SERVER-17856: Allow mongod users to currentOp and killOp own operations

author: Spencer Jackson <spencer.jackson@mongodb.com> 2016-07-11 13:50:21 -0400
committer: Spencer Jackson <spencer.jackson@mongodb.com> 2016-07-29 15:51:21 -0400
commit: 9380a1c12a19a061eaafabb5f6b9e87f16a28179 (patch)
tree: 9d2dec0ecb977c7555f9d74108da3a4c68586cad /src/mongo/db/auth/authorization_session.h
parent: 3cca3da0ad890c8272f56e18f8066c472b2a25f4 (diff)
download: mongo-9380a1c12a19a061eaafabb5f6b9e87f16a28179.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/src/mongo/db/auth/authorization_session.h b/src/mongo/db/auth/authorization_session.h
index 4622f4cdb89..31b64a7b1c8 100644
--- a/src/mongo/db/auth/authorization_session.h
+++ b/src/mongo/db/auth/authorization_session.h
@@ -247,6 +247,13 @@ public:
     // Clears the data for impersonated users.
     void clearImpersonatedUserData();
 
+    // Returns true if the session and 'opClient's AuthorizationSession share an
+    // authenticated user. If either object has impersonated users,
+    // those users will be considered as 'authenticated' for the purpose of this check.
+    //
+    // The existence of 'opClient' must be guaranteed through locks taken by the caller.
+    bool isCoauthorizedWithClient(ClientBasic* opClient);
+
     // Tells whether impersonation is active or not.  This state is set when
     // setImpersonatedUserData is called and cleared when clearImpersonatedUserData is
     // called.
author	Spencer Jackson <spencer.jackson@mongodb.com>	2016-07-11 13:50:21 -0400
committer	Spencer Jackson <spencer.jackson@mongodb.com>	2016-07-29 15:51:21 -0400
commit	9380a1c12a19a061eaafabb5f6b9e87f16a28179 (patch)
tree	9d2dec0ecb977c7555f9d74108da3a4c68586cad /src/mongo/db/auth/authorization_session.h
parent	3cca3da0ad890c8272f56e18f8066c472b2a25f4 (diff)
download	mongo-9380a1c12a19a061eaafabb5f6b9e87f16a28179.tar.gz