summaryrefslogtreecommitdiff
path: root/src/mongo/db/instance.cpp
diff options
context:
space:
mode:
authorKaloian Manassiev <kaloian.manassiev@mongodb.com>2014-05-23 13:17:22 -0400
committerKaloian Manassiev <kaloian.manassiev@mongodb.com>2014-05-28 16:13:48 -0400
commit0672061deb58aac931912bed68d014247c581968 (patch)
tree5ef08865cb578ee3f46995809b9ac6c7eb3e13df /src/mongo/db/instance.cpp
parentee3fb776c7f36d59b593db7e4165b0611a7a503f (diff)
downloadmongo-0672061deb58aac931912bed68d014247c581968.tar.gz
SERVER-13961 Pass LockState to DBWrite and DBRead directly
This is part of the changes to move LockState be part of OperationContext and not retrieved from TLS.
Diffstat (limited to 'src/mongo/db/instance.cpp')
-rw-r--r--src/mongo/db/instance.cpp46
1 files changed, 28 insertions, 18 deletions
diff --git a/src/mongo/db/instance.cpp b/src/mongo/db/instance.cpp
index 613165ff4d2..373e7f2b3ca 100644
--- a/src/mongo/db/instance.cpp
+++ b/src/mongo/db/instance.cpp
@@ -121,8 +121,9 @@ namespace mongo {
QueryMessage q(d);
BSONObjBuilder b;
+ OperationContextImpl txn;
const bool isAuthorized = cc().getAuthorizationSession()->isAuthorizedForActionsOnResource(
- ResourcePattern::forClusterResource(), ActionType::inprog);
+ &txn, ResourcePattern::forClusterResource(), ActionType::inprog);
audit::logInProgAuthzCheck(
&cc(), q.query, isAuthorized ? ErrorCodes::OK : ErrorCodes::Unauthorized);
@@ -182,8 +183,10 @@ namespace mongo {
DbMessage d(m);
QueryMessage q(d);
BSONObj obj;
+
+ OperationContextImpl txn;
const bool isAuthorized = cc().getAuthorizationSession()->isAuthorizedForActionsOnResource(
- ResourcePattern::forClusterResource(), ActionType::killop);
+ &txn, ResourcePattern::forClusterResource(), ActionType::killop);
audit::logKillOpAuthzCheck(&cc(),
q.query,
isAuthorized ? ErrorCodes::OK : ErrorCodes::Unauthorized);
@@ -210,8 +213,10 @@ namespace mongo {
bool _unlockFsync();
void unlockFsync(const char *ns, Message& m, DbResponse &dbresponse) {
BSONObj obj;
+
+ OperationContextImpl txn;
const bool isAuthorized = cc().getAuthorizationSession()->isAuthorizedForActionsOnResource(
- ResourcePattern::forClusterResource(), ActionType::unlock);
+ &txn, ResourcePattern::forClusterResource(), ActionType::unlock);
audit::logFsyncUnlockAuthzCheck(
&cc(), isAuthorized ? ErrorCodes::OK : ErrorCodes::Unauthorized);
if (!isAuthorized) {
@@ -249,7 +254,7 @@ namespace mongo {
if (!ns.isCommand()) {
// Auth checking for Commands happens later.
Client* client = &cc();
- Status status = client->getAuthorizationSession()->checkAuthForQuery(ns, q.query);
+ Status status = client->getAuthorizationSession()->checkAuthForQuery(txn, ns, q.query);
audit::logQueryAuthzCheck(client, ns, q.query, status.code());
uassertStatusOK(status);
}
@@ -341,7 +346,7 @@ namespace mongo {
Client& c = cc();
if (!c.isGod())
- c.getAuthorizationSession()->startRequest();
+ c.getAuthorizationSession()->startRequest(txn);
if ( op == dbQuery ) {
if( strstr(ns, ".$cmd") ) {
@@ -528,7 +533,7 @@ namespace mongo {
verify( n < 30000 );
}
- int found = CollectionCursorCache::eraseCursorGlobalIfAuthorized(n, (long long *) x);
+ int found = CollectionCursorCache::eraseCursorGlobalIfAuthorized(txn, n, (long long *) x);
if ( logger::globalLogDomain()->shouldLog(logger::LogSeverity::Debug(1)) || found != n ) {
LOG( found == n ? 1 : 0 ) << "killcursors: found " << found << " of " << n << endl;
@@ -581,7 +586,8 @@ namespace mongo {
bool multi = flags & UpdateOption_Multi;
bool broadcast = flags & UpdateOption_Broadcast;
- Status status = cc().getAuthorizationSession()->checkAuthForUpdate(ns,
+ Status status = cc().getAuthorizationSession()->checkAuthForUpdate(txn,
+ ns,
query,
toupdate,
upsert);
