[SERVER-25825] Authz test for user-defined roles does not properly manipulate privileges Created: 26/Aug/16 Updated: 22/Nov/16 Resolved: 06/Sep/16 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | JavaScript |
| Affects Version/s: | 3.3.11 |
| Fix Version/s: | 3.2.12, 3.3.14 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Kyle Suarez | Assignee: | Kyle Suarez |
| Resolution: | Done | Votes: | 0 |
| Labels: | test-only | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Operating System: | ALL | ||||||||
| Backport Completed: | |||||||||
| Participants: | |||||||||
| Description |
|
In jstests/auth/commands_user_defined_roles.js, the function runOneTest() tests that each test case works when either the database or collection named in each resource is the empty string. But it attempts to do this by manipulating a local copy of the privileges array, and these modifications aren't used when testProperAuthorization() is called. |
| Comments |
| Comment by Githook User [ 22/Nov/16 ] | |||||||||||||||||||||||
|
Author: {u'username': u'ksuarz', u'name': u'Kyle Suarez', u'email': u'kyle.suarez@mongodb.com'}Message: | |||||||||||||||||||||||
| Comment by Githook User [ 06/Sep/16 ] | |||||||||||||||||||||||
|
Author: {u'username': u'ksuarz', u'name': u'Kyle Suarez', u'email': u'kyle.suarez@mongodb.com'}Message: Adds test infrastructure to handle special-case behavior for views when a Also fixes | |||||||||||||||||||||||
| Comment by Kyle Suarez [ 26/Aug/16 ] | |||||||||||||||||||||||
|
I think a fix might be as simple as
but I'm not 100% confident with my JavaScript. |