diff options
author | Gabriel Russell <gabriel.russell@mongodb.com> | 2020-02-13 11:49:46 -0500 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2020-02-13 18:16:35 +0000 |
commit | a84c09a19720b73cedb2e8ef7c5cfeedfa1c9761 (patch) | |
tree | 85ac46cd5f4ea6d5134560bf764fb9e6cf11fe4e /src/mongo/db/auth/authorization_session_impl.cpp | |
parent | 6df40e01f7b6899affc4536e7e73a35802cabf98 (diff) | |
download | mongo-a84c09a19720b73cedb2e8ef7c5cfeedfa1c9761.tar.gz |
SERVER-45869 automatically converted structured logging
Diffstat (limited to 'src/mongo/db/auth/authorization_session_impl.cpp')
-rw-r--r-- | src/mongo/db/auth/authorization_session_impl.cpp | 59 |
1 files changed, 38 insertions, 21 deletions
diff --git a/src/mongo/db/auth/authorization_session_impl.cpp b/src/mongo/db/auth/authorization_session_impl.cpp index 941f3b84cf8..c0beeb758aa 100644 --- a/src/mongo/db/auth/authorization_session_impl.cpp +++ b/src/mongo/db/auth/authorization_session_impl.cpp @@ -53,6 +53,7 @@ #include "mongo/db/operation_context.h" #include "mongo/db/pipeline/aggregation_request.h" #include "mongo/db/pipeline/lite_parsed_pipeline.h" +#include "mongo/logv2/log.h" #include "mongo/util/assert_util.h" #include "mongo/util/log.h" #include "mongo/util/str.h" @@ -139,8 +140,11 @@ Status AuthorizationSessionImpl::addAndAuthorizeUser(OperationContext* opCtx, Status restrictionStatus = restrictionSet.validate(RestrictionEnvironment::get(*opCtx->getClient())); if (!restrictionStatus.isOK()) { - log() << "Failed to acquire user '" << userName - << "' because of unmet authentication restrictions: " << restrictionStatus.reason(); + LOGV2(20240, + "Failed to acquire user '{userName}' because of unmet authentication restrictions: " + "{restrictionStatus_reason}", + "userName"_attr = userName, + "restrictionStatus_reason"_attr = restrictionStatus.reason()); return AuthorizationManager::authenticationFailedStatus; } @@ -553,9 +557,11 @@ bool AuthorizationSessionImpl::isAuthorizedToCreateRole( return true; } } - log() << "Not authorized to create the first role in the system '" << args.roleName - << "' using the localhost exception. The user needs to acquire the role through " - "external authentication first."; + LOGV2(20241, + "Not authorized to create the first role in the system '{args_roleName}' using the " + "localhost exception. The user needs to acquire the role through " + "external authentication first.", + "args_roleName"_attr = args.roleName); } return false; @@ -765,45 +771,56 @@ void AuthorizationSessionImpl::_refreshUserInfoAsNeeded(OperationContext* opCtx) Status restrictionStatus = restrictionSet.validate( RestrictionEnvironment::get(*opCtx->getClient())); if (!restrictionStatus.isOK()) { - log() << "Removed user " << name - << " with unmet authentication restrictions from session cache of" - << " user information. Restriction failed because: " - << restrictionStatus.reason(); + LOGV2(20242, + "Removed user {name} with unmet authentication restrictions from " + "session cache of user information. Restriction failed because: " + "{restrictionStatus_reason}", + "name"_attr = name, + "restrictionStatus_reason"_attr = restrictionStatus.reason()); // If we remove from the UserSet, we cannot increment the iterator. continue; } } catch (...) { - log() << "Evaluating authentication restrictions for " << name - << " resulted in an unknown exception. Removing user from the" - << " session cache."; + LOGV2(20243, + "Evaluating authentication restrictions for {name} resulted in an " + "unknown exception. Removing user from the session cache.", + "name"_attr = name); continue; } // Success! Replace the old User object with the updated one. removeGuard.dismiss(); _authenticatedUsers.replaceAt(it, std::move(updatedUser)); - LOG(1) << "Updated session cache of user information for " << name; + LOGV2_DEBUG(20244, + 1, + "Updated session cache of user information for {name}", + "name"_attr = name); break; } case ErrorCodes::UserNotFound: { // User does not exist anymore; remove it from _authenticatedUsers. - log() << "Removed deleted user " << name - << " from session cache of user information."; + LOGV2(20245, + "Removed deleted user {name} from session cache of user information.", + "name"_attr = name); continue; // No need to advance "it" in this case. } case ErrorCodes::UnsupportedFormat: { // An auth subsystem has explicitly indicated a failure. - log() << "Removed user " << name - << " from session cache of user information because of refresh failure:" - << " '" << status << "'."; + LOGV2(20246, + "Removed user {name} from session cache of user information because of " + "refresh failure: '{status}'.", + "name"_attr = name, + "status"_attr = status); continue; // No need to advance "it" in this case. } default: // Unrecognized error; assume that it's transient, and continue working with the // out-of-date privilege data. - warning() << "Could not fetch updated user privilege information for " << name - << "; continuing to use old information. Reason is " - << redact(status); + LOGV2_WARNING(20247, + "Could not fetch updated user privilege information for {name}; " + "continuing to use old information. Reason is {status}", + "name"_attr = name, + "status"_attr = redact(status)); removeGuard.dismiss(); break; } |