summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsamantharitter <samantha.ritter@10gen.com>2017-09-19 18:19:35 -0400
committersamantharitter <samantha.ritter@10gen.com>2017-09-25 10:32:55 -0400
commitf007ee07aebecd5371c38388423b05cd82ef02a2 (patch)
tree50c5ab6034ed22e95d690c37e5e8bd06dbba5ca9
parent1b549500669e8b2b2f7846aa5867f00b849ebd21 (diff)
downloadmongo-f007ee07aebecd5371c38388423b05cd82ef02a2.tar.gz
SERVER-31174 Move the sessions collection to config.system.sessions
Diffstat
-rw-r--r--jstests/auth/lib/commands_lib.js6
-rw-r--r--jstests/auth/list_all_sessions.js9
-rw-r--r--jstests/auth/list_sessions.js11
-rw-r--r--jstests/core/list_all_sessions.js3
-rw-r--r--jstests/core/list_sessions.js5
-rw-r--r--jstests/noPassthrough/end_sessions_command.js7
-rw-r--r--jstests/noPassthrough/logical_session_feature_compatibility.js3
-rw-r--r--jstests/noPassthrough/refresh_logical_session_cache_now.js9
-rw-r--r--jstests/noPassthrough/refresh_sessions_command.js15
-rw-r--r--jstests/noPassthrough/system_indexes.js16
-rw-r--r--jstests/noPassthrough/transaction_reaper.js6
-rw-r--r--jstests/noPassthrough/verify_session_cache_updates.js4
-rw-r--r--jstests/replsets/refresh_sessions_rs.js2
-rw-r--r--jstests/sharding/refresh_sessions.js2
-rw-r--r--src/mongo/db/namespace_string.cpp3
-rw-r--r--src/mongo/db/ops/insert.cpp6
-rw-r--r--src/mongo/db/pipeline/document_source_list_sessions.h2
-rw-r--r--src/mongo/db/sessions_collection.h4
-rw-r--r--src/mongo/db/system_index.cpp128
-rw-r--r--src/mongo/dbtests/logical_sessions_tests.cpp2
20 files changed, 135 insertions, 108 deletions
diff --git a/jstests/auth/lib/commands_lib.js b/jstests/auth/lib/commands_lib.js
index 90b8d1051f8..6717e17e64d 100644
--- a/jstests/auth/lib/commands_lib.js
+++ b/jstests/auth/lib/commands_lib.js
@@ -664,7 +664,7 @@ var authCommandsLib = {
testname: "aggregate_listLocalSessions_allUsers_true",
command: {aggregate: 1, pipeline: [{$listLocalSessions: {allUsers: true}}], cursor: {}},
testcases: [{
- runOnDb: adminDbName,
+ runOnDb: "config",
roles:
{clusterAdmin: 1, clusterMonitor: 1, clusterManager: 1, root: 1, __system: 1}
}],
@@ -684,7 +684,7 @@ var authCommandsLib = {
cursor: {}
},
testcases: [{
- runOnDb: adminDbName,
+ runOnDb: "config",
roles:
{clusterAdmin: 1, clusterMonitor: 1, clusterManager: 1, root: 1, __system: 1}
}]
@@ -696,7 +696,7 @@ var authCommandsLib = {
pipeline: [{$listSessions: {allUsers: false}}],
cursor: {}
},
- testcases: [{runOnDb: adminDbName, roles: roles_all}]
+ testcases: [{runOnDb: "config", roles: roles_all}]
},
{
testname: "aggregate_lookup",
diff --git a/jstests/auth/list_all_sessions.js b/jstests/auth/list_all_sessions.js
index 68053722323..2fd47476ee9 100644
--- a/jstests/auth/list_all_sessions.js
+++ b/jstests/auth/list_all_sessions.js
@@ -7,10 +7,11 @@
function runListAllSessionsTest(mongod) {
assert(mongod);
const admin = mongod.getDB("admin");
+ const config = mongod.getDB("config");
const pipeline = [{'$listSessions': {allUsers: true}}];
function listSessions() {
- return admin.system.sessions.aggregate(pipeline);
+ return config.system.sessions.aggregate(pipeline);
}
admin.createUser({user: 'admin', pwd: 'pass', roles: jsTest.adminUserRoles});
@@ -19,7 +20,7 @@
admin.logout();
// Fail if we're not logged in.
