wip

FerretDB · AlekSi · Dec 20, 2023 · Dec 12, 2023 · Dec 12, 2023 · Dec 14, 2023
commit 5d2c18ec6c554c7a73d7bdac380e091a72e70967
diff --git a/.github/workflows/_integration.yml b/.github/workflows/_integration.yml
@@ -19,6 +19,10 @@ on:
         required: false
         type: boolean
         default: false
+      enable_new_auth:
+        required: false
+        type: boolean
+        default: false
       checkout_ref:
         required: false
         type: string
@@ -88,13 +92,14 @@ jobs:
       - name: >
           Run ${{ inputs.task }} tests
           (${{ inputs.shard_index }}/${{ inputs.shard_total }},
-          pushdown=${{ !inputs.disable_pushdown }})
+          pushdown=${{ !inputs.disable_pushdown }}, new_auth=${{ inputs.enable_new_auth }})
         run: >
           bin/task test-integration-${{ inputs.task }}
           SHARD_INDEX=${{ inputs.shard_index }}
           SHARD_TOTAL=${{ inputs.shard_total }}
           TEST_TIMEOUT=15m
           DISABLE_PUSHDOWN=${{ inputs.disable_pushdown }}
+          ENABLE_NEW_AUTH=${{ inputs.enable_new_auth }}
         env:
           GOFLAGS: ${{ runner.debug == '1' && '-v' || '' }}
           FERRETDB_HANA_URL: ${{ secrets.FERRETDB_HANA_URL }}
@@ -112,7 +117,7 @@ jobs:
         with:
           token: 22159d7c-856d-4fe9-8fdb-5d9ecff35514
           files: ./integration/integration-${{ inputs.task }}.txt
-          flags: integration,${{ inputs.task }}-${{ inputs.shard_index }},filter-${{ !inputs.disable_pushdown }}
+          flags: integration,${{ inputs.task }}-${{ inputs.shard_index }},filter-${{ !inputs.disable_pushdown }},auth-${{ inputs.enable_new_auth }}
           fail_ci_if_error: true
           verbose: true
 
@@ -121,7 +126,7 @@ jobs:
         uses: coverallsapp/github-action@v2
         with:
           file: ./integration/integration-${{ inputs.task }}.txt
-          flag-name: integration-${{ inputs.task }}-${{ inputs.shard_index }}-filter-${{ !inputs.disable_pushdown }}
+          flag-name: integration-${{ inputs.task }}-${{ inputs.shard_index }}-filter-${{ !inputs.disable_pushdown }}-auth-${{ inputs.enable_new_auth }}
           parallel: true
 
       # we don't want them on CI

diff --git a/.github/workflows/go-extra.yml b/.github/workflows/go-extra.yml
@@ -19,11 +19,11 @@ jobs:
     # job name must be unique; make it unique and nice
     name: >
       ${{ matrix.task }} ${{ matrix.shard_index }}/${{ matrix.shard_total }}
-      (pushdown=${{ matrix.disable_pushdown }})
+      (pushdown=${{ matrix.disable_pushdown }}, new_auth=${{ matrix.enable_new_auth }})
 
     # To avoid conflict with go.yml.
-    concurrency:
-      group: ${{ github.workflow }}-integration-${{ matrix.task }}-${{ matrix.shard_index }}-${{ matrix.disable_pushdown }}-${{ github.head_ref || github.ref_name }}
+    concurrency: 
+      group: ${{ github.workflow }}-integration-${{ matrix.task }}-${{ matrix.shard_index }}-${{ matrix.disable_pushdown }}-${{ matrix.enable_new_auth }}${{ github.head_ref || github.ref_name }}
       cancel-in-progress: true
 
     strategy:
@@ -33,6 +33,7 @@ jobs:
         shard_index: [1, 2, 3]
         shard_total: [3]
         disable_pushdown: [false, true]
+        enable_new_auth: [false]
 
     # Do not submit to coveralls because it can't handle parallel workflows:
     # https://github.com/lemurheavy/coveralls-public/issues/1636#issuecomment-1529460515
@@ -42,4 +43,5 @@ jobs:
       shard_index: ${{ matrix.shard_index }}
       shard_total: ${{ matrix.shard_total }}
       disable_pushdown: ${{ matrix.disable_pushdown }}
+      enable_new_auth: ${{ matrix.enable_new_auth }}
       coveralls: false
diff --git a/Taskfile.yml b/Taskfile.yml
@@ -9,6 +9,7 @@ vars:
   SHARD_INDEX: 1
   SHARD_TOTAL: 1
   DISABLE_PUSHDOWN: false
+  ENABLE_NEW_AUTH: false
   TEST_RUN: ""
   TEST_TIMEOUT: 35m
   BENCH_TIME: 5s
@@ -217,6 +218,7 @@ tasks:
         -postgresql-url='postgres://username@127.0.0.1:5432/ferretdb?search_path='
         -compat-url='mongodb://username:password@127.0.0.1:47018/?tls=true&tlsCertificateKeyFile=../build/certs/client.pem&tlsCaFile=../build/certs/rootCA-cert.pem&replicaSet=mongodb-rs'
         -disable-pushdown={{.DISABLE_PUSHDOWN}}
+        -enable-new-auth={{.ENABLE_NEW_AUTH}}
 
   test-integration-sqlite:
     desc: "Run integration tests for `sqlite` backend"
@@ -242,6 +244,7 @@ tasks:
         -target-tls
         -compat-url='mongodb://username:password@127.0.0.1:47018/?tls=true&tlsCertificateKeyFile=../build/certs/client.pem&tlsCaFile=../build/certs/rootCA-cert.pem&replicaSet=mongodb-rs'
         -disable-pushdown={{.DISABLE_PUSHDOWN}}
+        -enable-new-auth={{.ENABLE_NEW_AUTH}}
 
