diff options
author | Kaloian Manassiev <kaloian.manassiev@mongodb.com> | 2020-01-20 10:03:08 -0500 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2020-02-15 11:19:48 +0000 |
commit | 611979eb5cafba7bb5369a19948f82453f117c65 (patch) | |
tree | fe04826f378fbd3b05d9f49173f6074726da5c00 /src/mongo/db/auth | |
parent | 44a107ad428459cad6260490ae98bca442e07385 (diff) | |
download | mongo-611979eb5cafba7bb5369a19948f82453f117c65.tar.gz |
SERVER-44978 Thread-through ServiceContext and ThreadPool to ReadThroughCache
There are no functional changes to this CR, it just instantiates every
usage of ReadThroughCache with a ServiceContext and ThreadPool, which
will be used for making the acquire method asynchronous.
Diffstat (limited to 'src/mongo/db/auth')
-rw-r--r-- | src/mongo/db/auth/authorization_manager.cpp | 4 | ||||
-rw-r--r-- | src/mongo/db/auth/authorization_manager.h | 2 | ||||
-rw-r--r-- | src/mongo/db/auth/authorization_manager_global.cpp | 2 | ||||
-rw-r--r-- | src/mongo/db/auth/authorization_manager_impl.cpp | 53 | ||||
-rw-r--r-- | src/mongo/db/auth/authorization_manager_impl.h | 45 | ||||
-rw-r--r-- | src/mongo/db/auth/authorization_manager_test.cpp | 21 | ||||
-rw-r--r-- | src/mongo/db/auth/authorization_session_test.cpp | 3 | ||||
-rw-r--r-- | src/mongo/db/auth/sasl_authentication_session_test.cpp | 7 | ||||
-rw-r--r-- | src/mongo/db/auth/sasl_mechanism_registry_test.cpp | 4 | ||||
-rw-r--r-- | src/mongo/db/auth/sasl_scram_test.cpp | 3 |
10 files changed, 73 insertions, 71 deletions
diff --git a/src/mongo/db/auth/authorization_manager.cpp b/src/mongo/db/auth/authorization_manager.cpp index 0a2eaf493f0..5ad982559dc 100644 --- a/src/mongo/db/auth/authorization_manager.cpp +++ b/src/mongo/db/auth/authorization_manager.cpp @@ -71,9 +71,9 @@ const int AuthorizationManager::schemaVersion26Upgrade; const int AuthorizationManager::schemaVersion26Final; const int AuthorizationManager::schemaVersion28SCRAM; -std::unique_ptr<AuthorizationManager> AuthorizationManager::create() { +std::unique_ptr<AuthorizationManager> AuthorizationManager::create(ServiceContext* serviceContext) { static auto w = MONGO_WEAK_FUNCTION_DEFINITION(AuthorizationManager::create); - return w(); + return w(serviceContext); } } // namespace mongo diff --git a/src/mongo/db/auth/authorization_manager.h b/src/mongo/db/auth/authorization_manager.h index 3ac6c7cc7ce..a14122cad30 100644 --- a/src/mongo/db/auth/authorization_manager.h +++ b/src/mongo/db/auth/authorization_manager.h @@ -80,7 +80,7 @@ public: static AuthorizationManager* get(ServiceContext& service); static void set(ServiceContext* service, std::unique_ptr<AuthorizationManager> authzManager); - static std::unique_ptr<AuthorizationManager> create(); + static std::unique_ptr<AuthorizationManager> create(ServiceContext* serviceContext); AuthorizationManager() = default; diff --git a/src/mongo/db/auth/authorization_manager_global.cpp b/src/mongo/db/auth/authorization_manager_global.cpp index af3342c1c5d..9a7651bb91f 100644 --- a/src/mongo/db/auth/authorization_manager_global.cpp +++ b/src/mongo/db/auth/authorization_manager_global.cpp @@ -44,7 +44,7 @@ ServiceContext::ConstructorActionRegisterer createAuthorizationManager( "CreateAuthorizationManager", {"OIDGeneration", "EndStartupOptionStorage"}, [](ServiceContext* service) { - auto authzManager = AuthorizationManager::create(); + auto authzManager = AuthorizationManager::create(service); authzManager->setAuthEnabled(serverGlobalParams.authState == ServerGlobalParams::AuthState::kEnabled); authzManager->setShouldValidateAuthSchemaOnStartup(gStartupAuthSchemaValidation); diff --git a/src/mongo/db/auth/authorization_manager_impl.cpp b/src/mongo/db/auth/authorization_manager_impl.cpp index 603cf4c924c..a1314fddee0 100644 --- a/src/mongo/db/auth/authorization_manager_impl.cpp +++ b/src/mongo/db/auth/authorization_manager_impl.cpp @@ -285,8 +285,10 @@ Status initializeUserFromPrivilegeDocument(User* user, const BSONObj& privDoc) { return