mongodb/mongo-python-driver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PYTHON-2842 Integration tests for observeSensitiveCommands field (#684)

Browse Source 
(cherry picked from commit f3486d7ad7)
This commit is contained in:
Prashant Mital 2021-07-29 15:32:53 -07:00 committed by Prashant Mital
parent 94a78fd21c
commit caf9b321f9
No known key found for this signature in database
GPG Key ID: 8EFE2B468F727B75
2 changed files with 705 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

691
test/unified-test-format/valid-pass/observeSensitiveCommands.json Normal file
View File

@ -0,0 +1,691 @@
{
"description": "observeSensitiveCommands",
"schemaVersion": "1.5",
"runOnRequirements": [
{
"auth": false
}
],
"createEntities": [
{
"client": {
"id": "client0",
"observeEvents": [
"commandStartedEvent",
"commandSucceededEvent"
],
"observeSensitiveCommands": true
}
},
{
"client": {
"id": "client1",
"observeEvents": [
"commandStartedEvent",
"commandSucceededEvent"
],
"observeSensitiveCommands": false
}
},
{
"client": {
"id": "client2",
"observeEvents": [
"commandStartedEvent",
"commandSucceededEvent"
]
}
},
{
"database": {
"id": "database0",
"client": "client0",
"databaseName": "observeSensitiveCommands"
}
},
{
"database": {
"id": "database1",
"client": "client1",
"databaseName": "observeSensitiveCommands"
}
},
{
"database": {
"id": "database2",
"client": "client2",
"databaseName": "observeSensitiveCommands"
}
}
],
"tests": [
{
"description": "getnonce is observed with observeSensitiveCommands=true",
"operations": [
{
"name": "runCommand",
"object": "database0",
"arguments": {
"commandName": "getnonce",
"command": {
"getnonce": 1
}
}
}
],
"expectEvents": [
{
"client": "client0",
"events": [
{
"commandStartedEvent": {
"commandName": "getnonce",
"command": {
"getnonce": {
"$$exists": false
}
}
}
},
{
"commandSucceededEvent": {
"commandName": "getnonce",
"reply": {
"ok": {
"$$exists": false
},
"nonce": {
"$$exists": false
}
}
}
}
]
}
]
},
{
"description": "getnonce is not observed with observeSensitiveCommands=false",
"operations": [
{
"name": "runCommand",
"object": "database1",
"arguments": {
"commandName": "getnonce",
"command": {
"getnonce": 1
}
}
}
],
"expectEvents": [
{
"client": "client1",
"events": []
}
]
},
{
"description": "getnonce is not observed by default",
"operations": [
{
"name": "runCommand",
"object": "database2",
"arguments": {
"commandName": "getnonce",
"command": {
"getnonce": 1
}
}
}
],
"expectEvents": [
{
"client": "client2",
"events": []
}
]
},
{
"description": "hello with speculativeAuthenticate",
"runOnRequirements": [
{
"minServerVersion": "4.9"
}
],
"operations": [
{
"name": "runCommand",
"object": "database0",
"arguments": {
"commandName": "hello",
"command": {
"hello": 1,
"speculativeAuthenticate": {
"saslStart": 1
}
}
}
},
{
"name": "runCommand",
"object": "database1",
"arguments": {
"commandName": "hello",
"command": {
"hello": 1,
"speculativeAuthenticate": {
"saslStart": 1
}
}
}
},
{
"name": "runCommand",
"object": "database2",
"arguments": {
"commandName": "hello",
"command": {
"hello": 1,
"speculativeAuthenticate": {
"saslStart": 1
}
}
}
}
],
"expectEvents": [
{
"client": "client0",
"events": [
{
"commandStartedEvent": {
"commandName": "hello",
"command": {
"hello": {
"$$exists": false
},
"speculativeAuthenticate": {
"$$exists": false
