summaryrefslogtreecommitdiff
path: root/src/mongo/db
diff options
context:
space:
mode:
authorKaloian Manassiev <kaloian.manassiev@mongodb.com>2014-05-28 18:40:59 -0400
committerKaloian Manassiev <kaloian.manassiev@mongodb.com>2014-05-28 18:40:59 -0400
commit8bc2783d2e6e39c0910455b4eac9e0f93a482cfc (patch)
tree46a523ea698d1a9a80013816d8e568e2fdd2f2dc /src/mongo/db
parent0672061deb58aac931912bed68d014247c581968 (diff)
downloadmongo-8bc2783d2e6e39c0910455b4eac9e0f93a482cfc.tar.gz
Revert "SERVER-13961 Pass LockState to DBWrite and DBRead directly"
This reverts commit 0672061deb58aac931912bed68d014247c581968.
Diffstat (limited to 'src/mongo/db')
-rw-r--r--src/mongo/db/auth/auth_index_d.cpp7
-rw-r--r--src/mongo/db/auth/auth_index_d.h2
-rw-r--r--src/mongo/db/auth/authorization_manager.cpp53
-rw-r--r--src/mongo/db/auth/authorization_manager.h27
-rw-r--r--src/mongo/db/auth/authorization_manager_global.cpp9
-rw-r--r--src/mongo/db/auth/authorization_manager_test.cpp50
-rw-r--r--src/mongo/db/auth/authorization_session.cpp115
-rw-r--r--src/mongo/db/auth/authorization_session.h46
-rw-r--r--src/mongo/db/auth/authorization_session_test.cpp244
-rw-r--r--src/mongo/db/auth/authz_manager_external_state.cpp8
-rw-r--r--src/mongo/db/auth/authz_manager_external_state.h18
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_d.cpp14
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_d.h6
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_local.cpp11
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_local.h9
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_mock.cpp18
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_mock.h9
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_s.cpp8
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_s.h8
-rw-r--r--src/mongo/db/auth/authz_session_external_state.h3
-rw-r--r--src/mongo/db/auth/authz_session_external_state_d.cpp4
-rw-r--r--src/mongo/db/auth/authz_session_external_state_d.h2
-rw-r--r--src/mongo/db/auth/authz_session_external_state_mock.h2
-rw-r--r--src/mongo/db/auth/authz_session_external_state_s.cpp4
-rw-r--r--src/mongo/db/auth/authz_session_external_state_s.h2
-rw-r--r--src/mongo/db/auth/authz_session_external_state_server_common.cpp5
-rw-r--r--src/mongo/db/auth/authz_session_external_state_server_common.h2
-rw-r--r--src/mongo/db/catalog/collection_cursor_cache.cpp34
-rw-r--r--src/mongo/db/catalog/collection_cursor_cache.h8
-rw-r--r--src/mongo/db/catalog/database_holder.cpp5
-rw-r--r--src/mongo/db/catalog/database_holder.h5
-rw-r--r--src/mongo/db/client.cpp33
-rw-r--r--src/mongo/db/client.h15
-rw-r--r--src/mongo/db/clientcursor.cpp7
-rw-r--r--src/mongo/db/cloner.cpp2
-rw-r--r--src/mongo/db/commands.cpp16
-rw-r--r--src/mongo/db/commands.h6
-rw-r--r--src/mongo/db/commands/apply_ops.cpp2
-rw-r--r--src/mongo/db/commands/auth_schema_upgrade_d.cpp2
-rw-r--r--src/mongo/db/commands/authentication_commands.cpp14
-rw-r--r--src/mongo/db/commands/authentication_commands.h6
-rw-r--r--src/mongo/db/commands/cleanup_orphaned_cmd.cpp9
-rw-r--r--src/mongo/db/commands/clone.cpp7
-rw-r--r--src/mongo/db/commands/clone_collection.cpp5
-rw-r--r--src/mongo/db/commands/collection_to_capped.cpp2
-rw-r--r--src/mongo/db/commands/compact.cpp2
-rw-r--r--src/mongo/db/commands/copydb.cpp9
-rw-r--r--src/mongo/db/commands/copydb.h4
-rw-r--r--src/mongo/db/commands/copydb_common.cpp11
-rw-r--r--src/mongo/db/commands/create_indexes.cpp13
-rw-r--r--src/mongo/db/commands/dbhash.cpp2
-rw-r--r--src/mongo/db/commands/distinct.cpp2
-rw-r--r--src/mongo/db/commands/drop_indexes.cpp4
-rw-r--r--src/mongo/db/commands/find_and_modify.cpp6
-rw-r--r--src/mongo/db/commands/geonear.cpp2
-rw-r--r--src/mongo/db/commands/group.cpp7
-rw-r--r--src/mongo/db/commands/index_filter_commands.cpp31
-rw-r--r--src/mongo/db/commands/index_filter_commands.h23
-rw-r--r--src/mongo/db/commands/merge_chunks_cmd.cpp4
-rw-r--r--src/mongo/db/commands/mr.cpp28
-rw-r--r--src/mongo/db/commands/oplog_note.cpp5
-rw-r--r--src/mongo/db/commands/parallel_collection_scan.cpp7
-rw-r--r--src/mongo/db/commands/parameters.cpp12
-rw-r--r--src/mongo/db/commands/pipeline_command.cpp2
-rw-r--r--src/mongo/db/commands/plan_cache_commands.cpp26
-rw-r--r--src/mongo/db/commands/plan_cache_commands.h22
-rw-r--r--src/mongo/db/commands/rename_collection.cpp6
-rw-r--r--src/mongo/db/commands/rename_collection.h4
-rw-r--r--src/mongo/db/commands/rename_collection_common.cpp13
-rw-r--r--src/mongo/db/commands/server_status.cpp3
-rw-r--r--src/mongo/db/commands/test_commands.cpp6
-rw-r--r--src/mongo/db/commands/touch.cpp2
-rw-r--r--src/mongo/db/commands/user_management_commands.cpp199
-rw-r--r--src/mongo/db/commands/user_management_commands.h3
-rw-r--r--src/mongo/db/commands/validate.cpp2
-rw-r--r--src/mongo/db/commands/write_commands/batch_executor.cpp6
-rw-r--r--src/mongo/db/commands/write_commands/write_commands.cpp7
-rw-r--r--src/mongo/db/commands/write_commands/write_commands.h3
-rw-r--r--src/mongo/db/commands/write_commands/write_commands_common.cpp6
-rw-r--r--src/mongo/db/commands/write_commands/write_commands_common.h6
-rw-r--r--src/mongo/db/d_concurrency.cpp4
-rw-r--r--src/mongo/db/d_concurrency.h6
-rw-r--r--src/mongo/db/db.cpp15
-rw-r--r--src/mongo/db/dbcommands.cpp41
-rw-r--r--src/mongo/db/dbhelpers.cpp21
-rw-r--r--src/mongo/db/dbhelpers.h3
-rw-r--r--src/mongo/db/dbwebserver.cpp20
-rw-r--r--src/mongo/db/exec/stagedebug_cmd.cpp2
-rw-r--r--src/mongo/db/fts/fts_command.cpp2
-rw-r--r--src/mongo/db/fts/fts_command.h5
-rw-r--r--src/mongo/db/fts/fts_command_mongod.cpp5
-rw-r--r--src/mongo/db/fts/fts_command_mongos.cpp3
-rw-r--r--src/mongo/db/geo/haystack.cpp2
-rw-r--r--src/mongo/db/index_builder.cpp5
-rw-r--r--src/mongo/db/index_rebuilder.cpp9
-rw-r--r--src/mongo/db/instance.cpp46
-rw-r--r--src/mongo/db/instance.h2
-rw-r--r--src/mongo/db/introspect.cpp2
-rw-r--r--src/mongo/db/pipeline/document_source_cursor.cpp4
-rw-r--r--src/mongo/db/pipeline/pipeline_d.cpp2
-rw-r--r--src/mongo/db/prefetch.cpp15
-rw-r--r--src/mongo/db/prefetch.h9
-rw-r--r--src/mongo/db/query/new_find.cpp4
-rw-r--r--src/mongo/db/range_deleter.cpp15
-rw-r--r--src/mongo/db/range_deleter.h4
-rw-r--r--src/mongo/db/range_deleter_db_env.cpp5
-rw-r--r--src/mongo/db/range_deleter_db_env.h4
-rw-r--r--src/mongo/db/range_deleter_mock_env.cpp3
-rw-r--r--src/mongo/db/range_deleter_mock_env.h2
-rw-r--r--src/mongo/db/repair_database.cpp2
-rw-r--r--src/mongo/db/repl/heartbeat.cpp2
-rw-r--r--src/mongo/db/repl/master_slave.cpp17
-rw-r--r--src/mongo/db/repl/oplog.cpp6
-rw-r--r--src/mongo/db/repl/repl_set_impl.cpp19
-rw-r--r--src/mongo/db/repl/repl_settings.cpp11
-rw-r--r--src/mongo/db/repl/rs.cpp2
-rw-r--r--src/mongo/db/repl/rs_config.cpp4
-rw-r--r--src/mongo/db/repl/rs_initialsync.cpp12
-rw-r--r--src/mongo/db/repl/rs_rollback.cpp3
-rw-r--r--src/mongo/db/repl/sync_source_feedback.cpp3
-rw-r--r--src/mongo/db/repl/sync_tail.cpp13
-rw-r--r--src/mongo/db/restapi.cpp4
-rw-r--r--src/mongo/db/restapi.h2
-rw-r--r--src/mongo/db/server_parameters.h5
-rw-r--r--src/mongo/db/server_parameters_test.cpp6
-rw-r--r--src/mongo/db/ttl.cpp8
126 files changed, 727 insertions, 1004 deletions
diff --git a/src/mongo/db/auth/auth_index_d.cpp b/src/mongo/db/auth/auth_index_d.cpp
index b8ed201226e..2b510698b60 100644
--- a/src/mongo/db/auth/auth_index_d.cpp
+++ b/src/mongo/db/auth/auth_index_d.cpp
@@ -72,10 +72,9 @@ namespace {
} // namespace
- void configureSystemIndexes(OperationContext* txn, const StringData& dbname) {
+ void configureSystemIndexes(const StringData& dbname) {
int authzVersion;
- Status status = getGlobalAuthorizationManager()->getAuthorizationVersion(
- txn, &authzVersion);
+ Status status = getGlobalAuthorizationManager()->getAuthorizationVersion(&authzVersion);
if (!status.isOK()) {
return;
}
@@ -84,8 +83,8 @@ namespace {
NamespaceString systemUsers(dbname, "system.users");
// Make sure the old unique index from v2.4 on system.users doesn't exist.
+ Client::WriteContext wctx(systemUsers);
OperationContextImpl txn;
- Client::WriteContext wctx(&txn, systemUsers);
Collection* collection = wctx.ctx().db()->getCollection(NamespaceString(systemUsers));
if (!collection) {
return;
diff --git a/src/mongo/db/auth/auth_index_d.h b/src/mongo/db/auth/auth_index_d.h
index 964eec9fbb0..3d3cf711e40 100644
--- a/src/mongo/db/auth/auth_index_d.h
+++ b/src/mongo/db/auth/auth_index_d.h
@@ -50,7 +50,7 @@ namespace authindex {
* It is appropriate to call this function on new or existing databases, though it is
* primarily intended for use on existing databases.
*/
- void configureSystemIndexes(OperationContext* txn, const StringData& dbname);
+ void configureSystemIndexes(const StringData& dbname);
} // namespace authindex
} // namespace mongo
diff --git a/src/mongo/db/auth/authorization_manager.cpp b/src/mongo/db/auth/authorization_manager.cpp
index d7960d784ae..3f6e3f620b5 100644
--- a/src/mongo/db/auth/authorization_manager.cpp
+++ b/src/mongo/db/auth/authorization_manager.cpp
@@ -258,14 +258,14 @@ namespace mongo {
}
}
- Status AuthorizationManager::getAuthorizationVersion(OperationContext* txn, int* version) {
+ Status AuthorizationManager::getAuthorizationVersion(int* version) {
CacheGuard guard(this, CacheGuard::fetchSynchronizationManual);
int newVersion = _version;
if (schemaVersionInvalid == newVersion) {
while (guard.otherUpdateInFetchPhase())
guard.wait();
guard.beginFetchPhase();
- Status status = _externalState->getStoredAuthorizationVersion(txn, &newVersion);
+ Status status = _externalState->getStoredAuthorizationVersion(&newVersion);
guard.endFetchPhase();
if (!status.isOK()) {
warning() << "Problem fetching the stored schema version of authorization data: "
@@ -295,8 +295,8 @@ namespace mongo {
return _authEnabled;
}
- bool AuthorizationManager::hasAnyPrivilegeDocuments(OperationContext* txn) const {
- return _externalState->hasAnyPrivilegeDocuments(txn);
+ bool AuthorizationManager::hasAnyPrivilegeDocuments() const {
+ return _externalState->hasAnyPrivilegeDocuments();
}
Status AuthorizationManager::writeAuthSchemaVersionIfNeeded() {
@@ -528,10 +528,8 @@ namespace mongo {
return Status::OK();
}
- Status AuthorizationManager::getUserDescription(OperationContext* txn,
- const UserName& userName,
- BSONObj* result) {
- return _externalState->getUserDescription(txn, userName, result);
+ Status AuthorizationManager::getUserDescription(const UserName& userName, BSONObj* result) {
+ return _externalState->getUserDescription(userName, result);
}
Status AuthorizationManager::getRoleDescription(const RoleName& roleName,
@@ -550,8 +548,7 @@ namespace mongo {
result);
}
- Status AuthorizationManager::acquireUser(
- OperationContext* txn, const UserName& userName, User** acquiredUser) {
+ Status AuthorizationManager::acquireUser(const UserName& userName, User** acquiredUser) {
if (userName == internalSecurity.user->getName()) {
*acquiredUser = internalSecurity.user;
return Status::OK();
@@ -587,7 +584,7 @@ namespace mongo {
Status status = Status::OK();
for (int i = 0; i < maxAcquireRetries; ++i) {
if (authzVersion == schemaVersionInvalid) {
- Status status = _externalState->getStoredAuthorizationVersion(txn, &authzVersion);
+ Status status = _externalState->getStoredAuthorizationVersion(&authzVersion);
if (!status.isOK())
return status;
}
@@ -600,10 +597,10 @@ namespace mongo {
break;
case schemaVersion26Final:
case schemaVersion26Upgrade:
- status = _fetchUserV2(txn, userName, &user);
+ status = _fetchUserV2(userName, &user);
break;
case schemaVersion24:
- status = _fetchUserV1(txn, userName, &user);
+ status = _fetchUserV1(userName, &user);
break;
}
if (status.isOK())
@@ -636,11 +633,10 @@ namespace mongo {
return Status::OK();
}
- Status AuthorizationManager::_fetchUserV2(OperationContext* txn,
- const UserName& userName,
+ Status AuthorizationManager::_fetchUserV2(const UserName& userName,
std::auto_ptr<User>* acquiredUser) {
BSONObj userObj;
- Status status = getUserDescription(txn, userName, &userObj);
+ Status status = getUserDescription(userName, &userObj);
if (!status.isOK()) {
return status;
}
@@ -657,8 +653,7 @@ namespace mongo {
return Status::OK();
}
- Status AuthorizationManager::_fetchUserV1(OperationContext* txn,
- const UserName& userName,
+ Status AuthorizationManager::_fetchUserV1(const UserName& userName,
std::auto_ptr<User>* acquiredUser) {
BSONObj privDoc;
@@ -678,7 +673,7 @@ namespace mongo {
// Users from databases other than "$external" must have an associated privilege
// document in their database.
Status status = _externalState->getPrivilegeDocumentV1(
- txn, userName.getDB(), userName, &privDoc);
+ userName.getDB(), userName, &privDoc);
if (!status.isOK())
return status;
@@ -696,7 +691,7 @@ namespace mongo {
// Users from databases other than "admin" probe the "admin" database at login, to
// ensure that the acquire any privileges derived from "otherDBRoles" fields in
// admin.system.users.
- Status status = _externalState->getPrivilegeDocumentV1(txn, "admin", userName, &privDoc);
+ Status status = _externalState->getPrivilegeDocumentV1("admin", userName, &privDoc);
if (status.isOK()) {
status = parser.initializeUserRolesFromUserDocument(user.get(), privDoc, "admin");
if (!status.isOK())
@@ -714,7 +709,7 @@ namespace mongo {
}
Status AuthorizationManager::acquireV1UserProbedForDb(
- OperationContext* txn, const UserName& userName, const StringData& dbname, User** acquiredUser) {
+ const UserName& userName, const StringData& dbname, User** acquiredUser) {
if (userName == internalSecurity.user->getName()) {
*acquiredUser = internalSecurity.user;
@@ -755,12 +750,12 @@ namespace mongo {
guard.beginFetchPhase();
if (!user.get()) {
- Status status = _fetchUserV1(txn, userName, &user);
+ Status status = _fetchUserV1(userName, &user);
if (status == ErrorCodes::AuthSchemaIncompatible) {
// Must early-return from this if block, because we end the fetch phase. Since the
// auth schema is incompatible with schemaVersion24, make a best effort to do the
// schemaVersion26(Upgrade|Final) user acquisition, and return.
- status = _fetchUserV2(txn, userName, &user);
+ status = _fetchUserV2(userName, &user);
guard.endFetchPhase();
if (status.isOK()) {
// Not safe to throw from here until the function returns.
@@ -782,7 +777,7 @@ namespace mongo {
if (!user->hasProbedV1(dbname)) {
BSONObj privDoc;
- Status status = _externalState->getPrivilegeDocumentV1(txn, dbname, userName, &privDoc);
+ Status status = _externalState->getPrivilegeDocumentV1(dbname, userName, &privDoc);
if (status.isOK()) {
V1UserDocumentParser parser;
status = parser.initializeUserRolesFromUserDocument(user.get(), privDoc, dbname);
@@ -1295,10 +1290,9 @@ namespace {
}
} // namespace
- Status AuthorizationManager::upgradeSchemaStep(
- OperationContext* txn, const BSONObj& writeConcern, bool* isDone) {
+ Status AuthorizationManager::upgradeSchemaStep(const BSONObj& writeConcern, bool* isDone) {
int authzVersion;
- Status status = getAuthorizationVersion(txn, &authzVersion);
+ Status status = getAuthorizationVersion(&authzVersion);
if (!status.isOK()) {
return status;
}
@@ -1322,8 +1316,7 @@ namespace {
}
}
- Status AuthorizationManager::upgradeSchema(
- OperationContext* txn, int maxSteps, const BSONObj& writeConcern) {
+ Status AuthorizationManager::upgradeSchema(int maxSteps, const BSONObj& writeConcern) {
if (maxSteps < 1) {
return Status(ErrorCodes::BadValue,
@@ -1332,7 +1325,7 @@ namespace {
invalidateUserCache();
for (int i = 0; i < maxSteps; ++i) {
bool isDone;
- Status status = upgradeSchemaStep(txn, writeConcern, &isDone);
+ Status status = upgradeSchemaStep(writeConcern, &isDone);
invalidateUserCache();
if (!status.isOK() || isDone) {
return status;
diff --git a/src/mongo/db/auth/authorization_manager.h b/src/mongo/db/auth/authorization_manager.h
index d6a40b3d838..b3a17c491c5 100644
--- a/src/mongo/db/auth/authorization_manager.h
+++ b/src/mongo/db/auth/authorization_manager.h
@@ -53,7 +53,6 @@ namespace mongo {
class AuthzManagerExternalState;
class UserDocumentParser;
- class OperationContext;
/**
* Internal secret key info.
@@ -165,7 +164,7 @@ namespace mongo {
* returns a non-OK status. When returning a non-OK status, *version will be set to
* schemaVersionInvalid (0).
*/
- Status getAuthorizationVersion(OperationContext* txn, int* version);
+ Status getAuthorizationVersion(int* version);
/**
* Returns the user cache generation identifier.
@@ -173,7 +172,7 @@ namespace mongo {
OID getCacheGeneration();
// Returns true if there exists at least one privilege document in the system.
- bool hasAnyPrivilegeDocuments(OperationContext* txn) const;
+ bool hasAnyPrivilegeDocuments() const;
/**
* Updates the auth schema version document to reflect that the system is upgraded to
@@ -282,7 +281,7 @@ namespace mongo {
*
* If the user does not exist, returns ErrorCodes::UserNotFound.
*/
- Status getUserDescription(OperationContext* txn, const UserName& userName, BSONObj* result);
+ Status getUserDescription(const UserName& userName, BSONObj* result);
/**
* Writes into "result" a document describing the named role and returns Status::OK(). The
@@ -325,7 +324,7 @@ namespace mongo {
* The AuthorizationManager retains ownership of the returned User object.
* On non-OK Status return values, acquiredUser will not be modified.
*/
- Status acquireUser(OperationContext* txn, const UserName& userName, User** acquiredUser);
+ Status acquireUser(const UserName& userName, User** acquiredUser);
/**
* Decrements the refcount of the given User object. If the refcount has gone to zero,
@@ -340,9 +339,8 @@ namespace mongo {
*
* Bumps the returned **acquiredUser's reference count on success.
*/
- Status acquireV1UserProbedForDb(OperationContext* txn,
- const UserName& userName,
- const StringData& dbname, User** acquiredUser);
+ Status acquireV1UserProbedForDb(
+ const UserName& userName, const StringData& dbname, User** acquiredUser);
/**
* Marks the given user as invalid and removes it from the user cache.
@@ -401,8 +399,7 @@ namespace mongo {
* On failure, returns a status other than Status::OK(). In this case, is is typically safe
* to try again.
*/
- Status upgradeSchemaStep(
- OperationContext* txn, const BSONObj& writeConcern, bool* isDone);
+ Status upgradeSchemaStep(const BSONObj& writeConcern, bool* isDone);
/**
* Performs up to maxSteps steps in the process of upgrading the stored authorization data
@@ -417,7 +414,7 @@ namespace mongo {
* progress performing the upgrade, and the specific code and message in the returned status
* may provide additional information.
*/
- Status upgradeSchema(OperationContext* txn, int maxSteps, const BSONObj& writeConcern);
+ Status upgradeSchema(int maxSteps, const BSONObj& writeConcern);
/**
* Hook called by replication code to let the AuthorizationManager observe changes
@@ -461,18 +458,14 @@ namespace mongo {
* Fetches user information from a v2-schema user document for the named user,
* and stores a pointer to a new user object into *acquiredUser on success.
*/
- Status _fetchUserV2(OperationContext* txn,
- const UserName& userName,
- std::auto_ptr<User>* acquiredUser);
+ Status _fetchUserV2(const UserName& userName, std::auto_ptr<User>* acquiredUser);
/**
* Fetches user information from a v1-schema user document for the named user, possibly
* examining system.users collections from userName.getDB() and admin.system.users in the
* process. Stores a pointer to a new user object into *acquiredUser on success.
*/
- Status _fetchUserV1(OperationContext* txn,
- const UserName& userName,
- std::auto_ptr<User>* acquiredUser);
+ Status _fetchUserV1(const UserName& userName, std::auto_ptr<User>* acquiredUser);
/**
* True if access control enforcement is enabled in this AuthorizationManager.
diff --git a/src/mongo/db/auth/authorization_manager_global.cpp b/src/mongo/db/auth/authorization_manager_global.cpp
index 92c140c4518..68e5cd1e7cb 100644
--- a/src/mongo/db/auth/authorization_manager_global.cpp
+++ b/src/mongo/db/auth/authorization_manager_global.cpp
@@ -33,7 +33,6 @@
#include "mongo/client/auth_helpers.h"
#include "mongo/db/auth/authorization_manager.h"
#include "mongo/db/auth/authorization_manager_global.h"
-#include "mongo/db/operation_context_impl.h"
#include "mongo/db/server_parameters.h"
#include "mongo/util/assert_util.h"
@@ -45,7 +44,7 @@ namespace {
MONGO_DISALLOW_COPYING(AuthzVersionParameter);
public:
AuthzVersionParameter(ServerParameterSet* sps, const std::string& name);
- virtual void append(OperationContext* txn, BSONObjBuilder& b, const std::string& name);
+ virtual void append(BSONObjBuilder& b, const std::string& name);
virtual Status set(const BSONElement& newValueElement);
virtual Status setFromString(const std::string& str);
};
@@ -61,11 +60,9 @@ namespace {
AuthzVersionParameter::AuthzVersionParameter(ServerParameterSet* sps, const std::string& name) :
ServerParameter(sps, name, false, false) {}
- void AuthzVersionParameter::append(
- OperationContext* txn, BSONObjBuilder& b, const std::string& name) {
+ void AuthzVersionParameter::append(BSONObjBuilder& b, const std::string& name) {
int authzVersion;
- uassertStatusOK(
- getGlobalAuthorizationManager()->getAuthorizationVersion(txn, &authzVersion));
+ uassertStatusOK(getGlobalAuthorizationManager()->getAuthorizationVersion(&authzVersion));
b.append(name, authzVersion);
}
diff --git a/src/mongo/db/auth/authorization_manager_test.cpp b/src/mongo/db/auth/authorization_manager_test.cpp
index 2686a82cc41..458a212ccb5 100644
--- a/src/mongo/db/auth/authorization_manager_test.cpp
+++ b/src/mongo/db/auth/authorization_manager_test.cpp
@@ -39,7 +39,6 @@
#include "mongo/db/auth/authorization_session.h"
#include "mongo/db/jsobj.h"
#include "mongo/db/namespace_string.h"
-#include "mongo/db/operation_context_noop.h"
#include "mongo/unittest/unittest.h"
#include "mongo/util/map_util.h"
@@ -165,8 +164,6 @@ namespace {
scoped_ptr<AuthorizationManager> authzManager;
AuthzManagerExternalStateMock* externalState;
-
- OperationContextNoop _txn;
};
TEST_F(AuthorizationManagerTest, testAcquireV0User) {
@@ -186,7 +183,7 @@ namespace {
ASSERT_OK(authzManager->initialize());
User* v0RW;
- ASSERT_OK(authzManager->acquireUser(&_txn, UserName("v0RW", "test"), &v0RW));
+ ASSERT_OK(authzManager->acquireUser(UserName("v0RW", "test"), &v0RW));
ASSERT_EQUALS(UserName("v0RW", "test"), v0RW->getName());
ASSERT(v0RW->isValid());
ASSERT_EQUALS(1U, v0RW->getRefCount());
@@ -197,7 +194,7 @@ namespace {
authzManager->releaseUser(v0RW);
User* v0AdminRO;
- ASSERT_OK(authzManager->acquireUser(&_txn, UserName("v0AdminRO", "admin"), &v0AdminRO));
+ ASSERT_OK(authzManager->acquireUser(UserName("v0AdminRO", "admin"), &v0AdminRO));
ASSERT(UserName("v0AdminRO", "admin") == v0AdminRO->getName());
ASSERT(v0AdminRO->isValid());
ASSERT_EQUALS((uint32_t)1, v0AdminRO->getRefCount());
@@ -225,7 +222,7 @@ namespace {
BSONObj()));
User* v1read;
- ASSERT_OK(authzManager->acquireUser(&_txn, UserName("v1read", "test"), &v1read));
+ ASSERT_OK(authzManager->acquireUser(UserName("v1read", "test"), &v1read));
ASSERT_EQUALS(UserName("v1read", "test"), v1read->getName());
ASSERT(v1read->isValid());
ASSERT_EQUALS((uint32_t)1, v1read->getRefCount());
@@ -237,7 +234,7 @@ namespace {
authzManager->releaseUser(v1read);
User* v1cluster;
- ASSERT_OK(authzManager->acquireUser(&_txn, UserName("v1cluster", "admin"), &v1cluster));
+ ASSERT_OK(authzManager->acquireUser(UserName("v1cluster", "admin"), &v1cluster));
ASSERT_EQUALS(UserName("v1cluster", "admin"), v1cluster->getName());
ASSERT(v1cluster->isValid());
ASSERT_EQUALS((uint32_t)1, v1cluster->getRefCount());
@@ -280,7 +277,7 @@ namespace {
ASSERT_OK(status);
User* readOnly;
- ASSERT_OK(authzManager->acquireUser(&_txn, UserName("readOnly", "test"), &readOnly));
+ ASSERT_OK(authzManager->acquireUser(UserName("readOnly", "test"), &readOnly));
ASSERT_EQUALS(UserName("readOnly", "test"), readOnly->getName());
ASSERT(readOnly->isValid());
ASSERT_EQUALS(1U, readOnly->getRefCount());
@@ -291,7 +288,7 @@ namespace {
authzManager->releaseUser(readOnly);
User* clusterAdmin;
- ASSERT_OK(authzManager->acquireUser(&_txn, UserName("clusterAdmin", "$external"), &clusterAdmin));
+ ASSERT_OK(authzManager->acquireUser(UserName("clusterAdmin", "$external"), &clusterAdmin));
ASSERT_EQUALS(UserName("clusterAdmin", "$external"), clusterAdmin->getName());
ASSERT(clusterAdmin->isValid());
ASSERT_EQUALS(1U, clusterAdmin->getRefCount());
@@ -302,17 +299,16 @@ namespace {
authzManager->releaseUser(clusterAdmin);
User* multiDB;
- status = authzManager->acquireUser(&_txn, UserName("readWriteMultiDB", "test2"), &multiDB);
+ status = authzManager->acquireUser(UserName("readWriteMultiDB", "test2"), &multiDB);
ASSERT_NOT_OK(status);
ASSERT(status.code() == ErrorCodes::UserNotFound);
- ASSERT_OK(authzManager->acquireUser(&_txn, UserName("readWriteMultiDB", "test"), &multiDB));
+ ASSERT_OK(authzManager->acquireUser(UserName("readWriteMultiDB", "test"), &multiDB));
ASSERT_EQUALS(UserName("readWriteMultiDB", "test"), multiDB->getName());
ASSERT(multiDB->isValid());
ASSERT_EQUALS(1U, multiDB->getRefCount());
User* multiDBProbed;
ASSERT_OK(authzManager->acquireV1UserProbedForDb(
- &_txn,
UserName("readWriteMultiDB", "test"),
"test2",
&multiDBProbed));
@@ -361,7 +357,7 @@ namespace {
BSONObj()));
User* v2read;
- ASSERT_OK(authzManager->acquireUser(&_txn, UserName("v2read", "test"), &v2read));
+ ASSERT_OK(authzManager->acquireUser(UserName("v2read", "test"), &v2read));
ASSERT_EQUALS(UserName("v2read", "test"), v2read->getName());
ASSERT(v2read->isValid());
ASSERT_EQUALS(1U, v2read->getRefCount());
@@ -372,7 +368,7 @@ namespace {
authzManager->releaseUser(v2read);
User* v2cluster;
- ASSERT_OK(authzManager->acquireUser(&_txn, UserName("v2cluster", "admin"), &v2cluster));
+ ASSERT_OK(authzManager->acquireUser(UserName("v2cluster", "admin"), &v2cluster));
ASSERT_EQUALS(UserName("v2cluster", "admin"), v2cluster->getName());
ASSERT(v2cluster->isValid());
ASSERT_EQUALS(1U, v2cluster->getRefCount());
@@ -463,7 +459,7 @@ namespace {
// Verify that the expected users are present.
