Skip to content

Commit ee7ea7e

Browse files
stbrodystbrody
committed
SERVER-6246 SERVER-9515 Update usersInfo and rolesInfo commands to new API
1 parent 4de73d9 commit ee7ea7e

14 files changed

+270
-136
lines changed

jstests/auth/basic_role_auth.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -186,7 +186,7 @@ var testOps = function(db, allowedActions) {
186186
}, db);
187187

188188
checkErr(allowedActions.hasOwnProperty('user_r'), function() {
189-
var result = db.runCommand({usersInfo: /.*/});
189+
var result = db.runCommand({usersInfo: 1});
190190
if (!result.ok) {
191191
throw new Error(tojson(result));
192192
}

src/mongo/db/auth/authorization_manager.cpp

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -225,8 +225,9 @@ namespace mongo {
225225
Status AuthorizationManager::queryAuthzDocument(
226226
const NamespaceString& collectionName,
227227
const BSONObj& query,
228+
const BSONObj& projection,
228229
const boost::function<void(const BSONObj&)>& resultProcessor) {
229-
return _externalState->query(collectionName, query, resultProcessor);
230+
return _externalState->query(collectionName, query, projection, resultProcessor);
230231
}
231232

232233
Status AuthorizationManager::updateAuthzDocuments(const NamespaceString& collectionName,

src/mongo/db/auth/authorization_manager.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -217,6 +217,7 @@ namespace mongo {
217217
*/
218218
Status queryAuthzDocument(const NamespaceString& collectionName,
219219
const BSONObj& query,
220+
const BSONObj& projection,
220221
const boost::function<void(const BSONObj&)>& resultProcessor);
221222

222223
// Checks to see if "doc" is a valid privilege document, assuming it is stored in the

src/mongo/db/auth/authz_manager_external_state.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -156,6 +156,7 @@ namespace mongo {
156156
*/
157157
virtual Status query(const NamespaceString& collectionName,
158158
const BSONObj& query,
159+
const BSONObj& projection,
159160
const boost::function<void(const BSONObj&)>& resultProcessor) = 0;
160161

161162
/**

src/mongo/db/auth/authz_manager_external_state_d.cpp

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -237,11 +237,12 @@ namespace {
237237
Status AuthzManagerExternalStateMongod::query(
238238
const NamespaceString& collectionName,
239239
const BSONObj& query,
240+
const BSONObj& projection,
240241
const boost::function<void(const BSONObj&)>& resultProcessor) {
241242
try {
242243
DBDirectClient client;
243244
Client::GodScope gs;
244-
client.query(resultProcessor, collectionName.ns(), query);
245+
client.query(resultProcessor, collectionName.ns(), query, &projection);
245246
return Status::OK();
246247
} catch (const DBException& e) {
247248
return e.toStatus();
@@ -452,6 +453,7 @@ namespace {
452453
Status status = query(
453454
AuthorizationManager::rolesCollectionNamespace,
454455
BSONObj(),
456+
BSONObj(),
455457
boost::bind(addRoleFromDocumentOrWarn, &newRoleGraph, _1));
456458
if (!status.isOK())
457459
return status;

src/mongo/db/auth/authz_manager_external_state_d.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,7 @@ namespace mongo {
6565
BSONObj* result);
6666
virtual Status query(const NamespaceString& collectionName,
6767
const BSONObj& query,
68+
const BSONObj& projection,
6869
const boost::function<void(const BSONObj&)>& resultProcessor);
6970
virtual Status insert(const NamespaceString& collectionName,
7071
const BSONObj& document,

src/mongo/db/auth/authz_manager_external_state_mock.cpp

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -213,6 +213,7 @@ namespace {
213213
Status AuthzManagerExternalStateMock::query(
214214
const NamespaceString& collectionName,
215215
const BSONObj& query,
216+
const BSONObj&,
216217
const boost::function<void(const BSONObj&)>& resultProcessor) {
217218
std::vector<BSONObjCollection::iterator> iterVector;
218219
Status status = _queryVector(collectionName, query, &iterVector);

src/mongo/db/auth/authz_manager_external_state_mock.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,7 @@ namespace mongo {
8787

8888
virtual Status query(const NamespaceString& collectionName,
8989
const BSONObj& query,
90+
const BSONObj& projection, // Currently unused in mock
9091
const boost::function<void(const BSONObj&)>& resultProcessor);
9192

9293
// This implementation does not understand uniqueness constraints.

src/mongo/db/auth/authz_manager_external_state_s.cpp

Lines changed: 16 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -79,8 +79,14 @@ namespace {
7979
AuthorizationManager::usersCollectionNamespace));
8080
BSONObj cmdResult;
8181
conn->get()->runCommand(
82-
userName.getDB().toString(), // TODO: Change usersInfo so this command can always go to "admin".
83-
BSON("usersInfo" << userName.getUser() << "details" << true),
82+
"admin",
83+
BSON("usersInfo" <<
84+
BSON_ARRAY(BSON(AuthorizationManager::USER_NAME_FIELD_NAME <<
85+
userName.getUser() <<
86+
AuthorizationManager::USER_SOURCE_FIELD_NAME <<
87+
userName.getDB())) <<
88+
"showPrivileges" << true <<
89+
"showCredentials" << true),
8490
cmdResult);
8591
if (!cmdResult["ok"].trueValue()) {
8692
int code = cmdResult["code"].numberInt();
@@ -102,8 +108,12 @@ namespace {
102108
AuthorizationManager::rolesCollectionNamespace));
103109
BSONObj cmdResult;
104110
conn->get()->runCommand(
105-
roleName.getDB().toString(), // TODO: Change rolesInfo so this command can always go to "admin".
106-
BSON("rolesInfo" << roleName.getRole()),
111+
"admin",
112+
BSON("rolesInfo" <<
113+
BSON_ARRAY(BSON(AuthorizationManager::ROLE_NAME_FIELD_NAME <<
114+
roleName.getRole() <<
115+
AuthorizationManager::ROLE_SOURCE_FIELD_NAME <<
116+
roleName.getDB()))),
107117
cmdResult);
108118
if (!cmdResult["ok"].trueValue()) {
109119
int code = cmdResult["code"].numberInt();
@@ -138,10 +148,11 @@ namespace {
138148
Status AuthzManagerExternalStateMongos::query(
139149
const NamespaceString& collectionName,
140150
const BSONObj& query,
151+
const BSONObj& projection,
141152
const boost::function<void(const BSONObj&)>& resultProcessor) {
142153
try {
143154
scoped_ptr<ScopedDbConnection> conn(getConnectionForAuthzCollection(collectionName));
144-
conn->get()->query(resultProcessor, collectionName.ns(), query);
155+
conn->get()->query(resultProcessor, collectionName.ns(), query, &projection);
145156
return Status::OK();
146157
} catch (const DBException& e) {
147158
return e.toStatus();

src/mongo/db/auth/authz_manager_external_state_s.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,7 @@ namespace mongo {
6666
BSONObj* result);
6767
virtual Status query(const NamespaceString& collectionName,
6868
const BSONObj& query,
69+
const BSONObj& projection,
6970
const boost::function<void(const BSONObj&)>& resultProcessor);
7071
virtual Status insert(const NamespaceString& collectionName,
7172
const BSONObj& document,

0 commit comments

Comments
 (0)