RUBY-572 adding auth tests for replica sets and sharded clusters

Author: Brandon Black

tasks/testing.rake

@@ -70,11 +70,15 @@ namespace :test do
   end
 
   Rake::TestTask.new(:replica_set) do |t|
-    t.test_files = FileList['test/replica_set/*_test.rb'] - [
+    disabled = [
       'test/replica_set/complex_connect_test.rb',
       'test/replica_set/count_test.rb',
       'test/replica_set/read_preference_test.rb'
     ]
+
+    disabled << 'test/replica_set/authentication_test.rb' if ENV['MONGOD']
+
+    t.test_files = FileList['test/replica_set/*_test.rb'] - disabled
     t.libs << 'test'
     #t.verbose = true
     #t.options = '-v'

test/functional/authentication_test.rb

@@ -0,0 +1,21 @@
+require 'test_helper'
+require 'shared/authentication'
+
+class AuthenticationTest < Test::Unit::TestCase
+  include Mongo
+  include AuthenticationTests
+
+  def setup
+    @client = MongoClient.new
+    @db     = @client[MONGO_TEST_DB]
+  end
+
+  def teardown
+    @db['system.users'].remove
+  end
+
+  def test_authenticate_with_connection_uri
+    @db.add_user('eunice', 'uritest')
+    assert MongoClient.from_uri("mongodb://eunice:uritest@#{host_port}/#{@db.name}")
+  end
+end

test/functional/db_test.rb

@@ -131,47 +131,6 @@ def test_pk_factory_reset
     end
   end
 
-  def test_authenticate
-    @@db.add_user('spongebob', 'squarepants')
-    assert_raise Mongo::AuthenticationError do
-      assert !@@db.authenticate('nobody', 'nopassword')
-    end
-    assert_raise Mongo::AuthenticationError do
-      assert !@@db.authenticate('spongebob' , 'squareliederhosen')
-    end
-    assert @@db.authenticate('spongebob', 'squarepants')
-    @@db.logout
-    @@db.remove_user('spongebob')
-  end
-
-  def test_authenticate_with_special_characters
-    assert @@db.add_user('foo:bar', '@foo')
-    assert @@db.authenticate('foo:bar', '@foo')
-    @@db.logout
-    @@db.remove_user('foo:bar')
-  end
-
-  def test_authenticate_read_only
-    @@db.add_user('joebob', 'user', true) # read-only user
-    assert @@db.authenticate('joebob', 'user')
-    @@db.logout
-    @@db.remove_user('joebob')
-  end
-
-  def test_authenticate_with_connection_uri
-    @@db.add_user('spongebob', 'squarepants')
-    assert Mongo::MongoClient.from_uri("mongodb://spongebob:squarepants@#{host_port}/#{@@db.name}")
-
-    assert_raise Mongo::AuthenticationError do
-      client = Mongo::MongoClient.from_uri("mongodb://wrong:info@#{host_port}/#{@@db.name}")
-      client['test']['foo'].find_one
-    end
-  end
-
-  def test_logout
-    assert @@db.logout
-  end
-
   def test_command
     assert_raise OperationFailure do
       @@db.command({:non_command => 1}, :check_response => true)
@@ -249,25 +208,11 @@ def test_text_port_number_raises_no_errors
     db.collection('users').remove
   end
 
-  def test_user_management
-    @@db.add_user("bob", "secret")
-    assert @@db.authenticate("bob", "secret")
-    @@db.logout
-    assert @@db.remove_user("bob")
-    assert_raise Mongo::AuthenticationError do
-      @@db.authenticate("bob", "secret")
-    end
-  end
-
-  def test_remove_non_existant_user
-    assert !@@db.remove_user("joe")
-  end
-
   def test_stored_function_management
     @@db.add_stored_function("sum", "function (x, y) { return x + y; }")
     assert_equal @@db.eval("return sum(2,3);"), 5
     assert @@db.remove_stored_function("sum")
-    assert_raise OperationFailure do 
+    assert_raise OperationFailure do
       @@db.eval("return sum(2,3);")
     end
   end

