diff options
| author | Andy Schwerin <schwerin@10gen.com> | 2013-11-11 17:42:25 -0500 |
|---|---|---|
| committer | Andy Schwerin <schwerin@10gen.com> | 2013-11-12 11:57:25 -0500 |
| commit | 11db6a808ca368c5b596ff0e4066de599b912439 (patch) | |
| tree | d824581ff5e56603f8fc7ff045e9ca0ae9aee8e8 | |
| parent | b7434b66409c8d4515b94d3d7e647cf68b2c46ec (diff) | |
| download | mongo-11db6a808ca368c5b596ff0e4066de599b912439.tar.gz | |
SERVER-9516 Report document changes via the logOp infrastructure in AuthzManagerExternalStateMock.
4 files changed, 61 insertions, 45 deletions
diff --git a/src/mongo/db/auth/authorization_manager_test.cpp b/src/mongo/db/auth/authorization_manager_test.cpp index 354187ceab2..68c2b86cc7e 100644 --- a/src/mongo/db/auth/authorization_manager_test.cpp +++ b/src/mongo/db/auth/authorization_manager_test.cpp @@ -146,6 +146,7 @@ namespace { externalState = new AuthzManagerExternalStateMock(); externalState->setAuthzVersion(AuthorizationManager::schemaVersion26Final); authzManager.reset(new AuthorizationManager(externalState)); + externalState->setAuthorizationManager(authzManager.get()); authzManager->setAuthEnabled(true); // This duplicates the behavior from the server that adds the internal user at process // startup via a MONGO_INITIALIZER diff --git a/src/mongo/db/auth/authz_manager_external_state.h b/src/mongo/db/auth/authz_manager_external_state.h index d699a50951a..a885c4589be 100644 --- a/src/mongo/db/auth/authz_manager_external_state.h +++ b/src/mongo/db/auth/authz_manager_external_state.h @@ -110,24 +110,24 @@ namespace mongo { * * TODO(spencer): remove dbname argument once users are only written into the admin db */ - virtual Status insertPrivilegeDocument(const std::string& dbname, - const BSONObj& userObj, - const BSONObj& writeConcern); + Status insertPrivilegeDocument(const std::string& dbname, + const BSONObj& userObj, + const BSONObj& writeConcern); /** * Updates the given user object with the given update modifier. */ - virtual Status updatePrivilegeDocument(const UserName& user, - const BSONObj& updateObj, - const BSONObj& writeConcern); + Status updatePrivilegeDocument(const UserName& user, + const BSONObj& updateObj, + const BSONObj& writeConcern); /** * Removes users for the given database matching the given query. * Writes into *numRemoved the number of user documents that were modified. */ - virtual Status removePrivilegeDocuments(const BSONObj& query, - const BSONObj& writeConcern, - int* numRemoved); + Status removePrivilegeDocuments(const BSONObj& query, + const BSONObj& writeConcern, + int* numRemoved); /** * Puts into the *dbnames vector the name of every database in the cluster. diff --git a/src/mongo/db/auth/authz_manager_external_state_mock.cpp b/src/mongo/db/auth/authz_manager_external_state_mock.cpp index 26b3f38eca2..8d24a463745 100644 --- a/src/mongo/db/auth/authz_manager_external_state_mock.cpp +++ b/src/mongo/db/auth/authz_manager_external_state_mock.cpp @@ -79,9 +79,14 @@ namespace { } } // namespace - AuthzManagerExternalStateMock::AuthzManagerExternalStateMock() {} + AuthzManagerExternalStateMock::AuthzManagerExternalStateMock() : _authzManager(NULL) {} AuthzManagerExternalStateMock::~AuthzManagerExternalStateMock() {} + void AuthzManagerExternalStateMock::setAuthorizationManager( + AuthorizationManager* authzManager) { + _authzManager = authzManager; + } + void AuthzManagerExternalStateMock::setAuthzVersion(int version) { uassertStatusOK( updateOne(AuthorizationManager::versionCollectionNamespace, @@ -132,25 +137,6 @@ namespace { return status; } - Status AuthzManagerExternalStateMock::updatePrivilegeDocument(const UserName& user, - const BSONObj& updateObj, - const BSONObj&) { - return Status(ErrorCodes::InternalError, "Not