diff options
author | Mark Benvenuto <mark.benvenuto@mongodb.com> | 2015-06-20 00:22:50 -0400 |
---|---|---|
committer | Mark Benvenuto <mark.benvenuto@mongodb.com> | 2015-06-20 10:56:02 -0400 |
commit | 9c2ed42daa8fbbef4a919c21ec564e2db55e8d60 (patch) | |
tree | 3814f79c10d7b490948d8cb7b112ac1dd41ceff1 /src/mongo/db/auth/authz_manager_external_state.h | |
parent | 01965cf52bce6976637ecb8f4a622aeb05ab256a (diff) | |
download | mongo-9c2ed42daa8fbbef4a919c21ec564e2db55e8d60.tar.gz |
SERVER-18579: Clang-Format - reformat code, no comment reflow
Diffstat (limited to 'src/mongo/db/auth/authz_manager_external_state.h')
-rw-r--r-- | src/mongo/db/auth/authz_manager_external_state.h | 194 |
1 files changed, 95 insertions, 99 deletions
diff --git a/src/mongo/db/auth/authz_manager_external_state.h b/src/mongo/db/auth/authz_manager_external_state.h index 6fd94effb69..e3bdcdb8c43 100644 --- a/src/mongo/db/auth/authz_manager_external_state.h +++ b/src/mongo/db/auth/authz_manager_external_state.h @@ -41,105 +41,101 @@ namespace mongo { - class AuthorizationManager; - class AuthzSessionExternalState; - class OperationContext; +class AuthorizationManager; +class AuthzSessionExternalState; +class OperationContext; + +/** + * Public interface for a class that encapsulates all the information related to system + * state not stored in AuthorizationManager. This is primarily to make AuthorizationManager + * easier to test as well as to allow different implementations for mongos and mongod. + */ +class AuthzManagerExternalState { + MONGO_DISALLOW_COPYING(AuthzManagerExternalState); + +public: + static stdx::function<std::unique_ptr<AuthzManagerExternalState>()> create; + + virtual ~AuthzManagerExternalState(); /** - * Public interface for a class that encapsulates all the information related to system - * state not stored in AuthorizationManager. This is primarily to make AuthorizationManager - * easier to test as well as to allow different implementations for mongos and mongod. + * Initializes the external state object. Must be called after construction and before + * calling other methods. Object may not be used after this method returns something other + * than Status::OK(). */ - class AuthzManagerExternalState { - MONGO_DISALLOW_COPYING(AuthzManagerExternalState); - - public: - - static stdx::function<std::unique_ptr<AuthzManagerExternalState>()> create; - - virtual ~AuthzManagerExternalState(); - - /** - * Initializes the external state object. Must be called after construction and before - * calling other methods. Object may not be used after this method returns something other - * than Status::OK(). - */ - virtual Status initialize(OperationContext* txn) = 0; - - /** - * Creates an external state manipulator for an AuthorizationSession whose - * AuthorizationManager uses this object as its own external state manipulator. - */ - virtual std::unique_ptr<AuthzSessionExternalState> makeAuthzSessionExternalState( - AuthorizationManager* authzManager) = 0; - - /** - * Retrieves the schema version of the persistent data describing users and roles. - * Will leave *outVersion unmodified on non-OK status return values. - */ - virtual Status getStoredAuthorizationVersion(OperationContext* txn, int* outVersion) = 0; - - /** - * Writes into "result" a document describing the named user and returns Status::OK(). The - * description includes the user credentials, if present, the user's role membership and - * delegation information, a full list of the user's privileges, and a full list of the - * user's roles, including those roles held implicitly through other roles (indirect roles). - * In the event that some of this information is inconsistent, the document will contain a - * "warnings" array, with std::string messages describing inconsistencies. - * - * If the user does not exist, returns ErrorCodes::UserNotFound. - */ - virtual Status getUserDescription( - OperationContext* txn, const UserName& userName, BSONObj* result) = 0; - - /** - * Writes into "result" a document describing the named role and returns Status::OK(). The - * description includes the roles in which the named role has membership and a full list of - * the roles of which the named role is a member, including those roles memberships held - * implicitly through other roles (indirect roles). If "showPrivileges" is true, then the - * description documents will also include a full list of the role's privileges. - * In the event that some of this information is inconsistent, the document will contain a - * "warnings" array, with std::string messages describing inconsistencies. - * - * If the role does not exist, returns ErrorCodes::RoleNotFound. - */ - virtual Status getRoleDescription(const RoleName& roleName, - bool showPrivileges, - BSONObj* result) = 0; - - /** - * Writes into "result" documents describing the roles that are defined on the given - * database. Each role description document