test/replica_set/authentication_test.rb

@@ -0,0 +1,23 @@
+require 'test_helper'
+require 'shared/authentication'
+
+class ReplicaSetAuthenticationTest < Test::Unit::TestCase
+  include Mongo
+  include AuthenticationTests
+
+  def setup
+    ensure_cluster(:rs)
+    @client = MongoReplicaSetClient.new(@rs.repl_set_seeds, :name => @rs.repl_set_name, :connect_timeout => 60)
+    @db     = @client[MONGO_TEST_DB]
+  end
+
+  def teardown
+    @db['system.users'].remove
+  end
+
+  def test_authenticate_with_connection_uri
+    @db.add_user('eunice', 'uritest')
+    assert MongoReplicaSetClient.from_uri(
+      "mongodb://eunice:uritest@#{@rs.repl_set_seeds.join(',')}/#{@db.name}?replicaSet=#{@rs.repl_set_name}")
+  end
+end

test/shared/authentication.rb

@@ -0,0 +1,49 @@
+module AuthenticationTests
+  def test_add_user
+    @db.add_user('bob','user')
+    assert @db['system.users'].find_one({:user => 'bob'})
+  end
+
+   def test_remove_user
+    @db.remove_user('bob')
+    assert_nil @db['system.users'].find_one({:user => 'bob'})
+  end
+
+  def test_remove_non_existent_user
+    assert_equal @db.remove_user('joe'), false
+  end
+
+  def test_authenticate
+    @db.add_user('peggy', 'user')
+    assert @db.authenticate('peggy', 'user')
+    @db.remove_user('peggy')
+    @db.logout
+  end
+
+  def test_authenticate_non_existent_user
+    assert_raise Mongo::AuthenticationError do
+      @db.authenticate('frank', 'thetank')
+    end
+  end
+
+  def test_logout
+    @db.add_user('peggy', 'user')
+    assert @db.authenticate('peggy', 'user')
+    assert @db.logout
+    @db.remove_user('peggy')
+  end
+
+  def test_authenticate_with_special_characters
+    assert @db.add_user('foo:bar','@foo')
+    assert @db.authenticate('foo:bar','@foo')
+    @db.remove_user('foo:bar')
+    @db.logout
+  end
+
+  def test_authenticate_read_only
+    @db.add_user('randy', 'readonly', true)
+    assert @db.authenticate('randy', 'readonly')
+    @db.remove_user('randy')
+    @db.logout
+  end
+end

test/tools/keyfile.txt

@@ -1 +1,16 @@
-THIS IS A SECRET KEYFILE FOR REPLICA SETS BWAHAHAHAH
++C+19uxSAspQ3EtX7qHW91h81mZSdruz2GZHX5nrXYcKF0zdkik4KWo6GtIokeRl
+CjVrB48mNCuewQSFDZaUoGGB7QmXpQaAkI3Cf11xH0sScHtBYoUhMoMNUIWbyDLq
+ZS/tXKevfRgn3wJJ3cCQSMZf90MVp/go3Uffvwurrnxd6gSCtUOsSHWA9bixePqh
+y+DB/28uC+SUnE6xgXsMBLTKMDD/kSn0XpDwN151xMTqE7ZFu2Iqqo2r53A8kckN
+JzBQiQUPhMOR3R1CIkqZs2PYOQuGZpUk4d3U2Lh52qnxX2JSg4vJCeRVLEFTxFUf
+D7FFP6wzfV0c5O7POUuWU5Y69E6njkoygcAp1GAValZHP0lx9iJLqDjNzxouS6zI
+qcTwMWvDzgRitu1qJH46kFoAKBi4PgHlJTsYKorMeSpPOg7uGZar+xrt4rcWTxIo
+OwWg125XtE4xk9YpwTbshaVZchOmWyHs4hUz/C2fsNCAygvJcqAn+sTdSV9OYwye
+Mln+a2+nIjzu/vsqjeaMIctSKtH+ocmXWZZExG2p/Fxj2XPzhmd1FdFLoG95c6IK
+ywhBGSrRoH/SHOz1+HqFvSBJeoyiPaWfSEKts1RwKIRSIsaoUZJNGF6nGC4hcY+T
+bkNb3VlVRoV00XwrPMPCe2XBsFvEXUX87H2uAf7J4qV8/0Gm19c2tzQgzZS28itH
+Uji7hMKNIlfLMWkBqg2DgFGVrnYIxnFmCQ31vPdwyRP57yYzRvNW2rc1usj7qvQq
+Ef5rYnSIfaLC2cYcBSvJgCG7sYuV23t4oGEd4+YarnZWnBTuj7YgtOlTVmbm73p5
+5Tf3frL5IsXnK475QM27FisHHYl14eZ8g2je1AU3lwo5OPvaP0bib3HE8fCSCPh+
+xA53+x67OlLXd2IQ9rewWb2posw7+2AODfIzygRhWT8gCG60KJrZF6UA7r0as59t
+Ot8mZoCXxmvgnnJEKaQLB6dsG3CBCcLuPb3gx6XwmO+u

