diff options
author | Andreas Nilsson <andreas.nilsson@10gen.com> | 2014-12-17 11:10:51 -0500 |
---|---|---|
committer | Andreas Nilsson <andreas.nilsson@10gen.com> | 2014-12-17 11:24:57 -0500 |
commit | f312681a62f15196d0638da50350dd6a9c693e36 (patch) | |
tree | f5a10c4b4ad7e11045eadc8d2031343d59e96cc1 /src/mongo/db/commands | |
parent | 1045c5a2c204632a453dc68e1abb870a31fdc25b (diff) | |
download | mongo-f312681a62f15196d0638da50350dd6a9c693e36.tar.gz |
SERVER-16465 Removed mech parameter from [create|update]User commands
Diffstat (limited to 'src/mongo/db/commands')
-rw-r--r-- | src/mongo/db/commands/user_management_commands.cpp | 47 |
1 files changed, 17 insertions, 30 deletions
diff --git a/src/mongo/db/commands/user_management_commands.cpp b/src/mongo/db/commands/user_management_commands.cpp index 323ecd98527..d4b09c365bc 100644 --- a/src/mongo/db/commands/user_management_commands.cpp +++ b/src/mongo/db/commands/user_management_commands.cpp @@ -421,40 +421,28 @@ namespace mongo { // Must be an external user userObjBuilder.append("credentials", BSON("external" << true)); } - else if (args.mechanism == "SCRAM-SHA-1" || - args.mechanism == "MONGODB-CR" || - args.mechanism == "CRAM-MD5" || - args.mechanism.empty()) { - // At the moment we are ignoring the mechanism parameter and create - // both SCRAM-SHA-1 and MONGODB-CR credentials for all new users. - BSONObjBuilder credentialsBuilder(userObjBuilder.subobjStart("credentials")); + BSONObjBuilder credentialsBuilder(userObjBuilder.subobjStart("credentials")); - AuthorizationManager* authzManager = getGlobalAuthorizationManager(); - int authzVersion; - Status status = authzManager->getAuthorizationVersion(txn, &authzVersion); - if (!status.isOK()) { - return appendCommandStatus(result, status); - } + AuthorizationManager* authzManager = getGlobalAuthorizationManager(); + int authzVersion; + status = authzManager->getAuthorizationVersion(txn, &authzVersion); + if (!status.isOK()) { + return appendCommandStatus(result, status); + } - // Add SCRAM credentials for appropriate authSchemaVersions. - if (authzVersion > AuthorizationManager::schemaVersion26Final) { - BSONObj scramCred = scram::generateCredentials( - args.hashedPassword, - saslGlobalParams.scramIterationCount); - credentialsBuilder.append("SCRAM-SHA-1", scramCred); - } - else { // Otherwise default to MONGODB-CR. - credentialsBuilder.append("MONGODB-CR", args.hashedPassword); - } - credentialsBuilder.done(); + // Add SCRAM credentials for appropriate authSchemaVersions. + if (authzVersion > AuthorizationManager::schemaVersion26Final) { + BSONObj scramCred = scram::generateCredentials( + args.hashedPassword, + saslGlobalParams.scramIterationCount); + credentialsBuilder.append("SCRAM-SHA-1", scramCred); } - else { - return appendCommandStatus( - result, - Status(ErrorCodes::BadValue, - "Unsupported password authentication mechanism " + args.mechanism)); + else { // Otherwise default to MONGODB-CR. + credentialsBuilder.append("MONGODB-CR", args.hashedPassword); } + credentialsBuilder.done(); + if (args.hasCustomData) { userObjBuilder.append("customData", args.customData); } @@ -467,7 +455,6 @@ namespace mongo { return appendCommandStatus(result, status); } - AuthorizationManager* authzManager = getGlobalAuthorizationManager(); AuthzDocumentsUpdateGuard updateGuard(authzManager); if (!updateGuard.tryLock("Create user")) { return appendCommandStatus( |