Status::OK(); } -std::unique_ptr<AuthorizationManager> authorizationManagerCreateImpl() { - return std::make_unique<AuthorizationManagerImpl>(); +std::unique_ptr<AuthorizationManager> authorizationManagerCreateImpl( + ServiceContext* serviceContext) { + return std::make_unique<AuthorizationManagerImpl>(serviceContext, + AuthzManagerExternalState::create()); } auto authorizationManagerCreateRegistration = @@ -310,17 +312,35 @@ Status AuthorizationManagerPinnedUsersServerParameter::setFromString(const std:: return authorizationManagerPinnedUsers.setFromString(str); } -AuthorizationManagerImpl::AuthorizationManagerImpl() - : AuthorizationManagerImpl(AuthzManagerExternalState::create(), - InstallMockForTestingOrAuthImpl{}) {} - AuthorizationManagerImpl::AuthorizationManagerImpl( - std::unique_ptr<AuthzManagerExternalState> externalState, InstallMockForTestingOrAuthImpl) + ServiceContext* service, std::unique_ptr<AuthzManagerExternalState> externalState) : _externalState(std::move(externalState)), - _authSchemaVersionCache(_externalState.get()), - _userCache(&_authSchemaVersionCache, _externalState.get(), authorizationManagerCacheSize) {} + _threadPool([] { + ThreadPool::Options options; + options.poolName = "AuthorizationManager"; + options.minThreads = 0; + options.maxThreads = ThreadPool::Options::kUnlimited; + + // Ensure all threads have a client + options.onCreateThread = [](const std::string& threadName) { + Client::initThread(threadName.c_str()); + }; -AuthorizationManagerImpl::~AuthorizationManagerImpl() {} + return options; + }()), + _authSchemaVersionCache(service, _threadPool, _externalState.get()), + _userCache(service, + _threadPool, + authorizationManagerCacheSize, + &_authSchemaVersionCache, + _externalState.get()) { + _threadPool.startup(); +} + +AuthorizationManagerImpl::~AuthorizationManagerImpl() { + _threadPool.shutdown(); + _threadPool.join(); +} std::unique_ptr<AuthorizationSession> AuthorizationManagerImpl::makeAuthorizationSession() { return std::make_unique<AuthorizationSessionImpl>( @@ -593,8 +613,11 @@ std::vector<AuthorizationManager::CachedUserInfo> AuthorizationManagerImpl::getU } AuthorizationManagerImpl::AuthSchemaVersionCache::AuthSchemaVersionCache( + ServiceContext* service, + ThreadPoolInterface& threadPool, AuthzManagerExternalState* externalState) - : ReadThroughCache(1, _mutex), _externalState(externalState) {} + : ReadThroughCache(_mutex, service, threadPool, 1 /* cacheSize */), + _externalState(externalState) {} boost::optional<int> AuthorizationManagerImpl::AuthSchemaVersionCache::lookup( OperationContext* opCtx, const int& unusedKey) { @@ -607,10 +630,12 @@ boost::optional<int> AuthorizationManagerImpl::AuthSchemaVersionCache::lookup( } AuthorizationManagerImpl::UserCacheImpl::UserCacheImpl( + ServiceContext* service, + ThreadPoolInterface& threadPool, + int cacheSize, AuthSchemaVersionCache* authSchemaVersionCache, - AuthzManagerExternalState* externalState, - int cacheSize) - : UserCache(cacheSize, _mutex), + AuthzManagerExternalState* externalState) + : UserCache(_mutex, service, threadPool, cacheSize), _authSchemaVersionCache(authSchemaVersionCache), _externalState(externalState) {} diff --git a/src/mongo/db/auth/authorization_manager_impl.h b/src/mongo/db/auth/authorization_manager_impl.h index 81951ab3680..72f7e8f6969 100644 --- a/src/mongo/db/auth/authorization_manager_impl.h +++ b/src/mongo/db/auth/authorization_manager_impl.h @@ -34,6 +34,7 @@ #include "mongo/platform/mutex.h" #include "mongo/stdx/condition_variable.h" #include "mongo/stdx/unordered_map.h" +#include "mongo/util/concurrency/thread_pool.h" namespace mongo { @@ -42,16 +43,14 @@ namespace mongo { */ class AuthorizationManagerImpl : public AuthorizationManager { public: - ~AuthorizationManagerImpl() override; - - AuthorizationManagerImpl(); - struct InstallMockForTestingOrAuthImpl { explicit