@@ -603,7 +609,7 @@ namespace mongo {
UpdateExecutor executor(&request, &op.debug());
uassertStatusOK(executor.prepare());
- Lock::DBWrite lk(ns.ns());
+ Lock::DBWrite lk(txn->lockState(), ns.ns());
// if this ever moves to outside of lock, need to adjust check
// Client::Context::_finishInit
@@ -630,7 +636,7 @@ namespace mongo {
verify( d.moreJSObjs() );
BSONObj pattern = d.nextJsObj();
- Status status = cc().getAuthorizationSession()->checkAuthForDelete(ns, pattern);
+ Status status = cc().getAuthorizationSession()->checkAuthForDelete(txn, ns, pattern);
audit::logDeleteAuthzCheck(&cc(), ns, pattern, status.code());
uassertStatusOK(status);
@@ -643,7 +649,7 @@ namespace mongo {
request.setUpdateOpLog(true);
DeleteExecutor executor(&request);
uassertStatusOK(executor.prepare());
- Lock::DBWrite lk(ns.ns());
+ Lock::DBWrite lk(txn->lockState(), ns.ns());
// if this ever moves to outside of lock, need to adjust check Client::Context::_finishInit
if ( ! broadcast && handlePossibleShardedMessage( m , 0 ) )
@@ -684,7 +690,7 @@ namespace mongo {
uassert( 16258, str::stream() << "Invalid ns [" << ns << "]", nsString.isValid() );
Status status = cc().getAuthorizationSession()->checkAuthForGetMore(
- nsString, cursorid);
+ txn, nsString, cursorid);
audit::logGetMoreAuthzCheck(&cc(), nsString, cursorid, status.code());
uassertStatusOK(status);
@@ -717,7 +723,7 @@ namespace mongo {
// because it may now be out of sync with the client's iteration state.
// SERVER-7952
// TODO Temporary code, see SERVER-4563 for a cleanup overview.
- CollectionCursorCache::eraseCursorGlobal( cursorid );
+ CollectionCursorCache::eraseCursorGlobal(txn, cursorid );
}
ex.reset( new AssertionException( e.getInfo().msg, e.getCode() ) );
ok = false;
@@ -875,12 +881,12 @@ namespace mongo {
// Check auth for insert (also handles checking if this is an index build and checks
// for the proper privileges in that case).
const NamespaceString nsString(ns);
- Status status = cc().getAuthorizationSession()->checkAuthForInsert(nsString, obj);
+ Status status = cc().getAuthorizationSession()->checkAuthForInsert(txn, nsString, obj);
audit::logInsertAuthzCheck(&cc(), nsString, obj, status.code());
uassertStatusOK(status);
}
- Lock::DBWrite lk(ns);
+ Lock::DBWrite lk(txn->lockState(), ns);
// CONCURRENCY TODO: is being read locked in big log sufficient here?
// writelock is used to synchronize stepdowns w/ writes
@@ -924,7 +930,7 @@ namespace mongo {
local database does NOT count except for rsoplog collection.
used to set the hasData field on replset heartbeat command response
*/
- bool replHasDatabases() {
+ bool replHasDatabases(OperationContext* txn) {
vector<string> names;
getDatabaseNames(names);
if( names.size() >= 2 ) return true;
@@ -933,7 +939,7 @@ namespace mongo {
return true;
// we have a local database. return true if oplog isn't empty
{
- Lock::DBRead lk(repl::rsoplog);
+ Lock::DBRead lk(txn->lockState(), repl::rsoplog);
BSONObj o;
if( Helpers::getFirst(repl::rsoplog, o) )
return true;
@@ -1002,7 +1008,9 @@ namespace {
}
void DBDirectClient::killCursor( long long id ) {
- CollectionCursorCache::eraseCursorGlobal( id );
+ // The killCursor command on the DB client is only used by sharding,
+ // so no need to have it for MongoD.
+ verify(!"killCursor should not be used in MongoD");
}
HostAndPort DBDirectClient::_clientHost = HostAndPort( "0.0.0.0" , 0 );
@@ -1013,7 +1021,9 @@ namespace {
<< " to zero in query: " << query << endl;
skip = 0;
}
- Lock::DBRead lk( ns );
+
+ OperationContextImpl txn;
+ Lock::DBRead lk(txn.lockState(), ns);
string errmsg;
int errCode;
long long res = runCount( ns, _countCmd( ns , query , options , limit , skip ) , errmsg, errCode );
View Lorry Controller Status