5151 unittest ,
5252 host ,
5353 port ,
54- pair ,
55- IntegrationTest )
54+ IntegrationTest ,
55+ db_user )
5656from test .utils import (
5757 ignore_deprecations ,
5858 remove_all_users ,
59+ rs_or_single_client_noauth ,
5960 server_started_with_auth )
6061
6162
@@ -365,58 +366,58 @@ def test_password_digest(self):
365366
366367 @client_context .require_auth
367368 def test_authenticate_add_remove_user (self ):
368- db = self .client .pymongo_test
369+ # "self.client" is logged in as root.
370+ auth_db = self .client .pymongo_test
371+ db = rs_or_single_client_noauth ().pymongo_test
369372
370373 # Configuration errors
371- self .assertRaises (ValueError , db .add_user , "user" , '' )
372- self .assertRaises (TypeError , db .add_user , "user" , 'password' , 15 )
373- self .assertRaises (ConfigurationError , db .add_user ,
374+ self .assertRaises (ValueError , auth_db .add_user , "user" , '' )
375+ self .assertRaises (TypeError , auth_db .add_user , "user" , 'password' , 15 )
376+ self .assertRaises (ConfigurationError , auth_db .add_user ,
374377 "user" , 'password' , 'True' )
375- self .assertRaises (ConfigurationError , db .add_user ,
378+ self .assertRaises (ConfigurationError , auth_db .add_user ,
376379 "user" , 'password' , True , roles = ['read' ])
377380
378381 if client_context .version .at_least (2 , 5 , 3 , - 1 ):
379382 with warnings .catch_warnings ():
380383 warnings .simplefilter ("error" , DeprecationWarning )
381- self .assertRaises (DeprecationWarning , db .add_user ,
384+ self .assertRaises (DeprecationWarning , auth_db .add_user ,
382385 "user" , "password" )
383- self .assertRaises (DeprecationWarning , db .add_user ,
386+ self .assertRaises (DeprecationWarning , auth_db .add_user ,
384387 "user" , "password" , True )
385388
386389 with ignore_deprecations ():
387- self .assertRaises (ConfigurationError , db .add_user ,
390+ self .assertRaises (ConfigurationError , auth_db .add_user ,
388391 "user" , "password" , digestPassword = True )
389392
390- self .client .admin .add_user ("admin" , "password" ,
391- roles = ["root" , "userAdminAnyDatabase" ])
392- auth_c = MongoClient (pair )
393- auth_c .admin .authenticate ("admin" , "password" )
394- db = auth_c .pymongo_test
395-
396393 try :
397394 # Add / authenticate / remove
398- db .add_user ("mike" , "password" , roles = ["dbOwner" ])
395+ auth_db .add_user ("mike" , "password" , roles = ["dbOwner" ])
399396 self .assertRaises (TypeError , db .authenticate , 5 , "password" )
400397 self .assertRaises (TypeError , db .authenticate , "mike" , 5 )
401398 self .assertRaises (OperationFailure ,
402399 db .authenticate , "mike" , "not a real password" )
403400 self .assertRaises (OperationFailure ,
404401 db .authenticate , "faker" , "password" )
405- self . assertTrue ( db .authenticate ("mike" , "password" ) )
402+ db .authenticate ("mike" , "password" )
406403 db .logout ()
407- self .assertTrue (db .authenticate (u ("mike" ), u ("password" )))
408- db .remove_user ("mike" )
404+
405+ # Unicode name and password.