- assertErrorCode(admin.system.sessions, pipeline, ErrorCodes.Unauthorized);
+ assertErrorCode(config.system.sessions, pipeline, ErrorCodes.Unauthorized);
// Start a new session and capture its sessionId.
assert(admin.auth('user1', 'pass'));
@@ -28,11 +29,11 @@
assert.commandWorked(admin.runCommand({refreshLogicalSessionCacheNow: 1}));
// Ensure that a normal user can NOT listSessions{allUsers:true} to view their session.
- assertErrorCode(admin.system.sessions, pipeline, ErrorCodes.Unauthorized);
+ assertErrorCode(config.system.sessions, pipeline, ErrorCodes.Unauthorized);
// Ensure that a normal user can NOT listSessions to view others' sessions.
const viewAdminPipeline = [{'$listSessions': {users: [{user: 'admin', db: 'admin'}]}}];
- assertErrorCode(admin.system.sessions, viewAdminPipeline, ErrorCodes.Unauthorized);
+ assertErrorCode(config.system.sessions, viewAdminPipeline, ErrorCodes.Unauthorized);
// Ensure that the cache now contains the session and is visible by admin
assert(admin.auth('admin', 'pass'));
diff --git a/jstests/auth/list_sessions.js b/jstests/auth/list_sessions.js
index 4647f6d75c7..b130999a3ef 100644
--- a/jstests/auth/list_sessions.js
+++ b/jstests/auth/list_sessions.js
@@ -7,10 +7,11 @@
function runListSessionsTest(mongod) {
assert(mongod);
const admin = mongod.getDB('admin');
+ const config = mongod.getDB('config');
const pipeline = [{'$listSessions': {}}];
function listSessions() {
- return admin.system.sessions.aggregate(pipeline);
+ return config.system.sessions.aggregate(pipeline);
}
admin.createUser({user: 'admin', pwd: 'pass', roles: jsTest.adminUserRoles});
@@ -21,7 +22,7 @@
admin.logout();
// Fail when not logged in.
- assertErrorCode(admin.system.sessions, pipeline, ErrorCodes.Unauthorized);
+ assertErrorCode(config.system.sessions, pipeline, ErrorCodes.Unauthorized);
// Start a new session and capture its sessionId.
assert(admin.auth('user1', 'pass'));
@@ -39,7 +40,7 @@
// Ask again using explicit UID.
const user1Pipeline = [{'$listSessions': {users: [{user: "user1", db: "admin"}]}}];
function listUser1Sessions() {
- return admin.system.sessions.aggregate(user1Pipeline);
+ return config.system.sessions.aggregate(user1Pipeline);
}
const resultArrayMine = listUser1Sessions().toArray();
assert.eq(bsonWoCompare(resultArray, resultArrayMine), 0);
@@ -52,14 +53,14 @@
assert.eq(listSessions().toArray().length, 0);
// Ensure users can't view either other's sessions.
- assertErrorCode(admin.system.sessions, user1Pipeline, ErrorCodes.Unauthorized);
+ assertErrorCode(config.system.sessions, user1Pipeline, ErrorCodes.Unauthorized);
if (true) {
// TODO SERVER-29141: Support forcing pipelines to run on mongos
return;
}
function listLocalSessions() {
- return admin.aggregate([{'$listLocalSessions': {}}]);
+ return config.aggregate([{'$listLocalSessions': {}}]);
}
assert.eq(listLocalSessions().toArray().length, 0);
}
diff --git a/jstests/core/list_all_sessions.js b/jstests/core/list_all_sessions.js
index aef0ae33109..cf36f1187dd 100644
--- a/jstests/core/list_all_sessions.js
+++ b/jstests/core/list_all_sessions.js
@@ -5,9 +5,10 @@
load('jstests/aggregation/extras/utils.js');
const admin = db.getSiblingDB("admin");
+ const config = db.getSiblingDB("config");
const pipeline = [{'$listSessions': {allUsers: true}}];
function listSessions() {
- return admin.system.sessions.aggregate(pipeline);
+ return config.system.sessions.aggregate(pipeline);
}
// Start a new session and capture its sessionId.
