diff options
author | Tommaso Tocci <tommaso.tocci@mongodb.com> | 2021-03-03 19:03:07 +0100 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2021-03-04 16:32:45 +0000 |
commit | dbf5a5709f2e931e32d1bf3e4c2f6b9ef98c10e2 (patch) | |
tree | dcb281e13c9f4f63f21dd34fb981a284212a97c1 | |
parent | 4de2d9458ba9358ca29f097c8f835c1e20c05fde (diff) | |
download | mongo-dbf5a5709f2e931e32d1bf3e4c2f6b9ef98c10e2.tar.gz |
SERVER-54947 Fix ForwardableOperationMetadata construction
-rw-r--r-- | src/mongo/db/s/forwardable_operation_metadata.cpp | 11 | ||||
-rw-r--r-- | src/mongo/db/s/forwardable_operation_metadata.h | 4 | ||||
-rw-r--r-- | src/mongo/db/s/forwardable_operation_metadata.idl | 17 | ||||
-rw-r--r-- | src/mongo/db/s/sharding_ddl_coordinator_service.cpp | 2 |
4 files changed, 23 insertions, 11 deletions
diff --git a/src/mongo/db/s/forwardable_operation_metadata.cpp b/src/mongo/db/s/forwardable_operation_metadata.cpp index 39ed1fbf62c..45371ee0b26 100644 --- a/src/mongo/db/s/forwardable_operation_metadata.cpp +++ b/src/mongo/db/s/forwardable_operation_metadata.cpp @@ -32,11 +32,12 @@ #include "mongo/db/s/forwardable_operation_metadata.h" #include "mongo/db/auth/authorization_session.h" +#include "mongo/rpc/metadata/impersonated_user_metadata.h" namespace mongo { ForwardableOperationMetadata::ForwardableOperationMetadata(const BSONObj& obj) { - ForwardableOperationMetadataBase::parse( + ForwardableOperationMetadataBase::parseProtected( IDLParserErrorContext("ForwardableOperationMetadataBase"), obj); } @@ -44,11 +45,9 @@ ForwardableOperationMetadata::ForwardableOperationMetadata(OperationContext* opC if (auto optComment = opCtx->getComment()) { setComment(optComment->wrap()); } - auto authzSession = AuthorizationSession::get(opCtx->getClient()); - setImpersonatedUserMetadata({{userNameIteratorToContainer<std::vector<UserName>>( - authzSession->getImpersonatedUserNames()), - roleNameIteratorToContainer<std::vector<RoleName>>( - authzSession->getImpersonatedRoleNames())}}); + if (const auto authMetadata = rpc::getImpersonatedUserMetadata(opCtx)) { + setImpersonatedUserMetadata({{authMetadata->getUsers(), authMetadata->getRoles()}}); + } } void ForwardableOperationMetadata::setOn(OperationContext* opCtx) const { diff --git a/src/mongo/db/s/forwardable_operation_metadata.h b/src/mongo/db/s/forwardable_operation_metadata.h index 8cae3a2a636..34c603c655c 100644 --- a/src/mongo/db/s/forwardable_operation_metadata.h +++ b/src/mongo/db/s/forwardable_operation_metadata.h @@ -47,8 +47,8 @@ namespace mongo { class ForwardableOperationMetadata : public ForwardableOperationMetadataBase { public: ForwardableOperationMetadata() = default; - ForwardableOperationMetadata(const BSONObj& obj); - ForwardableOperationMetadata(OperationContext* opCtx); + explicit ForwardableOperationMetadata(const BSONObj& obj); + explicit ForwardableOperationMetadata(OperationContext* opCtx); void setOn(OperationContext* opCtx) const; diff --git a/src/mongo/db/s/forwardable_operation_metadata.idl b/src/mongo/db/s/forwardable_operation_metadata.idl index 28b5afbb970..14b704c7802 100644 --- a/src/mongo/db/s/forwardable_operation_metadata.idl +++ b/src/mongo/db/s/forwardable_operation_metadata.idl @@ -34,6 +34,19 @@ imports: - "mongo/rpc/metadata/impersonated_user_metadata.idl" structs: + AuthenticationMetadata: + # Since we need to store this struct in collection, + # we need to redefine the ImpersonatedUserMetadata struct because + # it has fields prefixed with with '$' dollar sign that are not supported + # by our storage engine. + description: "A struct representing the impersonated users associated with a specific operation." + strict: false + fields: + users: + type: array<UserName> + roles: + type: array<RoleName> + ForwardableOperationMetadataBase: description: "Used to store metadata of an operation context that can be safely passed among different threads." strict: false @@ -43,6 +56,6 @@ structs: description: "The comment assiociated with the operation." optional: true impersonatedUserMetadata: - type: ImpersonatedUserMetadata - description: "A struct representing the impersonated users from a mongos" + type: AuthenticationMetadata + description: "The impersonated users associated with the operation." optional: true diff --git a/src/mongo/db/s/sharding_ddl_coordinator_service.cpp b/src/mongo/db/s/sharding_ddl_coordinator_service.cpp index f94793638e5..a34714b25dd 100644 --- a/src/mongo/db/s/sharding_ddl_coordinator_service.cpp +++ b/src/mongo/db/s/sharding_ddl_coordinator_service.cpp @@ -82,7 +82,7 @@ ShardingDDLCoordinatorService::getOrCreateInstance(OperationContext* opCtx, BSON coorMetadata.setDatabaseVersion(clientDbVersion); } - coorMetadata.setForwardableOpMetadata({{opCtx}}); + coorMetadata.setForwardableOpMetadata(boost::optional<ForwardableOperationMetadata>(opCtx)); const auto patchedCoorDoc = coorDoc.addFields(coorMetadata.toBSON()); auto [coordinator, created] = [&] { |