~ubuntu-branches/ubuntu/wily/juju-mongodb/wily-proposed : contents of jstests/sharding/auth

~ubuntu-branches/ubuntu/wily/juju-mongodb/wily-proposed : (revision 8)

var replTest = new ReplSetTest({ nodes: 3, useHostName : false, keyFile: 'jstests/libs/key1' });
replTest.startSet({ oplogSize: 10 });
replTest.initiate();
replTest.awaitSecondaryNodes();

var nodeCount = replTest.nodes.length;
var primary = replTest.getPrimary();

// Setup the database using replSet connection before setting the authentication
var conn = new Mongo(replTest.getURL());
var testDB = conn.getDB('test');
var testColl = testDB.user;

testColl.insert({ x: 1 });
testDB.runCommand({ getLastError: 1, w: nodeCount });

// Setup the cached connection for primary and secondary in DBClientReplicaSet
// before setting up authentication
var doc = testColl.findOne();
assert(doc != null);

conn.setSlaveOk();

doc = testColl.findOne();
assert(doc != null);

// Add admin user using direct connection to primary to simulate connection from remote host
var adminDB = primary.getDB('admin');
adminDB.addUser('user', 'user', false, nodeCount);
adminDB.auth('user', 'user');

var priTestDB = primary.getDB('test');
priTestDB.addUser('a', 'a', false, nodeCount);

// Authenticate the replSet connection
assert.eq(1, testDB.auth('a', 'a'));

jsTest.log('Sending an authorized query that should be ok');
conn.setSlaveOk(true);
doc = testColl.findOne();
assert(doc != null);

doc = testColl.find().readPref('secondary').next();
assert(doc != null);

conn.setSlaveOk(false);
doc = testColl.findOne();
assert(doc != null);

var queryToPriShouldFail = function() {
    conn.setSlaveOk(false);

    assert.throws(function() {
        testColl.findOne();
    });

    // should still not work even after retrying
    assert.throws(function() {
        testColl.findOne();
    });
};

var queryToSecShouldFail = function() {
    conn.setSlaveOk(true);

    assert.throws(function() {
        testColl.findOne();
    });

    // should still not work even after retrying
    assert.throws(function() {
        testColl.findOne();
    });

    // Query to secondary using readPref
    assert.throws(function() {
        testColl.find().readPref('secondary').next();
    });

    // should still not work even after retrying
    assert.throws(function() {
        testColl.find().readPref('secondary').next();
    });
};

assert(testDB.logout().ok);

jsTest.log('Sending an unauthorized query that should fail');
queryToPriShouldFail();
queryToSecShouldFail();

// Repeat logout test, with secondary first, then primary
assert.eq(1, testDB.auth('a', 'a'));
assert(testDB.logout().ok);

// re-initialize the underlying connections to primary and secondary
jsTest.log('Sending an unauthorized query that should still fail');
queryToSecShouldFail();
queryToPriShouldFail();

// Repeat logout test, now with the cached secondary down
assert.eq(1, testDB.auth('a', 'a'));

// Find out the current cached secondary in the repl connection
conn.setSlaveOk(true);
var secHost = testColl.find().readPref('secondary').explain().server;
var secNodeIdx = -1;
var secPortStr = secHost.split(':')[1];

for (var x = 0; x < nodeCount; x++) {
    var nodePortStr = replTest.nodes[x].host.split(':')[1];

    if (nodePortStr == secPortStr) {
        secNodeIdx = x;
    }
}

assert(secNodeIdx >= 0); // test sanity check

// Kill the cached secondary
replTest.stop(secNodeIdx, 15, true, { auth: { user: 'user', pwd: 'user' }});

assert(testDB.logout().ok);

replTest.restart(secNodeIdx);
replTest.awaitSecondaryNodes();

jsTest.log('Sending an unauthorized query after restart that should still fail');
queryToSecShouldFail();
queryToPriShouldFail();

replTest.stopSet();


