1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
/* SERVER-4972
* Test for mongorestore on server with --auth allows restore without credentials of colls
* with no index
*/
/*
* 1) Start mongo without auth.
* 2) Write to collection
* 3) Take dump of the collection using mongodump.
* 4) Drop the collection.
* 5) Stop mongod from step 1.
* 6) Restart mongod with auth.
* 7) Add admin user to kick authentication
* 8) Try restore without auth credentials. The restore should fail
* 9) Try restore with correct auth credentials. The restore should succeed this time.
*/
baseName = "jstests_restorewithauth";
var conn = MongoRunner.runMongod({nojournal: "", bind_ip: "127.0.0.1"});
// write to ns foo.bar
var foo = conn.getDB("foo");
for (var i = 0; i < 4; i++) {
foo["bar"].save({"x": i});
foo["baz"].save({"x": i});
}
// make sure the collection exists
var collNames = foo.getCollectionNames();
assert.neq(-1, collNames.indexOf("bar"), "bar collection doesn't exist");
// make sure it has no index except _id
assert.eq(foo.bar.getIndexes().length, 1);
assert.eq(foo.baz.getIndexes().length, 1);
foo.bar.createIndex({x: 1});
assert.eq(foo.bar.getIndexes().length, 2);
assert.eq(foo.baz.getIndexes().length, 1);
// get data dump
var dumpdir = MongoRunner.dataDir + "/restorewithauth-dump1/";
resetDbpath(dumpdir);
x = runMongoProgram("mongodump", "--db", "foo", "-h", "127.0.0.1:" + conn.port, "--out", dumpdir);
// now drop the db
foo.dropDatabase();
// stop mongod
MongoRunner.stopMongod(conn);
// start mongod with --auth
conn = MongoRunner.runMongod({auth: "", nojournal: "", bind_ip: "127.0.0.1"});
// admin user
var admin = conn.getDB("admin");
admin.createUser({user: "admin", pwd: "admin", roles: jsTest.adminUserRoles});
admin.auth("admin", "admin");
var foo = conn.getDB("foo");
// make sure no collection with the same name exists
collNames = foo.getCollectionNames();
assert.eq(-1, collNames.indexOf("bar"), "bar collection already exists");
assert.eq(-1, collNames.indexOf("baz"), "baz collection already exists");
// now try to restore dump
x = runMongoProgram("mongorestore", "-h", "127.0.0.1:" + conn.port, "--dir", dumpdir, "-vvvvv");
// make sure that the collection isn't restored
collNames = foo.getCollectionNames();
assert.eq(-1, collNames.indexOf("bar"), "bar collection was restored");
assert.eq(-1, collNames.indexOf("baz"), "baz collection was restored");
// now try to restore dump with correct credentials
x = runMongoProgram("mongorestore",
"-h",
"127.0.0.1:" + conn.port,
"-d",
"foo",
"--authenticationDatabase=admin",
"-u",
"admin",
"-p",
"admin",
"--dir",
dumpdir + "foo/",
"-vvvvv");
// make sure that the collection was restored
collNames = foo.getCollectionNames();
assert.neq(-1, collNames.indexOf("bar"), "bar collection was not restored");
assert.neq(-1, collNames.indexOf("baz"), "baz collection was not restored");
// make sure the collection has 4 documents
assert.eq(foo.bar.count(), 4);
assert.eq(foo.baz.count(), 4);
foo.dropDatabase();
foo.createUser({user: 'user', pwd: 'password', roles: jsTest.basicUserRoles});
// now try to restore dump with foo database credentials
x = runMongoProgram("mongorestore",
"-h",
"127.0.0.1:" + conn.port,
"-d",
"foo",
"-u",
"user",
"-p",
"password",
"--dir",
dumpdir + "foo/",
"-vvvvv");
// make sure that the collection was restored
collNames = foo.getCollectionNames();
assert.neq(-1, collNames.indexOf("bar"), "bar collection was not restored");
assert.neq(-1, collNames.indexOf("baz"), "baz collection was not restored");
assert.eq(foo.bar.count(), 4);
assert.eq(foo.baz.count(), 4);
assert.eq(foo.bar.getIndexes().length + foo.baz.getIndexes().length,
3); // _id on foo, _id on bar, x on foo
MongoRunner.stopMongod(conn);
|
