diff options
author | Justin Seyster <justin.seyster@mongodb.com> | 2017-04-28 12:32:06 -0400 |
---|---|---|
committer | Justin Seyster <justin.seyster@mongodb.com> | 2017-04-28 12:32:06 -0400 |
commit | 4f1db7deaacfe76a2916c2c6b259191c491df2d4 (patch) | |
tree | 0c7c1ea993ae637b7675564fe72f266e33d7ff2a /src/mongo/db/commands/list_collections.cpp | |
parent | 940481c8229b7925d661d3a9e693d70b1f9453f2 (diff) | |
download | mongo-4f1db7deaacfe76a2916c2c6b259191c491df2d4.tar.gz |
SERVER-26577 Fix permissions for listCollections getMore.
Squashed commit of the following:
commit 11c363b941e99fc288c4f9a19cb807442fb09d44
Author: Justin Seyster <justin.seyster@mongodb.com>
Date: Fri Apr 21 17:59:23 2017 -0400
SERVER-26577 JS test for listCollections_getMore authorization
commit fa3e01205995ad4fd139e3d4fe77c407c2409aa0
Author: Justin Seyster <justin.seyster@mongodb.com>
Date: Thu Apr 20 15:10:49 2017 -0400
SERVER-26577 Unit tests for isAuthorizedToListCollections
commit 53cea2802850f221b492e5469d8da659bd1f6694
Author: Justin Seyster <justin.seyster@mongodb.com>
Date: Wed Apr 19 17:16:51 2017 -0400
SERVER-26577 Permissions checks for listCollections go to one function
Diffstat (limited to 'src/mongo/db/commands/list_collections.cpp')
-rw-r--r-- | src/mongo/db/commands/list_collections.cpp | 8 |
1 files changed, 1 insertions, 7 deletions
diff --git a/src/mongo/db/commands/list_collections.cpp b/src/mongo/db/commands/list_collections.cpp index b58ff9339fd..e9038a46cfd 100644 --- a/src/mongo/db/commands/list_collections.cpp +++ b/src/mongo/db/commands/list_collections.cpp @@ -208,13 +208,7 @@ public: const BSONObj& cmdObj) { AuthorizationSession* authzSession = AuthorizationSession::get(client); - // Check for the listCollections ActionType on the database - // or find on system.namespaces for pre 3.0 systems. - if (authzSession->isAuthorizedForActionsOnResource(ResourcePattern::forDatabaseName(dbname), - ActionType::listCollections) || - authzSession->isAuthorizedForActionsOnResource( - ResourcePattern::forExactNamespace(NamespaceString(dbname, "system.namespaces")), - ActionType::find)) { + if (authzSession->isAuthorizedToListCollections(dbname)) { return Status::OK(); } |