ASSERT_EQUALS(3U, externalState->getCollectionContents(collectionName).size());
- ASSERT_OK(externalState->findOne(&_txn, collectionName,
+ ASSERT_OK(externalState->findOne(collectionName,
BSON("user" << "clusterAdmin" <<
"userSource" << "$external"),
&doc));
@@ -473,14 +469,14 @@ namespace {
ASSERT_EQUALS(1U, doc["roles"].Array().size());
ASSERT_EQUALS("clusterAdmin", doc["roles"].Array()[0].str());
- ASSERT_OK(externalState->findOne(&_txn, collectionName,
+ ASSERT_OK(externalState->findOne(collectionName,
BSON("user" << "otherdbroles" <<
"userSource" << "test"),
&doc));
ASSERT_TRUE(doc["pwd"].eoo());
ASSERT_EQUALS(0U, doc["roles"].Array().size());
- ASSERT_OK(externalState->findOne(&_txn, collectionName,
+ ASSERT_OK(externalState->findOne(collectionName,
BSON("user" << "mixedroles" <<
"userSource" << "test"),
&doc));
@@ -492,7 +488,7 @@ namespace {
BSONObj doc;
// Verify that the admin.system.version document reflects correct upgrade.
- ASSERT_OK(externalState->findOne(&_txn,
+ ASSERT_OK(externalState->findOne(
AuthorizationManager::versionCollectionNamespace,
BSON("_id" << "authSchema" <<
AuthorizationManager::schemaVersionFieldName <<
@@ -509,7 +505,7 @@ namespace {
AuthorizationManager::usersCollectionNamespace).size());
// "readOnly@test" user
- ASSERT_OK(externalState->findOne(&_txn, AuthorizationManager::usersCollectionNamespace,
+ ASSERT_OK(externalState->findOne(AuthorizationManager::usersCollectionNamespace,
BSON("user" << "readOnly" << "db" << "test"),
&doc));
ASSERT_EQUALS("readOnly", doc["user"].str());
@@ -518,7 +514,7 @@ namespace {
ASSERT_EQUALS(1U, doc["roles"].Array().size());
// "clusterAdmin@$external" user
- ASSERT_OK(externalState->findOne(&_txn,
+ ASSERT_OK(externalState->findOne(
AuthorizationManager::usersCollectionNamespace,
BSON("user" << "clusterAdmin" << "db" << "$external"),
&doc));
@@ -527,7 +523,7 @@ namespace {
ASSERT_EQUALS(1U, doc["roles"].Array().size());
// "readWriteMultiDB@test" user
- ASSERT_OK(externalState->findOne(&_txn,
+ ASSERT_OK(externalState->findOne(
AuthorizationManager::usersCollectionNamespace,
BSON("user" << "readWriteMultiDB" << "db" << "test"),
&doc));
@@ -537,7 +533,7 @@ namespace {
ASSERT_EQUALS(2U, doc["roles"].Array().size());
// "otherdbroles@test" user
- ASSERT_OK(externalState->findOne(&_txn,
+ ASSERT_OK(externalState->findOne(
AuthorizationManager::usersCollectionNamespace,
BSON("user" << "otherdbroles" << "db" << "test"),
&doc));
@@ -554,7 +550,7 @@ namespace {
ASSERT_EQUALS(1U, rolePairs.count(make_pair("readWrite", "test3")));
// "mixedroles@test" user
- ASSERT_OK(externalState->findOne(&_txn,
+ ASSERT_OK(externalState->findOne(
AuthorizationManager::usersCollectionNamespace,
BSON("user" << "mixedroles" << "db" << "test"),
&doc));
@@ -574,7 +570,7 @@ namespace {
}
void upgradeAuthCollections() {
- ASSERT_OK(authzManager->upgradeSchema(&_txn, 10, BSONObj()));
+ ASSERT_OK(authzManager->upgradeSchema(10, BSONObj()));
}
};
@@ -591,8 +587,8 @@ namespace {
externalState->setAuthzVersion(AuthorizationManager::schemaVersion24);
setUpV1UserData();
ASSERT_EQUALS(ErrorCodes::OperationIncomplete,
- authzManager->upgradeSchema(&_txn, 1, BSONObj()));
- ASSERT_OK(authzManager->upgradeSchema(&_txn, 1, BSONObj()));
+ authzManager->upgradeSchema(1, BSONObj()));
+ ASSERT_OK(authzManager->upgradeSchema(1, BSONObj()));
}
TEST_F(AuthzUpgradeTest, upgradeUserDataFromV1ToV2WithSysVerDoc) {
@@ -609,7 +605,7 @@ namespace {
setUpV1UserData();
externalState->setAuthzVersion(AuthorizationManager::schemaVersion26Final);
bool done;
- ASSERT_OK(authzManager->upgradeSchemaStep(&_txn, BSONObj(), &done));
+ ASSERT_OK(authzManager->upgradeSchemaStep(BSONObj(), &done));
ASSERT_TRUE(done);
validateV1AdminUserData(AuthorizationManager::usersCollectionNamespace);
int numRemoved;
diff --git a/src/mongo/db/auth/authorization_session.cpp b/src/mongo/db/auth/authorization_session.cpp
index fa0594b429f..a934ee3aae6 100644
--- a/src/mongo/db/auth/authorization_session.cpp
+++ b/src/mongo/db/auth/authorization_session.cpp
@@ -67,15 +67,14 @@ namespace {
return _externalState->getAuthorizationManager();
}
- void AuthorizationSession::startRequest(OperationContext* txn) {
- _externalState->startRequest(txn);
- _refreshUserInfoAsNeeded(txn);
+ void AuthorizationSession::startRequest() {
+ _externalState->startRequest();
+ _refreshUserInfoAsNeeded();
}
- Status AuthorizationSession::addAndAuthorizeUser(
- OperationContext* txn, const UserName& userName) {
+ Status AuthorizationSession::addAndAuthorizeUser(const UserName& userName) {
User* user;
- Status status = getAuthorizationManager().acquireUser(txn, userName, &user);
+ Status status = getAuthorizationManager().acquireUser(userName, &user);
if (!status.isOK()) {
return status;
}
@@ -161,32 +160,29 @@ namespace {
return defaultPrivileges;
}
- Status AuthorizationSession::checkAuthForQuery(OperationContext* txn,
- const NamespaceString& ns,
+ Status AuthorizationSession::checkAuthForQuery(const NamespaceString& ns,
const BSONObj& query) {
if (MONGO_unlikely(ns.isCommand())) {
return Status(ErrorCodes::InternalError, mongoutils::str::stream() <<
"Checking query auth on command namespace " << ns.ns());
}
- if (!isAuthorizedForActionsOnNamespace(txn, ns, ActionType::find)) {
+ if (!isAuthorizedForActionsOnNamespace(ns, ActionType::find)) {
return Status(ErrorCodes::Unauthorized,
mongoutils::str::stream() << "not authorized for query on " << ns.ns());
}
return Status::OK();
}
- Status AuthorizationSession::checkAuthForGetMore(OperationContext* txn,
- const NamespaceString& ns,
+ Status AuthorizationSession::checkAuthForGetMore(const NamespaceString& ns,
long long cursorID) {
- if (!isAuthorizedForActionsOnNamespace(txn, ns, ActionType::find)) {
+ if (!isAuthorizedForActionsOnNamespace(ns, ActionType::find)) {
return Status(ErrorCodes::Unauthorized,
mongoutils::str::stream() << "not authorized for getmore on " << ns.ns());
}
return Status::OK();
}
- Status AuthorizationSession::checkAuthForInsert(OperationContext* txn,
- const NamespaceString& ns,
+ Status AuthorizationSession::checkAuthForInsert(const NamespaceString& ns,
const BSONObj& document) {
if (ns.coll() == StringData("system.indexes", StringData::LiteralTag())) {
BSONElement nsElement = document["ns"];
@@ -195,13 +191,13 @@ namespace {
"system.indexes documents without a string-typed \"ns\" field.");
}
NamespaceString indexNS(nsElement.str());
- if (!isAuthorizedForActionsOnNamespace(txn, indexNS, ActionType::createIndex)) {
+ if (!isAuthorizedForActionsOnNamespace(indexNS, ActionType::createIndex)) {
return Status(ErrorCodes::Unauthorized,
mongoutils::str::stream() << "not authorized to create index on " <<
indexNS.ns());
}
} else {
- if (!isAuthorizedForActionsOnNamespace(txn, ns, ActionType::insert)) {
+ if (!isAuthorizedForActionsOnNamespace(ns, ActionType::insert)) {
return Status(ErrorCodes::Unauthorized,
mongoutils::str::stream() << "not authorized for insert on " <<
ns.ns());
@@ -211,13 +207,12 @@ namespace {
return Status::OK();
}
- Status AuthorizationSession::checkAuthForUpdate(OperationContext* txn,
- const NamespaceString& ns,
+ Status AuthorizationSession::checkAuthForUpdate(const NamespaceString& ns,
const BSONObj& query,
const BSONObj& update,
bool upsert) {
if (!upsert) {
- if (!isAuthorizedForActionsOnNamespace(txn, ns, ActionType::update)) {
+ if (!isAuthorizedForActionsOnNamespace(ns, ActionType::update)) {
return Status(ErrorCodes::Unauthorized,
mongoutils::str::stream() << "not authorized for update on " <<
ns.ns());
@@ -227,7 +222,7 @@ namespace {
ActionSet required;
required.addAction(ActionType::update);
required.addAction(ActionType::insert);
- if (!isAuthorizedForActionsOnNamespace(txn, ns, required)) {
+ if (!isAuthorizedForActionsOnNamespace(ns, required)) {
return Status(ErrorCodes::Unauthorized,
mongoutils::str::stream() << "not authorized for upsert on " <<
ns.ns());
@@ -236,22 +231,19 @@ namespace {
return Status::OK();
}
- Status AuthorizationSession::checkAuthForDelete(OperationContext* txn,
- const NamespaceString& ns,
+ Status AuthorizationSession::checkAuthForDelete(const NamespaceString& ns,
const BSONObj& query) {
- if (!isAuthorizedForActionsOnNamespace(txn, ns, ActionType::remove)) {
+ if (!isAuthorizedForActionsOnNamespace(ns, ActionType::remove)) {
return Status(ErrorCodes::Unauthorized,
mongoutils::str::stream() << "not authorized to remove from " << ns.ns());
}
return Status::OK();
}
- Status AuthorizationSession::checkAuthorizedToGrantPrivilege(
- OperationContext* txn, const Privilege& privilege) {
+ Status AuthorizationSession::checkAuthorizedToGrantPrivilege(const Privilege& privilege) {
const ResourcePattern& resource = privilege.getResourcePattern();
if (resource.isDatabasePattern() || resource.isExactNamespacePattern()) {
if (!isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forDatabaseName(resource.databaseToMatch()),
ActionType::grantRole)) {
return Status(ErrorCodes::Unauthorized,
@@ -259,9 +251,7 @@ namespace {
<< resource.databaseToMatch() << "database");
}
} else if (!isAuthorizedForActionsOnResource(
- txn,
- ResourcePattern::forDatabaseName("admin"),
- ActionType::grantRole)) {
+ ResourcePattern::forDatabaseName("admin"), ActionType::grantRole)) {
return Status(ErrorCodes::Unauthorized,
"To grant privileges affecting multiple databases or the cluster,"
" must be authorized to grant roles from the admin database");
@@ -270,12 +260,10 @@ namespace {
}
- Status AuthorizationSession::checkAuthorizedToRevokePrivilege(
- OperationContext* txn, const Privilege& privilege) {
+ Status AuthorizationSession::checkAuthorizedToRevokePrivilege(const Privilege& privilege) {
const ResourcePattern& resource = privilege.getResourcePattern();
if (resource.isDatabasePattern() || resource.isExactNamespacePattern()) {
if (!isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forDatabaseName(resource.databaseToMatch()),
ActionType::revokeRole)) {
return Status(ErrorCodes::Unauthorized,
@@ -283,9 +271,7 @@ namespace {
<< resource.databaseToMatch() << "database");
}
} else if (!isAuthorizedForActionsOnResource(
- txn,
- ResourcePattern::forDatabaseName("admin"),
- ActionType::revokeRole)) {
+ ResourcePattern::forDatabaseName("admin"), ActionType::revokeRole)) {
return Status(ErrorCodes::Unauthorized,
"To revoke privileges affecting multiple databases or the cluster,"
" must be authorized to revoke roles from the admin database");
@@ -293,62 +279,55 @@ namespace {
return Status::OK();
}
- bool AuthorizationSession::isAuthorizedToGrantRole(
- OperationContext* txn, const RoleName& role) {
+ bool AuthorizationSession::isAuthorizedToGrantRole(const RoleName& role) {
return isAuthorizedForActionsOnResource(
- txn,
- ResourcePattern::forDatabaseName(role.getDB()),
- ActionType::grantRole);
+ ResourcePattern::forDatabaseName(role.getDB()),
+ ActionType::grantRole);
}
- bool AuthorizationSession::isAuthorizedToRevokeRole(
- OperationContext* txn, const RoleName& role) {
+ bool AuthorizationSession::isAuthorizedToRevokeRole(const RoleName& role) {
return isAuthorizedForActionsOnResource(
- txn,
- ResourcePattern::forDatabaseName(role.getDB()),
- ActionType::revokeRole);
+ ResourcePattern::forDatabaseName(role.getDB()),
+ ActionType::revokeRole);
}
- bool AuthorizationSession::isAuthorizedForPrivilege(
- OperationContext* txn, const Privilege& privilege) {
+ bool AuthorizationSession::isAuthorizedForPrivilege(const Privilege& privilege) {
if (_externalState->shouldIgnoreAuthChecks())
return true;
- return _isAuthorizedForPrivilege(txn, privilege);
+ return _isAuthorizedForPrivilege(privilege);
}
- bool AuthorizationSession::isAuthorizedForPrivileges(
- OperationContext* txn, const vector<Privilege>& privileges) {
+ bool AuthorizationSession::isAuthorizedForPrivileges(const vector<Privilege>& privileges) {
if (_externalState->shouldIgnoreAuthChecks())
return true;
for (size_t i = 0; i < privileges.size(); ++i) {
- if (!_isAuthorizedForPrivilege(txn, privileges[i]))
+ if (!_isAuthorizedForPrivilege(privileges[i]))
return false;
}
return true;
}
- bool AuthorizationSession::isAuthorizedForActionsOnResource(
- OperationContext* txn, const ResourcePattern& resource, ActionType action) {
- return isAuthorizedForPrivilege(txn, Privilege(resource, action));
+ bool AuthorizationSession::isAuthorizedForActionsOnResource(const ResourcePattern& resource,
+ ActionType action) {
+ return isAuthorizedForPrivilege(Privilege(resource, action));
}
- bool AuthorizationSession::isAuthorizedForActionsOnResource(
- OperationContext* txn, const ResourcePattern& resource, const ActionSet& actions) {
- return isAuthorizedForPrivilege(txn, Privilege(resource, actions));
+ bool AuthorizationSession::isAuthorizedForActionsOnResource(const ResourcePattern& resource,
+ const ActionSet& actions) {
+ return isAuthorizedForPrivilege(Privilege(resource, actions));
}
- bool AuthorizationSession::isAuthorizedForActionsOnNamespace(
- OperationContext* txn, const NamespaceString& ns, ActionType action) {
- return isAuthorizedForPrivilege(txn, Privilege(ResourcePattern::forExactNamespace(ns), action));
+ bool AuthorizationSession::isAuthorizedForActionsOnNamespace(const NamespaceString& ns,
+ ActionType action) {
+ return isAuthorizedForPrivilege(Privilege(ResourcePattern::forExactNamespace(ns), action));
}
- bool AuthorizationSession::isAuthorizedForActionsOnNamespace(
- OperationContext* txn, const NamespaceString& ns, const ActionSet& actions) {
- return isAuthorizedForPrivilege(
- txn, Privilege(ResourcePattern::forExactNamespace(ns), actions));
+ bool AuthorizationSession::isAuthorizedForActionsOnNamespace(const NamespaceString& ns,
+ const ActionSet& actions) {
+ return isAuthorizedForPrivilege(Privilege(ResourcePattern::forExactNamespace(ns), actions));
}
static const int resourceSearchListCapacity = 5;
@@ -443,7 +422,7 @@ namespace {
return false;
}
- void AuthorizationSession::_refreshUserInfoAsNeeded(OperationContext* txn) {
+ void AuthorizationSession::_refreshUserInfoAsNeeded() {
AuthorizationManager& authMan = getAuthorizationManager();
UserSet::iterator it = _authenticatedUsers.begin();
while (it != _authenticatedUsers.end()) {
@@ -455,7 +434,7 @@ namespace {
UserName name = user->getName();
User* updatedUser;
- Status status = authMan.acquireUser(txn, name, &updatedUser);
+ Status status = authMan.acquireUser(name, &updatedUser);
switch (status.code()) {
case ErrorCodes::OK: {
// Success! Replace the old User object with the updated one.
@@ -484,8 +463,7 @@ namespace {
}
}
- bool AuthorizationSession::_isAuthorizedForPrivilege(
- OperationContext* txn, const Privilege& privilege) {
+ bool AuthorizationSession::_isAuthorizedForPrivilege(const Privilege& privilege) {
const ResourcePattern& target(privilege.getResourcePattern());
ResourcePattern resourceSearchList[resourceSearchListCapacity];
@@ -520,7 +498,6 @@ namespace {
UserName name = user->getName();
User* updatedUser;
Status status = getAuthorizationManager().acquireV1UserProbedForDb(
- txn,
name,
target.databaseToMatch(),
&updatedUser);
diff --git a/src/mongo/db/auth/authorization_session.h b/src/mongo/db/auth/authorization_session.h
index 14232158266..1a12a0719e0 100644
--- a/src/mongo/db/auth/authorization_session.h
+++ b/src/mongo/db/auth/authorization_session.h
@@ -71,13 +71,13 @@ namespace mongo {
// Should be called at the beginning of every new request. This performs the checks
// necessary to determine if localhost connections should be given full access.
// TODO: try to eliminate the need for this call.
- void startRequest(OperationContext* txn);
+ void startRequest();
/**
* Adds the User identified by "UserName" to the authorization session, acquiring privileges
* for it in the process.
*/
- Status addAndAuthorizeUser(OperationContext* txn, const UserName& userName);
+ Status addAndAuthorizeUser(const UserName& userName);
// Returns the authenticated user with the given name. Returns NULL
// if no such user is found.
@@ -109,16 +109,15 @@ namespace mongo {
// Checks if this connection has the privileges necessary to perform the given query on the
// given namespace.
- Status checkAuthForQuery(OperationContext* txn, const NamespaceString& ns, const BSONObj& query);
+ Status checkAuthForQuery(const NamespaceString& ns, const BSONObj& query);
// Checks if this connection has the privileges necessary to perform a getMore on the given
// cursor in the given namespace.
- Status checkAuthForGetMore(OperationContext* txn, const NamespaceString& ns, long long cursorID);
+ Status checkAuthForGetMore(const NamespaceString& ns, long long cursorID);
// Checks if this connection has the privileges necessary to perform the given update on the
// given namespace.
- Status checkAuthForUpdate(OperationContext* txn,
- const NamespaceString& ns,
+ Status checkAuthForUpdate(const NamespaceString& ns,
const BSONObj& query,
const BSONObj& update,
bool upsert);
@@ -126,29 +125,27 @@ namespace mongo {
// Checks if this connection has the privileges necessary to insert the given document
// to the given namespace. Correctly interprets inserts to system.indexes and performs
// the proper auth checks for index building.
- Status checkAuthForInsert(
- OperationContext* txn, const NamespaceString& ns, const BSONObj& document);
+ Status checkAuthForInsert(const NamespaceString& ns, const BSONObj& document);
// Checks if this connection has the privileges necessary to perform a delete on the given
// namespace.
- Status checkAuthForDelete(
- OperationContext* txn, const NamespaceString& ns, const BSONObj& query);
+ Status checkAuthForDelete(const NamespaceString& ns, const BSONObj& query);
// Checks if this connection has the privileges necessary to grant the given privilege
// to a role.
- Status checkAuthorizedToGrantPrivilege(OperationContext* txn, const Privilege& privilege);
+ Status checkAuthorizedToGrantPrivilege(const Privilege& privilege);
// Checks if this connection has the privileges necessary to revoke the given privilege
// from a role.
- Status checkAuthorizedToRevokePrivilege(OperationContext* txn, const Privilege& privilege);
+ Status checkAuthorizedToRevokePrivilege(const Privilege& privilege);
// Utility function for isAuthorizedForActionsOnResource(
// ResourcePattern::forDatabaseName(role.getDB()), ActionType::grantAnyRole)
- bool isAuthorizedToGrantRole(OperationContext* txn, const RoleName& role);
+ bool isAuthorizedToGrantRole(const RoleName& role);
// Utility function for isAuthorizedForActionsOnResource(
// ResourcePattern::forDatabaseName(role.getDB()), ActionType::grantAnyRole)
- bool isAuthorizedToRevokeRole(OperationContext* txn, const RoleName& role);
+ bool isAuthorizedToRevokeRole(const RoleName& role);
// Returns true if the current session is authenticated as the given user and that user
// is allowed to change his/her own password
@@ -166,31 +163,26 @@ namespace mongo {
//
// Contains all the authorization logic including handling things like the localhost
// exception.
- bool isAuthorizedForPrivilege(OperationContext* txn, const Privilege& privilege);
+ bool isAuthorizedForPrivilege(const Privilege& privilege);
// Like isAuthorizedForPrivilege, above, except returns true if the session is authorized
// for all of the listed privileges.
- bool isAuthorizedForPrivileges(
- OperationContext* txn, const std::vector<Privilege>& privileges);
+ bool isAuthorizedForPrivileges(const std::vector<Privilege>& privileges);
// Utility function for isAuthorizedForPrivilege(Privilege(resource, action)).
- bool isAuthorizedForActionsOnResource(
- OperationContext* txn, const ResourcePattern& resource, ActionType action);
+ bool isAuthorizedForActionsOnResource(const ResourcePattern& resource, ActionType action);
// Utility function for isAuthorizedForPrivilege(Privilege(resource, actions)).
- bool isAuthorizedForActionsOnResource(OperationContext* txn,
- const ResourcePattern& resource,
+ bool isAuthorizedForActionsOnResource(const ResourcePattern& resource,
const ActionSet& actions);
// Utility function for
// isAuthorizedForActionsOnResource(ResourcePattern::forExactNamespace(ns), action).
- bool isAuthorizedForActionsOnNamespace(
- OperationContext* txn, const NamespaceString& ns, ActionType action);
+ bool isAuthorizedForActionsOnNamespace(const NamespaceString& ns, ActionType action);
// Utility function for
// isAuthorizedForActionsOnResource(ResourcePattern::forExactNamespace(ns), actions).
- bool isAuthorizedForActionsOnNamespace(
- OperationContext* txn, const NamespaceString& ns, const ActionSet& actions);
+ bool isAuthorizedForActionsOnNamespace(const NamespaceString& ns, const ActionSet& actions);
// Replaces the vector of UserNames that a system user is impersonating with a new vector.
// The auditing system adds these to each audit record in the log.
@@ -211,12 +203,12 @@ namespace mongo {
// If any users authenticated on this session are marked as invalid this updates them with
// up-to-date information. May require a read lock on the "admin" db to read the user data.
- void _refreshUserInfoAsNeeded(OperationContext* txn);
+ void _refreshUserInfoAsNeeded();
// Checks if this connection is authorized for the given Privilege, ignoring whether or not
// we should even be doing authorization checks in general. Note: this may acquire a read
// lock on the admin database (to update out-of-date user privilege information).
- bool _isAuthorizedForPrivilege(OperationContext* txn, const Privilege& privilege);
+ bool _isAuthorizedForPrivilege(const Privilege& privilege);
scoped_ptr<AuthzSessionExternalState> _externalState;
diff --git a/src/mongo/db/auth/authorization_session_test.cpp b/src/mongo/db/auth/authorization_session_test.cpp
index 75874d76c92..078ba1cfe01 100644
--- a/src/mongo/db/auth/authorization_session_test.cpp
+++ b/src/mongo/db/auth/authorization_session_test.cpp
@@ -36,7 +36,6 @@
#include "mongo/db/auth/authorization_session.h"
#include "mongo/db/jsobj.h"
#include "mongo/db/namespace_string.h"
-#include "mongo/db/operation_context_noop.h"
#include "mongo/unittest/unittest.h"
#include "mongo/util/map_util.h"
@@ -54,8 +53,7 @@ namespace {
void setFindsShouldFail(bool enable) { _findsShouldFail = enable; }
- virtual Status findOne(OperationContext* txn,
- const NamespaceString& collectionName,
+ virtual Status findOne(const NamespaceString& collectionName,
const BSONObj& query,
BSONObj* result) {
if (_findsShouldFail &&
@@ -64,7 +62,7 @@ namespace {
return Status(ErrorCodes::UnknownError,
"findOne on admin.system.users set to fail in mock.");
}
- return AuthzManagerExternalStateMock::findOne(txn, collectionName, query, result);
+ return AuthzManagerExternalStateMock::findOne(collectionName, query, result);
}
private:
@@ -86,9 +84,6 @@ namespace {
authzSession.reset(new AuthorizationSession(sessionState));
authzManager->setAuthEnabled(true);
}
-
- protected:
- OperationContextNoop _txn;
};
const ResourcePattern testDBResource(ResourcePattern::forDatabaseName("test"));
@@ -124,17 +119,17 @@ namespace {
TEST_F(AuthorizationSessionTest, AddUserAndCheckAuthorization) {
// Check that disabling auth checks works
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
sessionState->setReturnValueForShouldIgnoreAuthChecks(true);
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
sessionState->setReturnValueForShouldIgnoreAuthChecks(false);
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
// Check that you can't authorize a user that doesn't exist.
ASSERT_EQUALS(ErrorCodes::UserNotFound,
- authzSession->addAndAuthorizeUser(&_txn, UserName("spencer", "test")));
+ authzSession->addAndAuthorizeUser(UserName("spencer", "test")));
// Add a user with readWrite and dbAdmin on the test DB
ASSERT_OK(managerState->insertPrivilegeDocument("admin",
@@ -146,14 +141,14 @@ namespace {
BSON("role" << "dbAdmin" <<
"db" << "test"))),
BSONObj()));
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("spencer", "test")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("spencer", "test")));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testDBResource, ActionType::dbStats));
+ testDBResource, ActionType::dbStats));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::insert));
+ otherFooCollResource, ActionType::insert));
// Add an admin user with readWriteAnyDatabase
ASSERT_OK(managerState->insertPrivilegeDocument("admin",
@@ -163,37 +158,36 @@ namespace {
"roles" << BSON_ARRAY(BSON("role" << "readWriteAnyDatabase" <<
"db" << "admin"))),
BSONObj()));
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("admin", "admin")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("admin", "admin")));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn,
ResourcePattern::forExactNamespace(
NamespaceString("anydb.somecollection")),
ActionType::insert));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherDBResource, ActionType::insert));
+ otherDBResource, ActionType::insert));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::insert));
+ otherFooCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::collMod));
+ otherFooCollResource, ActionType::collMod));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
authzSession->logoutDatabase("test");
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::insert));
+ otherFooCollResource, ActionType::insert));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::collMod));
+ testFooCollResource, ActionType::collMod));
authzSession->logoutDatabase("admin");
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::insert));
+ otherFooCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::collMod));
+ testFooCollResource, ActionType::collMod));
}
TEST_F(AuthorizationSessionTest, DuplicateRolesOK) {
@@ -209,14 +203,14 @@ namespace {
BSON("role" << "readWrite" <<
"db" << "test"))),
BSONObj()));
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("spencer", "test")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("spencer", "test")));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testDBResource, ActionType::dbStats));
+ testDBResource, ActionType::dbStats));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::insert));
+ otherFooCollResource, ActionType::insert));
}
TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) {
@@ -253,83 +247,83 @@ namespace {
"db" << "admin"))),
BSONObj()));
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("rwany", "test")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("rwany", "test")));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testUsersCollResource, ActionType::insert));
+ testUsersCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testUsersCollResource, ActionType::find));
+ testUsersCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherUsersCollResource, ActionType::insert));
+ otherUsersCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherUsersCollResource, ActionType::find));
+ otherUsersCollResource, ActionType::find));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testIndexesCollResource, ActionType::find));
+ testIndexesCollResource, ActionType::find));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testProfileCollResource, ActionType::find));
+ testProfileCollResource, ActionType::find));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherIndexesCollResource, ActionType::find));
+ otherIndexesCollResource, ActionType::find));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherProfileCollResource, ActionType::find));
+ otherProfileCollResource, ActionType::find));
// Logging in as useradminany@test implicitly logs out rwany@test.
