1
/* Copyright 2012 10gen Inc.
3
* Licensed under the Apache License, Version 2.0 (the "License");
4
* you may not use this file except in compliance with the License.
5
* You may obtain a copy of the License at
7
* http://www.apache.org/licenses/LICENSE-2.0
9
* Unless required by applicable law or agreed to in writing, software
10
* distributed under the License is distributed on an "AS IS" BASIS,
11
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
* See the License for the specific language governing permissions and
13
* limitations under the License.
17
* Unit tests of the PrivilegeSet type.
22
#include "mongo/db/auth/action_set.h"
23
#include "mongo/db/auth/privilege_set.h"
24
#include "mongo/unittest/unittest.h"
29
// Convenience methods for outputing PrincipalName and construction ActionSets that make tests
30
// concise, but that we're reluctant to put into the types themselves.
32
std::ostream& operator<<(std::ostream& os, const PrincipalName& pname) {
33
return os << pname.toString();
36
std::ostream& operator<<(std::ostream&os, const std::vector<PrincipalName>& ps) {
38
for (size_t i = 0; i < ps.size(); ++i)
44
ActionSet operator|(const ActionSet& lhs, const ActionSet& rhs) {
45
ActionSet result = lhs;
46
result.addAllActionsFromSet(rhs);
50
ActionSet operator|(const ActionSet& lhs, const ActionType& rhs) {
51
ActionSet result = lhs;
52
result.addAction(rhs);
56
ActionSet operator|(const ActionType& lhs, const ActionType& rhs) {
58
result.addAction(lhs);
59
result.addAction(rhs);
65
TEST(PrivilegeSetTest, PrivilegeSet) {
67
PrincipalName user1("user1", "test");
68
PrincipalName user2("user2", "test2");
70
// Initially, the capability set contains no privileges at all.
71
ASSERT_FALSE(capSet.hasPrivilege(Privilege("foo", ActionType::find)));
72
ASSERT_FALSE(capSet.hasPrivilege(Privilege("bar", ActionType::find)));
74
// Grant find and update to "foo", only.
75
capSet.grantPrivilege(Privilege("foo", ActionType::find|ActionType::update), user1);
77
ASSERT_TRUE(capSet.hasPrivilege(Privilege("foo", ActionType::find)));
78
ASSERT_TRUE(capSet.hasPrivilege(Privilege("foo", ActionType::find|ActionType::update)));
79
ASSERT_FALSE(capSet.hasPrivilege(Privilege("foo", ActionType::find|ActionType::remove)));
80
ASSERT_FALSE(capSet.hasPrivilege(Privilege("bar", ActionType::find)));
81
ASSERT_FALSE(capSet.hasPrivilege(Privilege("foo", ActionType::remove)));
83
// Grant "userAdmin", "update" and "remove" on "foo" to user2, which changes the set of
84
// actions this privilege set will approve.
85
capSet.grantPrivilege(
86
Privilege("foo", ActionType::userAdmin|ActionType::update|ActionType::remove),
89
ASSERT_TRUE(capSet.hasPrivilege(Privilege("foo", ActionType::userAdmin)));
90
ASSERT_TRUE(capSet.hasPrivilege(Privilege("foo", ActionType::update)));
91
ASSERT_TRUE(capSet.hasPrivilege(Privilege("foo", ActionType::userAdmin)));
92
ASSERT_TRUE(capSet.hasPrivilege(Privilege("foo", ActionType::find|ActionType::remove)));
94
// Revoke user2's privileges.
95
capSet.revokePrivilegesFromPrincipal(user2);
97
ASSERT_FALSE(capSet.hasPrivilege(Privilege("foo", ActionType::userAdmin)));
98
ASSERT_FALSE(capSet.hasPrivilege(Privilege("foo", ActionType::find|ActionType::remove)));
99
ASSERT_TRUE(capSet.hasPrivilege(Privilege("foo", ActionType::update)));
101
// Revoke user2's privileges again; should be a no-op.
102
capSet.revokePrivilegesFromPrincipal(user2);
104
ASSERT_FALSE(capSet.hasPrivilege(Privilege("foo", ActionType::userAdmin)));
105
ASSERT_FALSE(capSet.hasPrivilege(Privilege("foo", ActionType::find|ActionType::remove)));
106
ASSERT_TRUE(capSet.hasPrivilege(Privilege("foo", ActionType::update)));
108
// Re-grant "userAdmin", "update" and "remove" on "foo" to user2.
109
capSet.grantPrivilege(
110
Privilege("foo", ActionType::userAdmin|ActionType::update|ActionType::remove),
113
// The set still contains no capabilities on "bar".
114
ASSERT_FALSE(capSet.hasPrivilege(Privilege("bar", ActionType::find)));
116
// Let user2 "find" on "bar".
117
capSet.grantPrivilege(Privilege("bar", ActionType::find), user2);
119
ASSERT_TRUE(capSet.hasPrivilege(Privilege("bar", ActionType::find)));
120
ASSERT_FALSE(capSet.hasPrivilege(Privilege("bar", ActionType::update)));
121
ASSERT_FALSE(capSet.hasPrivilege(Privilege("bar", ActionType::remove)));
123
// Let user1 "find" and "update" on "bar".
