diff options
author | Sara Golemon <sara.golemon@mongodb.com> | 2020-09-16 21:29:13 +0000 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2020-09-18 22:25:12 +0000 |
commit | 50277ed5764080365671339eaee72ff325f46558 (patch) | |
tree | 96280d7042e022e47aebbdd8914a659be4305a52 | |
parent | 37dfcca14a71685577f5bed4b12b8ff12b11bc8b (diff) | |
download | mongo-50277ed5764080365671339eaee72ff325f46558.tar.gz |
SERVER-50394 Forward impersonatedUser/Role information when available
(cherry picked from commit cf4fa7e9e0b5a1b0c358da1c981083b5ec179c30)
-rw-r--r-- | src/mongo/rpc/metadata/impersonated_user_metadata.cpp | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/src/mongo/rpc/metadata/impersonated_user_metadata.cpp b/src/mongo/rpc/metadata/impersonated_user_metadata.cpp index 66b0b495a88..bf068490f41 100644 --- a/src/mongo/rpc/metadata/impersonated_user_metadata.cpp +++ b/src/mongo/rpc/metadata/impersonated_user_metadata.cpp @@ -74,18 +74,22 @@ void writeAuthDataToImpersonatedUserMetadata(OperationContext* opCtx, BSONObjBui // Otherwise construct a metadata section from the list of authenticated users/roles auto authSession = AuthorizationSession::get(opCtx->getClient()); - ImpersonatedUserMetadata metadata; - metadata.setUsers(userNameIteratorToContainer<std::vector<UserName>>( - authSession->getAuthenticatedUserNames())); - - metadata.setRoles(roleNameIteratorToContainer<std::vector<RoleName>>( - authSession->getAuthenticatedRoleNames())); + auto userNames = authSession->getImpersonatedUserNames(); + auto roleNames = authSession->getImpersonatedRoleNames(); + if (!userNames.more() && !roleNames.more()) { + userNames = authSession->getAuthenticatedUserNames(); + roleNames = authSession->getAuthenticatedRoleNames(); + } // If there are no users/roles being impersonated just exit - if (metadata.getUsers().empty() && metadata.getRoles().empty()) { + if (!userNames.more() && !roleNames.more()) { return; } + ImpersonatedUserMetadata metadata; + metadata.setUsers(userNameIteratorToContainer<std::vector<UserName>>(userNames)); + metadata.setRoles(roleNameIteratorToContainer<std::vector<RoleName>>(roleNames)); + BSONObjBuilder section(out->subobjStart(kImpersonationMetadataSectionName)); metadata.serialize(§ion); } |