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("useradminany", "test")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("useradminany", "test")));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testUsersCollResource, ActionType::insert));
+ testUsersCollResource, ActionType::insert));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testUsersCollResource, ActionType::find));
+ testUsersCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherUsersCollResource, ActionType::insert));
+ otherUsersCollResource, ActionType::insert));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherUsersCollResource, ActionType::find));
+ otherUsersCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testIndexesCollResource, ActionType::find));
+ testIndexesCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testProfileCollResource, ActionType::find));
+ testProfileCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherIndexesCollResource, ActionType::find));
+ otherIndexesCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherProfileCollResource, ActionType::find));
+ otherProfileCollResource, ActionType::find));
// Logging in as rw@test implicitly logs out useradminany@test.
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("rw", "test")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("rw", "test")));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testUsersCollResource, ActionType::insert));
+ testUsersCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testUsersCollResource, ActionType::find));
+ testUsersCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherUsersCollResource, ActionType::insert));
+ otherUsersCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherUsersCollResource, ActionType::find));
+ otherUsersCollResource, ActionType::find));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testIndexesCollResource, ActionType::find));
+ testIndexesCollResource, ActionType::find));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testProfileCollResource, ActionType::find));
+ testProfileCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherIndexesCollResource, ActionType::find));
+ otherIndexesCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherProfileCollResource, ActionType::find));
+ otherProfileCollResource, ActionType::find));
// Logging in as useradmin@test implicitly logs out rw@test.
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("useradmin", "test")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("useradmin", "test")));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testUsersCollResource, ActionType::insert));
+ testUsersCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testUsersCollResource, ActionType::find));
+ testUsersCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherUsersCollResource, ActionType::insert));
+ otherUsersCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherUsersCollResource, ActionType::find));
+ otherUsersCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testIndexesCollResource, ActionType::find));
+ testIndexesCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testProfileCollResource, ActionType::find));
+ testProfileCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherIndexesCollResource, ActionType::find));
+ otherIndexesCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherProfileCollResource, ActionType::find));
+ otherProfileCollResource, ActionType::find));
}
TEST_F(AuthorizationSessionTest, InvalidateUser) {
@@ -341,12 +335,12 @@ namespace {
"roles" << BSON_ARRAY(BSON("role" << "readWrite" <<
"db" << "test"))),
BSONObj()));
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("spencer", "test")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("spencer", "test")));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::find));
+ testFooCollResource, ActionType::find));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
User* user = authzSession->lookupUser(UserName("spencer", "test"));
ASSERT(user->isValid());
@@ -368,11 +362,11 @@ namespace {
// Make sure that invalidating the user causes the session to reload its privileges.
authzManager->invalidateUserByName(user->getName());
- authzSession->startRequest(&_txn); // Refreshes cached data for invalid users
+ authzSession->startRequest(); // Refreshes cached data for invalid users
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::find));
+ testFooCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
user = authzSession->lookupUser(UserName("spencer", "test"));
ASSERT(user->isValid());
@@ -385,11 +379,11 @@ namespace {
&ignored);
// Make sure that invalidating the user causes the session to reload its privileges.
authzManager->invalidateUserByName(user->getName());
- authzSession->startRequest(&_txn); // Refreshes cached data for invalid users
+ authzSession->startRequest(); // Refreshes cached data for invalid users
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::find));
+ testFooCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
ASSERT_FALSE(authzSession->lookupUser(UserName("spencer", "test")));
}
@@ -402,12 +396,12 @@ namespace {
"roles" << BSON_ARRAY(BSON("role" << "readWrite" <<
"db" << "test"))),
BSONObj()));
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("spencer", "test")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("spencer", "test")));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::find));
+ testFooCollResource, ActionType::find));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
User* user = authzSession->lookupUser(UserName("spencer", "test"));
ASSERT(user->isValid());
@@ -432,20 +426,20 @@ namespace {
// document lookup to fail, the authz session should continue to use its known out-of-date
// privilege data.
authzManager->invalidateUserByName(user->getName());
- authzSession->startRequest(&_txn); // Refreshes cached data for invalid users
+ authzSession->startRequest(); // Refreshes cached data for invalid users
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::find));
+ testFooCollResource, ActionType::find));
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
// Once we configure document lookup to succeed again, authorization checks should
// observe the new values.
managerState->setFindsShouldFail(false);
- authzSession->startRequest(&_txn); // Refreshes cached data for invalid users
+ authzSession->startRequest(); // Refreshes cached data for invalid users
ASSERT_TRUE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::find));
+ testFooCollResource, ActionType::find));
ASSERT_FALSE(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
}
@@ -471,92 +465,92 @@ namespace {
ASSERT_OK(authzManager->initialize());
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::find));
+ testFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::collMod));
+ testFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::find));
+ otherFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::insert));
+ otherFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::collMod));
+ otherFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, thirdFooCollResource, ActionType::find));
+ thirdFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, thirdFooCollResource, ActionType::insert));
+ thirdFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, thirdFooCollResource, ActionType::collMod));
+ thirdFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, adminFooCollResource, ActionType::find));
+ adminFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, adminFooCollResource, ActionType::insert));
+ adminFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, adminFooCollResource, ActionType::collMod));
+ adminFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, ResourcePattern::forClusterResource(), ActionType::shutdown));
+ ResourcePattern::forClusterResource(), ActionType::shutdown));
- ASSERT_OK(authzSession->addAndAuthorizeUser(&_txn, UserName("andy", "test")));
+ ASSERT_OK(authzSession->addAndAuthorizeUser(UserName("andy", "test")));
User* user = authzSession->lookupUser(UserName("andy", "test"));
ASSERT(UserName("andy", "test") == user->getName());
ASSERT(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::find));
+ testFooCollResource, ActionType::find));
ASSERT(authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::collMod));
+ testFooCollResource, ActionType::collMod));
ASSERT(authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::find));
+ otherFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::insert));
+ otherFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::collMod));
+ otherFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, thirdFooCollResource, ActionType::find));
+ thirdFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, thirdFooCollResource, ActionType::insert));
+ thirdFooCollResource, ActionType::insert));
ASSERT(authzSession->isAuthorizedForActionsOnResource(
- &_txn, thirdFooCollResource, ActionType::collMod));
+ thirdFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, adminFooCollResource, ActionType::find));
+ adminFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, adminFooCollResource, ActionType::insert));
+ adminFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, adminFooCollResource, ActionType::collMod));
+ adminFooCollResource, ActionType::collMod));
ASSERT(authzSession->isAuthorizedForActionsOnResource(
- &_txn, ResourcePattern::forClusterResource(), ActionType::shutdown));
+ ResourcePattern::forClusterResource(), ActionType::shutdown));
authzSession->logoutDatabase("test");
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::find));
+ testFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::insert));
+ testFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, testFooCollResource, ActionType::collMod));
+ testFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::find));
+ otherFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::insert));
+ otherFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, otherFooCollResource, ActionType::collMod));
+ otherFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, thirdFooCollResource, ActionType::find));
+ thirdFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, thirdFooCollResource, ActionType::insert));
+ thirdFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, thirdFooCollResource, ActionType::collMod));
+ thirdFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, adminFooCollResource, ActionType::find));
+ adminFooCollResource, ActionType::find));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, adminFooCollResource, ActionType::insert));
+ adminFooCollResource, ActionType::insert));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, adminFooCollResource, ActionType::collMod));
+ adminFooCollResource, ActionType::collMod));
ASSERT(!authzSession->isAuthorizedForActionsOnResource(
- &_txn, ResourcePattern::forClusterResource(), ActionType::shutdown));
+ ResourcePattern::forClusterResource(), ActionType::shutdown));
}
} // namespace
diff --git a/src/mongo/db/auth/authz_manager_external_state.cpp b/src/mongo/db/auth/authz_manager_external_state.cpp
index 25640191cec..e5f63496799 100644
--- a/src/mongo/db/auth/authz_manager_external_state.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state.cpp
@@ -40,8 +40,7 @@ namespace mongo {
AuthzManagerExternalState::AuthzManagerExternalState() {}
AuthzManagerExternalState::~AuthzManagerExternalState() {}
- Status AuthzManagerExternalState::getPrivilegeDocumentV1(OperationContext* txn,
- const StringData& dbname,
+ Status AuthzManagerExternalState::getPrivilegeDocumentV1(const StringData& dbname,
const UserName& userName,
BSONObj* result) {
if (userName == internalSecurity.user->getName()) {
@@ -70,7 +69,7 @@ namespace mongo {
// Query for the privilege document
BSONObj userBSONObj;
- Status found = findOne(txn, usersNamespace, queryBuilder.done(), &userBSONObj);
+ Status found = findOne(usersNamespace, queryBuilder.done(), &userBSONObj);
if (!found.isOK()) {
if (found.code() == ErrorCodes::NoMatchingDocument) {
// Return more detailed status that includes user name.
@@ -98,10 +97,9 @@ namespace mongo {
return Status::OK();
}
- bool AuthzManagerExternalState::hasAnyPrivilegeDocuments(OperationContext* txn) {
+ bool AuthzManagerExternalState::hasAnyPrivilegeDocuments() {
BSONObj userBSONObj;
Status status = findOne(
- txn,
AuthorizationManager::usersCollectionNamespace,
BSONObj(),
&userBSONObj);
diff --git a/src/mongo/db/auth/authz_manager_external_state.h b/src/mongo/db/auth/authz_manager_external_state.h
index 7c97eb5ea38..f637415ae91 100644
--- a/src/mongo/db/auth/authz_manager_external_state.h
+++ b/src/mongo/db/auth/authz_manager_external_state.h
@@ -41,8 +41,6 @@
namespace mongo {
- class OperationContext;
-
/**
* Public interface for a class that encapsulates all the information related to system
* state not stored in AuthorizationManager. This is primarily to make AuthorizationManager
@@ -66,7 +64,7 @@ namespace mongo {
* Retrieves the schema version of the persistent data describing users and roles.
* Will leave *outVersion unmodified on non-OK status return values.
*/
- virtual Status getStoredAuthorizationVersion(OperationContext* txn, int* outVersion) = 0;
+ virtual Status getStoredAuthorizationVersion(int* outVersion) = 0;
/**
* Writes into "result" a document describing the named user and returns Status::OK(). The
@@ -78,8 +76,7 @@ namespace mongo {
*
* If the user does not exist, returns ErrorCodes::UserNotFound.
*/
- virtual Status getUserDescription(
- OperationContext* txn, const UserName& userName, BSONObj* result) = 0;
+ virtual Status getUserDescription(const UserName& userName, BSONObj* result) = 0;
/**
* Writes into "result" a document describing the named role and returns Status::OK(). The
@@ -122,15 +119,13 @@ namespace mongo {
* On success, returns Status::OK() and stores a shared-ownership copy of the document into
* "result".
*/
- Status getPrivilegeDocumentV1(OperationContext* txn,
- const StringData& dbname,
- const UserName& userName,
- BSONObj* result);
+ Status getPrivilegeDocumentV1(
+ const StringData& dbname, const UserName& userName, BSONObj* result);
/**
* Returns true if there exists at least one privilege document in the system.
*/
- bool hasAnyPrivilegeDocuments(OperationContext* txn);
+ bool hasAnyPrivilegeDocuments();
/**
* Creates the given user object in the given database.
@@ -169,8 +164,7 @@ namespace mongo {
* Returns Status::OK() on success. If no match is found, returns
* ErrorCodes::NoMatchingDocument. Other errors returned as appropriate.
*/
- virtual Status findOne(OperationContext* txn,
- const NamespaceString& collectionName,
+ virtual Status findOne(const NamespaceString& collectionName,
const BSONObj& query,
BSONObj* result) = 0;
diff --git a/src/mongo/db/auth/authz_manager_external_state_d.cpp b/src/mongo/db/auth/authz_manager_external_state_d.cpp
index 852f6d96b71..2c009314f48 100644
--- a/src/mongo/db/auth/authz_manager_external_state_d.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_d.cpp
@@ -47,13 +47,12 @@ namespace mongo {
AuthzManagerExternalStateMongod::AuthzManagerExternalStateMongod() {}
AuthzManagerExternalStateMongod::~AuthzManagerExternalStateMongod() {}
- Status AuthzManagerExternalStateMongod::_getUserDocument(
- OperationContext* txn, const UserName& userName, BSONObj* userDoc) {
-
- Client::ReadContext ctx(txn, "admin");
+ Status AuthzManagerExternalStateMongod::_getUserDocument(const UserName& userName,
+ BSONObj* userDoc) {
+ Client::ReadContext ctx("admin");
int authzVersion;
- Status status = getStoredAuthorizationVersion(txn, &authzVersion);
+ Status status = getStoredAuthorizationVersion(&authzVersion);
if (!status.isOK())
return status;
@@ -68,7 +67,6 @@ namespace mongo {
}
status = findOne(
- txn,
(authzVersion == AuthorizationManager::schemaVersion26Final ?
AuthorizationManager::usersCollectionNamespace :
AuthorizationManager::usersAltCollectionNamespace),
@@ -104,13 +102,11 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongod::findOne(
- OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& query,
BSONObj* result) {
- Client::ReadContext ctx(txn, collectionName.ns());
-
+ Client::ReadContext ctx(collectionName.ns());
BSONObj found;
if (Helpers::findOne(ctx.ctx().db()->getCollection(collectionName),
query,
diff --git a/src/mongo/db/auth/authz_manager_external_state_d.h b/src/mongo/db/auth/authz_manager_external_state_d.h
index 213fcc56152..380d4eb6bef 100644
--- a/src/mongo/db/auth/authz_manager_external_state_d.h
+++ b/src/mongo/db/auth/authz_manager_external_state_d.h
@@ -52,8 +52,7 @@ namespace mongo {
virtual Status getAllDatabaseNames(std::vector<std::string>* dbnames);
- virtual Status findOne(OperationContext* txn,
- const NamespaceString& collectionName,
+ virtual Status findOne(const NamespaceString& collectionName,
const BSONObj& query,
BSONObj* result);
virtual Status query(const NamespaceString& collectionName,
@@ -84,8 +83,7 @@ namespace mongo {
virtual void releaseAuthzUpdateLock();
private:
- virtual Status _getUserDocument(
- OperationContext* txn, const UserName& userName, BSONObj* userDoc);
+ virtual Status _getUserDocument(const UserName& userName, BSONObj* userDoc);
boost::timed_mutex _authzDataUpdateLock;
};
diff --git a/src/mongo/db/auth/authz_manager_external_state_local.cpp b/src/mongo/db/auth/authz_manager_external_state_local.cpp
index 926158bc740..099e5638020 100644
--- a/src/mongo/db/auth/authz_manager_external_state_local.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_local.cpp
@@ -59,11 +59,9 @@ namespace mongo {
return Status::OK();
}
- Status AuthzManagerExternalStateLocal::getStoredAuthorizationVersion(
- OperationContext* txn, int* outVersion) {
+ Status AuthzManagerExternalStateLocal::getStoredAuthorizationVersion(int* outVersion) {
BSONObj versionDoc;
- Status status = findOne(txn,
- AuthorizationManager::versionCollectionNamespace,
+ Status status = findOne(AuthorizationManager::versionCollectionNamespace,
AuthorizationManager::versionDocumentQuery,
&versionDoc);
if (status.isOK()) {
@@ -87,7 +85,7 @@ namespace mongo {
}
}
else if (status == ErrorCodes::NoMatchingDocument) {
- if (hasAnyPrivilegeDocuments(txn)) {
+ if (hasAnyPrivilegeDocuments()) {
*outVersion = AuthorizationManager::schemaVersion24;
}
else {
@@ -138,12 +136,11 @@ namespace {
} // namespace
Status AuthzManagerExternalStateLocal::getUserDescription(
- OperationContext* txn,
const UserName& userName,
BSONObj* result) {
BSONObj userDoc;
- Status status = _getUserDocument(txn, userName, &userDoc);
+ Status status = _getUserDocument(userName, &userDoc);
if (!status.isOK())
return status;
diff --git a/src/mongo/db/auth/authz_manager_external_state_local.h b/src/mongo/db/auth/authz_manager_external_state_local.h
index ba48862e277..2c49c4b7cc7 100644
--- a/src/mongo/db/auth/authz_manager_external_state_local.h
+++ b/src/mongo/db/auth/authz_manager_external_state_local.h
@@ -53,9 +53,8 @@ namespace mongo {
virtual Status initialize();
- virtual Status getStoredAuthorizationVersion(OperationContext* txn, int* outVersion);
- virtual Status getUserDescription(
- OperationContext* txn, const UserName& userName, BSONObj* result);
+ virtual Status getStoredAuthorizationVersion(int* outVersion);
+ virtual Status getUserDescription(const UserName& userName, BSONObj* result);
virtual Status getRoleDescription(const RoleName& roleName,
bool showPrivileges,
BSONObj* result);
@@ -89,9 +88,7 @@ namespace mongo {
/**
* Fetches the user document for "userName" from local storage, and stores it into "result".
*/
- virtual Status _getUserDocument(OperationContext* txn,
- const UserName& userName,
- BSONObj* result) = 0;
+ virtual Status _getUserDocument(const UserName& userName, BSONObj* result) = 0;
Status _getRoleDescription_inlock(const RoleName& roleName,
bool showPrivileges,
diff --git a/src/mongo/db/auth/authz_manager_external_state_mock.cpp b/src/mongo/db/auth/authz_manager_external_state_mock.cpp
index 809d4ecb747..5ee19c863a5 100644
--- a/src/mongo/db/auth/authz_manager_external_state_mock.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_mock.cpp
@@ -97,11 +97,10 @@ namespace {
BSONObj()));
}
- Status AuthzManagerExternalStateMock::_getUserDocument(OperationContext* txn,
- const UserName& userName,
+ Status AuthzManagerExternalStateMock::_getUserDocument(const UserName& userName,
BSONObj* userDoc) {
int authzVersion;
- Status status = getStoredAuthorizationVersion(txn, &authzVersion);
+ Status status = getStoredAuthorizationVersion(&authzVersion);
if (!status.isOK())
return status;
@@ -116,7 +115,6 @@ namespace {
}
status = findOne(
- txn,
(authzVersion == AuthorizationManager::schemaVersion26Final ?
AuthorizationManager::usersCollectionNamespace :
AuthorizationManager::usersAltCollectionNamespace),
@@ -141,8 +139,18 @@ namespace {
return Status::OK();
}
+ Status AuthzManagerExternalStateMock::_findUser(
+ const std::string& usersNamespace,
+ const BSONObj& query,
+ BSONObj* result) {
+ if (!findOne(NamespaceString(usersNamespace), query, result).isOK()) {
+ return Status(ErrorCodes::UserNotFound,
+ "No matching user for query " + query.toString());
+ }
+ return Status::OK();
+ }
+
Status AuthzManagerExternalStateMock::findOne(
- OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& query,
BSONObj* result) {
diff --git a/src/mongo/db/auth/authz_manager_external_state_mock.h b/src/mongo/db/auth/authz_manager_external_state_mock.h
index 06db6b77890..6ec06f97692 100644
--- a/src/mongo/db/auth/authz_manager_external_state_mock.h
+++ b/src/mongo/db/auth/authz_manager_external_state_mock.h
@@ -60,8 +60,7 @@ namespace mongo {
virtual Status getAllDatabaseNames(std::vector<std::string>* dbnames);
- virtual Status findOne(OperationContext* txn,
- const NamespaceString& collectionName,
+ virtual Status findOne(const NamespaceString& collectionName,
const BSONObj& query,
BSONObj* result);
@@ -102,14 +101,16 @@ namespace mongo {
virtual bool tryAcquireAuthzUpdateLock(const StringData& why);
virtual void releaseAuthzUpdateLock();
+ Status _findUser(const std::string& usersNamespace,
+ const BSONObj& query,
+ BSONObj* result);
std::vector<BSONObj> getCollectionContents(const NamespaceString& collectionName);
private:
typedef std::vector<BSONObj> BSONObjCollection;
typedef std::map<NamespaceString, BSONObjCollection> NamespaceDocumentMap;
- virtual Status _getUserDocument(
- OperationContext* txn, const UserName& userName, BSONObj* userDoc);
+ virtual Status _getUserDocument(const UserName& userName, BSONObj* userDoc);
Status _findOneIter(const NamespaceString& collectionName,
const BSONObj& query,
diff --git a/src/mongo/db/auth/authz_manager_external_state_s.cpp b/src/mongo/db/auth/authz_manager_external_state_s.cpp
index 0cd3760258c..8f1dd6d1256 100644
--- a/src/mongo/db/auth/authz_manager_external_state_s.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_s.cpp
@@ -70,8 +70,7 @@ namespace mongo {
}
}
- Status AuthzManagerExternalStateMongos::getStoredAuthorizationVersion(
- OperationContext* txn, int* outVersion) {
+ Status AuthzManagerExternalStateMongos::getStoredAuthorizationVersion(int* outVersion) {
scoped_ptr<ScopedDbConnection> conn(getConnectionForAuthzCollection(
AuthorizationManager::usersCollectionNamespace));
Status status = auth::getRemoteStoredAuthorizationVersion(conn->get(), outVersion);
@@ -79,8 +78,8 @@ namespace mongo {
return status;
}
- Status AuthzManagerExternalStateMongos::getUserDescription(
- OperationContext* txn, const UserName& userName, BSONObj* result) {
+ Status AuthzManagerExternalStateMongos::getUserDescription(const UserName& userName,
+ BSONObj* result) {
try {
scoped_ptr<ScopedDbConnection> conn(getConnectionForAuthzCollection(
AuthorizationManager::usersCollectionNamespace));
@@ -191,7 +190,6 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongos::findOne(
- OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& queryDoc,
BSONObj* result) {
diff --git a/src/mongo/db/auth/authz_manager_external_state_s.h b/src/mongo/db/auth/authz_manager_external_state_s.h
index c19e3ed056e..203ce25f5ac 100644
--- a/src/mongo/db/auth/authz_manager_external_state_s.h
+++ b/src/mongo/db/auth/authz_manager_external_state_s.h
@@ -52,9 +52,8 @@ namespace mongo {
virtual ~AuthzManagerExternalStateMongos();
virtual Status initialize();
- virtual Status getStoredAuthorizationVersion(OperationContext* txn, int* outVersion);
- virtual Status getUserDescription(
- OperationContext* txn, const UserName& userName, BSONObj* result);
+ virtual Status getStoredAuthorizationVersion(int* outVersion);
+ virtual Status getUserDescription(const UserName& userName, BSONObj* result);
virtual Status getRoleDescription(const RoleName& roleName,
bool showPrivileges,
BSONObj* result);
@@ -71,8 +70,7 @@ namespace mongo {
* NOTE: The data returned from this helper may be from any config server or replica set
* node. The first config server or primary node is preferred, when available.
*/
- virtual Status findOne(OperationContext* txn,
- const NamespaceString& collectionName,
+ virtual Status findOne(const NamespaceString& collectionName,
const BSONObj& query,
BSONObj* result);
diff --git a/src/mongo/db/auth/authz_session_external_state.h b/src/mongo/db/auth/authz_session_external_state.h
index 2e1b41a0565..dbd838cb68f 100644
--- a/src/mongo/db/auth/authz_session_external_state.h
+++ b/src/mongo/db/auth/authz_session_external_state.h
@@ -39,7 +39,6 @@
namespace mongo {
class Principal;
- class OperationContext;
/**
* Public interface for a class that encapsulates all the session information related to system
@@ -69,7 +68,7 @@ namespace mongo {
// Should be called at the beginning of every new request. This performs the checks
// necessary to determine if localhost connections should be given full access.
- virtual void startRequest(OperationContext* txn) = 0;
+ virtual void startRequest() = 0;
protected:
// This class should never be instantiated directly.
diff --git a/src/mongo/db/auth/authz_session_external_state_d.cpp b/src/mongo/db/auth/authz_session_external_state_d.cpp
index 614b5e67505..0156ccf6c9b 100644
--- a/src/mongo/db/auth/authz_session_external_state_d.cpp
+++ b/src/mongo/db/auth/authz_session_external_state_d.cpp
@@ -45,9 +45,9 @@ namespace mongo {
AuthzSessionExternalStateServerCommon(authzManager) {}
AuthzSessionExternalStateMongod::~AuthzSessionExternalStateMongod() {}
- void AuthzSessionExternalStateMongod::startRequest(OperationContext* txn) {
+ void AuthzSessionExternalStateMongod::startRequest() {
if (!Lock::isLocked()) {
- _checkShouldAllowLocalhost(txn);
+ _checkShouldAllowLocalhost();
}
}
diff --git a/src/mongo/db/auth/authz_session_external_state_d.h b/src/mongo/db/auth/authz_session_external_state_d.h
index 0df26d507c7..f5b2c82cd03 100644
--- a/src/mongo/db/auth/authz_session_external_state_d.h
+++ b/src/mongo/db/auth/authz_session_external_state_d.h
@@ -47,7 +47,7 @@ namespace mongo {
virtual bool shouldIgnoreAuthChecks() const;
- virtual void startRequest(OperationContext* txn);
+ virtual void startRequest();
};
} // namespace mongo
diff --git a/src/mongo/db/auth/authz_session_external_state_mock.h b/src/mongo/db/auth/authz_session_external_state_mock.h
index 0acc98366ea..c884654ac91 100644
--- a/src/mongo/db/auth/authz_session_external_state_mock.h
+++ b/src/mongo/db/auth/authz_session_external_state_mock.h
@@ -62,7 +62,7 @@ namespace mongo {
_allowLocalhostReturnValue = returnValue;
}
- virtual void startRequest(OperationContext* txn) {}
+ virtual void startRequest() {}
private:
bool _ignoreAuthChecksReturnValue;
diff --git a/src/mongo/db/auth/authz_session_external_state_s.cpp b/src/mongo/db/auth/authz_session_external_state_s.cpp
index 4009670c6c4..14801eae945 100644
--- a/src/mongo/db/auth/authz_session_external_state_s.cpp
+++ b/src/mongo/db/auth/authz_session_external_state_s.cpp
@@ -43,8 +43,8 @@ namespace mongo {
AuthzSessionExternalStateServerCommon(authzManager) {}
AuthzSessionExternalStateMongos::~AuthzSessionExternalStateMongos() {}
- void AuthzSessionExternalStateMongos::startRequest(OperationContext* txn) {
- _checkShouldAllowLocalhost(txn);
+ void AuthzSessionExternalStateMongos::startRequest() {
+ _checkShouldAllowLocalhost();
}
} // namespace mongo
diff --git a/src/mongo/db/auth/authz_session_external_state_s.h b/src/mongo/db/auth/authz_session_external_state_s.h
index 777082faadc..6672957ced4 100644
--- a/src/mongo/db/auth/authz_session_external_state_s.h
+++ b/src/mongo/db/auth/authz_session_external_state_s.h
@@ -45,7 +45,7 @@ namespace mongo {
AuthzSessionExternalStateMongos(AuthorizationManager* authzManager);
virtual ~AuthzSessionExternalStateMongos();
- virtual void startRequest(OperationContext* txn);
+ virtual void startRequest();
};
} // namespace mongo
diff --git a/src/mongo/db/auth/authz_session_external_state_server_common.cpp b/src/mongo/db/auth/authz_session_external_state_server_common.cpp
index debef7d3120..b5c6f6a4bc3 100644
--- a/src/mongo/db/auth/authz_session_external_state_server_common.cpp
+++ b/src/mongo/db/auth/authz_session_external_state_server_common.cpp
@@ -31,7 +31,6 @@
#include "mongo/base/status.h"
#include "mongo/db/auth/authorization_manager.h"
#include "mongo/db/client.h"
-#include "mongo/db/operation_context.h"
#include "mongo/db/server_parameters.h"
#include "mongo/util/debug_util.h"
@@ -50,7 +49,7 @@ namespace {
_allowLocalhost(enableLocalhostAuthBypass) {}
AuthzSessionExternalStateServerCommon::~AuthzSessionExternalStateServerCommon() {}
- void AuthzSessionExternalStateServerCommon::_checkShouldAllowLocalhost(OperationContext* txn) {
+ void AuthzSessionExternalStateServerCommon::_checkShouldAllowLocalhost() {
if (!_authzManager->isAuthEnabled())
return;
// If we know that an admin user exists, don't re-check.
@@ -62,7 +61,7 @@ namespace {
return;
}
- _allowLocalhost = !_authzManager->hasAnyPrivilegeDocuments(txn);
+ _allowLocalhost = !_authzManager->hasAnyPrivilegeDocuments();
if (_allowLocalhost) {
ONCE {
log() << "note: no users configured in admin.system.users, allowing localhost "
diff --git a/src/mongo/db/auth/authz_session_external_state_server_common.h b/src/mongo/db/auth/authz_session_external_state_server_common.h
index 59599a6befd..f6e1a97f4a9 100644
--- a/src/mongo/db/auth/authz_session_external_state_server_common.h
+++ b/src/mongo/db/auth/authz_session_external_state_server_common.h
@@ -53,7 +53,7 @@ namespace mongo {
// Checks whether or not localhost connections should be given full access and stores the
// result in _allowLocalhost. Currently localhost connections are only given full access
// if there are no users in the admin database.