124
capSet.grantPrivilege(Privilege("bar", ActionType::update|ActionType::find), user1);
126
ASSERT_TRUE(capSet.hasPrivilege(Privilege("bar", ActionType::find|ActionType::update)));
127
ASSERT_FALSE(capSet.hasPrivilege(
129
ActionType::find|ActionType::update|ActionType::remove)));
131
// Revoke user1's privileges.
132
capSet.revokePrivilegesFromPrincipal(user1);
134
ASSERT_TRUE(capSet.hasPrivilege(Privilege("foo", ActionType::update)));
135
ASSERT_FALSE(capSet.hasPrivilege(Privilege("foo", ActionType::find)));
136
ASSERT_TRUE(capSet.hasPrivilege(Privilege("bar", ActionType::find)));
137
ASSERT_FALSE(capSet.hasPrivilege(Privilege("bar", ActionType::update)));
139
// Revoke user2's privileges.
140
capSet.revokePrivilegesFromPrincipal(user2);
142
ASSERT_FALSE(capSet.hasPrivilege(Privilege("foo", ActionType::update)));
143
ASSERT_FALSE(capSet.hasPrivilege(Privilege("bar", ActionType::find)));
146
TEST(PrivilegeSetTest, WildcardPrivileges) {
147
// Tests acquisition and revocation of privileges on WILDCARD_RESOURCE.
149
PrivilegeSet privSet;
151
PrincipalName user("user", "db");
152
Privilege wildcardFind("*", ActionType::find);
153
Privilege wildcardUpdate("*", ActionType::update);
154
Privilege wildcardFindAndUpdate("*", ActionType::find|ActionType::update);
155
Privilege fooFind("foo", ActionType::find);
156
Privilege fooUpdate("foo", ActionType::update);
157
Privilege fooFindAndUpdate("foo", ActionType::find|ActionType::update);
158
Privilege barFind("bar", ActionType::find);
159
Privilege barUpdate("bar", ActionType::update);
160
Privilege barFindAndUpdate("bar", ActionType::find|ActionType::update);
162
// With no granted privileges, assert that hasPrivilege returns false.
163
ASSERT_FALSE(privSet.hasPrivilege(wildcardFind));
164
ASSERT_FALSE(privSet.hasPrivilege(wildcardUpdate));
165
ASSERT_FALSE(privSet.hasPrivilege(wildcardFindAndUpdate));
167
ASSERT_FALSE(privSet.hasPrivilege(fooFind));
168
ASSERT_FALSE(privSet.hasPrivilege(fooUpdate));
169
ASSERT_FALSE(privSet.hasPrivilege(fooFindAndUpdate));
171
ASSERT_FALSE(privSet.hasPrivilege(barFind));
172
ASSERT_FALSE(privSet.hasPrivilege(barUpdate));
173
ASSERT_FALSE(privSet.hasPrivilege(barFindAndUpdate));
175
// Grant some privileges, and ensure that exactly those privileges are granted.
176
std::vector<Privilege> grantedPrivileges;
177
grantedPrivileges.push_back(wildcardFind);
178
grantedPrivileges.push_back(fooUpdate);
180
privSet.grantPrivileges(grantedPrivileges, user);
182
ASSERT_TRUE(privSet.hasPrivilege(wildcardFind));
183
ASSERT_FALSE(privSet.hasPrivilege(wildcardUpdate));
184
ASSERT_FALSE(privSet.hasPrivilege(wildcardFindAndUpdate));
186
ASSERT_TRUE(privSet.hasPrivilege(fooFind));
187
ASSERT_TRUE(privSet.hasPrivilege(fooUpdate));
188
ASSERT_TRUE(privSet.hasPrivilege(fooFindAndUpdate));
190
ASSERT_TRUE(privSet.hasPrivilege(barFind));
191
ASSERT_FALSE(privSet.hasPrivilege(barUpdate));
192
ASSERT_FALSE(privSet.hasPrivilege(barFindAndUpdate));
194
// Revoke the granted privileges, and assert that hasPrivilege returns false.
195
privSet.revokePrivilegesFromPrincipal(user);
197
ASSERT_FALSE(privSet.hasPrivilege(wildcardFind));
198
ASSERT_FALSE(privSet.hasPrivilege(wildcardUpdate));
199
ASSERT_FALSE(privSet.hasPrivilege(wildcardFindAndUpdate));
201
ASSERT_FALSE(privSet.hasPrivilege(fooFind));
202
ASSERT_FALSE(privSet.hasPrivilege(fooUpdate));
203
ASSERT_FALSE(privSet.hasPrivilege(fooFindAndUpdate));
205
ASSERT_FALSE(privSet.hasPrivilege(barFind));
206
ASSERT_FALSE(privSet.hasPrivilege(barUpdate));
207
ASSERT_FALSE(privSet.hasPrivilege(barFindAndUpdate));