includes the other roles in which the role has - * membership and a full list of the roles of which the named role is a member, - * including those roles memberships held implicitly through other roles (indirect roles). - * If showPrivileges is true, then the description documents will also include a full list - * of the role's privileges. If showBuiltinRoles is true, then the result array will - * contain description documents for all the builtin roles for the given database, if it - * is false the result will just include user defined roles. - * In the event that some of the information in a given role description is inconsistent, - * the document will contain a "warnings" array, with std::string messages describing - * inconsistencies. - */ - virtual Status getRoleDescriptionsForDB(const std::string dbname, - bool showPrivileges, - bool showBuiltinRoles, - std::vector<BSONObj>* result) = 0; - - /** - * Returns true if there exists at least one privilege document in the system. - */ - virtual bool hasAnyPrivilegeDocuments(OperationContext* txn) = 0; - - virtual void logOp( - OperationContext* txn, - const char* op, - const char* ns, - const BSONObj& o, - BSONObj* o2) {} - - - protected: - AuthzManagerExternalState(); // This class should never be instantiated directly. - }; - -} // namespace mongo + virtual Status initialize(OperationContext* txn) = 0; + + /** + * Creates an external state manipulator for an AuthorizationSession whose + * AuthorizationManager uses this object as its own external state manipulator. + */ + virtual std::unique_ptr<AuthzSessionExternalState> makeAuthzSessionExternalState( + AuthorizationManager* authzManager) = 0; + + /** + * Retrieves the schema version of the persistent data describing users and roles. + * Will leave *outVersion unmodified on non-OK status return values. + */ + virtual Status getStoredAuthorizationVersion(OperationContext* txn, int* outVersion) = 0; + + /** + * Writes into "result" a document describing the named user and returns Status::OK(). The + * description includes the user credentials, if present, the user's role membership and + * delegation information, a full list of the user's privileges, and a full list of the + * user's roles, including those roles held implicitly through other roles (indirect roles). + * In the event that some of this information is inconsistent, the document will contain a + * "warnings" array, with std::string messages describing inconsistencies. + * + * If the user does not exist, returns ErrorCodes::UserNotFound. + */ + virtual Status getUserDescription(OperationContext* txn, + const UserName& userName, + BSONObj* result) = 0; + + /** + * Writes into "result" a document describing the named role and returns Status::OK(). The + * description includes the roles in which the named role has membership and a full list of + * the roles of which the named role is a member, including those roles memberships held + * implicitly through other roles (indirect roles). If "showPrivileges" is true, then the + * description documents will also include a full list of the role's privileges. + * In the event that some of this information is inconsistent, the document will contain a + * "warnings" array, with std::string messages describing inconsistencies. + * + * If the role does not exist, returns ErrorCodes::RoleNotFound. + */ + virtual Status getRoleDescription(const RoleName& roleName, + bool showPrivileges, + BSONObj* result) = 0; + + /** + * Writes into "result" documents describing the roles that are defined on the given + * database. Each role description document includes the other roles in which the role has + * membership and a full list of the roles of which the named role is a member, + * including those roles memberships held implicitly through other roles (indirect roles). + * If showPrivileges is true, then the description documents will also include a full list + * of the role's privileges. If showBuiltinRoles is true, then the result array will + * contain description documents for all the builtin roles for the given database, if it + * is false the result will just include user defined roles. + * In the event that some of the information in a given role description is inconsistent, + * the document will contain a "warnings" array, with std::string messages describing + * inconsistencies. + */ + virtual Status getRoleDescriptionsForDB(const std::string dbname, + bool showPrivileges, + bool showBuiltinRoles, + std::vector<BSONObj>* result) = 0; + + /** + * Returns true if there exists at least one privilege document in the system. + */ + virtual bool hasAnyPrivilegeDocuments(OperationContext* txn) = 0; + + virtual void logOp( + OperationContext* txn, const char* op, const char* ns, const BSONObj& o, BSONObj* o2) {} + + +protected: + AuthzManagerExternalState(); // This class should never be instantiated directly. +}; + +} // namespace mongo |