diff --git a/jstests/core/list_sessions.js b/jstests/core/list_sessions.js
index 0636377a3be..e2b8adb5a78 100644
--- a/jstests/core/list_sessions.js
+++ b/jstests/core/list_sessions.js
@@ -5,9 +5,10 @@
load('jstests/aggregation/extras/utils.js');
const admin = db.getSiblingDB('admin');
+ const config = db.getSiblingDB('config');
const pipeline = [{'$listSessions': {}}];
function listSessions() {
- return admin.system.sessions.aggregate(pipeline);
+ return config.system.sessions.aggregate(pipeline);
}
// Start a new session and capture its sessionId.
@@ -47,7 +48,7 @@
return {user: authUsers[0].user, db: authUsers[0].db};
})();
function listMySessions() {
- return admin.system.sessions.aggregate([{'$listSessions': {users: [myusername]}}]);
+ return config.system.sessions.aggregate([{'$listSessions': {users: [myusername]}}]);
}
const myArray = listMySessions().toArray();
assert.eq(resultArray.length, myArray.length);
diff --git a/jstests/noPassthrough/end_sessions_command.js b/jstests/noPassthrough/end_sessions_command.js
index 3d6ae307a52..fed53476856 100644
--- a/jstests/noPassthrough/end_sessions_command.js
+++ b/jstests/noPassthrough/end_sessions_command.js
@@ -8,6 +8,7 @@
// Start up a standalone server.
var conn = MongoRunner.runMongod({nojournal: ""});
var admin = conn.getDB("admin");
+ var config = conn.getDB("config");
// Trigger an initial refresh, as a sanity check.
res = admin.runCommand(refresh);
@@ -23,7 +24,7 @@
res = admin.runCommand(refresh);
assert.commandWorked(res, "failed to refresh");
- assert.eq(admin.system.sessions.count(), 20, "refresh should have written 20 session records");
+ assert.eq(config.system.sessions.count(), 20, "refresh should have written 20 session records");
var endSessionsIds = [];
for (var i = 0; i < 10; i++) {
@@ -35,7 +36,7 @@
res = admin.runCommand(refresh);
assert.commandWorked(res, "failed to refresh");
- assert.eq(admin.system.sessions.count(),
+ assert.eq(config.system.sessions.count(),
10,
"endSessions and refresh should result in 10 remaining sessions");
@@ -52,7 +53,7 @@
res = admin.runCommand(refresh);
assert.commandWorked(res, "failed to refresh");
- assert.eq(admin.system.sessions.count(),
+ assert.eq(config.system.sessions.count(),
0,
"endSessions and refresh should result in 0 remaining sessions");
diff --git a/jstests/noPassthrough/logical_session_feature_compatibility.js b/jstests/noPassthrough/logical_session_feature_compatibility.js
index f060e499ecf..20ccfe483cf 100644
--- a/jstests/noPassthrough/logical_session_feature_compatibility.js
+++ b/jstests/noPassthrough/logical_session_feature_compatibility.js
@@ -85,6 +85,7 @@
var conn = MongoRunner.runMongod({nojournal: ""});
var admin = conn.getDB("admin");
+ var config = conn.getDB("config");
assert.commandWorked(admin.adminCommand({setFeatureCompatibilityVersion: "3.6"}));
@@ -102,6 +103,6 @@
admin.runCommand({refreshLogicalSessionCacheNow: 1});
- assert.eq(admin.system.sessions.find().count(), 11);
+ assert.eq(config.system.sessions.find().count(), 11);
})();
diff --git a/jstests/noPassthrough/refresh_logical_session_cache_now.js b/jstests/noPassthrough/refresh_logical_session_cache_now.js
index e3fe583f074..6d10cbca451 100644
--- a/jstests/noPassthrough/refresh_logical_session_cache_now.js
+++ b/jstests/noPassthrough/refresh_logical_session_cache_now.js
@@ -8,6 +8,7 @@
// Start up a standalone server.