InstallMockForTestingOrAuthImpl() = default; }; - AuthorizationManagerImpl(std::unique_ptr<AuthzManagerExternalState> externalState, - InstallMockForTestingOrAuthImpl); + AuthorizationManagerImpl(ServiceContext* service, + std::unique_ptr<AuthzManagerExternalState> externalState); + ~AuthorizationManagerImpl(); + std::unique_ptr<AuthorizationSession> makeAuthorizationSession() override; @@ -137,32 +136,30 @@ private: std::unique_ptr<AuthzManagerExternalState> _externalState; - /** - * True if AuthSchema startup checks should be applied in this AuthorizationManager. - * - * Changes to its value are not synchronized, so it should only be set at initalization-time. - */ + // True if AuthSchema startup checks should be applied in this AuthorizationManager. Changes to + // its value are not synchronized, so it should only be set once, at initalization time. bool _startupAuthSchemaValidation{true}; - /** - * True if access control enforcement is enabled in this AuthorizationManager. - * - * Changes to its value are not synchronized, so it should only be set at initalization-time. - */ + // True if access control enforcement is enabled in this AuthorizationManager. Changes to its + // value are not synchronized, so it should only be set once, at initalization time. bool _authEnabled{false}; - /** - * A cache of whether there are any users set up for the cluster. - */ + // A cache of whether there are any users set up for the cluster. AtomicWord<bool> _privilegeDocsExist{false}; + // Thread pool on which to perform the blocking activities that load the user credentials from + // storage + ThreadPool _threadPool; + /** * Cache which contains at most a single entry (which has key 0), whose value is the version of * the auth schema. */ class AuthSchemaVersionCache : public ReadThroughCache<int, int> { public: - AuthSchemaVersionCache(AuthzManagerExternalState* externalState); + AuthSchemaVersionCache(ServiceContext* service, + ThreadPoolInterface& threadPool, + AuthzManagerExternalState* externalState); // Even though the dist cache permits for lookup to return boost::none for non-existent // values, the contract of the authorization manager is that it should throw an exception if @@ -181,9 +178,11 @@ private: */ class UserCacheImpl : public UserCache { public: - UserCacheImpl(AuthSchemaVersionCache* authSchemaVersionCache, - AuthzManagerExternalState* externalState, - int cacheSize); + UserCacheImpl(ServiceContext* service, + ThreadPoolInterface& threadPool, + int cacheSize, + AuthSchemaVersionCache* authSchemaVersionCache, + AuthzManagerExternalState* externalState); // Even though the dist cache permits for lookup to return boost::none for non-existent // values, the contract of the authorization manager is that it should throw an exception if diff --git a/src/mongo/db/auth/authorization_manager_test.cpp b/src/mongo/db/auth/authorization_manager_test.cpp index 30a9c19a766..f381d76ae47 100644 --- a/src/mongo/db/auth/authorization_manager_test.cpp +++ b/src/mongo/db/auth/authorization_manager_test.cpp @@ -85,8 +85,7 @@ public: auto localExternalState = std::make_unique<AuthzManagerExternalStateMock>(); externalState = localExternalState.get(); auto localAuthzManager = std::make_unique<AuthorizationManagerImpl>( - std::move(localExternalState), - AuthorizationManagerImpl::InstallMockForTestingOrAuthImpl{}); + getServiceContext(), std::move(localExternalState)); authzManager = localAuthzManager.get(); externalState->setAuthorizationManager(authzManager); authzManager->setAuthEnabled(true); @@ -258,24 +257,6 @@ private: } }; -class AuthorizationManagerWithExplicitUserPrivilegesTest : public ::mongo::unittest::Test { -public: - virtual void setUp() { - auto localExternalState = - std::make_unique<AuthzManagerExternalStateMockWithExplicitUserPrivileges>(); - externalState = localExternalState.get(); - externalState->setAuthzVersion(AuthorizationManager::schemaVersion26Final); - authzManager = std::make_unique<AuthorizationManagerImpl>( - std::move(localExternalState), - AuthorizationManagerImpl::InstallMockForTestingOrAuthImpl{}); - externalState->setAuthorizationManager(authzManager.get()); - authzManager->setAuthEnabled(true); - } - - std::unique_ptr<AuthorizationManager> authzManager; - AuthzManagerExternalStateMockWithExplicitUserPrivileges* externalState; -}; - // Tests