- void _checkShouldAllowLocalhost(OperationContext* txn);
+ virtual void _checkShouldAllowLocalhost();
private:
diff --git a/src/mongo/db/catalog/collection_cursor_cache.cpp b/src/mongo/db/catalog/collection_cursor_cache.cpp
index d4727a17ee2..926baf7a137 100644
--- a/src/mongo/db/catalog/collection_cursor_cache.cpp
+++ b/src/mongo/db/catalog/collection_cursor_cache.cpp
@@ -98,11 +98,11 @@ namespace mongo {
/**
* works globally
*/
- bool eraseCursor(OperationContext* txn, CursorId id, bool checkAuth);
+ bool eraseCursor( CursorId id, bool checkAuth );
void appendStats( BSONObjBuilder& builder );
- std::size_t timeoutCursors(OperationContext* txn, int millisSinceLastCall);
+ std::size_t timeoutCursors( int millisSinceLastCall );
int64_t nextSeed();
@@ -159,7 +159,7 @@ namespace mongo {
_idToNS.erase( id );
}
- bool GlobalCursorIdCache::eraseCursor(OperationContext* txn, CursorId id, bool checkAuth) {
+ bool GlobalCursorIdCache::eraseCursor(CursorId id, bool checkAuth) {
string ns;
{
SimpleMutex::scoped_lock lk( _mutex );
@@ -175,8 +175,8 @@ namespace mongo {
if ( checkAuth ) {
AuthorizationSession* as = cc().getAuthorizationSession();
- bool isAuthorized = as->isAuthorizedForActionsOnNamespace(
- txn, nss, ActionType::killCursors);
+ bool isAuthorized = as->isAuthorizedForActionsOnNamespace(nss,
+ ActionType::killCursors);
if ( !isAuthorized ) {
audit::logKillCursorsAuthzCheck( currentClient.get(),
nss,
@@ -186,8 +186,8 @@ namespace mongo {
}
}
- Lock::DBRead lock(txn->lockState(), ns);
- Database* db = dbHolder().get(ns, storageGlobalParams.dbpath);
+ Lock::DBRead lock( ns );
+ Database* db = dbHolder().get( ns, storageGlobalParams.dbpath );
if ( !db )
return false;
Client::Context context( ns, db );
@@ -204,7 +204,7 @@ namespace mongo {
return collection->cursorCache()->eraseCursor( id, checkAuth );
}
- std::size_t GlobalCursorIdCache::timeoutCursors(OperationContext* txn, int millisSinceLastCall) {
+ std::size_t GlobalCursorIdCache::timeoutCursors( int millisSinceLastCall ) {
vector<string> todo;
{
SimpleMutex::scoped_lock lk( _mutex );
@@ -216,7 +216,7 @@ namespace mongo {
for ( unsigned i = 0; i < todo.size(); i++ ) {
const string& ns = todo[i];
- Lock::DBRead lock(txn->lockState(), ns);
+ Lock::DBRead lock( ns );
Database* db = dbHolder().get( ns, storageGlobalParams.dbpath );
if ( !db )
continue;
@@ -235,25 +235,25 @@ namespace mongo {
// ---
- std::size_t CollectionCursorCache::timeoutCursorsGlobal(OperationContext* txn, int millisSinceLastCall) {;
- return _globalCursorIdCache.timeoutCursors(txn, millisSinceLastCall);
+ std::size_t CollectionCursorCache::timeoutCursorsGlobal( int millisSinceLastCall ) {
+ return _globalCursorIdCache.timeoutCursors( millisSinceLastCall );
}
- int CollectionCursorCache::eraseCursorGlobalIfAuthorized(OperationContext* txn, int n, long long* ids) {
+ int CollectionCursorCache::eraseCursorGlobalIfAuthorized(int n, long long* ids) {
int numDeleted = 0;
for ( int i = 0; i < n; i++ ) {
- if ( eraseCursorGlobalIfAuthorized(txn, ids[i] ) )
+ if ( eraseCursorGlobalIfAuthorized( ids[i] ) )
numDeleted++;
if ( inShutdown() )
break;
}
return numDeleted;
}
- bool CollectionCursorCache::eraseCursorGlobalIfAuthorized(OperationContext* txn, CursorId id) {
- return _globalCursorIdCache.eraseCursor(txn, id, true);
+ bool CollectionCursorCache::eraseCursorGlobalIfAuthorized(CursorId id) {
+ return _globalCursorIdCache.eraseCursor( id, true );
}
- bool CollectionCursorCache::eraseCursorGlobal(OperationContext* txn, CursorId id) {
- return _globalCursorIdCache.eraseCursor(txn, id, false );
+ bool CollectionCursorCache::eraseCursorGlobal( CursorId id ) {
+ return _globalCursorIdCache.eraseCursor( id, false );
}
diff --git a/src/mongo/db/catalog/collection_cursor_cache.h b/src/mongo/db/catalog/collection_cursor_cache.h
index d08800d4d7b..bc057def73f 100644
--- a/src/mongo/db/catalog/collection_cursor_cache.h
+++ b/src/mongo/db/catalog/collection_cursor_cache.h
@@ -109,15 +109,15 @@ namespace mongo {
// ----------------------
- static int eraseCursorGlobalIfAuthorized(OperationContext* txn, int n, long long* ids);
- static bool eraseCursorGlobalIfAuthorized(OperationContext* txn, CursorId id);
+ static int eraseCursorGlobalIfAuthorized( int n, long long* ids );
+ static bool eraseCursorGlobalIfAuthorized( CursorId id );
- static bool eraseCursorGlobal(OperationContext* txn, CursorId id);
+ static bool eraseCursorGlobal( CursorId id );
/**
* @return number timed out
*/
- static std::size_t timeoutCursorsGlobal(OperationContext* txn, int millisSinceLastCall);
+ static std::size_t timeoutCursorsGlobal( int millisSinceLastCall );
private:
CursorId _allocateCursorId_inlock();
diff --git a/src/mongo/db/catalog/database_holder.cpp b/src/mongo/db/catalog/database_holder.cpp
index aeded6b196b..3516cc06a09 100644
--- a/src/mongo/db/catalog/database_holder.cpp
+++ b/src/mongo/db/catalog/database_holder.cpp
@@ -41,7 +41,8 @@
namespace mongo {
- Database* DatabaseHolder::getOrCreate(OperationContext* txn, const string& ns, const string& path, bool& justCreated) {
+ Database* DatabaseHolder::getOrCreate( const string& ns, const string& path, bool& justCreated ) {
+ OperationContextImpl txn; // TODO get rid of this once reads require transactions
string dbname = _todb( ns );
{
SimpleMutex::scoped_lock lk(_m);
@@ -73,7 +74,7 @@ namespace mongo {
cc().writeHappened();
// this locks _m for defensive checks, so we don't want to be locked right here :
- Database *db = new Database(txn, dbname.c_str(), justCreated, path);
+ Database *db = new Database( &txn, dbname.c_str() , justCreated , path );
{
SimpleMutex::scoped_lock lk(_m);
diff --git a/src/mongo/db/catalog/database_holder.h b/src/mongo/db/catalog/database_holder.h
index ad40b8601c4..a2901926db7 100644
--- a/src/mongo/db/catalog/database_holder.h
+++ b/src/mongo/db/catalog/database_holder.h
@@ -82,10 +82,7 @@ namespace mongo {
return 0;
}
- Database* getOrCreate(OperationContext* txn,
- const std::string& ns,
- const std::string& path,
- bool& justCreated);
+ Database* getOrCreate( const std::string& ns , const std::string& path , bool& justCreated );
void erase( const std::string& ns , const std::string& path ) {
SimpleMutex::scoped_lock lk(_m);
diff --git a/src/mongo/db/client.cpp b/src/mongo/db/client.cpp
index 97e5ba1c71e..21dd08f9b92 100644
--- a/src/mongo/db/client.cpp
+++ b/src/mongo/db/client.cpp
@@ -55,7 +55,6 @@
#include "mongo/db/instance.h"
#include "mongo/db/json.h"
#include "mongo/db/jsobj.h"
-#include "mongo/db/operation_context_impl.h"
#include "mongo/db/repl/rs.h"
#include "mongo/db/storage_options.h"
#include "mongo/s/chunk_version.h"
@@ -192,13 +191,14 @@ namespace mongo {
/** "read lock, and set my context, all in one operation"
* This handles (if not recursively locked) opening an unopened database.
*/
- Client::ReadContext::ReadContext(
- OperationContext* txn, const string& ns, bool doVersion) {
+ Client::ReadContext::ReadContext(const string& ns,
+ const std::string& path,
+ bool doVersion) {
{
- _lk.reset(new Lock::DBRead(txn->lockState(), ns));
- Database *db = dbHolder().get(ns, storageGlobalParams.dbpath);
+ lk.reset( new Lock::DBRead(ns) );
+ Database *db = dbHolder().get(ns, path);
if( db ) {
- _c.reset(new Context(storageGlobalParams.dbpath, ns, db, doVersion));
+ c.reset( new Context(path, ns, db, doVersion) );
return;
}
}
@@ -209,18 +209,17 @@ namespace mongo {
if( Lock::isW() ) {
// write locked already
DEV RARELY log() << "write locked on ReadContext construction " << ns << endl;
- _c.reset(new Context(ns, storageGlobalParams.dbpath, doVersion));
+ c.reset(new Context(ns, path, doVersion));
}
else if( !Lock::nested() ) {
- _lk.reset(0);
+ lk.reset(0);
{
Lock::GlobalWrite w;
- Context c(ns, storageGlobalParams.dbpath, doVersion);
+ Context c(ns, path, doVersion);
}
-
// db could be closed at this interim point -- that is ok, we will throw, and don't mind throwing.
- _lk.reset(new Lock::DBRead(txn->lockState(), ns));
- _c.reset(new Context(ns, storageGlobalParams.dbpath, doVersion));
+ lk.reset( new Lock::DBRead(ns) );
+ c.reset(new Context(ns, path, doVersion));
}
else {
uasserted(15928, str::stream() << "can't open a database from a nested read lock " << ns);
@@ -232,10 +231,9 @@ namespace mongo {
// it would be easy to first check that there is at least a .ns file, or something similar.
}
- Client::WriteContext::WriteContext(
- OperationContext* opCtx, const std::string& ns, bool doVersion)
- : _lk(opCtx->lockState(), ns),
- _c(ns, storageGlobalParams.dbpath, doVersion) {
+ Client::WriteContext::WriteContext(const string& ns, const std::string& path, bool doVersion)
+ : _lk( ns ) ,
+ _c(ns, path, doVersion) {
}
@@ -281,8 +279,7 @@ namespace mongo {
uassert(14031, "Can't take a write lock while out of disk space", false);
}
- OperationContextImpl txn; // TODO get rid of this once reads require transactions
- _db = dbHolderUnchecked().getOrCreate(&txn, _ns, _path, _justCreated);
+ _db = dbHolderUnchecked().getOrCreate( _ns , _path , _justCreated );
verify(_db);
if( _doVersion ) checkNotStale();
massert( 16107 , str::stream() << "Don't have a lock on: " << _ns , Lock::atLeastReadLocked( _ns ) );
diff --git a/src/mongo/db/client.h b/src/mongo/db/client.h
index 17beba12098..6d4179c506a 100644
--- a/src/mongo/db/client.h
+++ b/src/mongo/db/client.h
@@ -146,13 +146,13 @@ namespace mongo {
*/
class ReadContext : boost::noncopyable {
public:
- ReadContext(OperationContext* txn,
- const std::string& ns,
+ ReadContext(const std::string& ns,
+ const std::string& path=storageGlobalParams.dbpath,
bool doVersion = true);
- Context& ctx() { return *_c.get(); }
+ Context& ctx() { return *c.get(); }
private:
- scoped_ptr<Lock::DBRead> _lk;
- scoped_ptr<Context> _c;
+ scoped_ptr<Lock::DBRead> lk;
+ scoped_ptr<Context> c;
};
/* Set database we want to use, then, restores when we finish (are out of scope)
@@ -219,9 +219,10 @@ namespace mongo {
class WriteContext : boost::noncopyable {
public:
- WriteContext(OperationContext* opCtx, const std::string& ns, bool doVersion = true);
+ WriteContext(const std::string& ns,
+ const std::string& path=storageGlobalParams.dbpath,
+ bool doVersion = true);
Context& ctx() { return _c; }
-
private:
Lock::DBWrite _lk;
Context _c;
diff --git a/src/mongo/db/clientcursor.cpp b/src/mongo/db/clientcursor.cpp
index 3bac1b29535..628c4e110b7 100644
--- a/src/mongo/db/clientcursor.cpp
+++ b/src/mongo/db/clientcursor.cpp
@@ -45,7 +45,6 @@
#include "mongo/db/db.h"
#include "mongo/db/jsobj.h"
#include "mongo/db/kill_current_op.h"
-#include "mongo/db/operation_context_impl.h"
#include "mongo/db/repl/rs.h"
#include "mongo/db/repl/write_concern.h"
@@ -220,10 +219,8 @@ namespace mongo {
Client& client = cc();
Timer t;
const int Secs = 4;
- while (!inShutdown()) {
- OperationContextImpl txn;
- cursorStatsTimedOut.increment(
- CollectionCursorCache::timeoutCursorsGlobal(&txn, t.millisReset()));
+ while ( ! inShutdown() ) {
+ cursorStatsTimedOut.increment( CollectionCursorCache::timeoutCursorsGlobal( t.millisReset() ) );
sleepsecs(Secs);
}
client.shutdown();
diff --git a/src/mongo/db/cloner.cpp b/src/mongo/db/cloner.cpp
index 519a1f6b9e8..d1b97e9be3a 100644
--- a/src/mongo/db/cloner.cpp
+++ b/src/mongo/db/cloner.cpp
@@ -301,7 +301,7 @@ namespace mongo {
bool copyIndexes,
bool logForRepl) {
- Client::WriteContext ctx(txn, ns);
+ Client::WriteContext ctx(ns);
// config
string temp = ctx.ctx().db()->name() + ".system.namespaces";
diff --git a/src/mongo/db/commands.cpp b/src/mongo/db/commands.cpp
index 2d33d022da7..524a7f916de 100644
--- a/src/mongo/db/commands.cpp
+++ b/src/mongo/db/commands.cpp
@@ -255,15 +255,13 @@ namespace mongo {
return Status(ErrorCodes::Error(code), errmsg);
}
- Status Command::checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ Status Command::checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
std::vector<Privilege> privileges;
this->addRequiredPrivileges(dbname, cmdObj, &privileges);
- if (client->getAuthorizationSession()->isAuthorizedForPrivileges(txn, privileges)) {
+ if (client->getAuthorizationSession()->isAuthorizedForPrivileges(privileges))
return Status::OK();
- }
return Status(ErrorCodes::Unauthorized, "unauthorized");
}
@@ -276,8 +274,7 @@ namespace mongo {
}
}
- static Status _checkAuthorizationImpl(OperationContext* txn,
- Command* c,
+ static Status _checkAuthorizationImpl(Command* c,
ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj,
@@ -288,7 +285,7 @@ namespace mongo {
" may only be run against the admin database.");
}
if (client->getAuthorizationSession()->getAuthorizationManager().isAuthEnabled()) {
- Status status = c->checkAuthForCommand(txn, client, dbname, cmdObj);
+ Status status = c->checkAuthForCommand(client, dbname, cmdObj);
if (status == ErrorCodes::Unauthorized) {
mmb::Document cmdToLog(cmdObj, mmb::Document::kInPlaceDisabled);
c->redactForLogging(&cmdToLog);
@@ -310,14 +307,13 @@ namespace mongo {
return Status::OK();
}
- Status Command::_checkAuthorization(OperationContext* txn,
- Command* c,
+ Status Command::_checkAuthorization(Command* c,
ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj,
bool fromRepl) {
namespace mmb = mutablebson;
- Status status = _checkAuthorizationImpl(txn, c, client, dbname, cmdObj, fromRepl);
+ Status status = _checkAuthorizationImpl(c, client, dbname, cmdObj, fromRepl);
if (!status.isOK()) {
log() << status << std::endl;
}
diff --git a/src/mongo/db/commands.h b/src/mongo/db/commands.h
index 38c79f1971f..4446020a94c 100644
--- a/src/mongo/db/commands.h
+++ b/src/mongo/db/commands.h
@@ -141,8 +141,7 @@ namespace mutablebson {
* Checks if the given client is authorized to run this command on database "dbname"
* with the invocation described by "cmdObj".
*/
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj);
@@ -257,8 +256,7 @@ namespace mutablebson {
* ErrorCodes::Unauthorized otherwise, but any return other than Status::OK implies not
* authorized.
*/
- static Status _checkAuthorization(OperationContext* txn,
- Command* c,
+ static Status _checkAuthorization(Command* c,
ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj,
diff --git a/src/mongo/db/commands/apply_ops.cpp b/src/mongo/db/commands/apply_ops.cpp
index 37c72610627..ef3c2ea2ab9 100644
--- a/src/mongo/db/commands/apply_ops.cpp
+++ b/src/mongo/db/commands/apply_ops.cpp
@@ -127,7 +127,7 @@ namespace mongo {
// operations are applied. We are already locked globally at this point, so taking
// a DBWrite on the namespace creates a nested lock, and yields are disallowed for
// operations that hold a nested lock.
- Lock::DBWrite lk(txn->lockState(), ns);
+ Lock::DBWrite lk(ns);
invariant(Lock::nested());
Client::Context ctx(ns);
diff --git a/src/mongo/db/commands/auth_schema_upgrade_d.cpp b/src/mongo/db/commands/auth_schema_upgrade_d.cpp
index 4f63bacd173..3a52792615e 100644
--- a/src/mongo/db/commands/auth_schema_upgrade_d.cpp
+++ b/src/mongo/db/commands/auth_schema_upgrade_d.cpp
@@ -147,7 +147,7 @@ namespace {
if (!status.isOK())
return appendCommandStatus(result, status);
- status = authzManager->upgradeSchema(txn, maxSteps, writeConcern);
+ status = authzManager->upgradeSchema(maxSteps, writeConcern);
if (status.isOK())
result.append("done", true);
return appendCommandStatus(result, status);
diff --git a/src/mongo/db/commands/authentication_commands.cpp b/src/mongo/db/commands/authentication_commands.cpp
index b0210188795..651ecb6cca9 100644
--- a/src/mongo/db/commands/authentication_commands.cpp
+++ b/src/mongo/db/commands/authentication_commands.cpp
@@ -160,7 +160,7 @@ namespace mongo {
if (mechanism.empty()) {
mechanism = "MONGODB-CR";
}
- Status status = _authenticate(txn, mechanism, user, cmdObj);
+ Status status = _authenticate(mechanism, user, cmdObj);
audit::logAuthentication(ClientBasic::getCurrent(),
mechanism,
user,
@@ -184,13 +184,12 @@ namespace mongo {
return true;
}
- Status CmdAuthenticate::_authenticate(OperationContext* txn,
- const std::string& mechanism,
+ Status CmdAuthenticate::_authenticate(const std::string& mechanism,
const UserName& user,
const BSONObj& cmdObj) {
if (mechanism == "MONGODB-CR") {
- return _authenticateCR(txn, user, cmdObj);
+ return _authenticateCR(user, cmdObj);
}
#ifdef MONGO_SSL
if (mechanism == "MONGODB-X509") {
@@ -200,8 +199,7 @@ namespace mongo {
return Status(ErrorCodes::BadValue, "Unsupported mechanism: " + mechanism);
}
- Status CmdAuthenticate::_authenticateCR(
- OperationContext* txn, const UserName& user, const BSONObj& cmdObj) {
+ Status CmdAuthenticate::_authenticateCR(const UserName& user, const BSONObj& cmdObj) {
if (user == internalSecurity.user->getName() &&
serverGlobalParams.clusterAuthMode.load() ==
@@ -248,7 +246,7 @@ namespace mongo {
}
User* userObj;
- Status status = getGlobalAuthorizationManager()->acquireUser(txn, user, &userObj);
+ Status status = getGlobalAuthorizationManager()->acquireUser(user, &userObj);
if (!status.isOK()) {
// Failure to find the privilege document indicates no-such-user, a fact that we do not
// wish to reveal to the client. So, we return AuthenticationFailed rather than passing
@@ -277,7 +275,7 @@ namespace mongo {
AuthorizationSession* authorizationSession =
ClientBasic::getCurrent()->getAuthorizationSession();
- status = authorizationSession->addAndAuthorizeUser(txn, user);
+ status = authorizationSession->addAndAuthorizeUser(user);
if (!status.isOK()) {
return status;
}
diff --git a/src/mongo/db/commands/authentication_commands.h b/src/mongo/db/commands/authentication_commands.h
index 6fa2bc6a78a..4ccfb464aa7 100644
--- a/src/mongo/db/commands/authentication_commands.h
+++ b/src/mongo/db/commands/authentication_commands.h
@@ -71,12 +71,10 @@ namespace mongo {
* mechanism, and ProtocolError, indicating an error in the use of the authentication
* protocol.
*/
- Status _authenticate(OperationContext* txn,
- const std::string& mechanism,
+ Status _authenticate(const std::string& mechanism,
const UserName& user,
const BSONObj& cmdObj);
- Status _authenticateCR(
- OperationContext* txn, const UserName& user, const BSONObj& cmdObj);
+ Status _authenticateCR(const UserName& user, const BSONObj& cmdObj);
Status _authenticateX509(const UserName& user, const BSONObj& cmdObj);
bool _clusterIdMatch(const std::string& subjectName, const std::string& srvSubjectName);
};
diff --git a/src/mongo/db/commands/cleanup_orphaned_cmd.cpp b/src/mongo/db/commands/cleanup_orphaned_cmd.cpp
index 0746ec9398b..dac324345bd 100644
--- a/src/mongo/db/commands/cleanup_orphaned_cmd.cpp
+++ b/src/mongo/db/commands/cleanup_orphaned_cmd.cpp
@@ -158,12 +158,11 @@ namespace mongo {
virtual bool adminOnly() const { return true; }
virtual bool localHostOnlyIfNoAuth( const BSONObj& cmdObj ) { return false; }
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
- const std::string& dbname,
- const BSONObj& cmdObj ) {
+ virtual Status checkAuthForCommand( ClientBasic* client,
+ const std::string& dbname,
+ const BSONObj& cmdObj ) {
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forClusterResource(), ActionType::cleanupOrphaned)) {
+ ResourcePattern::forClusterResource(), ActionType::cleanupOrphaned)) {
return Status(ErrorCodes::Unauthorized,
"Not authorized for cleanupOrphaned command.");
}
diff --git a/src/mongo/db/commands/clone.cpp b/src/mongo/db/commands/clone.cpp
index 5759c4dc528..b75ee5ceb69 100644
--- a/src/mongo/db/commands/clone.cpp
+++ b/src/mongo/db/commands/clone.cpp
@@ -75,15 +75,14 @@ namespace mongo {
help << "{ clone : \"host13\" }";
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
ActionSet actions;
actions.addAction(ActionType::insert);
actions.addAction(ActionType::createIndex);
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(dbname), actions)) {
+ ResourcePattern::forDatabaseName(dbname), actions)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
return Status::OK();
@@ -119,7 +118,7 @@ namespace mongo {
set<string> clonedColls;
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context context( dbname );
Cloner cloner;
diff --git a/src/mongo/db/commands/clone_collection.cpp b/src/mongo/db/commands/clone_collection.cpp
index d9cfb60819f..c0a124adbe3 100644
--- a/src/mongo/db/commands/clone_collection.cpp
+++ b/src/mongo/db/commands/clone_collection.cpp
@@ -71,8 +71,7 @@ namespace mongo {
return parseNsFullyQualified(dbname, cmdObj);
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
std::string ns = parseNs(dbname, cmdObj);
@@ -82,7 +81,7 @@ namespace mongo {
actions.addAction(ActionType::createIndex); // SERVER-11418
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forExactNamespace(NamespaceString(ns)), actions)) {
+ ResourcePattern::forExactNamespace(NamespaceString(ns)), actions)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
return Status::OK();
diff --git a/src/mongo/db/commands/collection_to_capped.cpp b/src/mongo/db/commands/collection_to_capped.cpp
index 0186a17b643..d2a909f4af4 100644
--- a/src/mongo/db/commands/collection_to_capped.cpp
+++ b/src/mongo/db/commands/collection_to_capped.cpp
@@ -153,7 +153,7 @@ namespace mongo {
return false;
}
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context ctx(dbname);
Status status = cloneCollectionAsCapped( txn, ctx.db(), from, to, size, temp, true );
diff --git a/src/mongo/db/commands/compact.cpp b/src/mongo/db/commands/compact.cpp
index 1002ec82ffd..3355e222570 100644
--- a/src/mongo/db/commands/compact.cpp
+++ b/src/mongo/db/commands/compact.cpp
@@ -140,7 +140,7 @@ namespace mongo {
compactOptions.validateDocuments = cmdObj["validate"].trueValue();
- Lock::DBWrite lk(txn->lockState(), ns.ns());
+ Lock::DBWrite lk(ns.ns());
BackgroundOperation::assertNoBgOpInProgForNs(ns.ns());
Client::Context ctx(ns);
diff --git a/src/mongo/db/commands/copydb.cpp b/src/mongo/db/commands/copydb.cpp
index b1b9b2231bc..0db7a7950bb 100644
--- a/src/mongo/db/commands/copydb.cpp
+++ b/src/mongo/db/commands/copydb.cpp
@@ -108,11 +108,10 @@ namespace mongo {
virtual bool isWriteCommandForConfigServer() const { return false; }
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
- return copydb::checkAuthForCopydbCommand(txn, client, dbname, cmdObj);
+ return copydb::checkAuthForCopydbCommand(client, dbname, cmdObj);
}
virtual void help( stringstream &help ) const {
@@ -156,8 +155,8 @@ namespace mongo {
// SERVER-4328 todo lock just the two db's not everything for the fromself case
scoped_ptr<Lock::ScopedLock> lk( fromSelf ?
- static_cast<Lock::ScopedLock*>(new Lock::GlobalWrite()) :
- static_cast<Lock::ScopedLock*>(new Lock::DBWrite(txn->lockState(), todb)));
+ static_cast<Lock::ScopedLock*>( new Lock::GlobalWrite() ) :
+ static_cast<Lock::ScopedLock*>( new Lock::DBWrite( todb ) ) );
Cloner cloner;
string username = cmdObj.getStringField( "username" );
diff --git a/src/mongo/db/commands/copydb.h b/src/mongo/db/commands/copydb.h
index 9f27244f479..f7b2adfbe6d 100644
--- a/src/mongo/db/commands/copydb.h
+++ b/src/mongo/db/commands/copydb.h
@@ -37,12 +37,10 @@
namespace mongo {
class ClientBasic;
- class OperationContext;
namespace copydb {
- Status checkAuthForCopydbCommand(OperationContext* txn,
- ClientBasic* client,
+ Status checkAuthForCopydbCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj);
diff --git a/src/mongo/db/commands/copydb_common.cpp b/src/mongo/db/commands/copydb_common.cpp
index e46cf94e4e2..5cebb8db021 100644
--- a/src/mongo/db/commands/copydb_common.cpp
+++ b/src/mongo/db/commands/copydb_common.cpp
@@ -42,8 +42,7 @@
namespace mongo {
namespace copydb {
- Status checkAuthForCopydbCommand(OperationContext* txn,
- ClientBasic* client,
+ Status checkAuthForCopydbCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
bool fromSelf = StringData(cmdObj.getStringField("fromhost")).empty();
@@ -66,7 +65,7 @@ namespace copydb {
actions.addAction(ActionType::insert);
actions.addAction(ActionType::createIndex);
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(todb), actions)) {
+ ResourcePattern::forDatabaseName(todb), actions)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
@@ -74,7 +73,7 @@ namespace copydb {
actions.addAction(ActionType::insert);
for (size_t i = 0; i < legalClientSystemCollections.size(); ++i) {
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnNamespace(
- txn, NamespaceString(todb, legalClientSystemCollections[i]), actions)) {
+ NamespaceString(todb, legalClientSystemCollections[i]), actions)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
}
@@ -84,12 +83,12 @@ namespace copydb {
actions.removeAllActions();
actions.addAction(ActionType::find);
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(fromdb), actions)) {
+ ResourcePattern::forDatabaseName(fromdb), actions)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
for (size_t i = 0; i < legalClientSystemCollections.size(); ++i) {
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnNamespace(
- txn, NamespaceString(fromdb, legalClientSystemCollections[i]), actions)) {
+ NamespaceString(fromdb, legalClientSystemCollections[i]), actions)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
}
diff --git a/src/mongo/db/commands/create_indexes.cpp b/src/mongo/db/commands/create_indexes.cpp
index 87582b75e07..2519bc75cc4 100644
--- a/src/mongo/db/commands/create_indexes.cpp
+++ b/src/mongo/db/commands/create_indexes.cpp
@@ -51,14 +51,13 @@ namespace mongo {
virtual bool isWriteCommandForConfigServer() const { return false; }
virtual bool slaveOk() const { return false; } // TODO: this could be made true...
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
ActionSet actions;
actions.addAction(ActionType::createIndex);
Privilege p(parseResourcePattern(dbname, cmdObj), actions);
- if (client->getAuthorizationSession()->isAuthorizedForPrivilege(txn, p))
+ if ( client->getAuthorizationSession()->isAuthorizedForPrivilege(p) )
return Status::OK();
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
@@ -133,7 +132,9 @@ namespace mongo {
// as many calls are ensureIndex (and hence no-ops), this is good so its a shared
// lock for common calls. We only take write lock if needed.
// Note: createIndexes command does not currently respect shard versioning.
