diff options
author | Eliot Horowitz <eliot@10gen.com> | 2010-07-28 11:09:38 -0400 |
---|---|---|
committer | Eliot Horowitz <eliot@10gen.com> | 2010-07-28 11:09:38 -0400 |
commit | a22ab2a7296fb63ae70cb8d8a32b6c7cfcd19122 (patch) | |
tree | 10dde6bf3fa129494b0cd0b68fe8725c62b4c647 | |
parent | c317b30cc1d250c33e3245f57c1c684e0662dab5 (diff) | |
download | mongo-a22ab2a7296fb63ae70cb8d8a32b6c7cfcd19122.tar.gz |
more webserver split out/cleaning
-rw-r--r-- | SConstruct | 4 | ||||
-rw-r--r-- | db/dbwebserver.cpp | 22 | ||||
-rw-r--r-- | db/dbwebserver.h | 8 | ||||
-rw-r--r-- | db/restapi.cpp | 18 | ||||
-rw-r--r-- | s/s_only.cpp | 42 |
5 files changed, 75 insertions, 19 deletions
diff --git a/SConstruct b/SConstruct index 5550fc4120f..83a080a5795 100644 --- a/SConstruct +++ b/SConstruct @@ -431,13 +431,13 @@ else: coreDbFiles = [ "db/commands.cpp" ] coreServerFiles = [ "util/message_server_port.cpp" , "client/parallel.cpp" , - "util/miniwebserver.cpp" , + "util/miniwebserver.cpp" , "db/dbwebserver.cpp" , "db/matcher.cpp" , "db/indexkey.cpp" , "db/dbcommands_generic.cpp" ] if GetOption( "asio" ) != None: coreServerFiles += [ "util/message_server_asio.cpp" ] -serverOnlyFiles = Split( "db/query.cpp db/update.cpp db/introspect.cpp db/btree.cpp db/clientcursor.cpp db/tests.cpp db/repl.cpp db/repl/rs.cpp db/repl/consensus.cpp db/repl/rs_initiate.cpp db/repl/replset_commands.cpp db/repl/manager.cpp db/repl/health.cpp db/repl/heartbeat.cpp db/repl/rs_config.cpp db/repl/rs_rollback.cpp db/repl/rs_sync.cpp db/repl/rs_initialsync.cpp db/oplog.cpp db/repl_block.cpp db/btreecursor.cpp db/cloner.cpp db/namespace.cpp db/cap.cpp db/matcher_covered.cpp db/dbeval.cpp db/dbwebserver.cpp db/restapi.cpp db/dbhelpers.cpp db/instance.cpp db/client.cpp db/database.cpp db/pdfile.cpp db/cursor.cpp db/security_commands.cpp db/security.cpp db/storage.cpp db/queryoptimizer.cpp db/extsort.cpp db/mr.cpp s/d_util.cpp db/cmdline.cpp" ) +serverOnlyFiles = Split( "db/query.cpp db/update.cpp db/introspect.cpp db/btree.cpp db/clientcursor.cpp db/tests.cpp db/repl.cpp db/repl/rs.cpp db/repl/consensus.cpp db/repl/rs_initiate.cpp db/repl/replset_commands.cpp db/repl/manager.cpp db/repl/health.cpp db/repl/heartbeat.cpp db/repl/rs_config.cpp db/repl/rs_rollback.cpp db/repl/rs_sync.cpp db/repl/rs_initialsync.cpp db/oplog.cpp db/repl_block.cpp db/btreecursor.cpp db/cloner.cpp db/namespace.cpp db/cap.cpp db/matcher_covered.cpp db/dbeval.cpp db/restapi.cpp db/dbhelpers.cpp db/instance.cpp db/client.cpp db/database.cpp db/pdfile.cpp db/cursor.cpp db/security_commands.cpp db/security.cpp db/storage.cpp db/queryoptimizer.cpp db/extsort.cpp db/mr.cpp s/d_util.cpp db/cmdline.cpp" ) serverOnlyFiles += [ "db/index.cpp" ] + Glob( "db/geo/*.cpp" ) diff --git a/db/dbwebserver.cpp b/db/dbwebserver.cpp index 36a348b4bc4..adf5542c180 100644 --- a/db/dbwebserver.cpp +++ b/db/dbwebserver.cpp @@ -261,20 +261,15 @@ namespace mongo { } ss << "</table>\n"; } - - private: + private: + bool allowed( const char * rq , vector<string>& headers, const SockAddr &from ) { if ( from.isLocalHost() ) return true; - { - readlocktryassert rl("admin.system.users", 10000); - if( Helpers::isEmpty("admin.system.users") ) - return true; - } - - Client::GodScope gs; + if ( ! webHaveAdminUsers() ) + return true; string auth = getHeader( rq , "Authorization" ); @@ -290,7 +285,7 @@ namespace mongo { parms[name] = val; } - BSONObj user = db.findOne( "admin.system.users" , BSON( "user" << parms["username"] ) ); + BSONObj user = webGetAdminUser( parms["username"] ); if ( ! user.isEmpty() ){ string ha1 = user["pwd"].str(); string ha2 = md5simpledigest( (string)"GET" + ":" + parms["uri"] ); @@ -443,9 +438,7 @@ namespace mongo { headers.push_back( "Content-Type: text/plain" ); } - - private: - static DBDirectClient db; + protected: RamLog * ramlog; }; @@ -679,9 +672,6 @@ namespace mongo { return s.str(); } - - DBDirectClient DbWebServer::db; - void webServerThread() { Client::initThread("websvr"); const int p = cmdLine.port + 1000; diff --git a/db/dbwebserver.h b/db/dbwebserver.h index d03c6ca9506..c49b1584431 100644 --- a/db/dbwebserver.h +++ b/db/dbwebserver.h @@ -44,6 +44,7 @@ namespace mongo { string toString() const { return _toString; } static DbWebHandler * findHandler( const string& url ); + private: string _name; double _priority; @@ -57,6 +58,13 @@ namespace mongo { void webServerThread(); string prettyHostName(); + + /** @return if there are any admin users. this should not block for long and throw if can't get a lock if needed */ + bool webHaveAdminUsers(); + + /** @return admin user with this name. this should not block for long and throw if can't get a lock if needed */ + BSONObj webGetAdminUser( const string& username ); + }; diff --git a/db/restapi.cpp b/db/restapi.cpp index 0802b2c5bdc..a5c58c073c0 100644 --- a/db/restapi.cpp +++ b/db/restapi.cpp @@ -23,6 +23,7 @@ #include "../util/md5.hpp" #include "instance.h" #include "dbwebserver.h" +#include "dbhelpers.h" namespace mongo { @@ -229,5 +230,20 @@ namespace mongo { DBDirectClient db; } restHandler; - + + bool webHaveAdminUsers(){ + readlocktryassert rl("admin.system.users", 10000); + Client::Context cx( "admin.system.users" ); + return ! Helpers::isEmpty("admin.system.users"); + } + + BSONObj webGetAdminUser( const string& username ){ + Client::GodScope gs; + readlocktryassert rl("admin.system.users", 10000); + Client::Context cx( "admin.system.users" ); + BSONObj user; + if ( Helpers::findOne( "admin.system.users" , BSON( "user" << username ) , user ) ) + return user.copy(); + return BSONObj(); + } } diff --git a/s/s_only.cpp b/s/s_only.cpp index 4aeb69cb022..fcc8ef170cf 100644 --- a/s/s_only.cpp +++ b/s/s_only.cpp @@ -19,6 +19,7 @@ #include "../client/dbclient.h" #include "../db/dbhelpers.h" #include "../db/matcher.h" +#include "../db/commands.h" /* most a pile of hacks to make linking nicer @@ -38,4 +39,45 @@ namespace mongo { Client::~Client(){ log() << "Client::~Client : this shouldn't be called" << endl; printStackTrace(); } bool Client::shutdown(){ assert(!"Client::shutdown() shouldn't be called"); return true; } + bool webHaveAdminUsers(){ + return false; + } + + BSONObj webGetAdminUser( const string& username ){ + return BSONObj(); + } + + bool execCommand( Command * c , + Client& client , int queryOptions , + const char *ns, BSONObj& cmdObj , + BSONObjBuilder& result, + bool fromRepl ){ + assert(c); + + string dbname = nsToDatabase( ns ); + + if ( cmdObj["help"].trueValue() ){ + stringstream ss; + ss << "help for: " << c->name << " "; + c->help( ss ); + result.append( "help" , ss.str() ); + result.append( "lockType" , c->locktype() ); + return true; + } + + if ( c->adminOnly() ){ + if ( dbname != "admin" ) { + result.append( "errmsg" , "access denied- use admin db" ); + log() << "command denied: " << cmdObj.toString() << endl; + return false; + } + log( 2 ) << "command: " << cmdObj << endl; + } + + string errmsg; + int ok = c->run( dbname , cmdObj , errmsg , result , fromRepl ); + if ( ! ok ) + result.append( "errmsg" , errmsg ); + return ok; + } } |