Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
SERVER-9983 Test verifying that internal user privileges do not mask …
…those of similarly named users.
- Loading branch information
Andy Schwerin
committed
Jun 21, 2013
1 parent
c5ad045
commit fc9491e
Showing
1 changed file
with
101 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,101 @@ | ||
/* | ||
* Regression test for SECURITY-27. | ||
* | ||
* Verifies that creating a user named "__system" in any database does not get internal system | ||
* privileges. | ||
* | ||
* Operates by creating an "admin" user for set-up, then creating __system users in the "test", | ||
* "admin" and "local" databases. Then, it verifies that the __system@local user is shadowed for | ||
* password and privilege purposes by the keyfile. It then procedes to verify that the | ||
* __system@test and __system@admin users are _not_ shadowed in any way by the keyfile user. | ||
*/ | ||
|
||
(function() { | ||
|
||
"use strict"; | ||
|
||
// Runs the "count" command on a database in a way that returns the result document, for easier | ||
// inspection of the errmsg. | ||
function runCountCommand(conn, dbName, collectionName) { | ||
return conn.getDB(dbName).runCommand({ count: collectionName }); | ||
} | ||
|
||
// Asserts that on the given "conn", "dbName"."collectionName".count() fails as unauthorized. | ||
function assertCountUnauthorized(conn, dbName, collectionName) { | ||
assert.eq(runCountCommand(conn, dbName, collectionName).errmsg, | ||
"unauthorized", | ||
"On " + dbName + "." + collectionName); | ||
} | ||
|
||
var conn = MongoRunner.runMongod({ smallfiles: "", auth: "" }); | ||
|
||
var admin = conn.getDB('admin'); | ||
var test = conn.getDB('test'); | ||
var local = conn.getDB('local'); | ||
|
||
// | ||
// Preliminary set up. | ||
// | ||
admin.addUser('admin', 'a'); | ||
admin.auth('admin', 'a'); | ||
|
||
// | ||
// Add users named "__system" with no privileges on "test", "admin" and "local". The one in | ||
// "local" is shadowed by the keyfile. | ||
// | ||
|
||
test.addUser({user: '__system', pwd: 'a', roles: []}); | ||
admin.addUser({user: '__system', pwd: 'a', roles: []}); | ||
local.addUser({user: '__system', pwd: 'a', roles: []}); | ||
|
||
// | ||
// Add some data to count. | ||
// | ||
|
||
admin.foo.insert({_id: 1}); | ||
test.foo.insert({_id: 2}); | ||
local.foo.insert({_id: 3}); | ||
|
||
|
||
admin.logout(); | ||
assertCountUnauthorized(conn, "admin", "foo"); | ||
assertCountUnauthorized(conn, "local", "foo"); | ||
assertCountUnauthorized(conn, "test", "foo"); | ||
|
||
// | ||
// Validate that you cannot even log in as __system@local with the supplied password; you _must_ | ||
// use the password from the keyfile. | ||
// | ||
assert(!local.auth('__system', 'a')) | ||
assertCountUnauthorized(conn, "admin", "foo"); | ||
assertCountUnauthorized(conn, "local", "foo"); | ||
assertCountUnauthorized(conn, "test", "foo"); | ||
|
||
// | ||
// Validate that __system@test is not shadowed by the keyfile __system user. | ||
// | ||
test.auth('__system', 'a'); | ||
assertCountUnauthorized(conn, "admin", "foo"); | ||
assertCountUnauthorized(conn, "local", "foo"); | ||
assertCountUnauthorized(conn, "test", "foo"); | ||
|
||
test.logout(); | ||
assertCountUnauthorized(conn, "admin", "foo"); | ||
assertCountUnauthorized(conn, "local", "foo"); | ||
assertCountUnauthorized(conn, "test", "foo"); | ||
|
||
// | ||
// Validate that __system@test is not shadowed by the keyfile __system user. | ||
// | ||
admin.auth('__system', 'a'); | ||
assertCountUnauthorized(conn, "admin", "foo"); | ||
assertCountUnauthorized(conn, "local", "foo"); | ||
assertCountUnauthorized(conn, "test", "foo"); | ||
|
||
admin.logout(); | ||
assertCountUnauthorized(conn, "admin", "foo"); | ||
assertCountUnauthorized(conn, "local", "foo"); | ||
assertCountUnauthorized(conn, "test", "foo"); | ||
|
||
})(); | ||
|