- Client::ReadContext readContext(txn, ns, false /* doVersion */);
+ Client::ReadContext readContext( ns,
+ storageGlobalParams.dbpath,
+ false /* doVersion */ );
const Collection* collection = readContext.ctx().db()->getCollection( ns.ns() );
if ( collection ) {
for ( size_t i = 0; i < specs.size(); i++ ) {
@@ -163,7 +164,9 @@ namespace mongo {
// now we know we have to create index(es)
// Note: createIndexes command does not currently respect shard versioning.
- Client::WriteContext writeContext(txn, ns.ns(), false /* doVersion */ );
+ Client::WriteContext writeContext( ns.ns(),
+ storageGlobalParams.dbpath,
+ false /* doVersion */ );
Database* db = writeContext.ctx().db();
Collection* collection = db->getCollection( txn, ns.ns() );
diff --git a/src/mongo/db/commands/dbhash.cpp b/src/mongo/db/commands/dbhash.cpp
index 3899e7f522d..cddac188c94 100644
--- a/src/mongo/db/commands/dbhash.cpp
+++ b/src/mongo/db/commands/dbhash.cpp
@@ -145,7 +145,7 @@ namespace mongo {
list<string> colls;
const string ns = parseNs(dbname, cmdObj);
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
Database* db = ctx.ctx().db();
if ( db )
db->getDatabaseCatalogEntry()->getCollectionNamespaces( &colls );
diff --git a/src/mongo/db/commands/distinct.cpp b/src/mongo/db/commands/distinct.cpp
index 4c3a6bb5955..bc05c80195a 100644
--- a/src/mongo/db/commands/distinct.cpp
+++ b/src/mongo/db/commands/distinct.cpp
@@ -90,7 +90,7 @@ namespace mongo {
long long nscannedObjects = 0; // full objects looked at
long long n = 0; // matches
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
Collection* collection = ctx.ctx().db()->getCollection( ns );
diff --git a/src/mongo/db/commands/drop_indexes.cpp b/src/mongo/db/commands/drop_indexes.cpp
index c68aede5bc3..ab9144b7c96 100644
--- a/src/mongo/db/commands/drop_indexes.cpp
+++ b/src/mongo/db/commands/drop_indexes.cpp
@@ -93,7 +93,7 @@ namespace mongo {
CmdDropIndexes() : Command("dropIndexes", false, "deleteIndexes") { }
bool run(OperationContext* txn, const string& dbname, BSONObj& jsobj, int, string& errmsg, BSONObjBuilder& anObjBuilder, bool fromRepl) {
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
bool ok = wrappedRun(txn, dbname, jsobj, errmsg, anObjBuilder);
if (ok && !fromRepl)
repl::logOp(txn, "c",(dbname + ".$cmd").c_str(), jsobj);
@@ -220,7 +220,7 @@ namespace mongo {
MONGO_TLOG(0) << "CMD: reIndex " << toDeleteNs << endl;
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context ctx(toDeleteNs);
Collection* collection = ctx.db()->getCollection( toDeleteNs );
diff --git a/src/mongo/db/commands/find_and_modify.cpp b/src/mongo/db/commands/find_and_modify.cpp
index c297d772530..44ca0e36609 100644
--- a/src/mongo/db/commands/find_and_modify.cpp
+++ b/src/mongo/db/commands/find_and_modify.cpp
@@ -93,7 +93,7 @@ namespace mongo {
return false;
}
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context ctx(ns);
return runNoDirectClient( txn, ns ,
@@ -133,7 +133,7 @@ namespace mongo {
BSONObjBuilder& result,
string& errmsg) {
- Lock::DBWrite lk(txn->lockState(), ns);
+ Lock::DBWrite lk( ns );
Client::Context cx( ns );
Collection* collection = cx.db()->getCollection( txn, ns );
@@ -325,7 +325,7 @@ namespace mongo {
}
}
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context ctx(ns);
BSONObj out = db.findOne(ns, q, fields);
diff --git a/src/mongo/db/commands/geonear.cpp b/src/mongo/db/commands/geonear.cpp
index ebbdd6efd69..5976d8a4e3d 100644
--- a/src/mongo/db/commands/geonear.cpp
+++ b/src/mongo/db/commands/geonear.cpp
@@ -76,7 +76,7 @@ namespace mongo {
return false;
}
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
Database* db = ctx.ctx().db();
if ( !db ) {
diff --git a/src/mongo/db/commands/group.cpp b/src/mongo/db/commands/group.cpp
index 43a1fda05fc..6e80bbef1f6 100644
--- a/src/mongo/db/commands/group.cpp
+++ b/src/mongo/db/commands/group.cpp
@@ -56,13 +56,12 @@ namespace mongo {
virtual void help( stringstream &help ) const {
help << "http://dochub.mongodb.org/core/aggregation";
}
- Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
std::string ns = parseNs(dbname, cmdObj);
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnNamespace(
- txn, NamespaceString(ns), ActionType::find)) {
+ NamespaceString(ns), ActionType::find)) {
return Status(ErrorCodes::Unauthorized, "unauthorized");
}
return Status::OK();
@@ -255,7 +254,7 @@ namespace mongo {
finalize = p["finalize"]._asCode();
const string ns = parseNs(dbname, jsobj);
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
return group( ctx.ctx().db() , ns , q ,
key , keyf , reduce._asCode() , reduce.type() != CodeWScope ? 0 : reduce.codeWScopeScopeDataUnsafe() ,
diff --git a/src/mongo/db/commands/index_filter_commands.cpp b/src/mongo/db/commands/index_filter_commands.cpp
index 776dad23792..60346f782c4 100644
--- a/src/mongo/db/commands/index_filter_commands.cpp
+++ b/src/mongo/db/commands/index_filter_commands.cpp
@@ -124,7 +124,7 @@ namespace mongo {
string& errmsg, BSONObjBuilder& result, bool fromRepl) {
string ns = parseNs(dbname, cmdObj);
- Status status = runIndexFilterCommand(txn, ns, cmdObj, &result);
+ Status status = runIndexFilterCommand(ns, cmdObj, &result);
if (!status.isOK()) {
addStatus(status, result);
@@ -144,14 +144,12 @@ namespace mongo {
ss << helpText;
}
- Status IndexFilterCommand::checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
- const std::string& dbname,
- const BSONObj& cmdObj) {
+ Status IndexFilterCommand::checkAuthForCommand(ClientBasic* client, const std::string& dbname,
+ const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
ResourcePattern pattern = parseResourcePattern(dbname, cmdObj);
- if (authzSession->isAuthorizedForActionsOnResource(txn, pattern, ActionType::planCacheIndexFilter)) {
+ if (authzSession->isAuthorizedForActionsOnResource(pattern, ActionType::planCacheIndexFilter)) {
return Status::OK();
}
@@ -161,12 +159,9 @@ namespace mongo {
ListFilters::ListFilters() : IndexFilterCommand("planCacheListFilters",
"Displays index filters for all query shapes in a collection.") { }
- Status ListFilters::runIndexFilterCommand(OperationContext* txn,
- const string& ns,
- BSONObj& cmdObj,
- BSONObjBuilder* bob) {
+ Status ListFilters::runIndexFilterCommand(const string& ns, BSONObj& cmdObj, BSONObjBuilder* bob) {
// This is a read lock. The query settings is owned by the collection.
- Client::ReadContext readCtx(txn, ns);
+ Client::ReadContext readCtx(ns);
Client::Context& ctx = readCtx.ctx();
QuerySettings* querySettings;
PlanCache* unused;
@@ -223,12 +218,9 @@ namespace mongo {
"Clears index filter for a single query shape or, "
"if the query shape is omitted, all filters for the collection.") { }
- Status ClearFilters::runIndexFilterCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
- BSONObjBuilder* bob) {
+ Status ClearFilters::runIndexFilterCommand(const string& ns, BSONObj& cmdObj, BSONObjBuilder* bob) {
// This is a read lock. The query settings is owned by the collection.
- Client::ReadContext readCtx(txn, ns);
+ Client::ReadContext readCtx(ns);
Client::Context& ctx = readCtx.ctx();
QuerySettings* querySettings;
PlanCache* planCache;
@@ -314,12 +306,9 @@ namespace mongo {
SetFilter::SetFilter() : IndexFilterCommand("planCacheSetFilter",
"Sets index filter for a query shape. Overrides existing filter.") { }
- Status SetFilter::runIndexFilterCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
- BSONObjBuilder* bob) {
+ Status SetFilter::runIndexFilterCommand(const string& ns, BSONObj& cmdObj, BSONObjBuilder* bob) {
// This is a read lock. The query settings is owned by the collection.
- Client::ReadContext readCtx(txn, ns);
+ Client::ReadContext readCtx(ns);
Client::Context& ctx = readCtx.ctx();
QuerySettings* querySettings;
PlanCache* planCache;
diff --git a/src/mongo/db/commands/index_filter_commands.h b/src/mongo/db/commands/index_filter_commands.h
index 4ae6824162f..a08ddd816db 100644
--- a/src/mongo/db/commands/index_filter_commands.h
+++ b/src/mongo/db/commands/index_filter_commands.h
@@ -76,9 +76,7 @@ namespace mongo {
* One action type defined for index filter commands:
* - planCacheIndexFilter
*/
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
- const std::string& dbname,
+ virtual Status checkAuthForCommand(ClientBasic* client, const std::string& dbname,
const BSONObj& cmdObj);
/**
@@ -87,9 +85,7 @@ namespace mongo {
* Should contain just enough logic to invoke run*Command() function
* in query_settings.h
*/
- virtual Status runIndexFilterCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
+ virtual Status runIndexFilterCommand(const std::string& ns, BSONObj& cmdObj,
BSONObjBuilder* bob) = 0;
private:
@@ -106,10 +102,7 @@ namespace mongo {
public:
ListFilters();
- virtual Status runIndexFilterCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
- BSONObjBuilder* bob);
+ virtual Status runIndexFilterCommand(const std::string& ns, BSONObj& cmdObj, BSONObjBuilder* bob);
/**
* Looks up index filters from collection's query settings.
@@ -128,10 +121,7 @@ namespace mongo {
public:
ClearFilters();
- virtual Status runIndexFilterCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
- BSONObjBuilder* bob);
+ virtual Status runIndexFilterCommand(const std::string& ns, BSONObj& cmdObj, BSONObjBuilder* bob);
/**
* If query shape is provided, clears index filter for a query.
@@ -159,10 +149,7 @@ namespace mongo {
public:
SetFilter();
- virtual Status runIndexFilterCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
- BSONObjBuilder* bob);
+ virtual Status runIndexFilterCommand(const std::string& ns, BSONObj& cmdObj, BSONObjBuilder* bob);
/**
* Sets index filter for a query shape.
diff --git a/src/mongo/db/commands/merge_chunks_cmd.cpp b/src/mongo/db/commands/merge_chunks_cmd.cpp
index f22689b89df..24d2bf6dc39 100644
--- a/src/mongo/db/commands/merge_chunks_cmd.cpp
+++ b/src/mongo/db/commands/merge_chunks_cmd.cpp
@@ -52,12 +52,10 @@ namespace mongo {
<< " (opt) shardName : <shard name> }";
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forExactNamespace(NamespaceString(parseNs(dbname, cmdObj))),
ActionType::splitChunk)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
diff --git a/src/mongo/db/commands/mr.cpp b/src/mongo/db/commands/mr.cpp
index 97c5d1fb9b5..af99dfa6818 100644
--- a/src/mongo/db/commands/mr.cpp
+++ b/src/mongo/db/commands/mr.cpp
@@ -342,7 +342,7 @@ namespace mongo {
if (_useIncremental) {
// Create the inc collection and make sure we have index on "0" key.
// Intentionally not replicating the inc collection to secondaries.
- Client::WriteContext incCtx(_txn, _config.incLong);
+ Client::WriteContext incCtx( _config.incLong );
Collection* incColl = incCtx.ctx().db()->getCollection( _txn, _config.incLong );
if ( !incColl ) {
CollectionOptions options;
@@ -364,7 +364,7 @@ namespace mongo {
{
// copy indexes into temporary storage
- Client::WriteContext finalCtx(_txn, _config.outputOptions.finalNamespace);
+ Client::WriteContext finalCtx( _config.outputOptions.finalNamespace );
Collection* finalColl =
finalCtx.ctx().db()->getCollection( _config.outputOptions.finalNamespace );
if ( finalColl ) {
@@ -392,7 +392,7 @@ namespace mongo {
{
// create temp collection and insert the indexes from temporary storage
- Client::WriteContext tempCtx(_txn, _config.tempNamespace);
+ Client::WriteContext tempCtx( _config.tempNamespace );
Collection* tempColl = tempCtx.ctx().db()->getCollection( _txn, _config.tempNamespace );
if ( !tempColl ) {
CollectionOptions options;
@@ -559,7 +559,7 @@ namespace mongo {
_safeCount(_db, _config.tempNamespace, BSONObj()));
auto_ptr<DBClientCursor> cursor = _db.query( _config.tempNamespace , BSONObj() );
while ( cursor->more() ) {
- Lock::DBWrite lock(_txn->lockState(), _config.outputOptions.finalNamespace);
+ Lock::DBWrite lock( _config.outputOptions.finalNamespace );
BSONObj o = cursor->nextSafe();
Helpers::upsert( _txn, _config.outputOptions.finalNamespace , o );
_txn->recoveryUnit()->commitIfNeeded();
@@ -619,7 +619,7 @@ namespace mongo {
void State::insert( const string& ns , const BSONObj& o ) {
verify( _onDisk );
- Client::WriteContext ctx(_txn, ns );
+ Client::WriteContext ctx( ns );
Collection* coll = ctx.ctx().db()->getCollection( ns );
if ( !coll )
uasserted(13630, str::stream() << "attempted to insert into nonexistent" <<
@@ -645,7 +645,7 @@ namespace mongo {
void State::_insertToInc( BSONObj& o ) {
verify( _onDisk );
- Client::WriteContext ctx(_txn, _config.incLong );
+ Client::WriteContext ctx( _config.incLong );
Collection* coll = ctx.ctx().db()->getCollection( _config.incLong );
if ( !coll )
uasserted(13631, str::stream() << "attempted to insert into nonexistent"
@@ -921,7 +921,7 @@ namespace mongo {
BSONObj sortKey = BSON( "0" << 1 );
{
- Client::WriteContext incCtx(_txn, _config.incLong );
+ Client::WriteContext incCtx( _config.incLong );
Collection* incColl = incCtx.ctx().db()->getCollection( _config.incLong );
bool foundIndex = false;
@@ -940,7 +940,7 @@ namespace mongo {
verify( foundIndex );
}
- scoped_ptr<Client::ReadContext> ctx(new Client::ReadContext(_txn, _config.incLong));
+ scoped_ptr<Client::ReadContext> ctx(new Client::ReadContext(_config.incLong));
BSONObj prev;
BSONList all;
@@ -989,7 +989,7 @@ namespace mongo {
// reduce a finalize array
finalReduce( all );
- ctx.reset(new Client::ReadContext(_txn, _config.incLong));
+ ctx.reset(new Client::ReadContext(_config.incLong));
all.clear();
prev = o;
@@ -1005,7 +1005,7 @@ namespace mongo {
ctx.reset();
// reduce and finalize last array
finalReduce( all );
- ctx.reset(new Client::ReadContext(_txn, _config.incLong));
+ ctx.reset(new Client::ReadContext(_config.incLong));
pm.finished();
}
@@ -1060,7 +1060,7 @@ namespace mongo {
if ( ! _onDisk )
return;
- Lock::DBWrite kl(_txn->lockState(), _config.incLong);
+ Lock::DBWrite kl(_config.incLong);
for ( InMemory::iterator i=_temp->begin(); i!=_temp->end(); i++ ) {
BSONList& all = i->second;
@@ -1216,7 +1216,7 @@ namespace mongo {
// Prevent sharding state from changing during the MR.
auto_ptr<RangePreserver> rangePreserver;
{
- Client::ReadContext ctx(txn, config.ns);
+ Client::ReadContext ctx(config.ns);
Collection* collection = ctx.ctx().db()->getCollection( config.ns );
if ( collection )
rangePreserver.reset(new RangePreserver(collection));
@@ -1278,7 +1278,7 @@ namespace mongo {
// We've got a cursor preventing migrations off, now re-establish our useful cursor
// Need lock and context to use it
- scoped_ptr<Lock::DBRead> lock(new Lock::DBRead(txn->lockState(), config.ns));
+ scoped_ptr<Lock::DBRead> lock(new Lock::DBRead(config.ns));
// This context does no version check, safe b/c we checked earlier and have an
// open cursor
@@ -1340,7 +1340,7 @@ namespace mongo {
ctx.reset();
lock.reset();
state.reduceAndSpillInMemoryStateIfNeeded();
- lock.reset(new Lock::DBRead(txn->lockState(), config.ns));
+ lock.reset(new Lock::DBRead(config.ns));
ctx.reset(new Client::Context(config.ns, storageGlobalParams.dbpath, false));
reduceTime += t.micros();
diff --git a/src/mongo/db/commands/oplog_note.cpp b/src/mongo/db/commands/oplog_note.cpp
index d59666dc461..92ce1ebcd14 100644
--- a/src/mongo/db/commands/oplog_note.cpp
+++ b/src/mongo/db/commands/oplog_note.cpp
@@ -47,12 +47,11 @@ namespace mongo {
virtual void help( stringstream &help ) const {
help << "Adds a no-op entry to the oplog";
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forClusterResource(), ActionType::appendOplogNote)) {
+ ResourcePattern::forClusterResource(), ActionType::appendOplogNote)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
return Status::OK();
diff --git a/src/mongo/db/commands/parallel_collection_scan.cpp b/src/mongo/db/commands/parallel_collection_scan.cpp
index 136e3095591..061175638cd 100644
--- a/src/mongo/db/commands/parallel_collection_scan.cpp
+++ b/src/mongo/db/commands/parallel_collection_scan.cpp
@@ -148,14 +148,13 @@ namespace mongo {
virtual bool isWriteCommandForConfigServer() const { return false; }
virtual bool slaveOk() const { return true; }
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
ActionSet actions;
actions.addAction(ActionType::find);
Privilege p(parseResourcePattern(dbname, cmdObj), actions);
- if ( client->getAuthorizationSession()->isAuthorizedForPrivilege(txn, p) )
+ if ( client->getAuthorizationSession()->isAuthorizedForPrivilege(p) )
return Status::OK();
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
@@ -166,7 +165,7 @@ namespace mongo {
NamespaceString ns( dbname, cmdObj[name].String() );
- Client::ReadContext ctx(txn, ns.ns());
+ Client::ReadContext ctx(ns.ns());
Database* db = ctx.ctx().db();
Collection* collection = db->getCollection( ns );
diff --git a/src/mongo/db/commands/parameters.cpp b/src/mongo/db/commands/parameters.cpp
index a600be68787..981e04c26a5 100644
--- a/src/mongo/db/commands/parameters.cpp
+++ b/src/mongo/db/commands/parameters.cpp
@@ -96,7 +96,7 @@ namespace mongo {
const ServerParameter::Map& m = ServerParameterSet::getGlobal()->getMap();
for ( ServerParameter::Map::const_iterator i = m.begin(); i != m.end(); ++i ) {
if ( all || cmdObj.hasElement( i->first.c_str() ) ) {
- i->second->append(txn, result, i->second->name() );
+ i->second->append( result, i->second->name() );
}
}
@@ -177,7 +177,7 @@ namespace mongo {
}
if ( s == 0 )
- j->second->append(txn, result, "was" );
+ j->second->append( result, "was" );
Status status = j->second->set( e );
if ( status.isOK() ) {
@@ -203,7 +203,7 @@ namespace mongo {
public:
LogLevelSetting() : ServerParameter(ServerParameterSet::getGlobal(), "logLevel") {}
- virtual void append(OperationContext* txn, BSONObjBuilder& b, const std::string& name) {
+ virtual void append(BSONObjBuilder& b, const std::string& name) {
b << name << logger::globalLogDomain()->getMinimumLogSeverity().toInt();
}
@@ -257,8 +257,7 @@ namespace mongo {
}
}
- virtual void append(
- OperationContext* txn, BSONObjBuilder& b, const std::string& name) {
+ virtual void append(BSONObjBuilder& b, const std::string& name) {
b << name << sslModeStr();
}
@@ -325,8 +324,7 @@ namespace mongo {
}
}
- virtual void append(
- OperationContext* txn, BSONObjBuilder& b, const std::string& name) {
+ virtual void append(BSONObjBuilder& b, const std::string& name) {
b << name << clusterAuthModeStr();
}
diff --git a/src/mongo/db/commands/pipeline_command.cpp b/src/mongo/db/commands/pipeline_command.cpp
index a43d77eeda0..ea373a92d1c 100644
--- a/src/mongo/db/commands/pipeline_command.cpp
+++ b/src/mongo/db/commands/pipeline_command.cpp
@@ -317,7 +317,7 @@ namespace {
// sharding version that we synchronize on here. This is also why we always need to
// create a ClientCursor even when we aren't outputting to a cursor. See the comment
// on ShardFilterStage for more details.
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
Collection* collection = ctx.ctx().db()->getCollection(ns);
diff --git a/src/mongo/db/commands/plan_cache_commands.cpp b/src/mongo/db/commands/plan_cache_commands.cpp
index f1a308504a2..f7e97c68072 100644
--- a/src/mongo/db/commands/plan_cache_commands.cpp
+++ b/src/mongo/db/commands/plan_cache_commands.cpp
@@ -118,7 +118,7 @@ namespace mongo {
string& errmsg, BSONObjBuilder& result, bool fromRepl) {
string ns = parseNs(dbname, cmdObj);
- Status status = runPlanCacheCommand(txn, ns, cmdObj, &result);
+ Status status = runPlanCacheCommand(ns, cmdObj, &result);
if (!status.isOK()) {
addStatus(status, result);
@@ -138,14 +138,12 @@ namespace mongo {
ss << helpText;
}
- Status PlanCacheCommand::checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
- const std::string& dbname,
+ Status PlanCacheCommand::checkAuthForCommand(ClientBasic* client, const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
ResourcePattern pattern = parseResourcePattern(dbname, cmdObj);
- if (authzSession->isAuthorizedForActionsOnResource(txn, pattern, actionType)) {
+ if (authzSession->isAuthorizedForActionsOnResource(pattern, actionType)) {
return Status::OK();
}
@@ -208,12 +206,10 @@ namespace mongo {
"Displays all query shapes in a collection.",
ActionType::planCacheRead) { }
- Status PlanCacheListQueryShapes::runPlanCacheCommand(OperationContext* txn,
- const string& ns,
- BSONObj& cmdObj,
+ Status PlanCacheListQueryShapes::runPlanCacheCommand(const string& ns, BSONObj& cmdObj,
BSONObjBuilder* bob) {
// This is a read lock. The query cache is owned by the collection.
- Client::ReadContext readCtx(txn, ns);
+ Client::ReadContext readCtx(ns);
Client::Context& ctx = readCtx.ctx();
PlanCache* planCache;
Status status = getPlanCache(ctx.db(), ns, &planCache);
@@ -256,12 +252,10 @@ namespace mongo {
"Drops one or all cached queries in a collection.",
ActionType::planCacheWrite) { }
- Status PlanCacheClear::runPlanCacheCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
+ Status PlanCacheClear::runPlanCacheCommand(const string& ns, BSONObj& cmdObj,
BSONObjBuilder* bob) {
// This is a read lock. The query cache is owned by the collection.
- Client::ReadContext readCtx(txn, ns);
+ Client::ReadContext readCtx(ns);
Client::Context& ctx = readCtx.ctx();
PlanCache* planCache;
Status status = getPlanCache(ctx.db(), ns, &planCache);
@@ -328,11 +322,9 @@ namespace mongo {
"Displays the cached plans for a query shape.",
ActionType::planCacheRead) { }
- Status PlanCacheListPlans::runPlanCacheCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
+ Status PlanCacheListPlans::runPlanCacheCommand(const string& ns, BSONObj& cmdObj,
BSONObjBuilder* bob) {
- Client::ReadContext readCtx(txn, ns);
+ Client::ReadContext readCtx(ns);
Client::Context& ctx = readCtx.ctx();
PlanCache* planCache;
Status status = getPlanCache(ctx.db(), ns, &planCache);
diff --git a/src/mongo/db/commands/plan_cache_commands.h b/src/mongo/db/commands/plan_cache_commands.h
index e78429509fd..8e7eb9667a4 100644
--- a/src/mongo/db/commands/plan_cache_commands.h
+++ b/src/mongo/db/commands/plan_cache_commands.h
@@ -72,9 +72,7 @@ namespace mongo {
* - planCacheRead
* - planCacheWrite
*/
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
- const std::string& dbname,
+ virtual Status checkAuthForCommand(ClientBasic* client, const std::string& dbname,
const BSONObj& cmdObj);
/**
* Subset of command arguments used by plan cache commands
@@ -82,9 +80,7 @@ namespace mongo {
* Should contain just enough logic to invoke run*Command() function
* in plan_cache.h
*/
- virtual Status runPlanCacheCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
+ virtual Status runPlanCacheCommand(const std::string& ns, BSONObj& cmdObj,
BSONObjBuilder* bob) = 0;
/**
@@ -107,10 +103,7 @@ namespace mongo {
class PlanCacheListQueryShapes : public PlanCacheCommand {
public:
PlanCacheListQueryShapes();
- virtual Status runPlanCacheCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
- BSONObjBuilder* bob);
+ virtual Status runPlanCacheCommand(const std::string& ns, BSONObj& cmdObj, BSONObjBuilder* bob);
/**
* Looks up cache keys for collection's plan cache.
@@ -133,10 +126,7 @@ namespace mongo {
class PlanCacheClear : public PlanCacheCommand {
public:
PlanCacheClear();
- virtual Status runPlanCacheCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
- BSONObjBuilder* bob);
+ virtual Status runPlanCacheCommand(const std::string& ns, BSONObj& cmdObj, BSONObjBuilder* bob);
/**
* Clears collection's plan cache.
@@ -159,9 +149,7 @@ namespace mongo {
class PlanCacheListPlans : public PlanCacheCommand {
public:
PlanCacheListPlans();
- virtual Status runPlanCacheCommand(OperationContext* txn,
- const std::string& ns,
- BSONObj& cmdObj,
+ virtual Status runPlanCacheCommand(const std::string& ns, BSONObj& cmdObj,
BSONObjBuilder* bob);
/**
diff --git a/src/mongo/db/commands/rename_collection.cpp b/src/mongo/db/commands/rename_collection.cpp
index 946686719fd..851b783aa99 100644
--- a/src/mongo/db/commands/rename_collection.cpp
+++ b/src/mongo/db/commands/rename_collection.cpp
@@ -54,12 +54,10 @@ namespace mongo {
return false;
}
virtual bool isWriteCommandForConfigServer() const { return true; }
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
- return rename_collection::checkAuthForRenameCollectionCommand(
- txn, client, dbname, cmdObj);
+ return rename_collection::checkAuthForRenameCollectionCommand(client, dbname, cmdObj);
}
virtual void help( stringstream &help ) const {
help << " example: { renameCollection: foo.a, to: bar.b }";
diff --git a/src/mongo/db/commands/rename_collection.h b/src/mongo/db/commands/rename_collection.h
index 8ec1f7cc9b8..f8651bccd4c 100644
--- a/src/mongo/db/commands/rename_collection.h
+++ b/src/mongo/db/commands/rename_collection.h
@@ -37,12 +37,10 @@
namespace mongo {
class ClientBasic;
- class OperationContext;
namespace rename_collection {
- Status checkAuthForRenameCollectionCommand(OperationContext* txn,
- ClientBasic* client,
+ Status checkAuthForRenameCollectionCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj);
diff --git a/src/mongo/db/commands/rename_collection_common.cpp b/src/mongo/db/commands/rename_collection_common.cpp
index 4af10ce0f9d..fba1daffc0b 100644
--- a/src/mongo/db/commands/rename_collection_common.cpp
+++ b/src/mongo/db/commands/rename_collection_common.cpp
@@ -42,8 +42,7 @@
namespace mongo {
namespace rename_collection {
- Status checkAuthForRenameCollectionCommand(OperationContext* txn,
- ClientBasic* client,
+ Status checkAuthForRenameCollectionCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
NamespaceString sourceNS = NamespaceString(cmdObj.getStringField("renameCollection"));
@@ -56,7 +55,6 @@ namespace rename_collection {
// or dest collection, then you get can do the rename, even without insert on the
// destination collection.
bool canRename = client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forDatabaseName(sourceNS.db()),
ActionType::renameCollectionSameDB);
@@ -64,15 +62,14 @@ namespace rename_collection {
if (dropTarget) {
canDropTargetIfNeeded =
client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forExactNamespace(targetNS),
ActionType::dropCollection);
}
bool canReadSrc = client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forExactNamespace(sourceNS), ActionType::find);
+ ResourcePattern::forExactNamespace(sourceNS), ActionType::find);
bool canReadDest = client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forExactNamespace(targetNS), ActionType::find);
+ ResourcePattern::forExactNamespace(targetNS), ActionType::find);
if (canRename && canDropTargetIfNeeded && (canReadSrc || !canReadDest)) {
return Status::OK();
@@ -84,7 +81,7 @@ namespace rename_collection {
actions.addAction(ActionType::find);
actions.addAction(ActionType::dropCollection);
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forExactNamespace(sourceNS), actions)) {
+ ResourcePattern::forExactNamespace(sourceNS), actions)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
@@ -96,7 +93,7 @@ namespace rename_collection {
actions.addAction(ActionType::dropCollection);
}
if (!client->getAuthorizationSession()->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forExactNamespace(targetNS), actions)) {
+ ResourcePattern::forExactNamespace(targetNS), actions)) {
return Status(ErrorCodes::Unauthorized, "Unauthorized");
}
diff --git a/src/mongo/db/commands/server_status.cpp b/src/mongo/db/commands/server_status.cpp
index ab9567cba95..e5d9a791589 100644
--- a/src/mongo/db/commands/server_status.cpp
+++ b/src/mongo/db/commands/server_status.cpp
@@ -101,9 +101,8 @@ namespace mongo {
std::vector<Privilege> requiredPrivileges;
section->addRequiredPrivileges(&requiredPrivileges);
- if (!authSession->isAuthorizedForPrivileges(txn, requiredPrivileges)) {
+ if (!authSession->isAuthorizedForPrivileges(requiredPrivileges))
continue;
- }
bool include = section->includeByDefault();
diff --git a/src/mongo/db/commands/test_commands.cpp b/src/mongo/db/commands/test_commands.cpp
index 7265270beef..006a86d3677 100644
--- a/src/mongo/db/commands/test_commands.cpp
+++ b/src/mongo/db/commands/test_commands.cpp
@@ -62,7 +62,7 @@ namespace mongo {
string ns = dbname + "." + coll;
BSONObj obj = cmdObj[ "obj" ].embeddedObjectUserCheck();
- Lock::DBWrite lk(txn->lockState(), ns);
+ Lock::DBWrite lk(ns);
Client::Context ctx( ns );
Database* db = ctx.db();
Collection* collection = db->getCollection( ns );
@@ -140,7 +140,7 @@ namespace mongo {
int n = cmdObj.getIntField( "n" );
bool inc = cmdObj.getBoolField( "inc" ); // inclusive range?
