-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
None
-
Server Security
-
Fully Compatible
-
Security 2024-07-22, Security 2024-08-05
SERVER-91834's PR got reverted and the PR is closed (maybe due some sequence issue). I am advised to create a new PR.
The issue:
https://github.com/10gen/mongo/blob/master/jstests/auth/internal_command_auth_validation.js#L561 is running the following test
1) For a user without ['__system'] role, _shardsvrCoordinateMultiUpdate will return an Unauthorized user error.
It is not running
2) For a user with ['__system'] role, _shardsvrCoordinateMultiUpdate should not return an Unauthorized user error.
The second part is skipped in the current test. Please investigate and improve the test.