SERVER-21535, unrecognized actions should be ignored rather than causing errors. TEST_F(AuthorizationManagerTest, testAcquireV2UserWithUnrecognizedActions) { diff --git a/src/mongo/db/auth/authorization_session_test.cpp b/src/mongo/db/auth/authorization_session_test.cpp index f7df2444e5e..febccc348d2 100644 --- a/src/mongo/db/auth/authorization_session_test.cpp +++ b/src/mongo/db/auth/authorization_session_test.cpp @@ -103,8 +103,7 @@ public: managerState = localManagerState.get(); managerState->setAuthzVersion(AuthorizationManager::schemaVersion26Final); auto uniqueAuthzManager = std::make_unique<AuthorizationManagerImpl>( - std::move(localManagerState), - AuthorizationManagerImpl::InstallMockForTestingOrAuthImpl{}); + serviceContext.get(), std::move(localManagerState)); authzManager = uniqueAuthzManager.get(); AuthorizationManager::set(serviceContext.get(), std::move(uniqueAuthzManager)); auto localSessionState = std::make_unique<AuthzSessionExternalStateMock>(authzManager); diff --git a/src/mongo/db/auth/sasl_authentication_session_test.cpp b/src/mongo/db/auth/sasl_authentication_session_test.cpp index bdf8edc175d..d83f8455a23 100644 --- a/src/mongo/db/auth/sasl_authentication_session_test.cpp +++ b/src/mongo/db/auth/sasl_authentication_session_test.cpp @@ -55,7 +55,6 @@ #include "mongo/util/password_digest.h" namespace mongo { - namespace { class SaslConversation : public ServiceContextTest { @@ -94,10 +93,10 @@ SaslConversation::SaslConversation(std::string mech) : opCtx(makeOperationContext()), authManagerExternalState(new AuthzManagerExternalStateMock), authManager(new AuthorizationManagerImpl( - std::unique_ptr<AuthzManagerExternalState>(authManagerExternalState), - AuthorizationManagerImpl::InstallMockForTestingOrAuthImpl{})), + getServiceContext(), + std::unique_ptr<AuthzManagerExternalState>(authManagerExternalState))), authSession(authManager->makeAuthorizationSession()), - registry(opCtx->getServiceContext(), {"SCRAM-SHA-1", "SCRAM-SHA-256", "PLAIN"}), + registry(getServiceContext(), {"SCRAM-SHA-1", "SCRAM-SHA-256", "PLAIN"}), mechanism(mech) { AuthorizationManager::set(getServiceContext(), diff --git a/src/mongo/db/auth/sasl_mechanism_registry_test.cpp b/src/mongo/db/auth/sasl_mechanism_registry_test.cpp index a969c00b47a..e26efea8140 100644 --- a/src/mongo/db/auth/sasl_mechanism_registry_test.cpp +++ b/src/mongo/db/auth/sasl_mechanism_registry_test.cpp @@ -181,8 +181,8 @@ public: : opCtx(makeOperationContext()), authManagerExternalState(new AuthzManagerExternalStateMock()), authManager(new AuthorizationManagerImpl( - std::unique_ptr<AuthzManagerExternalStateMock>(authManagerExternalState), - AuthorizationManagerImpl::InstallMockForTestingOrAuthImpl{})), + getServiceContext(), + std::unique_ptr<AuthzManagerExternalStateMock>(authManagerExternalState))), // By default the registry is initialized with all mechanisms enabled. registry(opCtx->getServiceContext(), {"FOO", "BAR", "InternalAuth"}) { AuthorizationManager::set(getServiceContext(), diff --git a/src/mongo/db/auth/sasl_scram_test.cpp b/src/mongo/db/auth/sasl_scram_test.cpp index 4b2ec0b84d5..81b89590101 100644 --- a/src/mongo/db/auth/sasl_scram_test.cpp +++ b/src/mongo/db/auth/sasl_scram_test.cpp @@ -191,8 +191,7 @@ protected: std::make_unique<AuthzManagerExternalStateMock>(); authzManagerExternalState = uniqueAuthzManagerExternalStateMock.get(); auto newManager = std::make_unique<AuthorizationManagerImpl>( - std::move(uniqueAuthzManagerExternalStateMock), - AuthorizationManagerImpl::InstallMockForTestingOrAuthImpl{}); + serviceContext.get(), std::move(uniqueAuthzManagerExternalStateMock)); authzSession = std::make_unique<AuthorizationSessionImpl>( std::make_unique<AuthzSessionExternalStateMock>(newManager.get()), AuthorizationSessionImpl::InstallMockForTestingOrAuthImpl{}); |