406+ db .authenticate (u ("mike" ), u ("password" ))
409407 db .logout ()
410408
409+ auth_db .remove_user ("mike" )
411410 self .assertRaises (OperationFailure ,
412411 db .authenticate , "mike" , "password" )
413412
414413 # Add / authenticate / change password
415414 self .assertRaises (OperationFailure ,
416415 db .authenticate , "Gustave" , u ("Dor\xe9 " ))
417- db .add_user ("Gustave" , u ("Dor\xe9 " ), roles = ["dbOwner" ])
418- self .assertTrue (db .authenticate ("Gustave" , u ("Dor\xe9 " )))
419- db .add_user ("Gustave" , "password" , roles = ["dbOwner" ])
416+ auth_db .add_user ("Gustave" , u ("Dor\xe9 " ), roles = ["dbOwner" ])
417+ db .authenticate ("Gustave" , u ("Dor\xe9 " ))
418+
419+ # Change password.
420+ auth_db .add_user ("Gustave" , "password" , roles = ["dbOwner" ])
420421 db .logout ()
421422 self .assertRaises (OperationFailure ,
422423 db .authenticate , "Gustave" , u ("Dor\xe9 " ))
@@ -425,115 +426,79 @@ def test_authenticate_add_remove_user(self):
425426 if not client_context .version .at_least (2 , 5 , 3 , - 1 ):
426427 # Add a readOnly user
427428 with ignore_deprecations ():
428- db .add_user ("Ross" , "password" , read_only = True )
429+ auth_db .add_user ("Ross" , "password" , read_only = True )
429430
430431 db .logout ()
431- self .assertTrue (db .authenticate ("Ross" , u ("password" )))
432- self .assertTrue (db .system .users .find ({"readOnly" : True }).count ())
433- db .logout ()
434-
435- # Cleanup
432+ db .authenticate ("Ross" , u ("password" ))
433+ self .assertTrue (
434+ auth_db .system .users .find ({"readOnly" : True }).count ())
436435 finally :
437- remove_all_users (db )
438- db .logout ()
439- auth_c .admin .remove_user ("admin" )
436+ remove_all_users (auth_db )
440437
441438 @client_context .require_auth
442439 def test_make_user_readonly (self ):
443- auth_c = MongoClient (pair )
444- admin = auth_c .admin
445- self .client .admin .add_user ('admin' , 'pw' ,
446- roles = ['root' , 'userAdminAnyDatabase' ])
447- admin .authenticate ('admin' , 'pw' )
448-
449- db = auth_c .pymongo_test
440+ # "self.client" is logged in as root.
441+ auth_db = self .client .pymongo_test
442+ db = rs_or_single_client_noauth ().pymongo_test
450443
451444 try :
452445 # Make a read-write user.
453- db .add_user ('jesse' , 'pw' )
454- admin .logout ()
446+ auth_db .add_user ('jesse' , 'pw' )
455447
456448 # Check that we're read-write by default.
457449 db .authenticate ('jesse' , 'pw' )
458450 db .collection .insert ({})
459451 db .logout ()
460452
461453 # Make the user read-only.
462- admin .authenticate ('admin' , 'pw' )
463- db .add_user ('jesse' , 'pw' , read_only = True )
464- admin .logout ()
454+ auth_db .add_user ('jesse' , 'pw' , read_only = True )
465455
466456 db .authenticate ('jesse' , 'pw' )
467457 self .assertRaises (OperationFailure , db .collection .insert , {})
468458 finally :
469- # Cleanup
470- admin .authenticate ('admin' , 'pw' )
471- remove_all_users (db )
472- admin .remove_user ("admin" )
459+ remove_all_users (auth_db )
473460
474461 @client_context .require_version_min (2 , 5 , 3 , - 1 )
475462 @client_context .require_auth
476463 def test_default_roles (self ):
477- # "Admin" user
478- with ignore_deprecations ():
479- self .client .admin .add_user ('admin' , 'pass' )
480-
481- auth_c = MongoClient (pair )
482- db = auth_c .admin
464+ # "self.client" is logged in as root.
