SERVER-5261 Include authentication information in currentOp output

author: Jonathan Reams <jbreams@mongodb.com> 2018-08-16 16:02:16 -0400
committer: Jonathan Reams <jbreams@mongodb.com> 2018-09-14 11:12:45 -0400
commit: 2ea069aa505c750cad6a7ba6ae6d4ac897f396d1 (patch)
tree: b8093da62175046189de9fbb876b5ef8b79181b1 /src/mongo/db/curop.cpp
parent: 7087350d1d5c943520e9972ac1f8b85252c0eceb (diff)
download: mongo-2ea069aa505c750cad6a7ba6ae6d4ac897f396d1.tar.gz
1 files changed, 28 insertions, 0 deletions
diff --git a/src/mongo/db/curop.cpp b/src/mongo/db/curop.cpp
index dbe90b901f4..a8576d29120 100644
--- a/src/mongo/db/curop.cpp
+++ b/src/mongo/db/curop.cpp
@@ -38,6 +38,7 @@
 
 #include "mongo/base/disallow_copying.h"
 #include "mongo/bson/mutable/document.h"
+#include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/client.h"
 #include "mongo/db/commands.h"
 #include "mongo/db/commands/server_status_metric.h"
@@ -47,6 +48,7 @@
 #include "mongo/db/query/plan_summary_stats.h"
 #include "mongo/rpc/metadata/client_metadata.h"
 #include "mongo/rpc/metadata/client_metadata_ismaster.h"
+#include "mongo/rpc/metadata/impersonated_user_metadata.h"
 #include "mongo/util/hex.h"
 #include "mongo/util/log.h"
 #include "mongo/util/net/socket_utils.h"
@@ -249,6 +251,32 @@ void CurOp::reportCurrentOpForClient(OperationContext* opCtx,
     infoBuilder->append("currentOpTime",
                         opCtx->getServiceContext()->getPreciseClockSource()->now().toString());
 
+    auto authSession = AuthorizationSession::get(client);
+    // Depending on whether we're impersonating or not, this might be "effectiveUsers" or
+    // "userImpersonators".
+    const auto serializeAuthenticatedUsers = [&](StringData name) {
+        if (authSession->isAuthenticated()) {
+            BSONArrayBuilder users(infoBuilder->subarrayStart(name));
+            for (auto userIt = authSession->getAuthenticatedUserNames(); userIt.more();
+                 userIt.next()) {
+                userIt->serializeToBSON(&users);
+            }
+        }
+    };
+
+    auto maybeImpersonationData = rpc::getImpersonatedUserMetadata(clientOpCtx);
+    if (maybeImpersonationData) {
+        BSONArrayBuilder users(infoBuilder->subarrayStart("effectiveUsers"));
+        for (const auto& user : maybeImpersonationData->getUsers()) {
+            user.serializeToBSON(&users);
+        }
+
+        users.doneFast();
+        serializeAuthenticatedUsers("userImpersonators"_sd);
+    } else {
+        serializeAuthenticatedUsers("effectiveUsers"_sd);
+    }
+
     if (clientOpCtx) {
         infoBuilder->append("opid", clientOpCtx->getOpID());
         if (clientOpCtx->isKillPending()) {
author	Jonathan Reams <jbreams@mongodb.com>	2018-08-16 16:02:16 -0400
committer	Jonathan Reams <jbreams@mongodb.com>	2018-09-14 11:12:45 -0400
commit	2ea069aa505c750cad6a7ba6ae6d4ac897f396d1 (patch)
tree	b8093da62175046189de9fbb876b5ef8b79181b1 /src/mongo/db/curop.cpp
parent	7087350d1d5c943520e9972ac1f8b85252c0eceb (diff)
download	mongo-2ea069aa505c750cad6a7ba6ae6d4ac897f396d1.tar.gz