}
}
}
},
{
"commandSucceededEvent": {
"commandName": "hello",
"reply": {
"isWritablePrimary": {
"$$exists": false
},
"speculativeAuthenticate": {
"$$exists": false
}
}
}
}
]
},
{
"client": "client1",
"events": []
},
{
"client": "client2",
"events": []
}
]
},
{
"description": "hello without speculativeAuthenticate is always observed",
"runOnRequirements": [
{
"minServerVersion": "4.9"
}
],
"operations": [
{
"name": "runCommand",
"object": "database0",
"arguments": {
"commandName": "hello",
"command": {
"hello": 1
}
}
},
{
"name": "runCommand",
"object": "database1",
"arguments": {
"commandName": "hello",
"command": {
"hello": 1
}
}
},
{
"name": "runCommand",
"object": "database2",
"arguments": {
"commandName": "hello",
"command": {
"hello": 1
}
}
}
],
"expectEvents": [
{
"client": "client0",
"events": [
{
"commandStartedEvent": {
"commandName": "hello",
"command": {
"hello": 1
}
}
},
{
"commandSucceededEvent": {
"commandName": "hello",
"reply": {
"isWritablePrimary": {
"$$exists": true
}
}
}
}
]
},
{
"client": "client1",
"events": [
{
"commandStartedEvent": {
"commandName": "hello",
"command": {
"hello": 1
}
}
},
{
"commandSucceededEvent": {
"commandName": "hello",
"reply": {
"isWritablePrimary": {
"$$exists": true
}
}
}
}
]
},
{
"client": "client2",
"events": [
{
"commandStartedEvent": {
"commandName": "hello",
"command": {
"hello": 1
}
}
},
{
"commandSucceededEvent": {
"commandName": "hello",
"reply": {
"isWritablePrimary": {
"$$exists": true
}
}
}
}
]
}
]
},
{
"description": "legacy hello with speculativeAuthenticate",
"operations": [
{
"name": "runCommand",
"object": "database0",
"arguments": {
"commandName": "ismaster",
"command": {
"ismaster": 1,
"speculativeAuthenticate": {
"saslStart": 1
}
}
}
},
{
"name": "runCommand",
"object": "database0",
"arguments": {
"commandName": "isMaster",
"command": {
"isMaster": 1,
"speculativeAuthenticate": {
"saslStart": 1
}
}
}
},
{
"name": "runCommand",
"object": "database1",
"arguments": {
"commandName": "ismaster",
"command": {
"ismaster": 1,
"speculativeAuthenticate": {
"saslStart": 1
}
}
}
},
{
"name": "runCommand",
"object": "database1",
"arguments": {
"commandName": "isMaster",
"command": {
"isMaster": 1,
"speculativeAuthenticate": {
"saslStart": 1
}
}
}
},
{
"name": "runCommand",
"object": "database2",
"arguments": {
"commandName": "ismaster",
"command": {
"ismaster": 1,
"speculativeAuthenticate": {
"saslStart": 1
}
}
}
},
{
"name": "runCommand",
"object": "database2",
"arguments": {
"commandName": "isMaster",
"command": {
"isMaster": 1,
"speculativeAuthenticate": {
"saslStart": 1
}
}
}
}
],
"expectEvents": [
{
"client": "client0",
"events": [
{
"commandStartedEvent": {
"commandName": "ismaster",
"command": {
"ismaster": {
"$$exists": false
},
"speculativeAuthenticate": {
"$$exists": false
}
}
}
},
{
"commandSucceededEvent": {
"commandName": "ismaster",
"reply": {
"ismaster": {
"$$exists": false
},
"speculativeAuthenticate": {
"$$exists": false
}
}
}
},
{
"commandStartedEvent": {
"commandName": "isMaster",
"command": {
"isMaster": {
"$$exists": false
},
"speculativeAuthenticate": {
"$$exists": false
}
}
}
},
{
"commandSucceededEvent": {
"commandName": "isMaster",
"reply": {
"ismaster": {
"$$exists": false
},
"speculativeAuthenticate": {
"$$exists": false
}
}
}
}
]
},
{
"client": "client1",
"events": []
},
{