var conn = MongoRunner.runMongod({nojournal: ""});
var admin = conn.getDB("admin");
+ var config = conn.getDB("config");
// Trigger an initial refresh, as a sanity check.
res = admin.runCommand(refresh);
@@ -17,13 +18,13 @@
res = admin.runCommand(startSession);
assert.commandWorked(res, "unable to start session");
- assert.eq(admin.system.sessions.count(), 0, "should not have session records yet");
+ assert.eq(config.system.sessions.count(), 0, "should not have session records yet");
// Trigger a refresh. Session should now be in the collection.
res = admin.runCommand(refresh);
assert.commandWorked(res, "failed to refresh");
- assert.eq(admin.system.sessions.count(), 1, "should have written session records");
+ assert.eq(config.system.sessions.count(), 1, "should have written session records");
// Start some new sessions. Should not be in the collection yet.
var numSessions = 100;
@@ -32,13 +33,13 @@
assert.commandWorked(res, "unable to start session");
}
- assert.eq(admin.system.sessions.count(), 1, "should not have more session records yet");
+ assert.eq(config.system.sessions.count(), 1, "should not have more session records yet");
// Trigger another refresh. All sessions should now be in the collection.
res = admin.runCommand(refresh);
assert.commandWorked(res, "failed to refresh");
assert.eq(
- admin.system.sessions.count(), numSessions + 1, "should have written session records");
+ config.system.sessions.count(), numSessions + 1, "should have written session records");
}());
diff --git a/jstests/noPassthrough/refresh_sessions_command.js b/jstests/noPassthrough/refresh_sessions_command.js
index 0c08d0891ce..80b249faca7 100644
--- a/jstests/noPassthrough/refresh_sessions_command.js
+++ b/jstests/noPassthrough/refresh_sessions_command.js
@@ -37,13 +37,14 @@
admin.auth("admin", "admin");
result = admin.runCommand({
- createRole: 'readAdmin',
- privileges: [{resource: {db: 'admin', collection: 'system.sessions'}, actions: ['find']}],
+ createRole: 'readSessionsCollection',
+ privileges: [{resource: {db: 'config', collection: 'system.sessions'}, actions: ['find']}],
roles: []
});
- assert.commandWorked(result, "couldn't make readAdmin role");
+ assert.commandWorked(result, "couldn't make readSessionsCollection role");
- admin.createUser({user: 'readAdmin', pwd: 'pwd', roles: ['readAdmin']});
+ admin.createUser(
+ {user: 'readSessionsCollection', pwd: 'pwd', roles: ['readSessionsCollection']});
admin.logout();
// Test that we cannot run refreshSessions unauthenticated if --auth is on.
@@ -75,10 +76,12 @@
// Test that once we force a refresh, all of these sessions are in the sessions collection.
