diff options
author | Eric Milkie <milkie@10gen.com> | 2018-12-10 11:06:00 -0500 |
---|---|---|
committer | Eric Milkie <milkie@10gen.com> | 2018-12-10 12:31:43 -0500 |
commit | e3e09931fe23c694f220df3f60a75d28ed549530 (patch) | |
tree | 3ba57ab01bf7e7f46fcfc04c3525f3bb79aca783 | |
parent | 554ebe769c9713f2f5e6255ce834aea6e7d27f6a (diff) | |
download | mongo-e3e09931fe23c694f220df3f60a75d28ed549530.tar.gz |
SERVER-38501 swap out new ActionType for replSetResizeOplog command
-rw-r--r-- | src/mongo/db/auth/action_types.txt | 1 | ||||
-rw-r--r-- | src/mongo/db/auth/role_graph_builtin_roles.cpp | 1 | ||||
-rw-r--r-- | src/mongo/db/commands/resize_oplog.cpp | 2 |
3 files changed, 1 insertions, 3 deletions
diff --git a/src/mongo/db/auth/action_types.txt b/src/mongo/db/auth/action_types.txt index 2f049dd91c4..3c560ccf9b8 100644 --- a/src/mongo/db/auth/action_types.txt +++ b/src/mongo/db/auth/action_types.txt @@ -86,7 +86,6 @@ "replSetGetStatus", "replSetHeartbeat", "replSetReconfig", # Not used for permissions checks, but to id the event in logs. -"replSetResizeOplog", "replSetStateChange", "resync", "revokeRole", diff --git a/src/mongo/db/auth/role_graph_builtin_roles.cpp b/src/mongo/db/auth/role_graph_builtin_roles.cpp index 6273f4505f5..3e8dd382a50 100644 --- a/src/mongo/db/auth/role_graph_builtin_roles.cpp +++ b/src/mongo/db/auth/role_graph_builtin_roles.cpp @@ -217,7 +217,6 @@ MONGO_INITIALIZER(AuthorizationBuiltinRoles)(InitializerContext* context) { << ActionType::fsync << ActionType::invalidateUserCache // userAdminAnyDatabase gets this also << ActionType::killop - << ActionType::replSetResizeOplog << ActionType::resync; // clusterManager gets this also // hostManager role actions that target the database resource diff --git a/src/mongo/db/commands/resize_oplog.cpp b/src/mongo/db/commands/resize_oplog.cpp index c2a8c05c619..386af16d008 100644 --- a/src/mongo/db/commands/resize_oplog.cpp +++ b/src/mongo/db/commands/resize_oplog.cpp @@ -75,7 +75,7 @@ public: const BSONObj& cmdObj) final { AuthorizationSession* authzSession = AuthorizationSession::get(client); if (authzSession->isAuthorizedForActionsOnResource(ResourcePattern::forClusterResource(), - ActionType::replSetResizeOplog)) { + ActionType::replSetConfigure)) { return Status::OK(); } return Status(ErrorCodes::Unauthorized, "Unauthorized"); |