Test for replica set authentication; bug fix.
This commit is contained in:
parent
d63cf18042
commit
e8e617e95f
@ -189,7 +189,7 @@ module Mongo
|
||||
socket = TCPSocket.new(host, port)
|
||||
socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1)
|
||||
|
||||
config = self['admin'].command({:ismaster => 1}, :sock => socket)
|
||||
config = self['admin'].command({:ismaster => 1}, :socket => socket)
|
||||
|
||||
check_set_name(config, socket)
|
||||
rescue OperationFailure, SocketError, SystemCallError, IOError => ex
|
||||
@ -232,7 +232,7 @@ module Mongo
|
||||
def check_set_name(config, socket)
|
||||
if @replica_set
|
||||
config = self['admin'].command({:replSetGetStatus => 1},
|
||||
:sock => socket, :check_response => false)
|
||||
:socket => socket, :check_response => false)
|
||||
|
||||
if !Mongo::Support.ok?(config)
|
||||
raise ReplicaSetConnectionError, config['errmsg']
|
||||
|
@ -88,7 +88,7 @@ module Mongo
|
||||
socket
|
||||
end
|
||||
|
||||
# If a use calls DB#authentication, and several sockets exist,
|
||||
# If a user calls DB#authenticate, and several sockets exist,
|
||||
# then we need a way to apply the authentication on each socket.
|
||||
# So we store the apply_authentication method, and this will be
|
||||
# applied right before the next use of each socket.
|
||||
|
58
test/auxillary/repl_set_auth_test.rb
Normal file
58
test/auxillary/repl_set_auth_test.rb
Normal file
@ -0,0 +1,58 @@
|
||||
$:.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
||||
require './test/test_helper'
|
||||
require './test/tools/auth_repl_set_manager'
|
||||
|
||||
class AuthTest < Test::Unit::TestCase
|
||||
include Mongo
|
||||
|
||||
def setup
|
||||
@manager = AuthReplSetManager.new(:start_port => 40000)
|
||||
@manager.start_set
|
||||
end
|
||||
|
||||
def teardown
|
||||
@manager.cleanup_set
|
||||
end
|
||||
|
||||
def test_repl_set_auth
|
||||
@conn = ReplSetConnection.new([@manager.host, @manager.ports[0]], [@manager.host, @manager.ports[1]],
|
||||
[@manager.host, @manager.ports[2]], :name => @manager.name)
|
||||
|
||||
# Add an admin user
|
||||
@conn['admin'].add_user("me", "secret")
|
||||
|
||||
# Ensure that insert fails
|
||||
assert_raise_error Mongo::OperationFailure, "unauthorized" do
|
||||
@conn['foo']['stuff'].insert({:a => 2}, :safe => {:w => 3})
|
||||
end
|
||||
|
||||
# Then authenticate
|
||||
assert @conn['admin'].authenticate("me", "secret")
|
||||
|
||||
# Insert should succeed now
|
||||
assert @conn['foo']['stuff'].insert({:a => 2}, :safe => {:w => 3})
|
||||
|
||||
# So should a query
|
||||
assert @conn['foo']['stuff'].find_one
|
||||
|
||||
# But not when we logout
|
||||
@conn['admin'].logout
|
||||
|
||||
assert_raise_error Mongo::OperationFailure, "unauthorized" do
|
||||
@conn['foo']['stuff'].find_one
|
||||
end
|
||||
|
||||
# Same should apply to a random secondary
|
||||
@slave1 = Connection.new(@conn.secondary_pools[0].host,
|
||||
@conn.secondary_pools[0].port, :slave_ok => true)
|
||||
|
||||
# Find should fail
|
||||
assert_raise_error Mongo::OperationFailure, "unauthorized" do
|
||||
@slave1['foo']['stuff'].find_one
|
||||
end
|
||||
|
||||
# But not when authenticated
|
||||
@slave1['admin'].authenticate("me", "secret")
|
||||
assert @slave1['foo']['stuff'].find_one
|
||||
end
|
||||
end
|
14
test/tools/auth_repl_set_manager.rb
Normal file
14
test/tools/auth_repl_set_manager.rb
Normal file
@ -0,0 +1,14 @@
|
||||
require File.join((File.expand_path(File.dirname(__FILE__))), 'repl_set_manager')
|
||||
|
||||
class AuthReplSetManager < ReplSetManager
|
||||
def initialize(opts={})
|
||||
super(opts)
|
||||
|
||||
@key_path = opts[:key_path] || File.join(File.expand_path(File.dirname(__FILE__)), "keyfile.txt")
|
||||
system("chmod 600 #{@key_path}")
|
||||
end
|
||||
|
||||
def start_cmd(n)
|
||||
super + " --keyFile #{@key_path}"
|
||||
end
|
||||
end
|
1
test/tools/keyfile.txt
Normal file
1
test/tools/keyfile.txt
Normal file
@ -0,0 +1 @@
|
||||
THIS IS A SECRET KEYFILE FOR REPLICA SETS BWAHAHAHAH
|
@ -61,6 +61,13 @@ class ReplSetManager
|
||||
ensure_up
|
||||
end
|
||||
|
||||
def cleanup_set
|
||||
system("killall mongod")
|
||||
@count.times do |n|
|
||||
system("rm -rf #{@mongods[n]['db_path']}")
|
||||
end
|
||||
end
|
||||
|
||||
def init_node(n)
|
||||
@mongods[n] ||= {}
|
||||
port = @start_port + n
|
||||
@ -71,9 +78,7 @@ class ReplSetManager
|
||||
system("rm -rf #{@mongods[n]['db_path']}")
|
||||
system("mkdir -p #{@mongods[n]['db_path']}")
|
||||
|
||||
@mongods[n]['start'] = "mongod --replSet #{@name} --logpath '#{@mongods[n]['log_path']}' " +
|
||||
" --dbpath #{@mongods[n]['db_path']} --port #{@mongods[n]['port']} --fork"
|
||||
|
||||
@mongods[n]['start'] = start_cmd(n)
|
||||
start(n)
|
||||
|
||||
member = {'_id' => n, 'host' => "#{@host}:#{@mongods[n]['port']}"}
|
||||
@ -88,6 +93,11 @@ class ReplSetManager
|
||||
@config['members'] << member
|
||||
end
|
||||
|
||||
def start_cmd(n)
|
||||
@mongods[n]['start'] = "mongod --replSet #{@name} --logpath '#{@mongods[n]['log_path']}' " +
|
||||
" --dbpath #{@mongods[n]['db_path']} --port #{@mongods[n]['port']} --fork"
|
||||
end
|
||||
|
||||
def kill(node)
|
||||
pid = @mongods[node]['pid']
|
||||
puts "** Killing node with pid #{pid} at port #{@mongods[node]['port']}"
|
||||
|
Loading…
Reference in New Issue
Block a user