admin.logout();
- admin.auth("readAdmin", "pwd");
+ admin.auth("readSessionsCollection", "pwd");
result = admin.runCommand({refreshLogicalSessionCacheNow: 1});
assert.commandWorked(result, "could not force refresh");
- assert.eq(admin.system.sessions.count(), 3, "should have refreshed all session records");
+
+ var config = conn.getDB("config");
+ assert.eq(config.system.sessions.count(), 3, "should have refreshed all session records");
MongoRunner.stopMongod(conn);
})();
diff --git a/jstests/noPassthrough/system_indexes.js b/jstests/noPassthrough/system_indexes.js
index dd27ea4a92d..95f9d90c4a2 100644
--- a/jstests/noPassthrough/system_indexes.js
+++ b/jstests/noPassthrough/system_indexes.js
@@ -6,6 +6,7 @@
(function() {
let conn = MongoRunner.runMongod({smallfiles: ""});
+ let config = conn.getDB("config");
let db = conn.getDB("admin");
// TEST: User and role collections start off with no indexes
@@ -65,15 +66,16 @@
assert.eq(2, db.system.roles.getIndexes().length);
// TEST: Inserting to the sessions collection creates indexes
- assert.eq(0, db.system.sessions.getIndexes().length);
- db.system.sessions.insert({lastUse: new Date()});
- assert.eq(2, db.system.sessions.getIndexes().length);
+ config = conn.getDB("config");
+ assert.eq(0, config.system.sessions.getIndexes().length);
+ config.system.sessions.insert({lastUse: new Date()});
+ assert.eq(2, config.system.sessions.getIndexes().length);
- // TEST: Destroying admin.system.sessions index and restarting will recreate it
- assert.commandWorked(db.system.sessions.dropIndexes());
+ // TEST: Destroying config.system.sessions index and restarting will recreate it
+ assert.commandWorked(config.system.sessions.dropIndexes());
MongoRunner.stopMongod(conn);
conn = MongoRunner.runMongod({restart: conn, cleanData: false});
- db = conn.getDB("admin");
- assert.eq(2, db.system.sessions.getIndexes().length);
+ config = conn.getDB("config");
+ assert.eq(2, config.system.sessions.getIndexes().length);
})();
diff --git a/jstests/noPassthrough/transaction_reaper.js b/jstests/noPassthrough/transaction_reaper.js
index c9a9e992cb2..8fbaae0aed0 100644
--- a/jstests/noPassthrough/transaction_reaper.js
+++ b/jstests/noPassthrough/transaction_reaper.js
@@ -92,7 +92,7 @@
};
Fixture.prototype.assertOutstandingSessions = function(count) {
- assert.eq(count, this.getDB("admin").system.sessions.count());
+ assert.eq(count, this.getDB("config").system.sessions.count());
};
Fixture.prototype.refresh = function() {
@@ -119,7 +119,7 @@
{
var fixture = new Fixture(new Impl(-1));
// Remove a session
- fixture.getDB("admin").system.sessions.remove({});
+ fixture.getDB("config").system.sessions.remove({});
fixture.assertOutstandingTransactions(nSessions);
fixture.assertOutstandingSessions(0);
@@ -134,7 +134,7 @@
{
var fixture = new Fixture(new Impl(30));
// Remove a session
- fixture.getDB("admin").system.sessions.remove({});
+ fixture.getDB("config").system.sessions.remove({});
fixture.assertOutstandingTransactions(nSessions);
fixture.assertOutstandingSessions(0);
diff --git a/jstests/noPassthrough/verify_session_cache_updates.js b/jstests/noPassthrough/verify_session_cache_updates.js
index e9912144e6f..e2d51bd27e5 100644
--- a/jstests/noPassthrough/verify_session_cache_updates.js
+++ b/jstests/noPassthrough/verify_session_cache_updates.js
@@ -8,12 +8,12 @@
function verify(conn, nRecords) {
conn.getDB("admin").runCommand({refreshLogicalSessionCacheNow: 1});
- assert.eq(nRecords, conn.getDB("admin").system.sessions.find({}).count());
+ assert.eq(nRecords, conn.getDB("config").system.sessions.find({}).count());
}
function getLastUse(conn) {
conn.getDB("admin").runCommand({refreshLogicalSessionCacheNow: 1});
- return conn.getDB("admin").system.sessions.findOne({}).lastUse;
+ return conn.getDB("config").system.sessions.findOne({}).lastUse;
}
// initially we have no sessions
diff --git a/jstests/replsets/refresh_sessions_rs.js b/jstests/replsets/refresh_sessions_rs.js
index abb71e22534..cc44affe6a2 100644
--- a/jstests/replsets/refresh_sessions_rs.js
+++ b/jstests/replsets/refresh_sessions_rs.js
@@ -5,7 +5,7 @@
var startSession = {startSession: 1};
// Start up a replica set.