   test-integration-mysql:
     desc: "Run integration tests for `mysql` handler"
@@ -267,6 +270,7 @@ tasks:
         -mysql-url='mysql://username:password@127.0.0.1:3306/ferretdb'
         -compat-url='mongodb://username:password@127.0.0.1:47018/?tls=true&tlsCertificateKeyFile=../build/certs/client.pem&tlsCaFile=../build/certs/rootCA-cert.pem&replicaSet=mongodb-rs'
         -disable-pushdown={{.DISABLE_PUSHDOWN}}
+        -enable-new-auth={{.ENABLE_NEW_AUTH}}
 
   test-integration-hana:
     desc: "Run integration tests for `hana` handler"
@@ -292,6 +296,7 @@ tasks:
         -hana-url=$FERRETDB_HANA_URL
         -compat-url='mongodb://username:password@127.0.0.1:47018/?tls=true&tlsCertificateKeyFile=../build/certs/client.pem&tlsCaFile=../build/certs/rootCA-cert.pem&replicaSet=mongodb-rs'
         -disable-pushdown={{.DISABLE_PUSHDOWN}}
+        -enable-new-auth={{.ENABLE_NEW_AUTH}}
 
   test-integration-mongodb:
     desc: "Run integration tests for MongoDB"

diff --git a/integration/setup/listener.go b/integration/setup/listener.go
@@ -181,7 +181,7 @@ func setupListener(tb testtb.TB, ctx context.Context, logger *zap.Logger) string
 		TestOpts: registry.TestOpts{
 			DisablePushdown: *disablePushdownF,
 			EnableOplog:     true,
-			EnableNewAuth:   false,
+			EnableNewAuth:   *enableNewAuthF,
 		},
 	}
 	h, closeBackend, err := registry.NewHandler(handler, handlerOpts)

diff --git a/integration/setup/setup.go b/integration/setup/setup.go
@@ -60,6 +60,7 @@ var (
 	logLevelF   = zap.LevelFlag("log-level", zap.DebugLevel, "log level for tests")
 
 	disablePushdownF = flag.Bool("disable-pushdown", false, "disable pushdown")
+	enableNewAuthF   = flag.Bool("enable-new-auth", false, "enable new auth")
 )
 
 // Other globals.

@@ -0,0 +1,64 @@
+// Copyright 2021 FerretDB Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package users
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+	"go.mongodb.org/mongo-driver/bson"
+
+	"github.com/FerretDB/FerretDB/integration"
+	"github.com/FerretDB/FerretDB/integration/setup"
+	"github.com/FerretDB/FerretDB/internal/util/testutil"
+)
+
+func TestCreateUser(t *testing.T) {
+	t.Parallel()
+
+	ctx, collection := setup.Setup(t)
+	// https://www.mongodb.com/docs/manual/reference/command/createUser/
+
+	_ = collection.Database().RunCommand(ctx, bson.D{
+		{"dropAllUsersFromDatabase", 1},
+	})
+
+	var res bson.D
+	err := collection.Database().RunCommand(ctx, bson.D{
+		{"createUser", "testuser"},
+		{"roles", bson.A{}},
+		{"pwd", "password"},
+	}).Decode(&res)
+
+	require.NoError(t, err)
+
+	actual := integration.ConvertDocument(t, res)
+	actual.Remove("$clusterTime")
+	actual.Remove("operationTime")
+
+	expected := integration.ConvertDocument(t, bson.D{{"ok", float64(1)}})
+
+	testutil.AssertEqual(t, expected, actual)
+
+	var rec bson.D
+	err = collection.Database().Collection("system.users").FindOne(ctx, bson.D{{"user", "testuser"}}).Decode(&rec)
+	require.NoError(t, err)
+
+	actualRecorded := integration.ConvertDocument(t, rec)
+	expectedRec := integration.ConvertDocument(t, bson.D{{"ok", float64(1)}})
+
+	testutil.AssertEqual(t, expectedRec, actualRecorded)
+
+}
diff --git a/internal/handler/msg_createuser.go b/internal/handler/msg_createuser.go
@@ -18,7 +18,9 @@ import (
 	"context"
 
 	"github.com/FerretDB/FerretDB/internal/handler/common"
+	"github.com/FerretDB/FerretDB/internal/types"
 	"github.com/FerretDB/FerretDB/internal/util/lazyerrors"
+	"github.com/FerretDB/FerretDB/internal/util/must"
 	"github.com/FerretDB/FerretDB/internal/wire"
 )
 
@@ -29,6 +31,35 @@ func (h *Handler) MsgCreateUser(ctx context.Context, msg *wire.OpMsg) (*wire.OpM
 		return nil, lazyerrors.Error(err)
 	}
 
+	// https://www.mongodb.com/docs/manual/reference/command/createUser/
+
+	username, err := common.GetRequiredParam[string](document, document.Command())
+	if err != nil {
+		return nil, err
+	}
+
+	password, err := common.GetRequiredParam[string](document, "pwd")
+	if err != nil {
+		return nil, err
+	}
+
+	if err := common.UnimplementedNonDefault(document, "roles", func(v any) bool {
+		roles, ok := v.(*types.Array)
+		return ok && roles.Len() == 0
+	}); err != nil {
+		return nil, err
+	}
+
+	_ = username
+	_ = password
+
 	// TODO https://github.com/FerretDB/FerretDB/issues/1491
-	return nil, common.Unimplemented(document, document.Command())
+	var reply wire.OpMsg
+	must.NoError(reply.SetSections(wire.OpMsgSection{
+		Documents: []*types.Document{must.NotFail(types.NewDocument(
+			"ok", float64(1),
+		))},
+	}))
+
+	return &reply, nil
 }