause.
            assert.throws(test1DB.foo.count, ["db.foo.insert({b: 1})"]);
            assert.eq(test1DB.foo.count(), 1);
        } finally {
            adminDB.logout();
        }
    }());

})();