- Client::WriteContext ctx(txn, nss.ns() );
+ Client::WriteContext ctx( nss.ns() );
Collection* collection = ctx.ctx().db()->getCollection( nss.ns() );
massert( 13417, "captrunc collection not found or empty", collection);
@@ -185,7 +185,7 @@ namespace mongo {
uassert( 13428, "emptycapped must specify a collection", !coll.empty() );
NamespaceString nss( dbname, coll );
- Client::WriteContext ctx(txn, nss.ns() );
+ Client::WriteContext ctx( nss.ns() );
Database* db = ctx.ctx().db();
Collection* collection = db->getCollection( nss.ns() );
massert( 13429, "emptycapped no such collection", collection );
diff --git a/src/mongo/db/commands/touch.cpp b/src/mongo/db/commands/touch.cpp
index ec2fc972659..841a738abf2 100644
--- a/src/mongo/db/commands/touch.cpp
+++ b/src/mongo/db/commands/touch.cpp
@@ -104,7 +104,7 @@ namespace mongo {
return false;
}
- Client::ReadContext context(txn, nss.ns());
+ Client::ReadContext context( nss.ns() );
Database* db = context.ctx().db();
Collection* collection = db->getCollection( nss.ns() );
diff --git a/src/mongo/db/commands/user_management_commands.cpp b/src/mongo/db/commands/user_management_commands.cpp
index 21b97074545..40999d0cbe5 100644
--- a/src/mongo/db/commands/user_management_commands.cpp
+++ b/src/mongo/db/commands/user_management_commands.cpp
@@ -118,13 +118,12 @@ namespace mongo {
return Status::OK();
}
- static Status getCurrentUserRoles(OperationContext* txn,
- AuthorizationManager* authzManager,
+ static Status getCurrentUserRoles(AuthorizationManager* authzManager,
const UserName& userName,
unordered_set<RoleName>* roles) {
User* user;
authzManager->invalidateUserByName(userName); // Need to make sure cache entry is up to date
- Status status = authzManager->acquireUser(txn, userName, &user);
+ Status status = authzManager->acquireUser(userName, &user);
if (!status.isOK()) {
return status;
}
@@ -136,11 +135,10 @@ namespace mongo {
return Status::OK();
}
- static Status checkAuthorizedToGrantRoles(OperationContext* txn,
- AuthorizationSession* authzSession,
+ static Status checkAuthorizedToGrantRoles(AuthorizationSession* authzSession,
const std::vector<RoleName>& roles) {
for (size_t i = 0; i < roles.size(); ++i) {
- if (!authzSession->isAuthorizedToGrantRole(txn, roles[i])) {
+ if (!authzSession->isAuthorizedToGrantRole(roles[i])) {
return Status(ErrorCodes::Unauthorized,
str::stream() << "Not authorized to grant role: " <<
roles[i].getFullName());
@@ -149,11 +147,10 @@ namespace mongo {
return Status::OK();
}
- static Status checkAuthorizedToRevokeRoles(OperationContext* txn,
- AuthorizationSession* authzSession,
+ static Status checkAuthorizedToRevokeRoles(AuthorizationSession* authzSession,
const std::vector<RoleName>& roles) {
for (size_t i = 0; i < roles.size(); ++i) {
- if (!authzSession->isAuthorizedToRevokeRole(txn, roles[i])) {
+ if (!authzSession->isAuthorizedToRevokeRole(roles[i])) {
return Status(ErrorCodes::Unauthorized,
str::stream() << "Not authorized to revoke role: " <<
roles[i].getFullName());
@@ -162,12 +159,11 @@ namespace mongo {
return Status::OK();
}
- static Status checkAuthorizedToGrantPrivileges(OperationContext* txn,
- AuthorizationSession* authzSession,
+ static Status checkAuthorizedToGrantPrivileges(AuthorizationSession* authzSession,
const PrivilegeVector& privileges) {
for (PrivilegeVector::const_iterator it = privileges.begin();
it != privileges.end(); ++it) {
- Status status = authzSession->checkAuthorizedToGrantPrivilege(txn, *it);
+ Status status = authzSession->checkAuthorizedToGrantPrivilege(*it);
if (!status.isOK()) {
return status;
}
@@ -176,12 +172,11 @@ namespace mongo {
return Status::OK();
}
- static Status checkAuthorizedToRevokePrivileges(OperationContext* txn,
- AuthorizationSession* authzSession,
+ static Status checkAuthorizedToRevokePrivileges(AuthorizationSession* authzSession,
const PrivilegeVector& privileges) {
for (PrivilegeVector::const_iterator it = privileges.begin();
it != privileges.end(); ++it) {
- Status status = authzSession->checkAuthorizedToRevokePrivilege(txn, *it);
+ Status status = authzSession->checkAuthorizedToRevokePrivilege(*it);
if (!status.isOK()) {
return status;
}
@@ -270,10 +265,9 @@ namespace mongo {
return Status::OK();
}
- static Status requireAuthSchemaVersion26Final(
- OperationContext* txn, AuthorizationManager* authzManager) {
+ static Status requireAuthSchemaVersion26Final(AuthorizationManager* authzManager) {
int foundSchemaVersion;
- Status status = authzManager->getAuthorizationVersion(txn, &foundSchemaVersion);
+ Status status = authzManager->getAuthorizationVersion(&foundSchemaVersion);
if (!status.isOK()) {
return status;
}
@@ -288,10 +282,9 @@ namespace mongo {
return authzManager->writeAuthSchemaVersionIfNeeded();
}
- static Status requireAuthSchemaVersion26UpgradeOrFinal(OperationContext* txn,
- AuthorizationManager* authzManager) {
+ static Status requireAuthSchemaVersion26UpgradeOrFinal(AuthorizationManager* authzManager) {
int foundSchemaVersion;
- Status status = authzManager->getAuthorizationVersion(txn, &foundSchemaVersion);
+ Status status = authzManager->getAuthorizationVersion(&foundSchemaVersion);
if (!status.isOK()) {
return status;
}
@@ -327,8 +320,7 @@ namespace mongo {
ss << "Adds a user to the system" << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -342,7 +334,6 @@ namespace mongo {
}
if (!authzSession->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forDatabaseName(args.userName.getDB()),
ActionType::createUser)) {
return Status(ErrorCodes::Unauthorized,
@@ -350,7 +341,7 @@ namespace mongo {
args.userName.getDB());
}
- return checkAuthorizedToGrantRoles(txn, authzSession, args.roles);
+ return checkAuthorizedToGrantRoles(authzSession, args.roles);
}
bool run(OperationContext* txn, const string& dbname,
@@ -443,7 +434,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- status = requireAuthSchemaVersion26Final(txn, authzManager);
+ status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -489,8 +480,7 @@ namespace mongo {
ss << "Used to update a user, for example to change its password" << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -506,7 +496,6 @@ namespace mongo {
if (args.hasHashedPassword) {
if (!authzSession->isAuthorizedToChangeOwnPasswordAsUser(args.userName) &&
!authzSession->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forDatabaseName(args.userName.getDB()),
ActionType::changePassword)) {
return Status(ErrorCodes::Unauthorized,
@@ -518,7 +507,6 @@ namespace mongo {
if (args.hasCustomData) {
if (!authzSession->isAuthorizedToChangeOwnCustomDataAsUser(args.userName) &&
!authzSession->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forDatabaseName(args.userName.getDB()),
ActionType::changeCustomData)) {
return Status(ErrorCodes::Unauthorized,
@@ -531,13 +519,13 @@ namespace mongo {
// You don't know what roles you might be revoking, so require the ability to
// revoke any role in the system.
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forAnyNormalResource(), ActionType::revokeRole)) {
+ ResourcePattern::forAnyNormalResource(), ActionType::revokeRole)) {
return Status(ErrorCodes::Unauthorized,
"In order to use updateUser to set roles array, must be "
"authorized to revoke any role in the system");
}
- return checkAuthorizedToGrantRoles(txn, authzSession, args.roles);
+ return checkAuthorizedToGrantRoles(authzSession, args.roles);
}
return Status::OK();
}
@@ -591,7 +579,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- status = requireAuthSchemaVersion26Final(txn, authzManager);
+ status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -643,8 +631,7 @@ namespace mongo {
ss << "Drops a single user." << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -659,7 +646,7 @@ namespace mongo {
}
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(userName.getDB()), ActionType::dropUser)) {
+ ResourcePattern::forDatabaseName(userName.getDB()), ActionType::dropUser)) {
return Status(ErrorCodes::Unauthorized,
str::stream() << "Not authorized to drop users from the " <<
userName.getDB() << " database");
@@ -681,7 +668,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- Status status = requireAuthSchemaVersion26Final(txn, authzManager);
+ Status status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -740,13 +727,12 @@ namespace mongo {
ss << "Drops all users for a single database." << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(dbname), ActionType::dropUser)) {
+ ResourcePattern::forDatabaseName(dbname), ActionType::dropUser)) {
return Status(ErrorCodes::Unauthorized,
str::stream() << "Not authorized to drop users from the " <<
dbname << " database");
@@ -768,7 +754,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- Status status = requireAuthSchemaVersion26Final(txn, authzManager);
+ Status status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -816,8 +802,7 @@ namespace mongo {
ss << "Grants roles to a user." << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -834,7 +819,7 @@ namespace mongo {
return status;
}
- return checkAuthorizedToGrantRoles(txn, authzSession, roles);
+ return checkAuthorizedToGrantRoles(authzSession, roles);
}
bool run(OperationContext* txn, const string& dbname,
@@ -851,7 +836,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- Status status = requireAuthSchemaVersion26Final(txn, authzManager);
+ Status status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -871,7 +856,7 @@ namespace mongo {
UserName userName(userNameString, dbname);
unordered_set<RoleName> userRoles;
- status = getCurrentUserRoles(txn, authzManager, userName, &userRoles);
+ status = getCurrentUserRoles(authzManager, userName, &userRoles);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -915,8 +900,7 @@ namespace mongo {
ss << "Revokes roles from a user." << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -933,7 +917,7 @@ namespace mongo {
return status;
}
- return checkAuthorizedToRevokeRoles(txn, authzSession, roles);
+ return checkAuthorizedToRevokeRoles(authzSession, roles);
}
bool run(OperationContext* txn, const string& dbname,
@@ -950,7 +934,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- Status status = requireAuthSchemaVersion26Final(txn, authzManager);
+ Status status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -970,7 +954,7 @@ namespace mongo {
UserName userName(userNameString, dbname);
unordered_set<RoleName> userRoles;
- status = getCurrentUserRoles(txn, authzManager, userName, &userRoles);
+ status = getCurrentUserRoles(authzManager, userName, &userRoles);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -1018,8 +1002,7 @@ namespace mongo {
ss << "Returns information about users." << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -1031,7 +1014,7 @@ namespace mongo {
if (args.allForDB) {
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(dbname), ActionType::viewUser)) {
+ ResourcePattern::forDatabaseName(dbname), ActionType::viewUser)) {
return Status(ErrorCodes::Unauthorized,
str::stream() << "Not authorized to view users from the " <<
dbname << " database");
@@ -1042,7 +1025,6 @@ namespace mongo {
continue; // Can always view users you are logged in as
}
if (!authzSession->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forDatabaseName(args.userNames[i].getDB()),
ActionType::viewUser)) {
return Status(ErrorCodes::Unauthorized,
@@ -1067,8 +1049,7 @@ namespace mongo {
return appendCommandStatus(result, status);
}
- status = requireAuthSchemaVersion26UpgradeOrFinal(
- txn, getGlobalAuthorizationManager());
+ status = requireAuthSchemaVersion26UpgradeOrFinal(getGlobalAuthorizationManager());
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -1087,7 +1068,7 @@ namespace mongo {
for (size_t i = 0; i < args.userNames.size(); ++i) {
BSONObj userDetails;
status = getGlobalAuthorizationManager()->getUserDescription(
- txn, args.userNames[i], &userDetails);
+ args.userNames[i], &userDetails);
if (status.code() == ErrorCodes::UserNotFound) {
continue;
}
@@ -1126,7 +1107,7 @@ namespace mongo {
AuthorizationManager* authzManager = getGlobalAuthorizationManager();
int authzVersion;
- Status status = authzManager->getAuthorizationVersion(txn, &authzVersion);
+ Status status = authzManager->getAuthorizationVersion(&authzVersion);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -1168,8 +1149,7 @@ namespace mongo {
ss << "Adds a role to the system" << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -1183,7 +1163,6 @@ namespace mongo {
}
if (!authzSession->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forDatabaseName(args.roleName.getDB()),
ActionType::createRole)) {
return Status(ErrorCodes::Unauthorized,
@@ -1191,12 +1170,12 @@ namespace mongo {
args.roleName.getDB());
}
- status = checkAuthorizedToGrantRoles(txn, authzSession, args.roles);
+ status = checkAuthorizedToGrantRoles(authzSession, args.roles);
if (!status.isOK()) {
return status;
}
- return checkAuthorizedToGrantPrivileges(txn, authzSession, args.privileges);
+ return checkAuthorizedToGrantPrivileges(authzSession, args.privileges);
}
bool run(OperationContext* txn, const string& dbname,
@@ -1273,7 +1252,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- status = requireAuthSchemaVersion26Final(txn, authzManager);
+ status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -1315,8 +1294,7 @@ namespace mongo {
ss << "Used to update a role" << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -1332,18 +1310,18 @@ namespace mongo {
// You don't know what roles or privileges you might be revoking, so require the ability
// to revoke any role (or privilege) in the system.
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forAnyNormalResource(), ActionType::revokeRole)) {
+ ResourcePattern::forAnyNormalResource(), ActionType::revokeRole)) {
return Status(ErrorCodes::Unauthorized,
"updateRole command required the ability to revoke any role in the "
"system");
}
- status = checkAuthorizedToGrantRoles(txn, authzSession, args.roles);
+ status = checkAuthorizedToGrantRoles(authzSession, args.roles);
if (!status.isOK()) {
return status;
}
- return checkAuthorizedToGrantPrivileges(txn, authzSession, args.privileges);
+ return checkAuthorizedToGrantPrivileges(authzSession, args.privileges);
}
bool run(OperationContext* txn, const string& dbname,
@@ -1391,7 +1369,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- status = requireAuthSchemaVersion26Final(txn, authzManager);
+ status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -1446,8 +1424,7 @@ namespace mongo {
ss << "Grants privileges to a role" << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -1465,7 +1442,7 @@ namespace mongo {
return status;
}
- return checkAuthorizedToGrantPrivileges(txn, authzSession, privileges);
+ return checkAuthorizedToGrantPrivileges(authzSession, privileges);
}
bool run(OperationContext* txn, const string& dbname,
@@ -1482,7 +1459,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- Status status = requireAuthSchemaVersion26Final(txn, authzManager);
+ Status status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -1583,8 +1560,7 @@ namespace mongo {
ss << "Revokes privileges from a role" << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -1602,7 +1578,7 @@ namespace mongo {
return status;
}
- return checkAuthorizedToRevokePrivileges(txn, authzSession, privileges);
+ return checkAuthorizedToRevokePrivileges(authzSession, privileges);
}
bool run(OperationContext* txn, const string& dbname,
@@ -1619,7 +1595,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- Status status = requireAuthSchemaVersion26Final(txn, authzManager);
+ Status status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -1722,8 +1698,7 @@ namespace mongo {
ss << "Grants roles to another role." << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -1740,7 +1715,7 @@ namespace mongo {
return status;
}
- return checkAuthorizedToGrantRoles(txn, authzSession, roles);
+ return checkAuthorizedToGrantRoles(authzSession, roles);
}
bool run(OperationContext* txn, const string& dbname,
@@ -1780,7 +1755,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- status = requireAuthSchemaVersion26Final(txn, authzManager);
+ status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -1842,8 +1817,7 @@ namespace mongo {
ss << "Revokes roles from another role." << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -1860,7 +1834,7 @@ namespace mongo {
return status;
}
- return checkAuthorizedToRevokeRoles(txn, authzSession, roles);
+ return checkAuthorizedToRevokeRoles(authzSession, roles);
}
bool run(OperationContext* txn, const string& dbname,
@@ -1877,7 +1851,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- Status status = requireAuthSchemaVersion26Final(txn, authzManager);
+ Status status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -1959,8 +1933,7 @@ namespace mongo {
"removed from some user/roles but otherwise still exists."<< endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -1975,7 +1948,7 @@ namespace mongo {
}
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(roleName.getDB()), ActionType::dropRole)) {
+ ResourcePattern::forDatabaseName(roleName.getDB()), ActionType::dropRole)) {
return Status(ErrorCodes::Unauthorized,
str::stream() << "Not authorized to drop roles from the " <<
roleName.getDB() << " database");
@@ -1997,7 +1970,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- Status status = requireAuthSchemaVersion26Final(txn, authzManager);
+ Status status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -2138,13 +2111,12 @@ namespace mongo {
"exist." << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(dbname), ActionType::dropRole)) {
+ ResourcePattern::forDatabaseName(dbname), ActionType::dropRole)) {
return Status(ErrorCodes::Unauthorized,
str::stream() << "Not authorized to drop roles from the " <<
dbname << " database");
@@ -2174,7 +2146,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- status = requireAuthSchemaVersion26Final(txn, authzManager);
+ status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -2271,8 +2243,7 @@ namespace mongo {
ss << "Returns information about roles." << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -2284,7 +2255,7 @@ namespace mongo {
if (args.allForDB) {
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(dbname), ActionType::viewRole)) {
+ ResourcePattern::forDatabaseName(dbname), ActionType::viewRole)) {
return Status(ErrorCodes::Unauthorized,
str::stream() << "Not authorized to view roles from the " <<
dbname << " database");
@@ -2296,7 +2267,6 @@ namespace mongo {
}
if (!authzSession->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forDatabaseName(args.roleNames[i].getDB()),
ActionType::viewRole)) {
return Status(ErrorCodes::Unauthorized,
@@ -2322,8 +2292,7 @@ namespace mongo {
return appendCommandStatus(result, status);
}
- status = requireAuthSchemaVersion26UpgradeOrFinal(
- txn, getGlobalAuthorizationManager());
+ status = requireAuthSchemaVersion26UpgradeOrFinal(getGlobalAuthorizationManager());
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -2379,13 +2348,12 @@ namespace mongo {
ss << "Invalidates the in-memory cache of user information" << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forClusterResource(), ActionType::invalidateUserCache)) {
+ ResourcePattern::forClusterResource(), ActionType::invalidateUserCache)) {
return Status(ErrorCodes::Unauthorized, "Not authorized to invalidate user cache");
}
return Status::OK();
@@ -2424,13 +2392,12 @@ namespace mongo {
ss << "internal" << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forClusterResource(), ActionType::internal)) {
+ ResourcePattern::forClusterResource(), ActionType::internal)) {
return Status(ErrorCodes::Unauthorized, "Not authorized to get cache generation");
}
return Status::OK();
@@ -2480,8 +2447,7 @@ namespace mongo {
ss << "Internal command used by mongorestore for updating user/role data" << endl;
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
auth::MergeAuthzCollectionsArgs args;
@@ -2501,14 +2467,13 @@ namespace mongo {
actions.addAction(ActionType::dropRole);
}
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forAnyNormalResource(), actions)) {
+ ResourcePattern::forAnyNormalResource(), actions)) {
return Status(ErrorCodes::Unauthorized,
"Not authorized to update user/role data using _mergeAuthzCollections"
" command");
}
if (!args.usersCollName.empty() &&
!authzSession->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forExactNamespace(NamespaceString(args.usersCollName)),
ActionType::find)) {
return Status(ErrorCodes::Unauthorized,
@@ -2517,7 +2482,6 @@ namespace mongo {
}
if (!args.rolesCollName.empty() &&
!authzSession->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forExactNamespace(NamespaceString(args.rolesCollName)),
ActionType::find)) {
return Status(ErrorCodes::Unauthorized,
@@ -2876,7 +2840,7 @@ namespace mongo {
Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."));
}
- status = requireAuthSchemaVersion26Final(txn, authzManager);
+ status = requireAuthSchemaVersion26Final(authzManager);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
@@ -2917,14 +2881,13 @@ namespace mongo {
ss << "Upgrades the auth data storage schema";
}
- Status CmdAuthSchemaUpgrade::checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
- const std::string& dbname,
- const BSONObj& cmdObj) {
+ Status CmdAuthSchemaUpgrade::checkAuthForCommand(ClientBasic* client,
+ const std::string& dbname,
+ const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forClusterResource(), ActionType::authSchemaUpgrade)) {
+ ResourcePattern::forClusterResource(), ActionType::authSchemaUpgrade)) {
return Status(ErrorCodes::Unauthorized,
"Not authorized to run authSchemaUpgrade command.");
}
diff --git a/src/mongo/db/commands/user_management_commands.h b/src/mongo/db/commands/user_management_commands.h
index 448950eb5ed..f9350f768ca 100644
--- a/src/mongo/db/commands/user_management_commands.h
+++ b/src/mongo/db/commands/user_management_commands.h
@@ -42,8 +42,7 @@ namespace mongo {
virtual bool adminOnly() const;
virtual void help(std::stringstream& ss) const;
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj);
};
diff --git a/src/mongo/db/commands/validate.cpp b/src/mongo/db/commands/validate.cpp
index 9b539a8b954..28d06c9ae05 100644
--- a/src/mongo/db/commands/validate.cpp
+++ b/src/mongo/db/commands/validate.cpp
@@ -75,7 +75,7 @@ namespace mongo {
MONGO_TLOG(0) << "CMD: validate " << ns << endl;
}
- Client::ReadContext ctx(txn, ns_string.ns());
+ Client::ReadContext ctx(ns_string.ns());
Database* db = ctx.ctx().db();
if ( !db ) {
diff --git a/src/mongo/db/commands/write_commands/batch_executor.cpp b/src/mongo/db/commands/write_commands/batch_executor.cpp
index b147446a93d..a6332a50288 100644
--- a/src/mongo/db/commands/write_commands/batch_executor.cpp
+++ b/src/mongo/db/commands/write_commands/batch_executor.cpp
@@ -902,7 +902,7 @@ namespace mongo {
}
invariant(!_context.get());
- _writeLock.reset(new Lock::DBWrite(txn->lockState(), request->getNS()));
+ _writeLock.reset(new Lock::DBWrite(request->getNS()));
if (!checkIsMasterForCollection(request->getNS(), result)) {
return false;
}
@@ -1087,7 +1087,7 @@ namespace mongo {
}
///////////////////////////////////////////
- Lock::DBWrite writeLock(txn->lockState(), nsString.ns());
+ Lock::DBWrite writeLock( nsString.ns() );
///////////////////////////////////////////
if ( !checkShardVersion( &shardingState, *updateItem.getRequest(), result ) )
@@ -1144,7 +1144,7 @@ namespace mongo {
}
///////////////////////////////////////////
- Lock::DBWrite writeLock(txn->lockState(), nss.ns());
+ Lock::DBWrite writeLock( nss.ns() );
///////////////////////////////////////////
// Check version once we're locked
diff --git a/src/mongo/db/commands/write_commands/write_commands.cpp b/src/mongo/db/commands/write_commands/write_commands.cpp
index 9f14dec2bb2..c9b77e1b831 100644
--- a/src/mongo/db/commands/write_commands/write_commands.cpp
+++ b/src/mongo/db/commands/write_commands/write_commands.cpp
@@ -82,14 +82,11 @@ namespace mongo {
bool WriteCmd::isWriteCommandForConfigServer() const { return false; }
- Status WriteCmd::checkAuthForCommand( OperationContext* txn,
- ClientBasic* client,
+ Status WriteCmd::checkAuthForCommand( ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj ) {
- Status status( auth::checkAuthForWriteCommand(
- txn,
- client->getAuthorizationSession(),
+ Status status( auth::checkAuthForWriteCommand( client->getAuthorizationSession(),
_writeType,
NamespaceString( parseNs( dbname, cmdObj ) ),
cmdObj ));
diff --git a/src/mongo/db/commands/write_commands/write_commands.h b/src/mongo/db/commands/write_commands/write_commands.h
index 570eca9ba4d..c5f5da37cac 100644
--- a/src/mongo/db/commands/write_commands/write_commands.h
+++ b/src/mongo/db/commands/write_commands/write_commands.h
@@ -65,8 +65,7 @@ namespace mongo {
virtual bool isWriteCommandForConfigServer() const;
- virtual Status checkAuthForCommand( OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand( ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj );
diff --git a/src/mongo/db/commands/write_commands/write_commands_common.cpp b/src/mongo/db/commands/write_commands/write_commands_common.cpp
index e2a77d85863..72c132ae1c0 100644
--- a/src/mongo/db/commands/write_commands/write_commands_common.cpp
+++ b/src/mongo/db/commands/write_commands/write_commands_common.cpp
@@ -44,8 +44,7 @@ namespace auth {
using std::string;
using std::vector;
- Status checkAuthForWriteCommand( OperationContext* txn,
- AuthorizationSession* authzSession,
+ Status checkAuthForWriteCommand( AuthorizationSession* authzSession,
BatchedCommandRequest::BatchType cmdType,
const NamespaceString& cmdNSS,
const BSONObj& cmdObj ) {
@@ -90,9 +89,8 @@ namespace auth {
ActionType::remove ) );
}
- if (authzSession->isAuthorizedForPrivileges(txn, privileges)) {
+ if ( authzSession->isAuthorizedForPrivileges( privileges ) )
return Status::OK();
- }
return Status( ErrorCodes::Unauthorized, "unauthorized" );
}
diff --git a/src/mongo/db/commands/write_commands/write_commands_common.h b/src/mongo/db/commands/write_commands/write_commands_common.h
index bc0e1f0be8e..a1fe6bc9772 100644
--- a/src/mongo/db/commands/write_commands/write_commands_common.h
+++ b/src/mongo/db/commands/write_commands/write_commands_common.h
@@ -38,13 +38,9 @@
*/
namespace mongo {
-
- class OperationContext;
-
namespace auth {
- Status checkAuthForWriteCommand( OperationContext* txn,
- AuthorizationSession* authzSession,
+ Status checkAuthForWriteCommand( AuthorizationSession* authzSession,
BatchedCommandRequest::BatchType cmdType,
const NamespaceString& cmdNSS,
const BSONObj& cmdObj );
diff --git a/src/mongo/db/d_concurrency.cpp b/src/mongo/db/d_concurrency.cpp
index 15ab51528fe..7f84d776bb1 100644
--- a/src/mongo/db/d_concurrency.cpp
+++ b/src/mongo/db/d_concurrency.cpp
@@ -583,12 +583,12 @@ namespace mongo {
lockNestable(nested);
}
- Lock::DBWrite::DBWrite(LockState* lockState, const StringData& ns)
+ Lock::DBWrite::DBWrite( const StringData& ns )
: ScopedLock( 'w' ), _what(ns.toString()), _nested(false) {
lockDB( _what );
}
- Lock::DBRead::DBRead(LockState* lockState, const StringData& ns)
+ Lock::DBRead::DBRead( const StringData& ns )
: ScopedLock( 'r' ), _what(ns.toString()), _nested(false) {
lockDB( _what );
}
diff --git a/src/mongo/db/d_concurrency.h b/src/mongo/db/d_concurrency.h
index 8359f23614d..f99cb46184f 100644
--- a/src/mongo/db/d_concurrency.h
+++ b/src/mongo/db/d_concurrency.h
@@ -112,8 +112,6 @@ namespace mongo {
virtual void _tempRelease() = 0;
virtual void _relock() = 0;
- LockState* _lockState;
-
private:
class ParallelBatchWriterSupport : boost::noncopyable {
@@ -185,7 +183,7 @@ namespace mongo {
void _relock();
public:
- DBWrite(LockState* lockState, const StringData& dbOrNs);
+ DBWrite(const StringData& dbOrNs);
virtual ~DBWrite();
private:
@@ -209,7 +207,7 @@ namespace mongo {
void _relock();
public:
- DBRead(LockState* lockState, const StringData& dbOrNs);
+ DBRead(const StringData& dbOrNs);
virtual ~DBRead();
private:
diff --git a/src/mongo/db/db.cpp b/src/mongo/db/db.cpp
index 93408e92a23..cd9a98b3a7c 100644
--- a/src/mongo/db/db.cpp
+++ b/src/mongo/db/db.cpp
@@ -752,18 +752,15 @@ namespace mongo {
#ifndef _WIN32
mongo::signalForkSuccess();
#endif
- {
- OperationContextImpl txn;
- if (getGlobalAuthorizationManager()->isAuthEnabled()) {
- // open admin db in case we need to use it later. TODO this is not the right way to
- // resolve this.
