1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
/* SERVER-4972
* Test for mongorestore on server with --auth allows restore without credentials of colls
* with no index
*/
/*
* 1) Start mongo without auth.
* 2) Write to collection
* 3) Take dump of the collection using mongodump.
* 4) Drop the collection.
* 5) Stop mongod from step 1.
* 6) Restart mongod with auth.
* 7) Add admin user to kick authentication
* 8) Try restore without auth credentials. The restore should fail
* 9) Try restore with correct auth credentials. The restore should succeed this time.
*/
var port = allocatePorts(1)[0];
baseName = "jstests_restorewithauth";
var conn = startMongod( "--port", port, "--dbpath", "/data/db/" + baseName, "--nohttpinterface",
"--nojournal", "--bind_ip", "127.0.0.1" );
// write to ns foo.bar
var foo = conn.getDB( "foo" );
for( var i = 0; i < 4; i++ ) {
foo["bar"].save( { "x": i } );
foo["baz"].save({"x": i});
}
// make sure the collection exists
assert.eq( foo.system.namespaces.count({name: "foo.bar"}), 1 )
//make sure it has no index except _id
assert.eq(foo.system.indexes.count(), 2);
foo.bar.createIndex({x:1});
assert.eq(foo.system.indexes.count(), 3);
// get data dump
var dumpdir = "/data/db/restorewithauth-dump1/";
resetDbpath( dumpdir );
x = runMongoProgram("mongodump", "--db", "foo", "-h", "127.0.0.1:"+port, "--out", dumpdir);
// now drop the db
foo.dropDatabase();
// stop mongod
stopMongod( port );
// start mongod with --auth
conn = startMongod( "--auth", "--port", port, "--dbpath", "/data/db/" + baseName, "--nohttpinterface",
"--nojournal", "--bind_ip", "127.0.0.1" );
// admin user
var admin = conn.getDB( "admin" )
admin.addUser( "admin" , "admin" );
admin.auth( "admin" , "admin" );
var foo = conn.getDB( "foo" )
// make sure no collection with the same name exists
assert.eq(foo.system.namespaces.count( {name: "foo.bar"}), 0);
assert.eq(foo.system.namespaces.count( {name: "foo.baz"}), 0);
// now try to restore dump
x = runMongoProgram( "mongorestore", "-h", "127.0.0.1:" + port, "--dir" , dumpdir, "-vvvvv" );
// make sure that the collection isn't restored
assert.eq(foo.system.namespaces.count({name: "foo.bar"}), 0);
assert.eq(foo.system.namespaces.count({name: "foo.baz"}), 0);
// now try to restore dump with correct credentials
x = runMongoProgram( "mongorestore",
"-h", "127.0.0.1:" + port,
"-d", "foo",
"--authenticationDatabase=admin",
"-u", "admin",
"-p", "admin",
"--dir", dumpdir + "foo/",
"-vvvvv");
// make sure that the collection was restored
assert.eq(foo.system.namespaces.count({name: "foo.bar"}), 1);
assert.eq(foo.system.namespaces.count({name: "foo.baz"}), 1);
// make sure the collection has 4 documents
assert.eq(foo.bar.count(), 4);
assert.eq(foo.baz.count(), 4);
foo.dropDatabase();
// make sure that the collection is empty
assert.eq(foo.system.namespaces.count({name: "foo.bar"}), 0);
assert.eq(foo.system.namespaces.count({name: "foo.baz"}), 0);
foo.addUser('user', 'password');
// now try to restore dump with foo database credentials
x = runMongoProgram("mongorestore",
"-h", "127.0.0.1:" + port,
"-d", "foo",
"-u", "user",
"-p", "password",
"--dir", dumpdir + "foo/",
"-vvvvv");
// make sure that the collection was restored
assert.eq(foo.system.namespaces.count({name: "foo.bar"}), 1);
assert.eq(foo.system.namespaces.count({name: "foo.baz"}), 1);
assert.eq(foo.bar.count(), 4);
assert.eq(foo.baz.count(), 4);
assert.eq(foo.system.indexes.count(), 5); // _id on foo, _id on bar, x on foo, _id + 1 on system.users
stopMongod( port );
|