- var dbName = "admin";
+ var dbName = "config";
var replTest = new ReplSetTest({name: 'refresh', nodes: 3});
var nodes = replTest.startSet();
diff --git a/jstests/sharding/refresh_sessions.js b/jstests/sharding/refresh_sessions.js
index 0e575fe6a69..1e2bac22c8e 100644
--- a/jstests/sharding/refresh_sessions.js
+++ b/jstests/sharding/refresh_sessions.js
@@ -1,7 +1,7 @@
(function() {
"use strict";
- var sessionsDb = "admin";
+ var sessionsDb = "config";
var refresh = {refreshLogicalSessionCacheNow: 1};
var startSession = {startSession: 1};
diff --git a/src/mongo/db/namespace_string.cpp b/src/mongo/db/namespace_string.cpp
index 35fbde965dd..035228b65ad 100644
--- a/src/mongo/db/namespace_string.cpp
+++ b/src/mongo/db/namespace_string.cpp
@@ -115,7 +115,8 @@ bool NamespaceString::isLegalClientSystemNS() const {
return true;
if (ns() == "admin.system.backup_users")
return true;
- if (ns() == "admin.system.sessions")
+ } else if (db() == "config") {
+ if (ns() == "config.system.sessions")
return true;
}
if (ns() == "local.system.replset")
diff --git a/src/mongo/db/ops/insert.cpp b/src/mongo/db/ops/insert.cpp
index 0b422f8882c..de02fda5642 100644
--- a/src/mongo/db/ops/insert.cpp
+++ b/src/mongo/db/ops/insert.cpp
@@ -235,8 +235,6 @@ Status userAllowedCreateNS(StringData db, StringData coll) {
if (db == "admin") {
if (coll == "system.version")
return Status::OK();
- if (coll == "system.sessions")
- return Status::OK();
if (coll == "system.roles")
return Status::OK();
if (coll == "system.new_users")
@@ -246,6 +244,10 @@ Status userAllowedCreateNS(StringData db, StringData coll) {
if (coll == "system.keys")
return Status::OK();
}
+ if (db == "config") {
+ if (coll == "system.sessions")
+ return Status::OK();
+ }
if (db == "local") {
if (coll == "system.replset")
return Status::OK();
diff --git a/src/mongo/db/pipeline/document_source_list_sessions.h b/src/mongo/db/pipeline/document_source_list_sessions.h
index 38ba2b21b67..47c08af9d73 100644
--- a/src/mongo/db/pipeline/document_source_list_sessions.h
+++ b/src/mongo/db/pipeline/document_source_list_sessions.h
@@ -37,7 +37,7 @@ namespace mongo {
/**
* $listSessions: { allUsers: true/false, users: [ {user:"jsmith", db:"test"}, ... ] }
- * Return all sessions in the admin.system.sessions collection
+ * Return all sessions in the config.system.sessions collection
* or just sessions for the currently logged in user. (Default: false)
*
* This is essentially an alias for {$match:{"_id.uid": myid}} or {$match:{}}
diff --git a/src/mongo/db/sessions_collection.h b/src/mongo/db/sessions_collection.h
index 9d29924069c..63fd34667cf 100644
--- a/src/mongo/db/sessions_collection.h
+++ b/src/mongo/db/sessions_collection.h
@@ -49,9 +49,9 @@ class SessionsCollection {
public:
virtual ~SessionsCollection();
- static constexpr StringData kSessionsDb = "admin"_sd;
+ static constexpr StringData kSessionsDb = "config"_sd;
static constexpr StringData kSessionsCollection = "system.sessions"_sd;
- static constexpr StringData kSessionsFullNS = "admin.system.sessions"_sd;
+ static constexpr StringData kSessionsFullNS = "config.system.sessions"_sd;
static const NamespaceString kSessionsNamespaceString;
diff --git a/src/mongo/db/system_index.cpp b/src/mongo/db/system_index.cpp
