mongo 2.7.2 → 2.8.0.rc0

data/spec/integration/sdam_error_handling_spec.rb

@@ -0,0 +1,115 @@
+require 'spec_helper'
+
+describe 'SDAM error handling' do
+  before(:all) do
+    ClientRegistry.instance.close_all_clients
+  end
+
+  describe 'when there is an error during an operation' do
+    let(:client) { authorized_client }
+
+    before do
+      wait_for_all_servers(client.cluster)
+      # we also need a connection to the primary so that our error
+      # expectations do not get triggered during handshakes which
+      # have different behavior from non-handshake errors
+      client.database.command(ping: 1)
+      client.cluster.servers_list.each do |server|
+        server.monitor.stop!(true)
+      end
+    end
+
+    let(:server) { client.cluster.next_primary }
+
+    let(:operation) do
+      expect_any_instance_of(Mongo::Server::Connection).to receive(:deliver).and_return(reply)
+      expect do
+        client.database.command(ping: 1)
+      end.to raise_error(Mongo::Error::OperationFailure, exception_message)
+    end
+
+    shared_examples_for 'marks server unknown' do
+      it 'marks server unknown' do
+        expect(server).not_to be_unknown
+        operation
+        expect(server).to be_unknown
+      end
+    end
+
+    shared_examples_for 'does not mark server unknown' do
+      it 'does not mark server unknown' do
+        expect(server).not_to be_unknown
+        operation
+        expect(server).not_to be_unknown
+      end
+    end
+
+    shared_examples_for 'requests server scan' do
+      it 'requests server scan' do
+        expect(server.monitor.scan_semaphore).to receive(:signal)
+        operation
+      end
+    end
+
+    shared_examples_for 'does not request server scan' do
+      it 'does not request server scan' do
+        expect(server.monitor.scan_semaphore).not_to receive(:signal)
+        operation
+      end
+    end
+
+    context 'not master error' do
+      let(:exception_message) do
+        /not master/
+      end
+
+      let(:reply) do
+        make_not_master_reply
+      end
+
+      it_behaves_like 'marks server unknown'
+      it_behaves_like 'requests server scan'
+    end
+
+    context 'node is recovering error' do
+      let(:exception_message) do
+        /shutdown in progress/
+      end
+
+      let(:reply) do
+        make_node_recovering_reply
+      end
+
+      it_behaves_like 'marks server unknown'
+      it_behaves_like 'requests server scan'
+    end
+
+    context 'network error' do
+
+      let(:operation) do
+        expect_any_instance_of(Mongo::Socket).to receive(:read).and_raise(exception)
+        expect do
+          client.database.command(ping: 1)
+        end.to raise_error(exception)
+      end
+
+      context 'non-timeout network error' do
+        let(:exception) do
+          Mongo::Error::SocketError
+        end
+
+        it_behaves_like 'marks server unknown'
+        it_behaves_like 'does not request server scan'
+      end
+
+      context 'network timeout error' do
+        let(:exception) do
+          Mongo::Error::SocketTimeoutError
+        end
+
+        it_behaves_like 'does not mark server unknown'
+        it_behaves_like 'does not request server scan'
+      end
+    end
+  end
+end

data/spec/mongo/address/ipv4_spec.rb

@@ -69,10 +69,12 @@ describe Mongo::Address::IPv4 do
       end
 
       it 'returns an ssl socket' do
+        allow_any_instance_of(Mongo::Socket::SSL).to receive(:connect!)
         expect(socket).to be_a(Mongo::Socket::SSL)
       end
 
       it 'sets the family as ipv4' do
+        allow_any_instance_of(Mongo::Socket::SSL).to receive(:connect!)
         expect(socket.family).to eq(Socket::PF_INET)
       end
     end
@@ -84,10 +86,12 @@ describe Mongo::Address::IPv4 do
       end
 
       it 'returns a tcp socket' do
+        allow_any_instance_of(Mongo::Socket::TCP).to receive(:connect!)
         expect(socket).to be_a(Mongo::Socket::TCP)
       end
 
       it 'sets the family a ipv4' do
+        allow_any_instance_of(Mongo::Socket::TCP).to receive(:connect!)
         expect(socket.family).to eq(Socket::PF_INET)
       end
     end

data/spec/mongo/address/ipv6_spec.rb

@@ -97,10 +97,12 @@ describe Mongo::Address::IPv6 do
       end
 
       it 'returns an ssl socket' do
+        allow_any_instance_of(Mongo::Socket::SSL).to receive(:connect!)
         expect(socket).to be_a(Mongo::Socket::SSL)
       end
 
       it 'sets the family as ipv6' do
+        allow_any_instance_of(Mongo::Socket::SSL).to receive(:connect!)
         expect(socket.family).to eq(Socket::PF_INET6)
       end
     end
@@ -112,10 +114,12 @@ describe Mongo::Address::IPv6 do
       end
 
       it 'returns a tcp socket' do
+        allow_any_instance_of(Mongo::Socket::TCP).to receive(:connect!)
         expect(socket).to be_a(Mongo::Socket::TCP)
       end
 