465+ auth_admin = self .client .admin
483466 try :
484- db .authenticate ('admin' , 'pass' )
485- info = db .command ('usersInfo' , 'admin' )['users' ][0 ]
467+ info = auth_admin .command ('usersInfo' , db_user )['users' ][0 ]
486468 self .assertEqual ("root" , info ['roles' ][0 ]['role' ])
487469
488470 # Read only "admin" user
489- db .add_user ('ro-admin' , 'pass' , read_only = True )
490- db .logout ()
491- db .authenticate ('ro-admin' , 'pass' )
492- info = db .command ('usersInfo' , 'ro-admin' )['users' ][0 ]
471+ auth_admin .add_user ('ro-admin' , 'pass' , read_only = True )
472+ info = auth_admin .command ('usersInfo' , 'ro-admin' )['users' ][0 ]
493473 self .assertEqual ("readAnyDatabase" , info ['roles' ][0 ]['role' ])
494- db .logout ()
495-
496- # Cleanup
497474 finally :
498- db .authenticate ('admin' , 'pass' )
499- db .remove_user ('ro-admin' )
500- db .remove_user ('admin' )
501- db .logout ()
502-
503- db .connection .disconnect ()
475+ auth_admin .remove_user ('ro-admin' )
504476
505477 # "Non-admin" user
506- db = auth_c .pymongo_test
507- self . client . pymongo_test .add_user ('user' , 'pass' )
478+ auth_db = self . client .pymongo_test
479+ auth_db .add_user ('user' , 'pass' )
508480 try :
509- db .authenticate ('user' , 'pass' )
510- info = db .command ('usersInfo' , 'user' )['users' ][0 ]
481+ info = auth_db .command ('usersInfo' , 'user' )['users' ][0 ]
511482 self .assertEqual ("dbOwner" , info ['roles' ][0 ]['role' ])
512- db .logout ()
513483
514484 # Read only "Non-admin" user
515- self .client .pymongo_test .add_user ('ro-user' , 'pass' ,
516- read_only = True )
517- db .authenticate ('ro-user' , 'pass' )
518- info = db .command ('usersInfo' , 'ro-user' )['users' ][0 ]
485+ auth_db .add_user ('ro-user' , 'pass' , read_only = True )
486+ info = auth_db .command ('usersInfo' , 'ro-user' )['users' ][0 ]
519487 self .assertEqual ("read" , info ['roles' ][0 ]['role' ])
520- db .logout ()
521-
522- # Cleanup
523488 finally :
524- db .authenticate ('user' , 'pass' )
525- remove_all_users (db )
489+ remove_all_users (auth_db )
526490
527491 @client_context .require_version_min (2 , 5 , 3 , - 1 )
528492 @client_context .require_auth
529493 def test_new_user_cmds (self ):
530- auth_c = MongoClient (pair )
531- db = auth_c .pymongo_test
532- self .client .pymongo_test .add_user ("amalia" , "password" ,
533- roles = ["userAdmin" ])
494+ # "self.client" is logged in as root.
495+ auth_db = self .client .pymongo_test
496+ auth_db .add_user ("amalia" , "password" , roles = ["userAdmin" ])
534497
535- db .authenticate ("amalia" , "password" )
536498 try :
499+ db = rs_or_single_client_noauth ().pymongo_test
500+ db .authenticate ("amalia" , "password" )
501+
537502 # This tests the ability to update user attributes.
538503 db .add_user ("amalia" , "new_password" ,
539504 customData = {"secret" : "koalas" })
@@ -544,61 +509,33 @@ def test_new_user_cmds(self):
544509 self .assertEqual (amalia_user ["user" ], "amalia" )
545510 self .assertEqual (amalia_user ["customData" ], {"secret" : "koalas" })
546511 finally :
547- db .remove_user ("amalia" )
548-
549- @client_context .require_auth
550- def test_authenticate_and_safe (self ):
551- auth_c = MongoClient (pair )
552- db = auth_c .auth_test
553-
554- self .client .auth_test .add_user (
555- "bernie" , "password" ,
556- roles = ["userAdmin" , "dbAdmin" , "readWrite" ])
557- db .authenticate ("bernie" , "password" )
558- try :
559- db .test .remove ({})
560- self .assertTrue (db .test .insert ({"bim" : "baz" }))
561- self .assertEqual (1 , db .test .count ())
562-
563- self .assertEqual (1 ,
564- db .test .update ({"bim" : "baz" },
565- {"$set" : {"bim" : "bar" }}).get ('n' ))
566-
567- self .assertEqual (1 ,
568- db .test .remove ({}).get ('n' ))
569-
570- self .assertEqual (0 , db .test .count ())
571- finally :
572- db .remove_user ("bernie" )
512+ auth_db .remove_user ("amalia" )
573513
574514 @client_context .require_auth
575515 def test_authenticate_multiple (self ):
576- # Setup
516+ # "self.client" is logged in as root.