index 0c07a4e46ad..be95f1d0758 100644
--- a/src/mongo/db/system_index.cpp
+++ b/src/mongo/db/system_index.cpp
@@ -67,7 +67,7 @@ IndexSpec v3SystemUsersIndexSpec;
IndexSpec v3SystemRolesIndexSpec;
IndexSpec v1SystemSessionsIndexSpec;
-const NamespaceString sessionCollectionNamespace("admin.system.sessions");
+const NamespaceString sessionCollectionNamespace("config.system.sessions");
MONGO_INITIALIZER(AuthIndexKeyPatterns)(InitializerContext*) {
v1SystemUsersKeyPattern = BSON("user" << 1 << "userSource" << 1);
@@ -145,72 +145,84 @@ Status verifySystemIndexes(OperationContext* opCtx) {
const NamespaceString& systemUsers = AuthorizationManager::usersCollectionNamespace;
const NamespaceString& systemRoles = AuthorizationManager::rolesCollectionNamespace;
- AutoGetDb autoDb(opCtx, systemUsers.db(), MODE_X);
- if (!autoDb.getDb()) {
- return Status::OK();
- }
-
- Collection* collection = autoDb.getDb()->getCollection(opCtx, systemUsers);
- if (collection) {
- IndexCatalog* indexCatalog = collection->getIndexCatalog();
- invariant(indexCatalog);
-
- // Make sure the old unique index from v2.4 on system.users doesn't exist.
- std::vector<IndexDescriptor*> indexes;
- indexCatalog->findIndexesByKeyPattern(opCtx, v1SystemUsersKeyPattern, false, &indexes);
-
- if (!indexes.empty()) {
- fassert(ErrorCodes::AmbiguousIndexKeyPattern, indexes.size() == 1);
- return Status(ErrorCodes::AuthSchemaIncompatible,
- "Old 2.4 style user index identified. "
- "The authentication schema needs to be updated by "
- "running authSchemaUpgrade on a 2.6 server.");
+ // Create indexes for collections on the admin db
+ {
+ AutoGetDb autoDb(opCtx, systemUsers.db(), MODE_X);
+ if (!autoDb.getDb()) {
+ return Status::OK();
}
- // Ensure that system indexes exist for the user collection
- indexCatalog->findIndexesByKeyPattern(opCtx, v3SystemUsersKeyPattern, false, &indexes);
- if (indexes.empty()) {
- try {
- generateSystemIndexForExistingCollection(
- opCtx, collection, systemUsers, v3SystemUsersIndexSpec);
- } catch (...) {
- return exceptionToStatus();
+ Collection* collection = autoDb.getDb()->getCollection(opCtx, systemUsers);
+ if (collection) {
+ IndexCatalog* indexCatalog = collection->getIndexCatalog();
+ invariant(indexCatalog);
+
+ // Make sure the old unique index from v2.4 on system.users doesn't exist.
+ std::vector<IndexDescriptor*> indexes;
+ indexCatalog->findIndexesByKeyPattern(opCtx, v1SystemUsersKeyPattern, false, &indexes);
+
+ if (!indexes.empty()) {
+ fassert(ErrorCodes::AmbiguousIndexKeyPattern, indexes.size() == 1);
+ return Status(ErrorCodes::AuthSchemaIncompatible,
+ "Old 2.4 style user index identified. "
+ "The authentication schema needs to be updated by "
+ "running authSchemaUpgrade on a 2.6 server.");
+ }
+
+ // Ensure that system indexes exist for the user collection
+ indexCatalog->findIndexesByKeyPattern(opCtx, v3SystemUsersKeyPattern, false, &indexes);
+ if (indexes.empty()) {
+ try {
+ generateSystemIndexForExistingCollection(
+ opCtx, collection, systemUsers, v3SystemUsersIndexSpec);
+ } catch (...) {
+ return exceptionToStatus();
+ }
}
}
- }
- // Ensure that system indexes exist for the roles collection, if it exists.