test/tools/mongo_config.rb

@@ -24,7 +24,7 @@ def debug(level, arg)
 #
 module Mongo
   class Config
-    DEFAULT_BASE_OPTS = { :host => 'localhost', :dbpath => 'data', :logpath => 'data/log'}
+    DEFAULT_BASE_OPTS = { :host => 'localhost', :dbpath => 'data', :logpath => 'data/log' }
     DEFAULT_REPLICA_SET = DEFAULT_BASE_OPTS.merge( :replicas => 3, :arbiters => 0 )
     DEFAULT_SHARDED_SIMPLE = DEFAULT_BASE_OPTS.merge( :shards => 2, :configs => 1, :routers => 4 )
     DEFAULT_SHARDED_REPLICA = DEFAULT_SHARDED_SIMPLE.merge( :replicas => 3, :arbiters => 0)
@@ -35,7 +35,7 @@ class Config
     MONGODS_OPT_KEYS = [:mongods]
     CLUSTER_OPT_KEYS = SHARDING_OPT_KEYS + REPLICA_OPT_KEYS + MONGODS_OPT_KEYS
 
-    FLAGS = [:noprealloc, :smallfiles, :logappend, :configsvr, :shardsvr, :quiet, :fastsync]
+    FLAGS = [:noprealloc, :smallfiles, :logappend, :configsvr, :shardsvr, :quiet, :fastsync, :auth]
 
     DEFAULT_VERIFIES = 60
     BASE_PORT = 3000
@@ -80,51 +80,52 @@ def self.cluster(opts = DEFAULT_SHARDED_SIMPLE)
     end
 
     def self.make_mongo(kind, opts)
-      dbpath = opts[:dbpath]
-      port = self.get_available_port
-      path = "#{dbpath}/#{kind}-#{port}"
+      dbpath  = opts[:dbpath]
+      port    = self.get_available_port
+      path    = "#{dbpath}/#{kind}-#{port}"
       logpath = "#{path}/#{kind}.log"
 
-      {
-        :host => opts[:host],
-        :port => port,
-        :logpath => logpath,
-        :logappend => true
-      }
+      { :host      => opts[:host],
+        :port      => port,
+        :logpath   => logpath,
+        :logappend => true }
     end
 
     def self.make_mongod(kind, opts)
       params = make_mongo('mongods', opts)
 
       mongod = ENV['MONGOD'] || 'mongod'
-      path = File.dirname(params[:logpath])
+      path   = File.dirname(params[:logpath])
 
       noprealloc = opts[:noprealloc] || true
       smallfiles = opts[:smallfiles] || true
       quiet      = opts[:quiet]      || true
       fast_sync  = opts[:fastsync]   || false
-
-      params.merge(
-        :command => mongod,
-        :dbpath => path,
-        :smallfiles => smallfiles,
-        :noprealloc => noprealloc,
-        :quiet => quiet,
-        :fastsync => fast_sync
-      )
+      auth       = opts[:auth]       || true
+
+      params.merge(:command    => mongod,
+                   :dbpath     => path,
+                   :smallfiles => smallfiles,
+                   :noprealloc => noprealloc,
+                   :quiet      => quiet,
+                   :fastsync   => fast_sync,
+                   :auth       => auth)
     end
 
     def self.make_replica(opts, count)
-      params = make_mongod('replicas', opts)
+      params     = make_mongod('replicas', opts)
 
       replSet    = opts[:replSet]    || 'ruby-driver-test'
       oplog_size = opts[:oplog_size] || 5
+      keyFile    = opts[:keyFile]    || '/test/tools/keyfile.txt'
 
-      params.merge(
-        :_id => count,
-        :replSet => replSet,
-        :oplogSize => oplog_size
-      )
+      keyFile    = Dir.pwd << keyFile
+      system "chmod 600 #{keyFile}"
+
+      params.merge(:_id       => count,
+                   :replSet   => replSet,
+                   :oplogSize => oplog_size,
+                   :keyFile   => keyFile)
     end
 
     def self.make_config(opts)