- Client::WriteContext ctx(&txn, "admin");
- }
-
- authindex::configureSystemIndexes(&txn, "admin");
+ if(getGlobalAuthorizationManager()->isAuthEnabled()) {
+ // open admin db in case we need to use it later. TODO this is not the right way to
+ // resolve this.
+ Client::WriteContext c("admin", storageGlobalParams.dbpath);
}
+ authindex::configureSystemIndexes("admin");
+
getDeleter()->startWorkers();
// Starts a background thread that rebuilds all incomplete indices.
diff --git a/src/mongo/db/dbcommands.cpp b/src/mongo/db/dbcommands.cpp
index fa14f002391..3fa6918ad50 100644
--- a/src/mongo/db/dbcommands.cpp
+++ b/src/mongo/db/dbcommands.cpp
@@ -321,8 +321,7 @@ namespace mongo {
virtual bool isWriteCommandForConfigServer() const { return true; }
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
@@ -331,7 +330,6 @@ namespace mongo {
// If you just want to get the current profiling level you can do so with just
// read access to system.profile, even if you can't change the profiling level.
if (authzSession->isAuthorizedForActionsOnResource(
- txn,
ResourcePattern::forExactNamespace(NamespaceString(dbname,
"system.profile")),
ActionType::find)) {
@@ -340,7 +338,7 @@ namespace mongo {
}
if (authzSession->isAuthorizedForActionsOnResource(
- txn, ResourcePattern::forDatabaseName(dbname), ActionType::enableProfiler)) {
+ ResourcePattern::forDatabaseName(dbname), ActionType::enableProfiler)) {
return Status::OK();
}
@@ -355,7 +353,7 @@ namespace mongo {
// Needs to be locked exclusively, because creates the system.profile collection
// in the local database.
//
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context ctx(dbname);
BSONElement e = cmdObj.firstElement();
@@ -405,7 +403,7 @@ namespace mongo {
// This doesn't look like it requires exclusive DB lock, because it uses its own diag
// locking, but originally the lock was set to be WRITE, so preserving the behaviour.
//
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context ctx(dbname);
int was = _diaglog.setLevel( cmdObj.firstElement().numberInt() );
@@ -459,7 +457,7 @@ namespace mongo {
return false;
}
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context ctx(nsToDrop);
Database* db = ctx.db();
@@ -530,7 +528,7 @@ namespace mongo {
// This acquires the DB read lock
//
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
string err;
int errCode;
@@ -574,23 +572,22 @@ namespace mongo {
help << "create a collection explicitly\n"
"{ create: <ns>[, capped: <bool>, size: <collSizeInBytes>, max: <nDocs>] }";
}
- virtual Status checkAuthForCommand(OperationContext* txn,
- ClientBasic* client,
+ virtual Status checkAuthForCommand(ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = client->getAuthorizationSession();
if (cmdObj["capped"].trueValue()) {
if (!authzSession->isAuthorizedForActionsOnResource(
- txn, parseResourcePattern(dbname, cmdObj), ActionType::convertToCapped)) {
+ parseResourcePattern(dbname, cmdObj), ActionType::convertToCapped)) {
return Status(ErrorCodes::Unauthorized, "unauthorized");
}
}
// ActionType::createCollection or ActionType::insert are both acceptable
if (authzSession->isAuthorizedForActionsOnResource(
- txn, parseResourcePattern(dbname, cmdObj), ActionType::createCollection) ||
+ parseResourcePattern(dbname, cmdObj), ActionType::createCollection) ||
authzSession->isAuthorizedForActionsOnResource(
- txn, parseResourcePattern(dbname, cmdObj), ActionType::insert)) {
+ parseResourcePattern(dbname, cmdObj), ActionType::insert)) {
return Status::OK();
}
@@ -624,7 +621,7 @@ namespace mongo {
!options["capped"].trueValue() || options["size"].isNumber() ||
options.hasField("$nExtents"));
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context ctx(ns);
// Create collection.
@@ -670,7 +667,7 @@ namespace mongo {
totalSize += size;
{
- Client::ReadContext rc(txn, *i + ".system.namespaces");
+ Client::ReadContext rc( *i + ".system.namespaces" );
b.appendBool( "empty", rc.ctx().db()->isEmpty() );
}
@@ -698,7 +695,7 @@ namespace mongo {
b.append( "sizeOnDisk" , (double)1.0 );
{
- Client::ReadContext ctx(txn, name);
+ Client::ReadContext ctx( name );
b.appendBool( "empty", ctx.ctx().db()->isEmpty() );
}
@@ -815,7 +812,7 @@ namespace mongo {
// Check shard version at startup.
// This will throw before we've done any work if shard version is outdated
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
Collection* coll = ctx.ctx().db()->getCollection(ns);
CanonicalQuery* cq;
@@ -923,7 +920,7 @@ namespace mongo {
BSONObj keyPattern = jsobj.getObjectField( "keyPattern" );
bool estimate = jsobj["estimate"].trueValue();
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
Collection* collection = ctx.ctx().db()->getCollection( ns );
@@ -1040,7 +1037,7 @@ namespace mongo {
bool run(OperationContext* txn, const string& dbname, BSONObj& jsobj, int, string& errmsg, BSONObjBuilder& result, bool fromRepl ) {
const string ns = dbname + "." + jsobj.firstElement().valuestr();
- Client::ReadContext cx(txn, ns);
+ Client::ReadContext cx( ns );
Database* db = cx.ctx().db();
Collection* collection = db->getCollection( ns );
if ( !collection ) {
@@ -1117,7 +1114,7 @@ namespace mongo {
bool run(OperationContext* txn, const string& dbname, BSONObj& jsobj, int, string& errmsg, BSONObjBuilder& result, bool fromRepl ) {
const string ns = dbname + "." + jsobj.firstElement().valuestr();
- Lock::DBWrite dbXLock(txn->lockState(), dbname);
+ Lock::DBWrite dbXLock(dbname);
Client::Context ctx( ns );
Collection* coll = ctx.db()->getCollection( ns );
@@ -1247,7 +1244,7 @@ namespace mongo {
const string ns = parseNs(dbname, jsobj);
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
Database* d = ctx.ctx().db();
d->getStats( &result, scale );
@@ -1404,7 +1401,7 @@ namespace mongo {
fieldIsPresent,
parsedUserNames);
- Status status = _checkAuthorization(txn, c, &client, dbname, cmdObj, fromRepl);
+ Status status = _checkAuthorization(c, &client, dbname, cmdObj, fromRepl);
if (!status.isOK()) {
appendCommandStatus(result, status);
return;
diff --git a/src/mongo/db/dbhelpers.cpp b/src/mongo/db/dbhelpers.cpp
index 1a2e0c4652f..767bf537d1f 100644
--- a/src/mongo/db/dbhelpers.cpp
+++ b/src/mongo/db/dbhelpers.cpp
@@ -297,12 +297,10 @@ namespace mongo {
return kpBuilder.obj();
}
- static bool findShardKeyIndexPattern(OperationContext* txn,
- const string& ns,
- const BSONObj& shardKeyPattern,
- BSONObj* indexPattern ) {
-
- Client::ReadContext context(txn, ns);
+ bool findShardKeyIndexPattern( const string& ns,
+ const BSONObj& shardKeyPattern,
+ BSONObj* indexPattern ) {
+ Client::ReadContext context( ns );
Collection* collection = context.ctx().db()->getCollection( ns );
if ( !collection )
return false;
@@ -334,8 +332,7 @@ namespace mongo {
// The IndexChunk has a keyPattern that may apply to more than one index - we need to
// select the index and get the full index keyPattern here.
BSONObj indexKeyPatternDoc;
- if ( !findShardKeyIndexPattern( txn,
- ns,
+ if ( !findShardKeyIndexPattern( ns,
range.keyPattern,
&indexKeyPatternDoc ) )
{
@@ -369,7 +366,7 @@ namespace mongo {
while ( 1 ) {
// Scoping for write lock.
{
- Client::WriteContext ctx(txn, ns);
+ Client::WriteContext ctx(ns);
Collection* collection = ctx.ctx().db()->getCollection( txn, ns );
if ( !collection )
break;
@@ -479,9 +476,7 @@ namespace mongo {
// Used by migration clone step
// TODO: Cannot hook up quite yet due to _trackerLocks in shared migration code.
- // TODO: This function is not used outside of tests
- Status Helpers::getLocsInRange( OperationContext* txn,
- const KeyRange& range,
+ Status Helpers::getLocsInRange( const KeyRange& range,
long long maxChunkSizeBytes,
set<DiskLoc>* locs,
long long* numDocs,
@@ -491,7 +486,7 @@ namespace mongo {
*estChunkSizeBytes = 0;
*numDocs = 0;
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx( ns );
Collection* collection = ctx.ctx().db()->getCollection( ns );
if ( !collection ) return Status( ErrorCodes::NamespaceNotFound, ns );
diff --git a/src/mongo/db/dbhelpers.h b/src/mongo/db/dbhelpers.h
index 2cba18345d5..a5e9947f918 100644
--- a/src/mongo/db/dbhelpers.h
+++ b/src/mongo/db/dbhelpers.h
@@ -188,8 +188,7 @@ namespace mongo {
* @return IndexNotFound if the index pattern doesn't match any indexes
* @return InvalidLength if the estimated size exceeds maxChunkSizeBytes
*/
- static Status getLocsInRange( OperationContext* txn,
- const KeyRange& range,
+ static Status getLocsInRange( const KeyRange& range,
long long maxChunkSizeBytes,
std::set<DiskLoc>* locs,
long long* numDocs,
diff --git a/src/mongo/db/dbwebserver.cpp b/src/mongo/db/dbwebserver.cpp
index 66fbfeeebcd..26a0758ed67 100644
--- a/src/mongo/db/dbwebserver.cpp
+++ b/src/mongo/db/dbwebserver.cpp
@@ -99,17 +99,13 @@ namespace mongo {
ss << "</pre>";
}
- void _authorizePrincipal(OperationContext* txn, const UserName& userName) {
- Status status = cc().getAuthorizationSession()->addAndAuthorizeUser(txn, userName);
+ void _authorizePrincipal(const UserName& userName) {
+ Status status = cc().getAuthorizationSession()->addAndAuthorizeUser(userName);
uassertStatusOK(status);
}
- bool allowed(OperationContext* txn,
- const char * rq,
- vector<string>& headers,
- const SockAddr &from) {
-
- if ( from.isLocalHost() || !_webUsers->haveAdminUsers(txn) ) {
+ bool allowed( const char * rq , vector<string>& headers, const SockAddr &from ) {
+ if ( from.isLocalHost() || !_webUsers->haveAdminUsers() ) {
// TODO(spencer): should the above check use "&&" not "||"? Currently this is much
// more permissive than the server's localhost auth bypass.
cc().getAuthorizationSession()->grantInternalAuthorization();
@@ -135,7 +131,7 @@ namespace mongo {
User* user;
AuthorizationManager& authzManager =
cc().getAuthorizationSession()->getAuthorizationManager();
- Status status = authzManager.acquireUser(txn, userName, &user);
+ Status status = authzManager.acquireUser(userName, &user);
if (!status.isOK()) {
if (status.code() != ErrorCodes::UserNotFound) {
uasserted(17051, status.reason());
@@ -163,7 +159,7 @@ namespace mongo {
string r1 = md5simpledigest( r.str() );
if ( r1 == parms["response"] ) {
- _authorizePrincipal(txn, userName);
+ _authorizePrincipal(userName);
return true;
}
}
@@ -195,7 +191,7 @@ namespace mongo {
if ( url.size() > 1 ) {
- if (!allowed(txn.get(), rq, headers, from)) {
+ if ( ! allowed( rq , headers, from ) ) {
responseCode = 401;
headers.push_back( "Content-Type: text/plain;charset=utf-8" );
responseMsg = "not allowed\n";
@@ -244,7 +240,7 @@ namespace mongo {
// generate home page
- if (!allowed(txn.get(), rq, headers, from)) {
+ if ( ! allowed( rq , headers, from ) ) {
responseCode = 401;
headers.push_back( "Content-Type: text/plain;charset=utf-8" );
responseMsg = "not allowed\n";
diff --git a/src/mongo/db/exec/stagedebug_cmd.cpp b/src/mongo/db/exec/stagedebug_cmd.cpp
index ca10066c960..5446d2b5c2d 100644
--- a/src/mongo/db/exec/stagedebug_cmd.cpp
+++ b/src/mongo/db/exec/stagedebug_cmd.cpp
@@ -116,7 +116,7 @@ namespace mongo {
string collName = collElt.String();
// Need a context to get the actual Collection*
- Client::ReadContext ctx(txn, dbname);
+ Client::ReadContext ctx(dbname);
// Make sure the collection is valid.
Database* db = ctx.ctx().db();
diff --git a/src/mongo/db/fts/fts_command.cpp b/src/mongo/db/fts/fts_command.cpp
index 128b5a9f255..c95a6c52bb1 100644
--- a/src/mongo/db/fts/fts_command.cpp
+++ b/src/mongo/db/fts/fts_command.cpp
@@ -92,7 +92,7 @@ namespace mongo {
projection = cmdObj["project"].Obj();
}
- return _run( txn, dbname, cmdObj, options,
+ return _run( dbname, cmdObj, options,
ns, search, language, limit, filter, projection, errmsg, result );
}
diff --git a/src/mongo/db/fts/fts_command.h b/src/mongo/db/fts/fts_command.h
index 7f6b4d7bc4d..4c0ced7efea 100644
--- a/src/mongo/db/fts/fts_command.h
+++ b/src/mongo/db/fts/fts_command.h
@@ -40,8 +40,6 @@
namespace mongo {
- class OperationContext;
-
namespace fts {
class FTSCommand : public Command {
@@ -66,8 +64,7 @@ namespace mongo {
bool fromRepl);
protected:
- bool _run( OperationContext* txn,
- const std::string& dbName,
+ bool _run( const std::string& dbName,
BSONObj& cmdObj,
int cmdOptions,
const std::string& ns,
diff --git a/src/mongo/db/fts/fts_command_mongod.cpp b/src/mongo/db/fts/fts_command_mongod.cpp
index c422d9d8863..230c6d00fb4 100644
--- a/src/mongo/db/fts/fts_command_mongod.cpp
+++ b/src/mongo/db/fts/fts_command_mongod.cpp
@@ -54,8 +54,7 @@ namespace mongo {
* @param fromRepl
* @return true if successful, false otherwise
*/
- bool FTSCommand::_run(OperationContext* txn,
- const string& dbname,
+ bool FTSCommand::_run(const string& dbname,
BSONObj& cmdObj,
int cmdOptions,
const string& ns,
@@ -93,7 +92,7 @@ namespace mongo {
projBob.appendElements(sortSpec);
BSONObj projObj = projBob.obj();
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
CanonicalQuery* cq;
Status canonicalizeStatus =
diff --git a/src/mongo/db/fts/fts_command_mongos.cpp b/src/mongo/db/fts/fts_command_mongos.cpp
index df152856e2d..0c0f09e957b 100644
--- a/src/mongo/db/fts/fts_command_mongos.cpp
+++ b/src/mongo/db/fts/fts_command_mongos.cpp
@@ -54,8 +54,7 @@ namespace mongo {
double score;
};
- bool FTSCommand::_run(OperationContext* txn,
- const string& dbName,
+ bool FTSCommand::_run(const string& dbName,
BSONObj& cmdObj,
int cmdOptions,
const string& ns,
diff --git a/src/mongo/db/geo/haystack.cpp b/src/mongo/db/geo/haystack.cpp
index 644c2ba60d2..b5c61765b79 100644
--- a/src/mongo/db/geo/haystack.cpp
+++ b/src/mongo/db/geo/haystack.cpp
@@ -71,7 +71,7 @@ namespace mongo {
bool run(OperationContext* txn, const string& dbname, BSONObj& cmdObj, int,
string& errmsg, BSONObjBuilder& result, bool fromRepl) {
const string ns = dbname + "." + cmdObj.firstElement().valuestr();
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx(ns);
Database* db = ctx.ctx().db();
if ( !db ) {
diff --git a/src/mongo/db/index_builder.cpp b/src/mongo/db/index_builder.cpp
index 1e97c3da193..6014608300c 100644
--- a/src/mongo/db/index_builder.cpp
+++ b/src/mongo/db/index_builder.cpp
@@ -55,8 +55,6 @@ namespace mongo {
void IndexBuilder::run() {
LOG(2) << "IndexBuilder building index " << _index;
- OperationContextImpl txn;
-
Client::initThread(name().c_str());
Lock::ParallelBatchWriterMode::iAmABatchParticipant();
@@ -64,7 +62,8 @@ namespace mongo {
cc().curop()->reset(HostAndPort(), dbInsert);
NamespaceString ns(_index["ns"].String());
- Client::WriteContext ctx(&txn, ns.getSystemIndexesCollection());
+ Client::WriteContext ctx(ns.getSystemIndexesCollection());
+ OperationContextImpl txn;
Database* db = dbHolder().get(ns.db().toString(), storageGlobalParams.dbpath);
diff --git a/src/mongo/db/index_rebuilder.cpp b/src/mongo/db/index_rebuilder.cpp
index b9c89ab8b04..3e45d143cab 100644
--- a/src/mongo/db/index_rebuilder.cpp
+++ b/src/mongo/db/index_rebuilder.cpp
@@ -63,9 +63,7 @@ namespace mongo {
for (std::vector<std::string>::const_iterator dbName = dbNames.begin();
dbName < dbNames.end();
dbName++) {
- OperationContextImpl txn;
- Client::ReadContext ctx(&txn, *dbName);
-
+ Client::ReadContext ctx(*dbName);
Database* db = ctx.ctx().db();
db->getDatabaseCatalogEntry()->getCollectionNamespaces(&collNames);
}
@@ -90,11 +88,10 @@ namespace mongo {
LOG(3) << "IndexRebuilder::checkNS: " << ns;
- OperationContextImpl txn; // XXX???
-
// This write lock is held throughout the index building process
// for this namespace.
- Client::WriteContext ctx(&txn, ns);
+ Client::WriteContext ctx(ns);
+ OperationContextImpl txn; // XXX???
Collection* collection = ctx.ctx().db()->getCollection( ns );
if ( collection == NULL )
diff --git a/src/mongo/db/instance.cpp b/src/mongo/db/instance.cpp
index 373e7f2b3ca..613165ff4d2 100644
--- a/src/mongo/db/instance.cpp
+++ b/src/mongo/db/instance.cpp
@@ -121,9 +121,8 @@ namespace mongo {
QueryMessage q(d);
BSONObjBuilder b;
- OperationContextImpl txn;
const bool isAuthorized = cc().getAuthorizationSession()->isAuthorizedForActionsOnResource(
- &txn, ResourcePattern::forClusterResource(), ActionType::inprog);
+ ResourcePattern::forClusterResource(), ActionType::inprog);
audit::logInProgAuthzCheck(
&cc(), q.query, isAuthorized ? ErrorCodes::OK : ErrorCodes::Unauthorized);
@@ -183,10 +182,8 @@ namespace mongo {
DbMessage d(m);
QueryMessage q(d);
BSONObj obj;
-
- OperationContextImpl txn;
const bool isAuthorized = cc().getAuthorizationSession()->isAuthorizedForActionsOnResource(
- &txn, ResourcePattern::forClusterResource(), ActionType::killop);
+ ResourcePattern::forClusterResource(), ActionType::killop);
audit::logKillOpAuthzCheck(&cc(),
q.query,
isAuthorized ? ErrorCodes::OK : ErrorCodes::Unauthorized);
@@ -213,10 +210,8 @@ namespace mongo {
bool _unlockFsync();
void unlockFsync(const char *ns, Message& m, DbResponse &dbresponse) {
BSONObj obj;
-
- OperationContextImpl txn;
const bool isAuthorized = cc().getAuthorizationSession()->isAuthorizedForActionsOnResource(
- &txn, ResourcePattern::forClusterResource(), ActionType::unlock);
+ ResourcePattern::forClusterResource(), ActionType::unlock);
audit::logFsyncUnlockAuthzCheck(
&cc(), isAuthorized ? ErrorCodes::OK : ErrorCodes::Unauthorized);
if (!isAuthorized) {
@@ -254,7 +249,7 @@ namespace mongo {
if (!ns.isCommand()) {
// Auth checking for Commands happens later.
Client* client = &cc();
- Status status = client->getAuthorizationSession()->checkAuthForQuery(txn, ns, q.query);
+ Status status = client->getAuthorizationSession()->checkAuthForQuery(ns, q.query);
audit::logQueryAuthzCheck(client, ns, q.query, status.code());
uassertStatusOK(status);
}
@@ -346,7 +341,7 @@ namespace mongo {
Client& c = cc();
if (!c.isGod())
- c.getAuthorizationSession()->startRequest(txn);
+ c.getAuthorizationSession()->startRequest();
if ( op == dbQuery ) {
if( strstr(ns, ".$cmd") ) {
@@ -533,7 +528,7 @@ namespace mongo {
verify( n < 30000 );
}
- int found = CollectionCursorCache::eraseCursorGlobalIfAuthorized(txn, n, (long long *) x);
+ int found = CollectionCursorCache::eraseCursorGlobalIfAuthorized(n, (long long *) x);
if ( logger::globalLogDomain()->shouldLog(logger::LogSeverity::Debug(1)) || found != n ) {
LOG( found == n ? 1 : 0 ) << "killcursors: found " << found << " of " << n << endl;
@@ -586,8 +581,7 @@ namespace mongo {
bool multi = flags & UpdateOption_Multi;
bool broadcast = flags & UpdateOption_Broadcast;
- Status status = cc().getAuthorizationSession()->checkAuthForUpdate(txn,
- ns,
+ Status status = cc().getAuthorizationSession()->checkAuthForUpdate(ns,
query,
toupdate,
upsert);
@@ -609,7 +603,7 @@ namespace mongo {
UpdateExecutor executor(&request, &op.debug());
uassertStatusOK(executor.prepare());
- Lock::DBWrite lk(txn->lockState(), ns.ns());
+ Lock::DBWrite lk(ns.ns());
// if this ever moves to outside of lock, need to adjust check
// Client::Context::_finishInit
@@ -636,7 +630,7 @@ namespace mongo {
verify( d.moreJSObjs() );
BSONObj pattern = d.nextJsObj();
- Status status = cc().getAuthorizationSession()->checkAuthForDelete(txn, ns, pattern);
+ Status status = cc().getAuthorizationSession()->checkAuthForDelete(ns, pattern);
audit::logDeleteAuthzCheck(&cc(), ns, pattern, status.code());
uassertStatusOK(status);
@@ -649,7 +643,7 @@ namespace mongo {
request.setUpdateOpLog(true);
DeleteExecutor executor(&request);
uassertStatusOK(executor.prepare());
- Lock::DBWrite lk(txn->lockState(), ns.ns());
+ Lock::DBWrite lk(ns.ns());
// if this ever moves to outside of lock, need to adjust check Client::Context::_finishInit
if ( ! broadcast && handlePossibleShardedMessage( m , 0 ) )
@@ -690,7 +684,7 @@ namespace mongo {
uassert( 16258, str::stream() << "Invalid ns [" << ns << "]", nsString.isValid() );
Status status = cc().getAuthorizationSession()->checkAuthForGetMore(
- txn, nsString, cursorid);
+ nsString, cursorid);
audit::logGetMoreAuthzCheck(&cc(), nsString, cursorid, status.code());
uassertStatusOK(status);
@@ -723,7 +717,7 @@ namespace mongo {
// because it may now be out of sync with the client's iteration state.
// SERVER-7952
// TODO Temporary code, see SERVER-4563 for a cleanup overview.
- CollectionCursorCache::eraseCursorGlobal(txn, cursorid );
+ CollectionCursorCache::eraseCursorGlobal( cursorid );
}
ex.reset( new AssertionException( e.getInfo().msg, e.getCode() ) );
ok = false;
@@ -881,12 +875,12 @@ namespace mongo {
// Check auth for insert (also handles checking if this is an index build and checks
// for the proper privileges in that case).
const NamespaceString nsString(ns);
- Status status = cc().getAuthorizationSession()->checkAuthForInsert(txn, nsString, obj);
+ Status status = cc().getAuthorizationSession()->checkAuthForInsert(nsString, obj);
audit::logInsertAuthzCheck(&cc(), nsString, obj, status.code());
uassertStatusOK(status);
}
- Lock::DBWrite lk(txn->lockState(), ns);
+ Lock::DBWrite lk(ns);
// CONCURRENCY TODO: is being read locked in big log sufficient here?
// writelock is used to synchronize stepdowns w/ writes
@@ -930,7 +924,7 @@ namespace mongo {
local database does NOT count except for rsoplog collection.
used to set the hasData field on replset heartbeat command response
*/
- bool replHasDatabases(OperationContext* txn) {
+ bool replHasDatabases() {
vector<string> names;
getDatabaseNames(names);
if( names.size() >= 2 ) return true;
@@ -939,7 +933,7 @@ namespace mongo {
return true;
// we have a local database. return true if oplog isn't empty
{
- Lock::DBRead lk(txn->lockState(), repl::rsoplog);
+ Lock::DBRead lk(repl::rsoplog);
BSONObj o;
if( Helpers::getFirst(repl::rsoplog, o) )
return true;
@@ -1008,9 +1002,7 @@ namespace {
}
void DBDirectClient::killCursor( long long id ) {
- // The killCursor command on the DB client is only used by sharding,
- // so no need to have it for MongoD.
- verify(!"killCursor should not be used in MongoD");
+ CollectionCursorCache::eraseCursorGlobal( id );
}
HostAndPort DBDirectClient::_clientHost = HostAndPort( "0.0.0.0" , 0 );
@@ -1021,9 +1013,7 @@ namespace {
<< " to zero in query: " << query << endl;
skip = 0;
}
-
- OperationContextImpl txn;
- Lock::DBRead lk(txn.lockState(), ns);
+ Lock::DBRead lk( ns );
string errmsg;
int errCode;
long long res = runCount( ns, _countCmd( ns , query , options , limit , skip ) , errmsg, errCode );
diff --git a/src/mongo/db/instance.h b/src/mongo/db/instance.h
index b7039b30c4c..ff8e655b608 100644
--- a/src/mongo/db/instance.h
+++ b/src/mongo/db/instance.h
@@ -79,7 +79,7 @@ namespace mongo {
/* returns true if there is no data on this server. useful when starting replication.
local database does NOT count.
*/
- bool replHasDatabases(OperationContext* txn);
+ bool replHasDatabases();
/**
* Embedded calls to the local server using the DBClientBase API without going over the network.
diff --git a/src/mongo/db/introspect.cpp b/src/mongo/db/introspect.cpp
index ff9004ab6e8..79894bf88c7 100644
--- a/src/mongo/db/introspect.cpp
+++ b/src/mongo/db/introspect.cpp
@@ -137,7 +137,7 @@ namespace {
try {
// NOTE: It's kind of weird that we lock the op's namespace, but have to for now since
// we're sometimes inside the lock already
- Lock::DBWrite lk(txn->lockState(), currentOp.getNS() );
+ Lock::DBWrite lk( currentOp.getNS() );
if (dbHolder()._isLoaded(nsToDatabase(currentOp.getNS()), storageGlobalParams.dbpath)) {
Client::Context cx(currentOp.getNS(), storageGlobalParams.dbpath, false);
_profile(txn, c, cx.db(),
diff --git a/src/mongo/db/pipeline/document_source_cursor.cpp b/src/mongo/db/pipeline/document_source_cursor.cpp
index 70ac51d2000..87131cbc17b 100644
--- a/src/mongo/db/pipeline/document_source_cursor.cpp
+++ b/src/mongo/db/pipeline/document_source_cursor.cpp
@@ -78,7 +78,7 @@ namespace mongo {
// We have already validated the sharding version when we constructed the Runner
// so we shouldn't check it again.
- Lock::DBRead lk(pExpCtx->opCtx->lockState(), _ns);
+ Lock::DBRead lk(_ns);
Client::Context ctx(_ns, storageGlobalParams.dbpath, /*doVersion=*/false);
_runner->restoreState(pExpCtx->opCtx);
@@ -199,7 +199,7 @@ namespace {
Status explainStatus(ErrorCodes::InternalError, "");
scoped_ptr<TypeExplain> plan;
{
- Lock::DBRead lk(pExpCtx->opCtx->lockState(), _ns);
+ Lock::DBRead lk(_ns);
Client::Context ctx(_ns, storageGlobalParams.dbpath, /*doVersion=*/false);
massert(17392, "No _runner. Were we disposed before explained?",
_runner);
diff --git a/src/mongo/db/pipeline/pipeline_d.cpp b/src/mongo/db/pipeline/pipeline_d.cpp
index 4409b899c4c..df8a6716987 100644
--- a/src/mongo/db/pipeline/pipeline_d.cpp
+++ b/src/mongo/db/pipeline/pipeline_d.cpp
@@ -64,7 +64,7 @@ namespace {
}
bool isCapped(const NamespaceString& ns) {
- Client::ReadContext ctx(_ctx->opCtx, ns.ns());
+ Client::ReadContext ctx(ns.ns());
Collection* collection = ctx.ctx().db()->getCollection(ns);
return collection && collection->isCapped();
}
diff --git a/src/mongo/db/prefetch.cpp b/src/mongo/db/prefetch.cpp
index 36ad06ef964..7634b2d862a 100644
--- a/src/mongo/db/prefetch.cpp
+++ b/src/mongo/db/prefetch.cpp
@@ -55,12 +55,8 @@ namespace mongo {
"repl.preload.docs",
&prefetchDocStats );
- void prefetchIndexPages(Collection* collection, const BSONObj& obj);
- void prefetchRecordPages(OperationContext* txn, const char* ns, const BSONObj& obj);
-
-
// prefetch for an oplog operation
- void prefetchPagesForReplicatedOp(OperationContext* txn, Database* db, const BSONObj& op) {
+ void prefetchPagesForReplicatedOp(Database* db, const BSONObj& op) {
const char *opField;
const char *opType = op.getStringField("op");
switch (*opType) {
@@ -114,11 +110,10 @@ namespace mongo {
// do not prefetch the data for capped collections because
// they typically do not have an _id index for findById() to use.