       it 'sets the family a ipv6' do
+        allow_any_instance_of(Mongo::Socket::TCP).to receive(:connect!)
         expect(socket.family).to eq(Socket::PF_INET6)
       end
     end

data/spec/mongo/auth/scram/conversation_spec.rb

@@ -15,13 +15,14 @@ describe Mongo::Auth::SCRAM::Conversation, retry: 3 do
         database: Mongo::Database::ADMIN,
         user: 'user',
         password: 'pencil',
-        # We specify SCRAM-SHA-1 so that we don't accidentally use SCRAM-SHA-256 on newer server versions.
-        auth_mech: 'SCRAM-SHA-1'
+        # We specify SCRAM-SHA-1 so that we don't accidentally use
+        # SCRAM-SHA-256 on newer server versions.
+        auth_mech: :scram,
       )
     end
 
     let(:mechanism) do
-      'SCRAM-SHA-1'
+      :scram
     end
 
     describe '#start' do
@@ -216,12 +217,12 @@ describe Mongo::Auth::SCRAM::Conversation, retry: 3 do
         database: Mongo::Database::ADMIN,
         user: 'user',
         password: 'pencil',
-        auth_mech: 'SCRAM-SHA-256'
+        auth_mech: :scram256,
       )
     end
 
     let(:mechanism) do
-      'SCRAM-SHA-256'
+      :scram256
     end
 
     describe '#start' do

data/spec/mongo/auth/scram/negotiation_spec.rb

@@ -22,7 +22,7 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
         createUser: user.name,
         pwd: password,
         roles: ['root'],
-        mechanisms: auth_mechanisms
+        mechanisms: server_user_auth_mechanisms,
       )
       client.close
     end
@@ -57,7 +57,7 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
 
       context 'when the user only can use SCRAM-SHA-1 to authenticate' do
 
-        let(:auth_mechanisms) do
+        let(:server_user_auth_mechanisms) do
           ['SCRAM-SHA-1']
         end
 
@@ -111,7 +111,7 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
 
       context 'when the user only can use SCRAM-SHA-256 to authenticate' do
 
-        let(:auth_mechanisms) do
+        let(:server_user_auth_mechanisms) do
           ['SCRAM-SHA-256']
         end
 
@@ -165,7 +165,7 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
 
       context 'when the user only can use either SCRAM-SHA-1 or SCRAM-SHA-256 to authenticate' do
 
-        let(:auth_mechanisms) do
+        let(:server_user_auth_mechanisms) do
           ['SCRAM-SHA-1', 'SCRAM-SHA-256']
         end
 
@@ -200,13 +200,11 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
             create_user!
 
             mechanism = nil
-            # Negotiation currently happens on monitoring sockets,
-            # hence may be invoked more than once here
-            expect(Mongo::Auth).to receive(:get).at_least(:once).and_wrap_original do |m, *args|
+            expect(Mongo::Auth).to receive(:get).and_wrap_original do |m, user|
               # copy mechanism here rather than whole user
               # in case something mutates mechanism later
-              mechanism = args.first.mechanism
-              m.call(*args)
+              mechanism = user.mechanism
+              m.call(user)
             end
 
             expect { result }.not_to raise_error
@@ -224,15 +222,11 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
             create_user!
 
             mechanism = nil
-            # Negotiation currently happens on monitoring sockets,
-            # hence may be invoked more than once here
-            expect(Mongo::Auth).to receive(:get).at_least(:once).and_wrap_original do |m, *args|
-              if args.first.name == 'both'
-                # copy mechanism here rather than whole user
-                # in case something mutates mechanism later
-                mechanism = args.first.mechanism
-                m.call(*args)
-              end
+            expect(Mongo::Auth).to receive(:get).and_wrap_original do |m, user|
+              # copy mechanism here rather than whole user
+              # in case something mutates mechanism later
+              mechanism = user.mechanism
+              m.call(user)
             end
 
             expect { result }.not_to raise_error
@@ -266,7 +260,7 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
         nil
       end
 
-      let(:auth_mechanisms) do
+      let(:server_user_auth_mechanisms) do
         ['SCRAM-SHA-256']
       end
 
@@ -345,7 +339,7 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
 
       context 'when the user only can use SCRAM-SHA-1 to authenticate' do
 
-        let(:auth_mechanisms) do
+        let(:server_user_auth_mechanisms) do
           ['SCRAM-SHA-1']
         end
 
@@ -398,7 +392,7 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
 
       context 'when the user only can use SCRAM-SHA-256 to authenticate' do
 
-        let(:auth_mechanisms) do
+        let(:server_user_auth_mechanisms) do
           ['SCRAM-SHA-256']
         end
 
@@ -452,7 +446,7 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
 
       context 'when the user only can use either SCRAM-SHA-1 or SCRAM-SHA-256 to authenticate' do
 
-        let(:auth_mechanisms) do
+        let(:server_user_auth_mechanisms) do
           ['SCRAM-SHA-1', 'SCRAM-SHA-256']
         end
 
