SERVER-29628 $listLocalSessions aggregation stage

1 files changed, 15 insertions, 8 deletions

diff --git a/src/mongo/db/logical_session_id_helpers.cpp b/src/mongo/db/logical_session_id_helpers.cpp
index 6e47690a111..e3de10a12b7 100644
--- a/src/mongo/db/logical_session_id_helpers.cpp
+++ b/src/mongo/db/logical_session_id_helpers.cpp
@@ -32,26 +32,26 @@
 
 #include "mongo/db/auth/authorization_session.h"
 #include "mongo/db/auth/user.h"
+#include "mongo/db/auth/user_name.h"
+#include "mongo/db/logical_session_cache.h"
 #include "mongo/db/operation_context.h"
 
 namespace mongo {
 
-namespace {
-
 /**
  * This is a safe hash that will not collide with a username because all full usernames include an
  * '@' character.
  */
 const auto kNoAuthDigest = SHA256Block::computeHash(reinterpret_cast<const uint8_t*>(""), 0);
 
-SHA256Block lookupUserDigest(OperationContext* opCtx) {
+SHA256Block getLogicalSessionUserDigestForLoggedInUser(const OperationContext* opCtx) {
     auto client = opCtx->getClient();
     ServiceContext* serviceContext = client->getServiceContext();
 
     if (AuthorizationManager::get(serviceContext)->isAuthEnabled()) {
         UserName userName;
 
-        auto user = AuthorizationSession::get(client)->getSingleUser();
+        const auto user = AuthorizationSession::get(client)->getSingleUser();
         invariant(user);
 
         return user->getDigest();
@@ -60,7 +60,14 @@ SHA256Block lookupUserDigest(OperationContext* opCtx) {
     }
 }
 
-}  // namespace
+SHA256Block getLogicalSessionUserDigestFor(StringData user, StringData db) {
+    if (user.empty() && db.empty()) {
+        return kNoAuthDigest;
+    }
+    const UserName un(user, db);
+    const auto& fn = un.getFullName();
+    return SHA256Block::computeHash({ConstDataRange(fn.c_str(), fn.size())});
+}
 
 LogicalSessionId makeLogicalSessionId(const LogicalSessionFromClient& fromClient,
                                       OperationContext* opCtx,
@@ -81,11 +88,11 @@ LogicalSessionId makeLogicalSessionId(const LogicalSessionFromClient& fromClient
                             }) ||
                     authSession->isAuthorizedForPrivilege(Privilege(
                         ResourcePattern::forClusterResource(), ActionType::impersonate)) ||
-                    lookupUserDigest(opCtx) == fromClient.getUid());
+                    getLogicalSessionUserDigestForLoggedInUser(opCtx) == fromClient.getUid());
 
         lsid.setUid(*fromClient.getUid());
     } else {
-        lsid.setUid(lookupUserDigest(opCtx));
+        lsid.setUid(getLogicalSessionUserDigestForLoggedInUser(opCtx));
     }
 
     return lsid;
@@ -95,7 +102,7 @@ LogicalSessionId makeLogicalSessionId(OperationContext* opCtx) {
     LogicalSessionId id{};
 
     id.setId(UUID::gen());
-    id.setUid(lookupUserDigest(opCtx));
+    id.setUid(getLogicalSessionUserDigestForLoggedInUser(opCtx));
 
     return id;
 }