Skip to content

Commit

Permalink
authentication checks user instead of db.user
Browse files Browse the repository at this point in the history
  • Loading branch information
@chilagrow
chilagrow committed Feb 19, 2024
1 parent 287b728 commit 950e567
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 17 deletions.
10 changes: 8 additions & 2 deletions integration/users/drop_all_users_from_database_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,9 @@ import (
func TestDropAllUsersFromDatabase(t *testing.T) {
t.Parallel()

ctx, collection := setup.Setup(t)
db := collection.Database()
s := setup.SetupWithOpts(t, nil)
ctx := s.Ctx
db, collection := createUserTestRunnerUser(t, s)
client := collection.Database().Client()

quantity := 5 // Add some users to the database.
Expand All @@ -52,6 +53,11 @@ func TestDropAllUsersFromDatabase(t *testing.T) {
// So this call should remove zero users as the database doesn't exist. The next one, "quantity" users.
assertDropAllUsersFromDatabase(t, ctx, client.Database(t.Name()+"_another_database"), 0)

if !setup.IsMongoDB(t) {
// For non MongoDB, a user created to run the tests is also dropped.
quantity++
}

assertDropAllUsersFromDatabase(t, ctx, db, quantity)

// Run for the second time to check if it still succeeds when there aren't any users remaining,
Expand Down
6 changes: 4 additions & 2 deletions integration/users/usersinfo_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,10 @@ func createUser(username, password string) bson.D {
func TestUsersinfo(t *testing.T) {
t.Parallel()

ctx, collection := setup.Setup(t)
client := collection.Database().Client()
s := setup.SetupWithOpts(t, nil)
ctx := s.Ctx
db, _ := createUserTestRunnerUser(t, s)
client := db.Client()

dbToUsers := []struct {
dbSuffix string
Expand Down
14 changes: 1 addition & 13 deletions internal/handler/authenticate.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,21 +54,9 @@ func (h *Handler) authenticate(ctx context.Context, msg *wire.OpMsg) error {
return lazyerrors.Error(err)

Check warning on line 54 in internal/handler/authenticate.go

View check run for this annotation

Codecov / codecov/patch

internal/handler/authenticate.go#L54 

Added line #L54 was not covered by tests
}

document, err := msg.Document()
if err != nil {
return lazyerrors.Error(err)
}

var dbName string

if dbName, err = common.GetRequiredParam[string](document, "$db"); err != nil {
return err
}

username, pwd := conninfo.Get(ctx).Auth()

// NOTE: how does a user with access to all database look like?
filter := must.NotFail(types.NewDocument("_id", dbName+"."+username))
filter := must.NotFail(types.NewDocument("user", username))

qr, err := usersCol.Query(ctx, nil)
if err != nil {
Expand Down

0 comments on commit 950e567

Please sign in to comment.