Files
mongo/jstests/core/connection_status.js
Max Hirschhorn 9ad8d6335f SERVER-40076 Tag JS tests with reason they're unable to run in Atlas.
There are likely more JavaScript tests which have been added since
r3.6.9 that still need to be tagged.

(cherry picked from commit 05ec08fa62)
2019-03-11 18:17:29 -04:00

98 lines
3.7 KiB
JavaScript

// @tags: [
// assumes_superuser_permissions,
// assumes_write_concern_unchanged,
// creates_and_authenticates_user,
// requires_auth,
// requires_non_retryable_commands,
// ]
// Tests the connectionStatus command
(function() {
"use strict";
var dbName = 'connection_status';
var myDB = db.getSiblingDB(dbName);
myDB.dropAllUsers();
/**
* Test that the output of connectionStatus makes sense.
*/
function validateConnectionStatus(expectedUser, expectedRole, showPrivileges) {
var connectionStatus =
myDB.runCommand({"connectionStatus": 1, "showPrivileges": showPrivileges});
assert.commandWorked(connectionStatus);
var authInfo = connectionStatus.authInfo;
// Test that authenticated users are properly returned.
var users = authInfo.authenticatedUsers;
var matches = 0;
var infoStr = tojson(authInfo);
for (var i = 0; i < users.length; i++) {
var user = users[i].user;
var db = users[i].db;
assert(isString(user),
"each authenticatedUsers should have a 'user' string:" + infoStr);
assert(isString(db), "each authenticatedUsers should have a 'db' string:" + infoStr);
if (user === expectedUser.user && db === expectedUser.db) {
matches++;
}
}
assert.eq(
matches, 1, "expected user should be present once in authenticatedUsers:" + infoStr);
// Test that authenticated roles are properly returned.
var roles = authInfo.authenticatedUserRoles;
matches = 0;
for (var i = 0; i < roles.length; i++) {
var role = roles[i].role;
var db = roles[i].db;
assert(isString(role),
"each authenticatedUserRole should have a 'role' string:" + infoStr);
assert(isString(db), "each authenticatedUserRole should have a 'db' string:" + infoStr);
if (role === expectedRole.role && db === expectedRole.db) {
matches++;
}
}
// Role will be duplicated when users with the same role are logged in at the same time.
assert.gte(
matches, 1, "expected role should be present in authenticatedUserRoles:" + infoStr);
var privileges = authInfo.authenticatedUserPrivileges;
if (showPrivileges) {
for (var i = 0; i < privileges.length; i++) {
assert(
isObject(privileges[i].resource),
"each authenticatedUserPrivilege should have a 'resource' object:" + infoStr);
var actions = privileges[i].actions;
for (var j = 0; j < actions.length; j++) {
assert(isString(actions[j]),
"each authenticatedUserPrivilege action should be a string:" + infoStr);
}
}
} else {
// Test that privileges are not returned without asking
assert.eq(privileges,
undefined,
"authenticatedUserPrivileges should not be returned by default:" + infoStr);
}
}
function test(userName) {
var user = {user: userName, db: dbName};
var role = {role: "root", db: "admin"};
myDB.createUser({user: userName, pwd: "weak password", roles: [role]});
myDB.auth(userName, "weak password");
// Validate with and without showPrivileges
validateConnectionStatus(user, role, true);
validateConnectionStatus(user, role, false);
// Clean up.
myDB.dropAllUsers();
myDB.logout();
}
test("someone");
test("someone else");
})();