diff options
author | Andy Schwerin <schwerin@10gen.com> | 2012-12-20 19:08:34 -0500 |
---|---|---|
committer | Andy Schwerin <schwerin@10gen.com> | 2012-12-21 13:11:48 -0500 |
commit | ec846a5f38699bacece205d920a863b6944ebf87 (patch) | |
tree | 3c72baa0e7c9d8b5f01ee0e65caf3d3fecf0d39f /src/mongo/db/auth | |
parent | a7d5f6fa9d14ed29d42f531074e5014fc8dd78a0 (diff) | |
download | mongo-ec846a5f38699bacece205d920a863b6944ebf87.tar.gz |
SERVER-7982 Export some useful constants on AuthorizationManager.
Diffstat (limited to 'src/mongo/db/auth')
-rw-r--r-- | src/mongo/db/auth/auth_external_state.cpp | 17 | ||||
-rw-r--r-- | src/mongo/db/auth/authorization_manager.cpp | 16 | ||||
-rw-r--r-- | src/mongo/db/auth/authorization_manager.h | 4 |
3 files changed, 20 insertions, 17 deletions
diff --git a/src/mongo/db/auth/auth_external_state.cpp b/src/mongo/db/auth/auth_external_state.cpp index 2a4434f250a..59b1eb7cd77 100644 --- a/src/mongo/db/auth/auth_external_state.cpp +++ b/src/mongo/db/auth/auth_external_state.cpp @@ -22,10 +22,6 @@ namespace mongo { - static const char USER_FIELD[] = "user"; - static const char USER_SOURCE_FIELD[] = "userSource"; - static const char PASSWORD_FIELD[] = "pwd"; - AuthExternalState::AuthExternalState() {} AuthExternalState::~AuthExternalState() {} @@ -38,8 +34,10 @@ namespace mongo { "key file must be used to log in with internal user", 15889); } - *result = BSON(USER_FIELD << internalSecurity.user << - PASSWORD_FIELD << internalSecurity.pwd).getOwned(); + *result = BSON(AuthorizationManager::USER_NAME_FIELD_NAME << + internalSecurity.user << + AuthorizationManager::PASSWORD_FIELD_NAME << + internalSecurity.pwd).getOwned(); return Status::OK(); } @@ -47,12 +45,13 @@ namespace mongo { BSONObj userBSONObj; BSONObjBuilder queryBuilder; - queryBuilder.append(USER_FIELD, principalName.getUser()); + queryBuilder.append(AuthorizationManager::USER_NAME_FIELD_NAME, principalName.getUser()); if (principalName.getDB() == dbname) { - queryBuilder.appendNull(USER_SOURCE_FIELD); + queryBuilder.appendNull(AuthorizationManager::USER_SOURCE_FIELD_NAME); } else { - queryBuilder.append(USER_SOURCE_FIELD, principalName.getDB()); + queryBuilder.append(AuthorizationManager::USER_SOURCE_FIELD_NAME, + principalName.getDB()); } bool found = _findUser(usersNamespace, queryBuilder.obj(), &userBSONObj); diff --git a/src/mongo/db/auth/authorization_manager.cpp b/src/mongo/db/auth/authorization_manager.cpp index 36a2b0909cd..2f60a066148 100644 --- a/src/mongo/db/auth/authorization_manager.cpp +++ b/src/mongo/db/auth/authorization_manager.cpp @@ -46,6 +46,9 @@ namespace mongo { const std::string AuthorizationManager::SERVER_RESOURCE_NAME = "$SERVER"; const std::string AuthorizationManager::CLUSTER_RESOURCE_NAME = "$CLUSTER"; + const std::string AuthorizationManager::USER_NAME_FIELD_NAME = "user"; + const std::string AuthorizationManager::USER_SOURCE_FIELD_NAME = "userSource"; + const std::string AuthorizationManager::PASSWORD_FIELD_NAME = "pwd"; namespace { const std::string ADMIN_DBNAME = "admin"; @@ -54,9 +57,6 @@ namespace { const std::string ROLES_FIELD_NAME = "roles"; const std::string OTHER_DB_ROLES_FIELD_NAME = "otherDBRoles"; const std::string READONLY_FIELD_NAME = "readOnly"; - const std::string USERNAME_FIELD_NAME = "user"; - const std::string USERSOURCE_FIELD_NAME = "userSource"; - const std::string PASSWORD_FIELD_NAME = "pwd"; const std::string SYSTEM_ROLE_READ = "read"; const std::string SYSTEM_ROLE_READ_WRITE = "readWrite"; @@ -247,8 +247,8 @@ namespace { Status AuthorizationManager::checkValidPrivilegeDocument(const StringData& dbname, const BSONObj& doc) { - BSONElement userElement = doc[USERNAME_FIELD_NAME]; - BSONElement userSourceElement = doc[USERSOURCE_FIELD_NAME]; + BSONElement userElement = doc[USER_NAME_FIELD_NAME]; + BSONElement userSourceElement = doc[USER_SOURCE_FIELD_NAME]; BSONElement passwordElement = doc[PASSWORD_FIELD_NAME]; BSONElement rolesElement = doc[ROLES_FIELD_NAME]; BSONElement otherDBRolesElement = doc[OTHER_DB_ROLES_FIELD_NAME]; @@ -474,7 +474,7 @@ namespace { const PrincipalName& principal, const BSONObj& privilegeDocument, PrivilegeSet* result) { - if (!(privilegeDocument.hasField(USERNAME_FIELD_NAME) && + if (!(privilegeDocument.hasField(USER_NAME_FIELD_NAME) && privilegeDocument.hasField(PASSWORD_FIELD_NAME))) { return Status(ErrorCodes::UnsupportedFormat, @@ -483,10 +483,10 @@ namespace { << privilegeDocument, 0); } - if (privilegeDocument[USERNAME_FIELD_NAME].str() != principal.getUser()) { + if (privilegeDocument[USER_NAME_FIELD_NAME].str() != principal.getUser()) { return Status(ErrorCodes::BadValue, mongoutils::str::stream() << "Principal name from privilege document \"" - << privilegeDocument[USERNAME_FIELD_NAME].str() + << privilegeDocument[USER_NAME_FIELD_NAME].str() << "\" doesn't match name of provided Principal \"" << principal.getUser() << "\"", diff --git a/src/mongo/db/auth/authorization_manager.h b/src/mongo/db/auth/authorization_manager.h index e9a5ede6f8e..0a801252356 100644 --- a/src/mongo/db/auth/authorization_manager.h +++ b/src/mongo/db/auth/authorization_manager.h @@ -59,6 +59,10 @@ namespace mongo { static const std::string SERVER_RESOURCE_NAME; static const std::string CLUSTER_RESOURCE_NAME; + static const std::string USER_NAME_FIELD_NAME; + static const std::string USER_SOURCE_FIELD_NAME; + static const std::string PASSWORD_FIELD_NAME; + // Checks to see if "doc" is a valid privilege document, assuming it is stored in the // "system.users" collection of database "dbname". // |