func (s *adminSuite) TestSetAdminMongoPassword(c *gc.C) { dialInfo := s.setUpMongo(c) session, err := mgo.DialWithInfo(dialInfo) c.Assert(err, gc.IsNil) defer session.Close() // Check that we can SetAdminMongoPassword to nothing when there's // no password currently set. err = mongo.SetAdminMongoPassword(session, "auser", "") c.Assert(err, gc.IsNil) admin := session.DB("admin") err = mongo.SetAdminMongoPassword(session, "auser", "foo") c.Assert(err, gc.IsNil) err = admin.Login("auser", "") c.Assert(err, gc.ErrorMatches, "auth fail(s|ed)") err = admin.Login("auser", "foo") c.Assert(err, gc.IsNil) checkRoles(c, session, "admin", "auser", []interface{}{ string(mgo.RoleReadWriteAny), string(mgo.RoleDBAdminAny), string(mgo.RoleUserAdminAny), string(mgo.RoleClusterAdmin)}) }
// initMongoAdminUser adds the admin user with the specified // password to the admin database in Mongo. func initMongoAdminUser(info mongo.Info, dialOpts mongo.DialOpts, password string) error { session, err := mongo.DialWithInfo(info, dialOpts) if err != nil { return err } defer session.Close() return mongo.SetAdminMongoPassword(session, mongo.AdminUser, password) }
func (s *adminSuite) TestSetAdminMongoPassword(c *gc.C) { dialInfo := s.setUpMongo(c) session, err := mgo.DialWithInfo(dialInfo) c.Assert(err, gc.IsNil) defer session.Close() admin := session.DB("admin") // Check that we can SetAdminMongoPassword to nothing when there's // no password currently set. err = mongo.SetAdminMongoPassword(session, "admin", "") c.Assert(err, gc.IsNil) err = mongo.SetAdminMongoPassword(session, "admin", "foo") c.Assert(err, gc.IsNil) err = admin.Login("admin", "") c.Assert(err, gc.ErrorMatches, "auth fails") err = admin.Login("admin", "foo") c.Assert(err, gc.IsNil) }
// SetMongoPassword sets the password the agent responsible for the machine // should use to communicate with the state servers. Previous passwords // are invalidated. func (m *Machine) SetMongoPassword(password string) error { if !m.IsManager() { return errors.NotSupportedf("setting mongo password for non-state server machine %v", m) } return mongo.SetAdminMongoPassword(m.st.db.Session, m.Tag().String(), password) }
// SetAdminMongoPassword sets the administrative password // to access the state. If the password is non-empty, // all subsequent attempts to access the state must // be authorized; otherwise no authorization is required. func (st *State) SetAdminMongoPassword(password string) error { return mongo.SetAdminMongoPassword(st.db.Session, AdminUser, password) }