diff options
author | Spencer Jackson <spencer.jackson@mongodb.com> | 2016-07-11 13:50:21 -0400 |
---|---|---|
committer | Spencer Jackson <spencer.jackson@mongodb.com> | 2016-07-29 15:51:21 -0400 |
commit | 9380a1c12a19a061eaafabb5f6b9e87f16a28179 (patch) | |
tree | 9d2dec0ecb977c7555f9d74108da3a4c68586cad /src/mongo/db/auth/authorization_session.h | |
parent | 3cca3da0ad890c8272f56e18f8066c472b2a25f4 (diff) | |
download | mongo-9380a1c12a19a061eaafabb5f6b9e87f16a28179.tar.gz |
SERVER-17856: Allow mongod users to currentOp and killOp own operations
Diffstat (limited to 'src/mongo/db/auth/authorization_session.h')
-rw-r--r-- | src/mongo/db/auth/authorization_session.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/mongo/db/auth/authorization_session.h b/src/mongo/db/auth/authorization_session.h index 4622f4cdb89..31b64a7b1c8 100644 --- a/src/mongo/db/auth/authorization_session.h +++ b/src/mongo/db/auth/authorization_session.h @@ -247,6 +247,13 @@ public: // Clears the data for impersonated users. void clearImpersonatedUserData(); + // Returns true if the session and 'opClient's AuthorizationSession share an + // authenticated user. If either object has impersonated users, + // those users will be considered as 'authenticated' for the purpose of this check. + // + // The existence of 'opClient' must be guaranteed through locks taken by the caller. + bool isCoauthorizedWithClient(ClientBasic* opClient); + // Tells whether impersonation is active or not. This state is set when // setImpersonatedUserData is called and cleared when clearImpersonatedUserData is // called. |