1 by James Page Import upstream version 2.4.8	1	var replTest = new ReplSetTest({ nodes: 3, useHostName : false, keyFile: 'jstests/libs/key1' });
	2	replTest.startSet({ oplogSize: 10 });
	3	replTest.initiate();
	4	replTest.awaitSecondaryNodes();
	5
	6	var nodeCount = replTest.nodes.length;
	7	var primary = replTest.getPrimary();
	8
	9	// Setup the database using replSet connection before setting the authentication
	10	var conn = new Mongo(replTest.getURL());
	11	var testDB = conn.getDB('test');
	12	var testColl = testDB.user;
	13
	14	testColl.insert({ x: 1 });
	15	testDB.runCommand({ getLastError: 1, w: nodeCount });
	16
	17	// Setup the cached connection for primary and secondary in DBClientReplicaSet
	18	// before setting up authentication
	19	var doc = testColl.findOne();
	20	assert(doc != null);
	21
	22	conn.setSlaveOk();
	23
	24	doc = testColl.findOne();
	25	assert(doc != null);
	26
	27	// Add admin user using direct connection to primary to simulate connection from remote host
	28	var adminDB = primary.getDB('admin');
	29	adminDB.addUser('user', 'user', false, nodeCount);
	30	adminDB.auth('user', 'user');
	31
	32	var priTestDB = primary.getDB('test');
	33	priTestDB.addUser('a', 'a', false, nodeCount);
	34
	35	// Authenticate the replSet connection
	36	assert.eq(1, testDB.auth('a', 'a'));
	37
	38	jsTest.log('Sending an authorized query that should be ok');
	39	conn.setSlaveOk(true);
	40	doc = testColl.findOne();
	41	assert(doc != null);
	42
	43	doc = testColl.find().readPref('secondary').next();
	44	assert(doc != null);
	45
	46	conn.setSlaveOk(false);
	47	doc = testColl.findOne();
	48	assert(doc != null);
	49
	50	var queryToPriShouldFail = function() {
	51	conn.setSlaveOk(false);
	52
	53	assert.throws(function() {
	54	testColl.findOne();
	55	});
	56
	57	// should still not work even after retrying
	58	assert.throws(function() {
	59	testColl.findOne();
	60	});
	61	};
	62
	63	var queryToSecShouldFail = function() {
	64	conn.setSlaveOk(true);
65
66	assert.throws(function() {
67	testColl.findOne();
68	});
69
70	// should still not work even after retrying
71	assert.throws(function() {
72	testColl.findOne();
73	});
74
75	// Query to secondary using readPref
76	assert.throws(function() {
77	testColl.find().readPref('secondary').next();
78	});
79
80	// should still not work even after retrying
81	assert.throws(function() {
82	testColl.find().readPref('secondary').next();
83	});
84	};
85
86	assert(testDB.logout().ok);
87
88	jsTest.log('Sending an unauthorized query that should fail');
89	queryToPriShouldFail();
90	queryToSecShouldFail();
91
92	// Repeat logout test, with secondary first, then primary
93	assert.eq(1, testDB.auth('a', 'a'));
94	assert(testDB.logout().ok);
95
96	// re-initialize the underlying connections to primary and secondary
97	jsTest.log('Sending an unauthorized query that should still fail');
98	queryToSecShouldFail();
99	queryToPriShouldFail();
100
101	// Repeat logout test, now with the cached secondary down
102	assert.eq(1, testDB.auth('a', 'a'));
103
104	// Find out the current cached secondary in the repl connection
105	conn.setSlaveOk(true);
106	var secHost = testColl.find().readPref('secondary').explain().server;
107	var secNodeIdx = -1;
108	var secPortStr = secHost.split(':')[1];
109
110	for (var x = 0; x < nodeCount; x++) {
111	var nodePortStr = replTest.nodes[x].host.split(':')[1];
112
113	if (nodePortStr == secPortStr) {
114	secNodeIdx = x;
115	}
116	}
117
118	assert(secNodeIdx >= 0); // test sanity check
119
120	// Kill the cached secondary
121	replTest.stop(secNodeIdx, 15, true, { auth: { user: 'user', pwd: 'user' }});
122
123	assert(testDB.logout().ok);
124
125	replTest.restart(secNodeIdx);
126	replTest.awaitSecondaryNodes();
127
128	jsTest.log('Sending an unauthorized query after restart that should still fail');
129	queryToSecShouldFail();
130	queryToPriShouldFail();
131
132	replTest.stopSet();
133