diff options
| author | Sara Golemon <sara.golemon@mongodb.com> | 2019-04-15 19:48:24 +0000 |
|---|---|---|
| committer | Sara Golemon <sara.golemon@mongodb.com> | 2019-04-16 01:41:52 +0000 |
| commit | 8d3de2bd46d679a32c8075f318731ef2d023b731 (patch) | |
| tree | cf687f3739b88752afd2ef3b18918e408f6a31af | |
| parent | 2a20c5b7095a07141fafd21047cbfe49a502301d (diff) | |
| download | mongo-8d3de2bd46d679a32c8075f318731ef2d023b731.tar.gz | |
SERVER-38217 audit failed OP_KILL_CURSOR
| -rw-r--r-- | src/mongo/db/cursor_manager.cpp | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/mongo/db/cursor_manager.cpp b/src/mongo/db/cursor_manager.cpp index 03caf70537b..dea80a30878 100644 --- a/src/mongo/db/cursor_manager.cpp +++ b/src/mongo/db/cursor_manager.cpp @@ -187,6 +187,9 @@ bool GlobalCursorIdCache::killCursor(OperationContext* opCtx, CursorId id, bool if (!pin.isOK()) { // Either the cursor doesn't exist, or it was killed during the last time it was being // used, and was cleaned up after this call. Either way, we cannot kill it. + if (checkAuth) { + audit::logKillCursorsAuthzCheck(opCtx->getClient(), {}, id, pin.getStatus().code()); + } return false; } nss = pin.getValue().getCursor()->nss(); @@ -196,6 +199,10 @@ bool GlobalCursorIdCache::killCursor(OperationContext* opCtx, CursorId id, bool IdToNssMap::const_iterator it = _idToNss.find(nsid); if (it == _idToNss.end()) { // No namespace corresponding to this cursor id prefix. + if (checkAuth) { + audit::logKillCursorsAuthzCheck( + opCtx->getClient(), {}, id, ErrorCodes::NamespaceNotFound); + } return false; } nss = it->second; |