diff options
| author | Ben Caimano <ben.caimano@10gen.com> | 2021-03-01 19:32:45 +0000 |
|---|---|---|
| committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2021-03-05 18:39:29 +0000 |
| commit | 36597e8ce4fcf00e777bca348929c1530a79c699 (patch) | |
| tree | c0303dbaedba91fd3e564f561e205f2558f412b2 /src/mongo/db/audit.h | |
| parent | a64f3aa45c6441268f8b28f9fc5eb13f7dc02448 (diff) | |
| download | mongo-36597e8ce4fcf00e777bca348929c1530a79c699.tar.gz | |
SERVER-53604 Convey both id and full arn to authenticate audit events
Diffstat (limited to 'src/mongo/db/audit.h')
| -rw-r--r-- | src/mongo/db/audit.h | 57 |
1 files changed, 53 insertions, 4 deletions
diff --git a/src/mongo/db/audit.h b/src/mongo/db/audit.h index 1fb5a06f254..5f0c3e329db 100644 --- a/src/mongo/db/audit.h +++ b/src/mongo/db/audit.h @@ -39,11 +39,13 @@ #include "mongo/db/auth/user.h" #include "mongo/db/ops/write_ops.h" #include "mongo/rpc/op_msg.h" +#include "mongo/util/functional.h" namespace mongo { class AuthorizationSession; class BSONObj; +class BSONObjBuilder; class Client; class NamespaceString; class OperationContext; @@ -86,12 +88,59 @@ public: }; /** + * AuthenticateEvent is a opaque view into a finished authentication handshake. + * + * This object is only valid within its initial stack context. + */ +class AuthenticateEvent { +public: + using Appender = unique_function<void(BSONObjBuilder*)>; + + AuthenticateEvent(StringData mechanism, + StringData db, + StringData user, + Appender appender, + ErrorCodes::Error result) + : _mechanism(mechanism), + _db(db), + _user(user), + _appender(std::move(appender)), + _result(result) {} + + StringData getMechanism() const { + return _mechanism; + } + + StringData getDatabase() const { + return _db; + } + + StringData getUser() const { + return _user; + } + + ErrorCodes::Error getResult() const { + return _result; + } + + void appendExtraInfo(BSONObjBuilder* bob) const { + _appender(bob); + } + +private: + StringData _mechanism; + StringData _db; + StringData _user; + + Appender _appender; + + ErrorCodes::Error _result; +}; + +/** * Logs the result of an authentication attempt. */ -void logAuthentication(Client* client, - StringData mechanism, - const UserName& user, - ErrorCodes::Error result); +void logAuthentication(Client* client, const AuthenticateEvent& event); // // Authorization (authz) logging functions. |