SERVER-30434: Process authenticationRestrictions in FCV 3.4

author: Spencer Jackson <spencer.jackson@mongodb.com> 2017-07-31 10:56:56 -0400
committer: Spencer Jackson <spencer.jackson@mongodb.com> 2017-07-31 13:59:59 -0400
commit: 9096def9687739a40df79efe4e9e4d9b19215201 (patch)
tree: b2f47817d0899e0de7f04bc40e226e8c729d5860 /src/mongo/db/auth/authz_manager_external_state_local.cpp
parent: 6d9d554e24b134e9cadad7e9377c5e4634c3a6af (diff)
download: mongo-9096def9687739a40df79efe4e9e4d9b19215201.tar.gz
1 files changed, 1 insertions, 22 deletions
diff --git a/src/mongo/db/auth/authz_manager_external_state_local.cpp b/src/mongo/db/auth/authz_manager_external_state_local.cpp
index b4a37379529..c391dff44b0 100644
--- a/src/mongo/db/auth/authz_manager_external_state_local.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_local.cpp
@@ -31,6 +31,7 @@
 #include "mongo/db/auth/authz_manager_external_state_local.h"
 
 #include "mongo/base/status.h"
+#include "mongo/bson/mutable/algorithm.h"
 #include "mongo/bson/mutable/document.h"
 #include "mongo/bson/mutable/element.h"
 #include "mongo/bson/util/bson_extract.h"
@@ -197,21 +198,6 @@ Status AuthzManagerExternalStateLocal::getUserDescription(OperationContext* opCt
     resolveUserRoles(&resultDoc, directRoles);
     *result = resultDoc.getObject();
 
-    const auto isNonEmptyArray = [](const BSONObj& doc, StringData element) {
-        const auto& e = doc[element];
-        return !e.eoo() && (e.type() == Array) && !e.Obj().isEmpty();
-    };
-
-    if ((isNonEmptyArray(*result, "authenticationRestrictions") ||
-         isNonEmptyArray(*result, "inheritedAuthenticationRestrictions")) &&
-        serverGlobalParams.featureCompatibility.version.load() <
-            ServerGlobalParams::FeatureCompatibility::Version::k36) {
-        // Mongos isn't able to evaluate whether documents are valid under the current
-        // featureCompatibilityVersion. We must make the decision before it sees them.
-        return Status(ErrorCodes::UnsupportedFormat,
-                      "'authenticationRestrictions' requires 3.6 feature compatibility version");
-    }
-
     return Status::OK();
 }
 
@@ -300,13 +286,6 @@ Status AuthzManagerExternalStateLocal::_getUserDocument(OperationContext* opCtx,
         status =
             Status(ErrorCodes::UserNotFound,
                    mongoutils::str::stream() << "Could not find user " << userName.getFullName());
-    } else if ((*userDoc)["authenticationRestrictions"] &&
-               serverGlobalParams.featureCompatibility.version.load() <
-                   ServerGlobalParams::FeatureCompatibility::Version::k36) {
-        // Mongos isn't able to evaluate whether documents are valid under the current
-        // featureCompatibilityVersion. We must make the decision before it sees them.
-        status = Status(ErrorCodes::UnsupportedFormat,
-                        "'authenticationRestrictions' requires 3.6 feature compatibility version");
     }
     return status;
 }
author	Spencer Jackson <spencer.jackson@mongodb.com>	2017-07-31 10:56:56 -0400
committer	Spencer Jackson <spencer.jackson@mongodb.com>	2017-07-31 13:59:59 -0400
commit	9096def9687739a40df79efe4e9e4d9b19215201 (patch)
tree	b2f47817d0899e0de7f04bc40e226e8c729d5860 /src/mongo/db/auth/authz_manager_external_state_local.cpp
parent	6d9d554e24b134e9cadad7e9377c5e4634c3a6af (diff)
download	mongo-9096def9687739a40df79efe4e9e4d9b19215201.tar.gz