diff options
| author | Andy Schwerin <schwerin@10gen.com> | 2013-09-20 10:36:01 -0400 |
|---|---|---|
| committer | Andy Schwerin <schwerin@10gen.com> | 2013-09-23 16:20:12 -0400 |
| commit | a7f7c028c4cdda1ab0939c6c7788bb39bd94cc5f (patch) | |
| tree | 270b9930bff0f280252850cd90ef0bf8e7de0a17 /src/mongo/db/auth/user.cpp | |
| parent | 234f50a33cd6d2a2e0a30c4b1bddb1c7de176799 (diff) | |
| download | mongo-a7f7c028c4cdda1ab0939c6c7788bb39bd94cc5f.tar.gz | |
SERVER-1105 Use ResourcePattern type when identifying the resource component of required privileges.
This patch has two principal components. First, it changes the interface to Privilege and
AuthorizationSession to use ResourcePattern in place of std::string for identifying resources.
Second, it examines all call sites of the authorization session interface in commands and
other code to ensure that the correct resource requirements are conveyed to the authorization_session.
Diffstat (limited to 'src/mongo/db/auth/user.cpp')
| -rw-r--r-- | src/mongo/db/auth/user.cpp | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/mongo/db/auth/user.cpp b/src/mongo/db/auth/user.cpp index adaae0f1313..0dcc7d3ff76 100644 --- a/src/mongo/db/auth/user.cpp +++ b/src/mongo/db/auth/user.cpp @@ -19,11 +19,11 @@ #include <vector> #include "mongo/db/auth/privilege.h" +#include "mongo/db/auth/resource_pattern.h" #include "mongo/db/auth/role_name.h" #include "mongo/db/auth/user_name.h" #include "mongo/platform/atomic_word.h" #include "mongo/util/assert_util.h" -#include "db/auth/role_name.h" namespace mongo { @@ -52,8 +52,8 @@ namespace mongo { return _refCount; } - const ActionSet User::getActionsForResource(const std::string& resource) const { - unordered_map<string, Privilege>::const_iterator it = _privileges.find(resource); + const ActionSet User::getActionsForResource(const ResourcePattern& resource) const { + unordered_map<ResourcePattern, Privilege>::const_iterator it = _privileges.find(resource); if (it == _privileges.end()) { return ActionSet(); } @@ -102,12 +102,12 @@ namespace mongo { } void User::addPrivilege(const Privilege& privilegeToAdd) { - ResourcePrivilegeMap::iterator it = _privileges.find(privilegeToAdd.getResource()); + ResourcePrivilegeMap::iterator it = _privileges.find(privilegeToAdd.getResourcePattern()); if (it == _privileges.end()) { // No privilege exists yet for this resource - _privileges.insert(std::make_pair(privilegeToAdd.getResource(), privilegeToAdd)); + _privileges.insert(std::make_pair(privilegeToAdd.getResourcePattern(), privilegeToAdd)); } else { - dassert(it->first == privilegeToAdd.getResource()); + dassert(it->first == privilegeToAdd.getResourcePattern()); it->second.addActions(privilegeToAdd.getActions()); } } |