SERVER-7572 Move internalSecurity information into authorization_manager

Author: stbrody

src/mongo/db/auth/authorization_manager.cpp

@@ -34,6 +34,11 @@
 
 namespace mongo {
 
+    AuthInfo::AuthInfo() {
+        user = "__system";
+    }
+    AuthInfo internalSecurity;
+
     const std::string AuthorizationManager::SERVER_RESOURCE_NAME = "$SERVER";
     const std::string AuthorizationManager::CLUSTER_RESOURCE_NAME = "$CLUSTER";
 
@@ -251,8 +256,7 @@ namespace mongo {
                                   << principal->getName(),
                           0);
         }
-         // TODO: move internalSecurity into AuthorizationManager
-        if (principal->getName() == "__system") {
+        if (principal->getName() == internalSecurity.user) {
             // Grant full access to internal user
             ActionSet allActions;
             allActions.addAllActions();

src/mongo/db/auth/authorization_manager.h

@@ -31,6 +31,16 @@
 
 namespace mongo {
 
+    /**
+     * Internal secret key info.
+     */
+    struct AuthInfo {
+        AuthInfo();
+        string user;
+        string pwd;
+    };
+    extern AuthInfo internalSecurity; // set at startup and not changed after initialization.
+
     /**
      * Contains all the authorization logic for a single client connection.  It contains a set of
      * the principals which have been authenticated, as well as a set of privileges that have been

src/mongo/db/commands/isself.cpp

@@ -17,6 +17,8 @@
 */
 
 #include "pch.h"
+
+#include "mongo/db/auth/authorization_manager.h"
 #include "../../util/net/listen.h"
 #include "../commands.h"
 #include "../security.h"

src/mongo/db/repl.cpp

@@ -30,6 +30,7 @@
 
 #include <boost/thread/thread.hpp>
 
+#include "mongo/db/auth/authorization_manager.h"
 #include "jsobj.h"
 #include "../util/goodies.h"
 #include "repl.h"

src/mongo/db/repl/connections.h

@@ -19,7 +19,8 @@
 #pragma once
 
 #include <map>
-#include "../security_common.h"
+
+#include "mongo/db/auth/authorization_manager.h"
 
 namespace mongo {
 

src/mongo/db/security.cpp

@@ -17,6 +17,8 @@
  */
 
 #include "pch.h"
+
+#include "mongo/db/auth/authorization_manager.h"
 #include "security.h"
 #include "security_common.h"
 #include "instance.h"

src/mongo/db/security_common.cpp

@@ -25,6 +25,7 @@
 
 #include <sys/stat.h>
 
+#include "mongo/db/auth/authorization_manager.h"
 #include "security.h"
 #include "security_common.h"
 #include "commands.h"
@@ -38,8 +39,6 @@ namespace mongo {
     // this is a config setting, set at startup and not changing after initialization.
     bool noauth = true;
 
-    AuthInfo internalSecurity;
-
     bool setUpSecurityKey(const string& filename) {
         struct stat stats;
 

src/mongo/db/security_common.h

@@ -23,20 +23,8 @@
 
 namespace mongo {
 
-    /**
-     * Internal secret key info.
-     */
-    struct AuthInfo {
-        AuthInfo() {
-            user = "__system";
-        }
-        string user;
-        string pwd;
-    };
-
     // --noauth cmd line option
     extern bool noauth;
-    extern AuthInfo internalSecurity; // set at startup and not changed after initialization.
 
     /**
      * This method checks the validity of filename as a security key, hashes its

src/mongo/s/d_migrate.cpp

@@ -29,6 +29,7 @@
 
 #include <boost/thread/thread.hpp>
 
+#include "mongo/db/auth/authorization_manager.h"
 #include "mongo/db/dbhelpers.h"
 #include "../db/commands.h"
 #include "mongo/db/hasher.h"

src/mongo/s/security.cpp

@@ -18,6 +18,8 @@
 // security.cpp
 
 #include "pch.h"
+
+#include "mongo/db/auth/authorization_manager.h"
 #include "../db/security_common.h"
 #include "../db/security.h"
 #include "config.h"