diff options
author | matt dannenberg <matt.dannenberg@10gen.com> | 2013-10-31 14:03:43 -0400 |
---|---|---|
committer | matt dannenberg <matt.dannenberg@10gen.com> | 2013-10-31 14:22:52 -0400 |
commit | 07a8845fbec58c90b642bb55060d05ad006719c3 (patch) | |
tree | 6c6741befd97a8ecb1bfb638c791c501a4a09d30 /src/mongo/db | |
parent | 02d96b609930ce10ea82a4a317baf5731ed04989 (diff) | |
download | mongo-07a8845fbec58c90b642bb55060d05ad006719c3.tar.gz |
SERVER-11504 hooked up auditLogging of dropAllRolesFromDatabase
Diffstat (limited to 'src/mongo/db')
-rw-r--r-- | src/mongo/db/audit.cpp | 4 | ||||
-rw-r--r-- | src/mongo/db/audit.h | 4 | ||||
-rw-r--r-- | src/mongo/db/auth/action_types.txt | 2 | ||||
-rw-r--r-- | src/mongo/db/commands/user_management_commands.cpp | 1 |
4 files changed, 6 insertions, 5 deletions
diff --git a/src/mongo/db/audit.cpp b/src/mongo/db/audit.cpp index 7389b49db1e..28ee3ee1c96 100644 --- a/src/mongo/db/audit.cpp +++ b/src/mongo/db/audit.cpp @@ -139,8 +139,8 @@ namespace audit { void logDropRole(ClientBasic* client, const RoleName& role) MONGO_AUDIT_STUB - void logDropAllRolesForDatabase(ClientBasic* client, - const StringData& dbname) MONGO_AUDIT_STUB + void logDropAllRolesFromDatabase(ClientBasic* client, + const StringData& dbname) MONGO_AUDIT_STUB void logGrantRolesToRole(ClientBasic* client, const RoleName& role, diff --git a/src/mongo/db/audit.h b/src/mongo/db/audit.h index b879b84fdd1..2012f14d865 100644 --- a/src/mongo/db/audit.h +++ b/src/mongo/db/audit.h @@ -225,8 +225,8 @@ namespace audit { /** * Logs the result of a dropAllRolesForDatabase command. */ - void logDropAllRolesForDatabase(ClientBasic* client, - const StringData& dbname); + void logDropAllRolesFromDatabase(ClientBasic* client, + const StringData& dbname); /** * Logs the result of a grantRolesToRole command. diff --git a/src/mongo/db/auth/action_types.txt b/src/mongo/db/auth/action_types.txt index 1892fba300e..b5d8a934eac 100644 --- a/src/mongo/db/auth/action_types.txt +++ b/src/mongo/db/auth/action_types.txt @@ -34,7 +34,7 @@ "dbHash", "dbStats", "diagLogging", -"dropAllRolesForDatabase", # Not used for permissions checks, but to id the event in logs. +"dropAllRolesFromDatabase", # Not used for permissions checks, but to id the event in logs. "dropAllUsersFromDatabase", # Not used for permissions checks, but to id the event in logs. "dropCollection", "dropDatabase", diff --git a/src/mongo/db/commands/user_management_commands.cpp b/src/mongo/db/commands/user_management_commands.cpp index 69bcd6f712a..f2d9bce566c 100644 --- a/src/mongo/db/commands/user_management_commands.cpp +++ b/src/mongo/db/commands/user_management_commands.cpp @@ -2276,6 +2276,7 @@ namespace mongo { return false; } + audit::logDropAllRolesFromDatabase(ClientBasic::getCurrent(), dbname); // Finally, remove the actual role documents status = authzManager->removeRoleDocuments( BSON(AuthorizationManager::ROLE_SOURCE_FIELD_NAME << dbname), |