"client": "client2",
"events": []
}
]
},
{
"description": "legacy hello without speculativeAuthenticate is always observed",
"operations": [
{
"name": "runCommand",
"object": "database0",
"arguments": {
"commandName": "ismaster",
"command": {
"ismaster": 1
}
}
},
{
"name": "runCommand",
"object": "database0",
"arguments": {
"commandName": "isMaster",
"command": {
"isMaster": 1
}
}
},
{
"name": "runCommand",
"object": "database1",
"arguments": {
"commandName": "ismaster",
"command": {
"ismaster": 1
}
}
},
{
"name": "runCommand",
"object": "database1",
"arguments": {
"commandName": "isMaster",
"command": {
"isMaster": 1
}
}
},
{
"name": "runCommand",
"object": "database2",
"arguments": {
"commandName": "ismaster",
"command": {
"ismaster": 1
}
}
},
{
"name": "runCommand",
"object": "database2",
"arguments": {
"commandName": "isMaster",
"command": {
"isMaster": 1
}
}
}
],
"expectEvents": [
{
"client": "client0",
"events": [
{
"commandStartedEvent": {
"commandName": "ismaster",
"command": {
"ismaster": 1
}
}
},
{
"commandSucceededEvent": {
"commandName": "ismaster",
"reply": {
"ismaster": {
"$$exists": true
}
}
}
},
{
"commandStartedEvent": {
"commandName": "isMaster",
"command": {
"isMaster": 1
}
}
},
{
"commandSucceededEvent": {
"commandName": "isMaster",
"reply": {
"ismaster": {
"$$exists": true
}
}
}
}
]
},
{
"client": "client1",
"events": [
{
"commandStartedEvent": {
"commandName": "ismaster",
"command": {
"ismaster": 1
}
}
},
{
"commandSucceededEvent": {
"commandName": "ismaster",
"reply": {
"ismaster": {
"$$exists": true
}
}
}
},
{
"commandStartedEvent": {
"commandName": "isMaster",
"command": {
"isMaster": 1
}
}
},
{
"commandSucceededEvent": {
"commandName": "isMaster",
"reply": {
"ismaster": {
"$$exists": true
}
}
}
}
]
},
{
"client": "client2",
"events": [
{
"commandStartedEvent": {
"commandName": "ismaster",
"command": {
"ismaster": 1
}
}
},
{
"commandSucceededEvent": {
"commandName": "ismaster",
"reply": {
"ismaster": {
"$$exists": true
}
}
}
},
{
"commandStartedEvent": {
"commandName": "isMaster",
"command": {
"isMaster": 1
}
}
},
{
"commandSucceededEvent": {
"commandName": "isMaster",
"reply": {
"ismaster": {
"$$exists": true
}
}
}
}
]
}
]
}
]
}

16
test/unified_format.py
View File

@ -195,8 +195,10 @@ class EventListenerUtil(CMAPListener, CommandListener):
observe_sensitive_commands):
self._event_types = set(name.lower() for name in observe_events)
if observe_sensitive_commands:
self._observe_sensitive_commands = True
self._ignore_commands = set(ignore_commands)
else:
self._observe_sensitive_commands = False
self._ignore_commands = _SENSITIVE_COMMANDS | set(ignore_commands)
self._ignore_commands.add('configurefailpoint')
super(EventListenerUtil, self).__init__()
@ -215,10 +217,20 @@ class EventListenerUtil(CMAPListener, CommandListener):
self.add_event(event)
def started(self, event):
self._command_event(event)
if event.command == {}:
# Command is redacted. Observe only if flag is set.
if self._observe_sensitive_commands:
self._command_event(event)
else:
self._command_event(event)
def succeeded(self, event):
self._command_event(event)
if event.reply == {}:
# Command is redacted. Observe only if flag is set.
if self._observe_sensitive_commands:
self._command_event(event)
else:
self._command_event(event)
def failed(self, event):
self._command_event(event)