diff options
author | Andy Schwerin <schwerin@10gen.com> | 2013-09-19 15:46:08 -0400 |
---|---|---|
committer | Andy Schwerin <schwerin@10gen.com> | 2013-09-26 14:33:43 -0400 |
commit | 3bc344db791e74f378880fd4ccd2ea045ba238f9 (patch) | |
tree | 206ad9c8fd4e5d3fcbfa67f981d7c360aecb5983 /src/mongo/db/dbeval.cpp | |
parent | 25d5d2ae7c22267d942532de72109d3d7bf67a8c (diff) | |
download | mongo-3bc344db791e74f378880fd4ccd2ea045ba238f9.tar.gz |
SERVER-1105 Update AuthorizationSession's logic for collection-level access control.
Also requires changing the privileges of the built-in roles. This patch takes the opportunity to remove the 2.2-style read-only roles in favor of the 2.4-style "read" and "readAnyDatabase" roles, and renames the 2.2-style read-write roles "dbOwner" and "root". The "root" name, at least, is subject to change prior to the next unstable release.
Test harnesses are updated as needed to use the correct builtin roles.
Diffstat (limited to 'src/mongo/db/dbeval.cpp')
-rw-r--r-- | src/mongo/db/dbeval.cpp | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/src/mongo/db/dbeval.cpp b/src/mongo/db/dbeval.cpp index b02ded46776..af190d082c3 100644 --- a/src/mongo/db/dbeval.cpp +++ b/src/mongo/db/dbeval.cpp @@ -137,8 +137,7 @@ namespace mongo { const BSONObj& cmdObj, std::vector<Privilege>* out) { - out->push_back(Privilege(ResourcePattern::forAnyResource(), - getGlobalAuthorizationManager()->getAllUserActions())); + RoleGraph::generateUniversalPrivileges(out); } CmdEval() : Command("eval", false, "$eval") { } bool run(const string& dbname , BSONObj& cmdObj, int, string& errmsg, BSONObjBuilder& result, bool fromRepl) { |