577517 self .client .drop_database ("pymongo_test" )
578518 self .client .drop_database ("pymongo_test1" )
579- auth_c = MongoClient ( pair )
580- users_db = auth_c .pymongo_test
581- admin_db = auth_c . admin
582- other_db = auth_c . pymongo_test1
583-
584- self . client .admin . add_user (
585- 'admin' , 'pass' ,
586- roles = [ "userAdminAnyDatabase" , "dbAdmin" ,
587- "clusterAdmin" , "readWrite" ])
519+ admin_db_auth = self . client . admin
520+ users_db_auth = self . client .pymongo_test
521+
522+ # Non-root client.
523+ client = rs_or_single_client_noauth ()
524+ admin_db = client .admin
525+ users_db = client . pymongo_test
526+ other_db = client . pymongo_test1
527+
588528 try :
589- self .assertTrue ( admin_db . authenticate ( 'admin' , 'pass' ) )
529+ self .assertRaises ( OperationFailure , users_db . test . find_one )
590530
591531 if client_context .version .at_least (2 , 5 , 3 , - 1 ):
592- admin_db .add_user ('ro-admin' , 'pass' ,
593- roles = ["userAdmin" , "readAnyDatabase" ])
532+ admin_db_auth .add_user ('ro-admin' , 'pass' ,
533+ roles = ["userAdmin" , "readAnyDatabase" ])
594534 else :
595- admin_db .add_user ('ro-admin' , 'pass' , read_only = True )
596-
597- users_db .add_user ('user' , 'pass' ,
598- roles = ["userAdmin" , "readWrite" ])
535+ admin_db_auth .add_user ('ro-admin' , 'pass' , read_only = True )
599536
600- admin_db . logout ()
601- self . assertRaises ( OperationFailure , users_db . test . find_one )
537+ users_db_auth . add_user ( 'user' , 'pass' ,
538+ roles = [ "userAdmin" , "readWrite" ] )
602539
603540 # Regular user should be able to query its own db, but
604541 # no other.
@@ -613,22 +550,21 @@ def test_authenticate_multiple(self):
613550 self .assertRaises (OperationFailure ,
614551 other_db .test .insert , {})
615552
616- # Force close all sockets
617- auth_c .disconnect ()
553+ # Close all sockets.
554+ client .disconnect ()
618555
619- # We should still be able to write to the regular user's db
556+ # We should still be able to write to the regular user's db.
620557 self .assertTrue (users_db .test .remove ())
558+
621559 # And read from other dbs...
622560 self .assertEqual (0 , other_db .test .count ())
623- # But still not write to other dbs...
561+
562+ # But still not write to other dbs.
624563 self .assertRaises (OperationFailure ,
625564 other_db .test .insert , {})
626-
627- # Cleanup
628565 finally :
629- remove_all_users (users_db )
630- self .client .admin .remove_user ('ro-admin' )
631- self .client .admin .remove_user ('admin' )
566+ remove_all_users (users_db_auth )
567+ admin_db_auth .remove_user ('ro-admin' )
632568
633569 def test_id_ordering (self ):
634570 # PyMongo attempts to have _id show up first
0 commit comments