implemented in mock."); - } - - Status AuthzManagerExternalStateMock::removePrivilegeDocuments(const BSONObj& query, - const BSONObj&, - int* numRemoved) { - return Status(ErrorCodes::InternalError, "Not implemented in mock."); - } - - Status AuthzManagerExternalStateMock::insertPrivilegeDocument(const std::string& dbname, - const BSONObj& userObj, - const BSONObj& writeConcern) { - NamespaceString usersCollection("admin.system.users"); - return insert(usersCollection, userObj, writeConcern); - } - Status AuthzManagerExternalStateMock::getAllDatabaseNames( std::vector<std::string>* dbnames) { unordered_set<std::string> dbnameSet; @@ -211,7 +197,25 @@ namespace { const NamespaceString& collectionName, const BSONObj& document, const BSONObj&) { - _documents[collectionName].push_back(document.copy()); + BSONObj toInsert; + if (document["_id"].eoo()) { + BSONObjBuilder docWithIdBuilder; + docWithIdBuilder.append("_id", OID::gen()); + docWithIdBuilder.appendElements(document); + toInsert = docWithIdBuilder.obj(); + } + else { + toInsert = document.copy(); + } + _documents[collectionName].push_back(toInsert); + if (_authzManager) { + _authzManager->logOp( + "i", + collectionName.ns().c_str(), + toInsert, + NULL, + NULL); + } return Status::OK(); } @@ -235,10 +239,21 @@ namespace { mmb::Document document; if (status.isOK()) { document.reset(*iter, mmb::Document::kInPlaceDisabled); - status = driver.update(StringData(), &document, NULL); + BSONObj logObj; + status = driver.update(StringData(), &document, &logObj); if (!status.isOK()) return status; - *iter = document.getObject().copy(); + BSONObj newObj = document.getObject().copy(); + *iter = newObj; + BSONObj idQuery = driver.makeOplogEntryQuery(newObj, false); + if (_authzManager) { + _authzManager->logOp( + "u", + collectionName.ns().c_str(), + logObj, + &idQuery, + NULL); + } return Status::OK(); } else if (status == ErrorCodes::NoMatchingDocument && upsert) { @@ -279,8 +294,17 @@ namespace { int n = 0; BSONObjCollection::iterator iter; while (_findOneIter(collectionName, query, &iter).isOK()) { + BSONObj idQuery = (*iter)["_id"].wrap(); _documents[collectionName].erase(iter); ++n; + if (_authzManager) { + _authzManager->logOp( + "d", + collectionName.ns().c_str(), + idQuery, + NULL, + NULL); + } } *numRemoved = n; return Status::OK(); diff --git a/src/mongo/db/auth/authz_manager_external_state_mock.h b/src/mongo/db/auth/authz_manager_external_state_mock.h index 770841546bf..f29a70f66cb 100644 --- a/src/mongo/db/auth/authz_manager_external_state_mock.h +++ b/src/mongo/db/auth/authz_manager_external_state_mock.h @@ -42,6 +42,8 @@ namespace mongo { + class AuthorizationManager; + /** * Mock of the AuthzManagerExternalState class used only for testing. */ @@ -53,23 +55,11 @@ namespace mongo { AuthzManagerExternalStateMock(); virtual ~AuthzManagerExternalStateMock(); + void setAuthorizationManager(AuthorizationManager* authzManager); void setAuthzVersion(int version); virtual Status getStoredAuthorizationVersion(int* outVersion); - virtual Status insertPrivilegeDocument(const std::string& dbname, - const BSONObj& userObj, - const BSONObj& writeConcern); - - virtual Status updatePrivilegeDocument(const UserName& user, - const BSONObj& updateObj, - const BSONObj& writeConcern); - - // no-op for the mock - virtual Status removePrivilegeDocuments(const BSONObj& query, - const BSONObj& writeConcern, - int* numRemoved); - virtual Status getAllDatabaseNames(std::vector<std::string>* dbnames); virtual Status findOne(const NamespaceString& collectionName, @@ -133,6 +123,7 @@ namespace mongo { std::vector<BSONObjCollection::iterator>* result); + AuthorizationManager* _authzManager; // For reporting logOps. NamespaceDocumentMap _documents; // Mock database. }; |