SERVER-5261 Include authentication information in currentOp output

author: Jonathan Reams <jbreams@mongodb.com> 2018-08-16 16:02:16 -0400
committer: Jonathan Reams <jbreams@mongodb.com> 2018-09-14 11:12:45 -0400
commit: 2ea069aa505c750cad6a7ba6ae6d4ac897f396d1 (patch)
tree: b8093da62175046189de9fbb876b5ef8b79181b1 /src/mongo/db/auth/impersonation_session.cpp
parent: 7087350d1d5c943520e9972ac1f8b85252c0eceb (diff)
download: mongo-2ea069aa505c750cad6a7ba6ae6d4ac897f396d1.tar.gz
1 files changed, 8 insertions, 12 deletions
diff --git a/src/mongo/db/auth/impersonation_session.cpp b/src/mongo/db/auth/impersonation_session.cpp
index 8b9a5f09fc7..666522cd043 100644
--- a/src/mongo/db/auth/impersonation_session.cpp
+++ b/src/mongo/db/auth/impersonation_session.cpp
@@ -39,7 +39,7 @@
 #include "mongo/db/auth/resource_pattern.h"
 #include "mongo/db/client.h"
 #include "mongo/db/operation_context.h"
-#include "mongo/rpc/metadata/audit_metadata.h"
+#include "mongo/rpc/metadata/impersonated_user_metadata.h"
 #include "mongo/util/assert_util.h"
 #include "mongo/util/destructor_guard.h"
 
@@ -47,28 +47,24 @@ namespace mongo {
 
 ImpersonationSessionGuard::ImpersonationSessionGuard(OperationContext* opCtx) : _opCtx(opCtx) {
     auto authSession = AuthorizationSession::get(_opCtx->getClient());
-
-    const auto& impersonatedUsersAndRoles =
-        rpc::AuditMetadata::get(opCtx).getImpersonatedUsersAndRoles();
-
-    if (impersonatedUsersAndRoles != boost::none) {
+    const auto impersonatedUsersAndRoles = rpc::getImpersonatedUserMetadata(opCtx);
+    if (impersonatedUsersAndRoles) {
         uassert(ErrorCodes::Unauthorized,
                 "Unauthorized use of impersonation metadata.",
                 authSession->isAuthorizedForPrivilege(
                     Privilege(ResourcePattern::forClusterResource(), ActionType::impersonate)));
-
         fassert(ErrorCodes::InternalError, !authSession->isImpersonating());
-
-        authSession->setImpersonatedUserData(std::get<0>(*impersonatedUsersAndRoles),
-                                             std::get<1>(*impersonatedUsersAndRoles));
+        authSession->setImpersonatedUserData(impersonatedUsersAndRoles->getUsers(),
+                                             impersonatedUsersAndRoles->getRoles());
         _active = true;
+        return;
     }
 }
 
 ImpersonationSessionGuard::~ImpersonationSessionGuard() {
-    DESTRUCTOR_GUARD(if (_active) {
+    if (_active) {
         AuthorizationSession::get(_opCtx->getClient())->clearImpersonatedUserData();
-    })
+    }
 }
 
 }  // namespace mongo
author	Jonathan Reams <jbreams@mongodb.com>	2018-08-16 16:02:16 -0400
committer	Jonathan Reams <jbreams@mongodb.com>	2018-09-14 11:12:45 -0400
commit	2ea069aa505c750cad6a7ba6ae6d4ac897f396d1 (patch)
tree	b8093da62175046189de9fbb876b5ef8b79181b1 /src/mongo/db/auth/impersonation_session.cpp
parent	7087350d1d5c943520e9972ac1f8b85252c0eceb (diff)
download	mongo-2ea069aa505c750cad6a7ba6ae6d4ac897f396d1.tar.gz