diff options
| author | Mark Benvenuto <mark.benvenuto@mongodb.com> | 2021-03-21 22:46:19 -0400 |
|---|---|---|
| committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2021-03-22 03:34:46 +0000 |
| commit | 68dbfa5edbb55fec190e508607cf2276367f4f93 (patch) | |
| tree | e1999ab678707adde4dd7f436dd07c8292cc4970 /buildscripts/idl | |
| parent | 393fe9da6a544af2aaea88eda037cfa3eea0da6d (diff) | |
| download | mongo-68dbfa5edbb55fec190e508607cf2276367f4f93.tar.gz | |
SERVER-54524 Extend Authorization Session to record all access checks and privilege checks.
Diffstat (limited to 'buildscripts/idl')
| -rw-r--r-- | buildscripts/idl/idl/generator.py | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/buildscripts/idl/idl/generator.py b/buildscripts/idl/idl/generator.py index ffa143909f0..833004213d4 100644 --- a/buildscripts/idl/idl/generator.py +++ b/buildscripts/idl/idl/generator.py @@ -979,7 +979,7 @@ class _CppHeaderFileWriter(_CppFileWriterBase): # type: (bool, Union[str, bool]) -> None """Generate an apiVersions or deprecatedApiVersions function for a command's base class.""" fn_name = "apiVersions" if is_api_versions else "deprecatedApiVersions" - fn_def = 'virtual const std::set<std::string>& %s() const override' % fn_name + fn_def = 'virtual const std::set<std::string>& %s() const final' % fn_name value = "kApiVersions1" if api_version else "kNoApiVersions" with self._block('%s {' % (fn_def), '}'): self._writer.write_line('return %s;' % value) @@ -1044,6 +1044,13 @@ class _CppHeaderFileWriter(_CppFileWriterBase): self.gen_api_version_fn(True, command.api_version) self.gen_api_version_fn(False, command.is_deprecated) + # Wrte authorization contract code + if command.access_checks is not None: + self._writer.write_line( + 'const AuthorizationContract* getAuthorizationContract() const final { return &Request::kAuthorizationContract; } ' + ) + self.write_empty_line() + # Write InvocationBaseGen class. self.gen_invocation_base_class_declaration(command) @@ -2241,8 +2248,8 @@ class _CppSourceFileWriter(_CppFileWriterBase): if struct.access_checks is None: return - checks = ",".join( - [("AccessCheckEnum::" + ac.check) for ac in struct.access_checks if ac.check]) + checks_list = [ac.check for ac in struct.access_checks if ac.check] + checks = ",".join([("AccessCheckEnum::" + c) for c in checks_list]) privilege_list = [ac.privilege for ac in struct.access_checks if ac.privilege] privileges = ",".join([ |