- collection = autoDb.getDb()->getCollection(opCtx, systemRoles);
- if (collection) {
- IndexCatalog* indexCatalog = collection->getIndexCatalog();
- invariant(indexCatalog);
-
- std::vector<IndexDescriptor*> indexes;
- indexCatalog->findIndexesByKeyPattern(opCtx, v3SystemRolesKeyPattern, false, &indexes);
- if (indexes.empty()) {
- try {
- generateSystemIndexForExistingCollection(
- opCtx, collection, systemRoles, v3SystemRolesIndexSpec);
- } catch (...) {
- return exceptionToStatus();
+ // Ensure that system indexes exist for the roles collection, if it exists.
+ collection = autoDb.getDb()->getCollection(opCtx, systemRoles);
+ if (collection) {
+ IndexCatalog* indexCatalog = collection->getIndexCatalog();
+ invariant(indexCatalog);
+
+ std::vector<IndexDescriptor*> indexes;
+ indexCatalog->findIndexesByKeyPattern(opCtx, v3SystemRolesKeyPattern, false, &indexes);
+ if (indexes.empty()) {
+ try {
+ generateSystemIndexForExistingCollection(
+ opCtx, collection, systemRoles, v3SystemRolesIndexSpec);
+ } catch (...) {
+ return exceptionToStatus();
+ }
}
}
}
- // Ensure that system indexes exist for the sessions collection, if it exists.
- collection = autoDb.getDb()->getCollection(opCtx, sessionCollectionNamespace);
- if (collection) {
- IndexCatalog* indexCatalog = collection->getIndexCatalog();
- invariant(indexCatalog);
-
- std::vector<IndexDescriptor*> indexes;
- indexCatalog->findIndexesByKeyPattern(opCtx, v1SystemSessionsKeyPattern, false, &indexes);
- if (indexes.empty()) {
- try {
- generateSystemIndexForExistingCollection(
- opCtx, collection, sessionCollectionNamespace, v1SystemSessionsIndexSpec);
- } catch (...) {
- return exceptionToStatus();
+ // Create indexes for system collections in the config db.
+ {
+ AutoGetDb autoDb(opCtx, sessionCollectionNamespace.db(), MODE_X);
+ if (!autoDb.getDb()) {
+ return Status::OK();
+ }
+
+ // Ensure that system indexes exist for the sessions collection, if it exists.
+ auto collection = autoDb.getDb()->getCollection(opCtx, sessionCollectionNamespace);
+ if (collection) {
+ IndexCatalog* indexCatalog = collection->getIndexCatalog();
+ invariant(indexCatalog);
+
+ std::vector<IndexDescriptor*> indexes;
+ indexCatalog->findIndexesByKeyPattern(
+ opCtx, v1SystemSessionsKeyPattern, false, &indexes);
+ if (indexes.empty()) {
+ try {
+ generateSystemIndexForExistingCollection(
+ opCtx, collection, sessionCollectionNamespace, v1SystemSessionsIndexSpec);
+ } catch (...) {
+ return exceptionToStatus();
+ }
}
}
}
diff --git a/src/mongo/dbtests/logical_sessions_tests.cpp b/src/mongo/dbtests/logical_sessions_tests.cpp
index 13ca0c434c8..0b1b42df660 100644
--- a/src/mongo/dbtests/logical_sessions_tests.cpp
+++ b/src/mongo/dbtests/logical_sessions_tests.cpp
@@ -45,7 +45,7 @@
namespace LogicalSessionTests {
namespace {
-constexpr StringData kTestNS = "admin.system.sessions"_sd;
+constexpr StringData kTestNS = "config.system.sessions"_sd;
LogicalSessionRecord makeRecord(Date_t time = Date_t::now()) {
auto record = makeLogicalSessionRecordForTest();
View Lorry Controller Status