@@ -485,15 +479,14 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
 
           it 'authenticates successfully' do
             create_user!
+            expect(user.mechanism).to eq(:scram)
 
             mechanism = nil
-            # Negotiation currently happens on monitoring sockets,
-            # hence may be invoked more than once here
-            expect(Mongo::Auth).to receive(:get).at_least(:once).and_wrap_original do |m, *args|
+            expect(Mongo::Auth).to receive(:get).and_wrap_original do |m, user|
               # copy mechanism here rather than whole user
               # in case something mutates mechanism later
-              mechanism = args.first.mechanism
-              m.call(*args)
+              mechanism = user.mechanism
+              m.call(user)
             end
 
             expect { result }.not_to raise_error
@@ -511,15 +504,11 @@ describe 'SCRAM-SHA auth mechanism negotiation' do
             create_user!
 
             mechanism = nil
-            # Negotiation currently happens on monitoring sockets,
-            # hence may be invoked more than once here
-            expect(Mongo::Auth).to receive(:get).at_least(:once).and_wrap_original do |m, *args|
-              if args.first.name == 'both'
-                # copy mechanism here rather than whole user
-                # in case something mutates mechanism later
-                mechanism = args.first.mechanism
-                m.call(*args)
-              end
+            expect(Mongo::Auth).to receive(:get).and_wrap_original do |m, user|
+              # copy mechanism here rather than whole user
+              # in case something mutates mechanism later
+              mechanism = user.mechanism
+              m.call(user)
             end
 
             expect { result }.not_to raise_error

data/spec/mongo/auth/scram_spec.rb

@@ -50,7 +50,7 @@ describe Mongo::Auth::SCRAM do
             database: 'driver',
             user: 'notauser',
             password: 'password',
-            auth_mech: 'SCRAM-SHA-1'
+            auth_mech: :scram,
           )
         end
 
@@ -118,7 +118,7 @@ describe Mongo::Auth::SCRAM do
             database: 'driver',
             user: 'notauser',
             password: 'password',
-            auth_mech: 'SCRAM-SHA-256'
+            auth_mech: :scram256,
           )
         end
 

data/spec/mongo/auth/user_spec.rb

@@ -10,6 +10,68 @@ describe Mongo::Auth::User do
     described_class.new(options)
   end
 
+  describe '#initialize' do
+    let(:user) { Mongo::Auth::User.new(options) }
+
+    context 'no options' do
+      let(:options) { {} }
+
+      it 'succeeds' do
+        expect(user).to be_a(Mongo::Auth::User)
+      end
+    end
+
+    context 'invalid mechanism' do
+      let(:options) { {auth_mech: :invalid} }
+
+      it 'raises ArgumentError' do
+        expect do
+          user
+        end.to raise_error(Mongo::Auth::InvalidMechanism, ":invalid is invalid, please use one of the following mechanisms: :mongodb_cr, :mongodb_x509, :plain, :scram, :scram256")
+      end
+    end
+
+    context 'mechanism given as string' do
+      let(:options) { {auth_mech: 'scram'} }
+
+      context 'not linting' do
+        skip_if_linting
+
+        it 'warns' do
+          expect(Mongo::Logger.logger).to receive(:warn)
+          user
+        end
+
+        it 'converts mechanism to symbol' do
+          expect(user.mechanism).to eq(:scram)
+        end
+      end
+
+      context 'linting' do
+        require_linting
+
+        it 'raises LintError' do
+          expect do
+            user
+          end.to raise_error(Mongo::Error::LintError, "Auth mechanism \"scram\" must be specified as a symbol")
+        end
+      end
+    end
+
+    context 'mechanism given as symbol' do
+      let(:options) { {auth_mech: :scram} }
+
+      it 'does not warn' do
+        expect(Mongo::Logger.logger).not_to receive(:warn)
+        user
+      end
+
+      it 'stores mechanism' do
+        expect(user.mechanism).to eq(:scram)
+      end
+    end
+  end
+
   describe '#auth_key' do
 
     let(:nonce) do
@@ -93,6 +155,41 @@ describe Mongo::Auth::User do
     it 'returns the hashed password' do
       expect(user.hashed_password).to eq(expected)
     end
+
+    context 'password not given' do
+      let(:options) { {user: 'foo'} }
+
+      it 'raises MissingPassword' do
+        expect do
+          user.hashed_password
+        end.to raise_error(Mongo::Error::MissingPassword)
+      end
+    end
+  end
+
+  describe '#sasl_prepped_password' do
+
+    let(:expected) do
+      'pass'
+    end
+
+    it 'returns the clear text password' do
+      expect(user.send(:sasl_prepped_password)).to eq(expected)
+    end
+
+    it 'returns the password encoded in utf-8' do
+      expect(user.sasl_prepped_password.encoding.name).to eq('UTF-8')
+    end
+
+    context 'password not given' do
+      let(:options) { {user: 'foo'} }
+
+      it 'raises MissingPassword' do
+        expect do
+          user.sasl_prepped_password
+        end.to raise_error(Mongo::Error::MissingPassword)
+      end
+    end
   end
 
   describe '#mechanism' do