!collection->isCapped()) {
- prefetchRecordPages(txn, ns, obj);
+ prefetchRecordPages(ns, obj);
}
}
- // page in pages needed for all index lookups on a given object
void prefetchIndexPages(Collection* collection, const BSONObj& obj) {
DiskLoc unusedDl; // unused
BSONObjSet unusedKeys;
@@ -175,8 +170,8 @@ namespace mongo {
}
}
- // page in the data pages for a record associated with an object
- void prefetchRecordPages(OperationContext* txn, const char* ns, const BSONObj& obj) {
+
+ void prefetchRecordPages(const char* ns, const BSONObj& obj) {
BSONElement _id;
if( obj.getObjectID(_id) ) {
TimerHolder timer(&prefetchDocStats);
@@ -186,7 +181,7 @@ namespace mongo {
try {
// we can probably use Client::Context here instead of ReadContext as we
// have locked higher up the call stack already
- Client::ReadContext ctx(txn, ns);
+ Client::ReadContext ctx( ns );
if( Helpers::findById(ctx.ctx().db(), ns, builder.done(), result) ) {
// do we want to use Record::touch() here? it's pretty similar.
volatile char _dummy_char = '\0';
diff --git a/src/mongo/db/prefetch.h b/src/mongo/db/prefetch.h
index 36310b40676..3e97753da23 100644
--- a/src/mongo/db/prefetch.h
+++ b/src/mongo/db/prefetch.h
@@ -33,8 +33,13 @@
namespace mongo {
class Collection;
class Database;
- class OperationContext;
// page in both index and data pages for an op from the oplog
- void prefetchPagesForReplicatedOp(OperationContext* txn, Database* db, const BSONObj& op);
+ void prefetchPagesForReplicatedOp(Database* db, const BSONObj& op);
+
+ // page in pages needed for all index lookups on a given object
+ void prefetchIndexPages(Collection *nsd, const BSONObj& obj);
+
+ // page in the data pages for a record associated with an object
+ void prefetchRecordPages(const char *ns, const BSONObj& obj);
}
diff --git a/src/mongo/db/query/new_find.cpp b/src/mongo/db/query/new_find.cpp
index 7ed222b9f06..d78032fed07 100644
--- a/src/mongo/db/query/new_find.cpp
+++ b/src/mongo/db/query/new_find.cpp
@@ -152,7 +152,7 @@ namespace mongo {
exhaust = false;
// This is a read lock.
- scoped_ptr<Client::ReadContext> ctx(new Client::ReadContext(txn, ns));
+ scoped_ptr<Client::ReadContext> ctx(new Client::ReadContext(ns));
Collection* collection = ctx->ctx().db()->getCollection(ns);
uassert( 17356, "collection dropped between getMore calls", collection );
@@ -459,7 +459,7 @@ namespace mongo {
// This is a read lock. We require this because if we're parsing a $where, the
// where-specific parsing code assumes we have a lock and creates execution machinery that
// requires it.
- Client::ReadContext ctx(txn, q.ns);
+ Client::ReadContext ctx(q.ns);
Collection* collection = ctx.ctx().db()->getCollection( ns );
// Parse the qm into a CanonicalQuery.
diff --git a/src/mongo/db/range_deleter.cpp b/src/mongo/db/range_deleter.cpp
index 90cce2fcb4c..fd90b65c289 100644
--- a/src/mongo/db/range_deleter.cpp
+++ b/src/mongo/db/range_deleter.cpp
@@ -232,10 +232,7 @@ namespace mongo {
_stats->incPendingDeletes_inlock();
}
- {
- boost::scoped_ptr<OperationContext> txn(transactionFactory());
- _env->getCursorIds(txn.get(), ns, &toDelete->cursorsToWait);
- }
+ _env->getCursorIds(ns, &toDelete->cursorsToWait);
{
scoped_lock sl(_queueMutex);
@@ -287,7 +284,7 @@ namespace mongo {
}
set<CursorId> cursorsToWait;
- _env->getCursorIds(txn, ns, &cursorsToWait);
+ _env->getCursorIds(ns, &cursorsToWait);
long long checkIntervalMillis = 5;
@@ -298,7 +295,7 @@ namespace mongo {
while (!cursorsToWait.empty()) {
set<CursorId> cursorsNow;
- _env->getCursorIds(txn, ns, &cursorsNow);
+ _env->getCursorIds(ns, &cursorsNow);
set<CursorId> cursorsLeft;
std::set_intersection(cursorsToWait.begin(),
@@ -441,11 +438,7 @@ namespace mongo {
RangeDeleteEntry* entry = *iter;
set<CursorId> cursorsNow;
- {
- boost::scoped_ptr<OperationContext> txn(
- entry->transactionFactory()); // XXX?
- _env->getCursorIds(txn.get(), entry->ns, &cursorsNow);
- }
+ _env->getCursorIds(entry->ns, &cursorsNow);
set<CursorId> cursorsLeft;
std::set_intersection(entry->cursorsToWait.begin(),
diff --git a/src/mongo/db/range_deleter.h b/src/mongo/db/range_deleter.h
index 15da3560513..9a3b8c6b1fa 100644
--- a/src/mongo/db/range_deleter.h
+++ b/src/mongo/db/range_deleter.h
@@ -304,9 +304,7 @@ namespace mongo {
* Must be a synchronous call. CursorIds should be populated after call.
* Must not throw exception.
*/
- virtual void getCursorIds(OperationContext* txn,
- const StringData& ns,
- std::set<CursorId>* openCursors) = 0;
+ virtual void getCursorIds(const StringData& ns, std::set<CursorId>* openCursors) = 0;
};
} // namespace mongo
diff --git a/src/mongo/db/range_deleter_db_env.cpp b/src/mongo/db/range_deleter_db_env.cpp
index 39e0c81a465..0a99f21cc55 100644
--- a/src/mongo/db/range_deleter_db_env.cpp
+++ b/src/mongo/db/range_deleter_db_env.cpp
@@ -156,10 +156,9 @@ namespace mongo {
return true;
}
- void RangeDeleterDBEnv::getCursorIds(OperationContext* txn,
- const StringData& ns,
+ void RangeDeleterDBEnv::getCursorIds(const StringData& ns,
std::set<CursorId>* openCursors) {
- Client::ReadContext ctx(txn, ns.toString());
+ Client::ReadContext ctx(ns.toString());
Collection* collection = ctx.ctx().db()->getCollection( ns );
if ( !collection )
return;
diff --git a/src/mongo/db/range_deleter_db_env.h b/src/mongo/db/range_deleter_db_env.h
index c5956db5b98..9708fa49495 100644
--- a/src/mongo/db/range_deleter_db_env.h
+++ b/src/mongo/db/range_deleter_db_env.h
@@ -62,8 +62,6 @@ namespace mongo {
/**
* Gets the list of open cursors on a given namespace.
*/
- virtual void getCursorIds(OperationContext* txn,
- const StringData& ns,
- std::set<CursorId>* openCursors);
+ virtual void getCursorIds(const StringData& ns, std::set<CursorId>* openCursors);
};
}
diff --git a/src/mongo/db/range_deleter_mock_env.cpp b/src/mongo/db/range_deleter_mock_env.cpp
index 29877a1a252..2b40a3e7bc6 100644
--- a/src/mongo/db/range_deleter_mock_env.cpp
+++ b/src/mongo/db/range_deleter_mock_env.cpp
@@ -139,8 +139,7 @@ namespace mongo {
return true;
}
- void RangeDeleterMockEnv::getCursorIds(
- OperationContext* txn, const StringData& ns, set<CursorId>* in) {
+ void RangeDeleterMockEnv::getCursorIds(const StringData& ns, set<CursorId>* in) {
{
scoped_lock sl(_cursorMapMutex);
const set<CursorId>& _cursors = _cursorMap[ns.toString()];
diff --git a/src/mongo/db/range_deleter_mock_env.h b/src/mongo/db/range_deleter_mock_env.h
index b1164ef830b..ce9457889d6 100644
--- a/src/mongo/db/range_deleter_mock_env.h
+++ b/src/mongo/db/range_deleter_mock_env.h
@@ -139,7 +139,7 @@ namespace mongo {
* RangeDeleterEnv::getCursorIds. The cursors returned can be modified with
* the setCursorId and clearCursorMap methods.
*/
- void getCursorIds(OperationContext* txn, const StringData& ns, std::set<CursorId>* in);
+ void getCursorIds(const StringData& ns, std::set<CursorId>* in);
private:
// mutex acquisition ordering:
diff --git a/src/mongo/db/repair_database.cpp b/src/mongo/db/repair_database.cpp
index 52ecec48a95..72620d77609 100644
--- a/src/mongo/db/repair_database.cpp
+++ b/src/mongo/db/repair_database.cpp
@@ -318,7 +318,7 @@ namespace mongo {
Database* tempDatabase = NULL;
{
bool justCreated = false;
- tempDatabase = dbHolderW().getOrCreate(txn, dbName, reservedPathString, justCreated);
+ tempDatabase = dbHolderW().getOrCreate( dbName, reservedPathString, justCreated );
invariant( justCreated );
}
diff --git a/src/mongo/db/repl/heartbeat.cpp b/src/mongo/db/repl/heartbeat.cpp
index 5f1f1179aca..006998a57ef 100644
--- a/src/mongo/db/repl/heartbeat.cpp
+++ b/src/mongo/db/repl/heartbeat.cpp
@@ -112,7 +112,7 @@ namespace repl {
result.append("rs", true);
if( cmdObj["checkEmpty"].trueValue() ) {
- result.append("hasData", replHasDatabases(txn));
+ result.append("hasData", replHasDatabases());
}
if( (theReplSet == 0) || (theReplSet->startupStatus == ReplSetImpl::LOADINGCONFIG) ) {
string from( cmdObj.getStringField("from") );
diff --git a/src/mongo/db/repl/master_slave.cpp b/src/mongo/db/repl/master_slave.cpp
index ff2ff4921f5..48226902b95 100644
--- a/src/mongo/db/repl/master_slave.cpp
+++ b/src/mongo/db/repl/master_slave.cpp
@@ -60,7 +60,7 @@
namespace mongo {
namespace repl {
- void pretouchOperation(OperationContext* txn, const BSONObj& op);
+ void pretouchOperation(const BSONObj& op);
void pretouchN(vector<BSONObj>&, unsigned a, unsigned b);
/* if 1 sync() is running */
@@ -162,8 +162,8 @@ namespace repl {
void ReplSource::ensureMe() {
string myname = getHostName();
{
+ Client::WriteContext ctx("local");
OperationContextImpl txn;
- Client::WriteContext ctx(&txn, "local");
// local.me is an identifier for a server for getLastError w:2+
if (!Helpers::getSingleton("local.me", _me) ||
!_me.hasField("host") ||
@@ -560,8 +560,6 @@ namespace repl {
if ( !only.empty() && only != clientName )
return;
- OperationContextImpl txn; // XXX?
-
if (replSettings.pretouch &&
!alreadyLocked/*doesn't make sense if in write lock already*/) {
if (replSettings.pretouch > 1) {
@@ -590,17 +588,18 @@ namespace repl {
a += m;
}
// we do one too...
- pretouchOperation(&txn, op);
+ pretouchOperation(op);
tp->join();
countdown = v.size();
}
}
else {
- pretouchOperation(&txn, op);
+ pretouchOperation(op);
}
}
scoped_ptr<Lock::GlobalWrite> lk( alreadyLocked ? 0 : new Lock::GlobalWrite() );
+ OperationContextImpl txn; // XXX?
if ( replAllDead ) {
// hmmm why is this check here and not at top of this function? does it get set between top and here?
@@ -680,7 +679,7 @@ namespace repl {
int get() const { return _value; }
- virtual void append(OperationContext* txn, BSONObjBuilder& b, const string& name) {
+ virtual void append( BSONObjBuilder& b, const string& name ) {
b.append( name, _value );
}
@@ -1277,7 +1276,7 @@ namespace repl {
}
}
- void pretouchOperation(OperationContext* txn, const BSONObj& op) {
+ void pretouchOperation(const BSONObj& op) {
if( Lock::somethingWriteLocked() )
return; // no point pretouching if write locked. not sure if this will ever fire, but just in case.
@@ -1300,7 +1299,7 @@ namespace repl {
BSONObjBuilder b;
b.append(_id);
BSONObj result;
- Client::ReadContext ctx(txn, ns );
+ Client::ReadContext ctx( ns );
if( Helpers::findById(ctx.ctx().db(), ns, b.done(), result) )
_dummy_z += result.objsize(); // touch
}
diff --git a/src/mongo/db/repl/oplog.cpp b/src/mongo/db/repl/oplog.cpp
index 474416dd250..5996e180401 100644
--- a/src/mongo/db/repl/oplog.cpp
+++ b/src/mongo/db/repl/oplog.cpp
@@ -113,8 +113,8 @@ namespace repl {
todo : make _logOpRS() call this so we don't repeat ourself?
*/
void _logOpObjRS(const BSONObj& op) {
+ Lock::DBWrite lk("local");
OperationContextImpl txn;
- Lock::DBWrite lk(txn.lockState(), "local");
const OpTime ts = op["ts"]._opTime();
long long h = op["h"].numberLong();
@@ -231,7 +231,7 @@ namespace repl {
BSONObj *o2,
bool *bb,
bool fromMigrate ) {
- Lock::DBWrite lk1(txn->lockState(), "local");
+ Lock::DBWrite lk1("local");
if ( strncmp(ns, "local.", 6) == 0 ) {
if ( strncmp(ns, "local.slaves", 12) == 0 )
@@ -321,7 +321,7 @@ namespace repl {
BSONObj *o2,
bool *bb,
bool fromMigrate ) {
- Lock::DBWrite lk(txn->lockState(), "local");
+ Lock::DBWrite lk("local");
static BufBuilder bufbuilder(8*1024); // todo there is likely a mutex on this constructor
if ( strncmp(ns, "local.", 6) == 0 ) {
diff --git a/src/mongo/db/repl/repl_set_impl.cpp b/src/mongo/db/repl/repl_set_impl.cpp
index 5274e461f07..01f78853e04 100644
--- a/src/mongo/db/repl/repl_set_impl.cpp
+++ b/src/mongo/db/repl/repl_set_impl.cpp
@@ -435,8 +435,7 @@ namespace {
}
void ReplSetImpl::loadLastOpTimeWritten(bool quiet) {
- OperationContextImpl txn; // XXX?
- Lock::DBRead lk(txn.lockState(), rsoplog);
+ Lock::DBRead lk(rsoplog);
BSONObj o;
if (Helpers::getLast(rsoplog, o)) {
lastH = o["h"].numberLong();
@@ -446,8 +445,7 @@ namespace {
}
OpTime ReplSetImpl::getEarliestOpTimeWritten() const {
- OperationContextImpl txn; // XXX?
- Lock::DBRead lk(txn.lockState(), rsoplog);
+ Lock::DBRead lk(rsoplog);
BSONObj o;
uassert(17347, "Problem reading earliest entry from oplog", Helpers::getFirst(rsoplog, o));
return o["ts"]._opTime();
@@ -861,20 +859,19 @@ namespace {
const BSONObj ReplSetImpl::_initialSyncFlag(BSON(_initialSyncFlagString << true));
void ReplSetImpl::clearInitialSyncFlag() {
+ Lock::DBWrite lk("local");
OperationContextImpl txn; // XXX?
- Lock::DBWrite lk(txn.lockState(), "local");
Helpers::putSingleton(&txn, "local.replset.minvalid", BSON("$unset" << _initialSyncFlag));
}
void ReplSetImpl::setInitialSyncFlag() {
+ Lock::DBWrite lk("local");
OperationContextImpl txn; // XXX?
- Lock::DBWrite lk(txn.lockState(), "local");
Helpers::putSingleton(&txn, "local.replset.minvalid", BSON("$set" << _initialSyncFlag));
}
bool ReplSetImpl::getInitialSyncFlag() {
- OperationContextImpl txn; // XXX?
- Lock::DBRead lk (txn.lockState(), "local");
+ Lock::DBRead lk ("local");
BSONObj mv;
if (Helpers::getSingleton("local.replset.minvalid", mv)) {
return mv[_initialSyncFlagString].trueValue();
@@ -887,15 +884,13 @@ namespace {
BSONObjBuilder subobj(builder.subobjStart("$set"));
subobj.appendTimestamp("ts", obj["ts"].date());
subobj.done();
-
+ Lock::DBWrite lk("local");
OperationContextImpl txn; // XXX?
- Lock::DBWrite lk(txn.lockState(), "local");
Helpers::putSingleton(&txn, "local.replset.minvalid", builder.obj());
}
OpTime ReplSetImpl::getMinValid() {
- OperationContextImpl txn; // XXX?
- Lock::DBRead lk(txn.lockState(), "local.replset.minvalid");
+ Lock::DBRead lk("local.replset.minvalid");
BSONObj mv;
if (Helpers::getSingleton("local.replset.minvalid", mv)) {
return mv["ts"]._opTime();
diff --git a/src/mongo/db/repl/repl_settings.cpp b/src/mongo/db/repl/repl_settings.cpp
index 48dad4218cc..e8cb54d8728 100644
--- a/src/mongo/db/repl/repl_settings.cpp
+++ b/src/mongo/db/repl/repl_settings.cpp
@@ -40,7 +40,6 @@
#include "mongo/db/repl/master_slave.h"
#include "mongo/db/repl/oplogreader.h"
#include "mongo/db/repl/rs.h"
-#include "mongo/db/operation_context_impl.h"
#include "mongo/db/storage_options.h"
#include "mongo/db/wire_version.h"
#include "mongo/s/write_ops/batched_command_request.h"
@@ -56,7 +55,7 @@ namespace repl {
return replSettings.slave || replSettings.master || theReplSet;
}
- void appendReplicationInfo(OperationContext* txn, BSONObjBuilder& result, int level) {
+ void appendReplicationInfo(BSONObjBuilder& result, int level) {
if ( replSet ) {
if( theReplSet == 0 || theReplSet->state().shunned() ) {
result.append("ismaster", false);
@@ -89,7 +88,7 @@ namespace repl {
list<BSONObj> src;
{
const char* localSources = "local.sources";
- Client::ReadContext ctx(txn, localSources);
+ Client::ReadContext ctx(localSources, storageGlobalParams.dbpath);
auto_ptr<Runner> runner(InternalPlanner::collectionScan(localSources,
ctx.ctx().db()->getCollection(localSources)));
BSONObj obj;
@@ -152,9 +151,7 @@ namespace repl {
int level = configElement.numberInt();
BSONObjBuilder result;
-
- OperationContextImpl txn; // XXX?
- appendReplicationInfo(&txn, result, level);
+ appendReplicationInfo(result, level);
return result.obj();
}
} replicationInfoServerStatus;
@@ -199,7 +196,7 @@ namespace repl {
if ( cmdObj["forShell"].trueValue() )
lastError.disableForCommand();
- appendReplicationInfo(txn, result, 0);
+ appendReplicationInfo(result, 0);
result.appendNumber("maxBsonObjectSize", BSONObjMaxUserSize);
result.appendNumber("maxMessageSizeBytes", MaxMessageSizeBytes);
diff --git a/src/mongo/db/repl/rs.cpp b/src/mongo/db/repl/rs.cpp
index ee32241039d..798269c7c29 100644
--- a/src/mongo/db/repl/rs.cpp
+++ b/src/mongo/db/repl/rs.cpp
@@ -171,7 +171,7 @@ namespace repl {
}
}
- virtual void append(OperationContext* txn, BSONObjBuilder& b, const string& name) {
+ virtual void append( BSONObjBuilder& b, const string& name ) {
b.append( name, _value() );
}
diff --git a/src/mongo/db/repl/rs_config.cpp b/src/mongo/db/repl/rs_config.cpp
index da705f14659..0e29c52e323 100644
--- a/src/mongo/db/repl/rs_config.cpp
+++ b/src/mongo/db/repl/rs_config.cpp
@@ -28,6 +28,8 @@
* it in the license file.
*/
+#include "mongo/pch.h"
+
#include <boost/algorithm/string.hpp>
#include "mongo/db/dbhelpers.h"
@@ -80,8 +82,8 @@ namespace repl {
log() << "replSet info saving a newer config version to local.system.replset: "
<< newConfigBSON << rsLog;
{
+ Client::WriteContext cx( rsConfigNs );
OperationContextImpl txn;
- Client::WriteContext cx(&txn, rsConfigNs);
//theReplSet->lastOpTimeWritten = ??;
//rather than above, do a logOp()? probably
diff --git a/src/mongo/db/repl/rs_initialsync.cpp b/src/mongo/db/repl/rs_initialsync.cpp
index 32d9d7e6e3c..f3120fb246a 100644
--- a/src/mongo/db/repl/rs_initialsync.cpp
+++ b/src/mongo/db/repl/rs_initialsync.cpp
@@ -99,8 +99,8 @@ namespace repl {
else
sethbmsg( str::stream() << "initial sync cloning indexes for : " << db , 0);
+ Client::WriteContext ctx(db);
OperationContextImpl txn;
- Client::WriteContext ctx(&txn, db);
string err;
int errCode;
@@ -130,9 +130,8 @@ namespace repl {
void _logOpObjRS(const BSONObj& op);
static void emptyOplog() {
+ Client::WriteContext ctx(rsoplog);
OperationContextImpl txn;
- Client::WriteContext ctx(&txn, rsoplog);
-
Collection* collection = ctx.ctx().db()->getCollection(rsoplog);
// temp
@@ -322,8 +321,7 @@ namespace repl {
log() << "replSet cleaning up [1]" << rsLog;
{
- OperationContextImpl txn; // XXX?
- Client::WriteContext cx(&txn, "local.");
+ Client::WriteContext cx( "local." );
cx.ctx().db()->flushFiles(true);
}
log() << "replSet cleaning up [2]" << rsLog;
@@ -467,9 +465,7 @@ namespace repl {
verify( !box.getState().primary() ); // wouldn't make sense if we were.
{
- OperationContextImpl txn;
- Client::WriteContext cx(&txn, "local.");
-
+ Client::WriteContext cx( "local." );
cx.ctx().db()->flushFiles(true);
try {
log() << "replSet set minValid=" << minValid["ts"]._opTime().toString() << rsLog;
diff --git a/src/mongo/db/repl/rs_rollback.cpp b/src/mongo/db/repl/rs_rollback.cpp
index b8bc672753f..45b24c899df 100644
--- a/src/mongo/db/repl/rs_rollback.cpp
+++ b/src/mongo/db/repl/rs_rollback.cpp
@@ -654,8 +654,7 @@ namespace repl {
// check that we are at minvalid, otherwise we cannot rollback as we may be in an
// inconsistent state
{
- OperationContextImpl txn;
- Lock::DBRead lk(txn.lockState(), "local.replset.minvalid");
+ Lock::DBRead lk("local.replset.minvalid");
BSONObj mv;
if (Helpers::getSingleton("local.replset.minvalid", mv)) {
OpTime minvalid = mv["ts"]._opTime();
diff --git a/src/mongo/db/repl/sync_source_feedback.cpp b/src/mongo/db/repl/sync_source_feedback.cpp
index d30eb517898..8a8ac1da5f9 100644
--- a/src/mongo/db/repl/sync_source_feedback.cpp
+++ b/src/mongo/db/repl/sync_source_feedback.cpp
@@ -66,9 +66,8 @@ namespace repl {
void SyncSourceFeedback::ensureMe() {
string myname = getHostName();
{
+ Client::WriteContext ctx("local");
OperationContextImpl txn;
- Client::WriteContext ctx(&txn, "local");
-
// local.me is an identifier for a server for getLastError w:2+
if (!Helpers::getSingleton("local.me", _me) ||
!_me.hasField("host") ||
diff --git a/src/mongo/db/repl/sync_tail.cpp b/src/mongo/db/repl/sync_tail.cpp
index 92eea631595..4526c4af3d3 100644
--- a/src/mongo/db/repl/sync_tail.cpp
+++ b/src/mongo/db/repl/sync_tail.cpp
@@ -94,7 +94,6 @@ namespace repl {
bool isCommand(op["op"].valuestrsafe()[0] == 'c');
- OperationContextImpl txn;
boost::scoped_ptr<Lock::ScopedLock> lk;
if(isCommand) {
@@ -103,10 +102,11 @@ namespace repl {
lk.reset(new Lock::GlobalWrite());
} else {
// DB level lock for this operation
- lk.reset(new Lock::DBWrite(txn.lockState(), ns));
+ lk.reset(new Lock::DBWrite(ns));
}
Client::Context ctx(ns, storageGlobalParams.dbpath);
+ OperationContextImpl txn;
ctx.getClient()->curop()->reset();
// For non-initial-sync, we convert updates to upserts
// to suppress errors when replaying oplog entries.
@@ -126,9 +126,8 @@ namespace repl {
try {
// one possible tweak here would be to stay in the read lock for this database
// for multiple prefetches if they are for the same database.
- OperationContextImpl txn;
- Client::ReadContext ctx(&txn, ns);
- prefetchPagesForReplicatedOp(&txn, ctx.ctx().db(), op);
+ Client::ReadContext ctx(ns);
+ prefetchPagesForReplicatedOp(ctx.ctx().db(), op);
}
catch (const DBException& e) {
LOG(2) << "ignoring exception in prefetchOp(): " << e.what() << endl;
@@ -476,9 +475,7 @@ namespace repl {
void SyncTail::applyOpsToOplog(std::deque<BSONObj>* ops) {
{
- OperationContextImpl txn; // XXX?
- Lock::DBWrite lk(txn.lockState(), "local");
-
+ Lock::DBWrite lk("local");
while (!ops->empty()) {
const BSONObj& op = ops->front();
// this updates theReplSet->lastOpTimeWritten
diff --git a/src/mongo/db/restapi.cpp b/src/mongo/db/restapi.cpp
index 657dc627d16..1e9e2708efa 100644
--- a/src/mongo/db/restapi.cpp
+++ b/src/mongo/db/restapi.cpp
@@ -260,9 +260,9 @@ namespace mongo {
} restHandler;
- bool RestAdminAccess::haveAdminUsers(OperationContext* txn) const {
+ bool RestAdminAccess::haveAdminUsers() const {
AuthorizationSession* authzSession = cc().getAuthorizationSession();
- return authzSession->getAuthorizationManager().hasAnyPrivilegeDocuments(txn);
+ return authzSession->getAuthorizationManager().hasAnyPrivilegeDocuments();
}
class LowLevelMongodStatus : public WebStatusPlugin {
diff --git a/src/mongo/db/restapi.h b/src/mongo/db/restapi.h
index d73103ab785..e170e740b20 100644
--- a/src/mongo/db/restapi.h
+++ b/src/mongo/db/restapi.h
@@ -43,7 +43,7 @@ namespace mongo {
public:
virtual ~RestAdminAccess() { }
- virtual bool haveAdminUsers(OperationContext* txn) const;
+ virtual bool haveAdminUsers() const;
};
} // namespace mongo
diff --git a/src/mongo/db/server_parameters.h b/src/mongo/db/server_parameters.h
index 9c281e4499c..c4feb946ad5 100644
--- a/src/mongo/db/server_parameters.h
+++ b/src/mongo/db/server_parameters.h
@@ -39,7 +39,6 @@
namespace mongo {
class ServerParameterSet;
- class OperationContext;
/**
* Lets you make server level settings easily configurable.
@@ -67,7 +66,7 @@ namespace mongo {
bool allowedToChangeAtRuntime() const { return _allowedToChangeAtRuntime; }
- virtual void append(OperationContext* txn, BSONObjBuilder& b, const std::string& name ) = 0;
+ virtual void append( BSONObjBuilder& b, const std::string& name ) = 0;
virtual Status set( const BSONElement& newValueElement ) = 0;
@@ -115,7 +114,7 @@ namespace mongo {
_value( value ) {}
virtual ~ExportedServerParameter() {}
- virtual void append(OperationContext* txn, BSONObjBuilder& b, const std::string& name) {
+ virtual void append( BSONObjBuilder& b, const std::string& name ) {
b.append( name, *_value );
}
diff --git a/src/mongo/db/server_parameters_test.cpp b/src/mongo/db/server_parameters_test.cpp
index c2a6f56156c..212b31dbacc 100644
--- a/src/mongo/db/server_parameters_test.cpp
+++ b/src/mongo/db/server_parameters_test.cpp
@@ -30,7 +30,6 @@
#include "mongo/unittest/unittest.h"
-#include "mongo/db/operation_context_noop.h"
#include "mongo/db/server_parameters.h"
namespace mongo {
@@ -69,10 +68,7 @@ namespace mongo {
ASSERT_EQUALS( "c", v[2] );
BSONObjBuilder b;
-
- OperationContextNoop txn;
- vv.append(&txn, b, vv.name());
-
+ vv.append( b, vv.name() );
BSONObj y = b.obj();
ASSERT( x.firstElement().woCompare( y.firstElement(), false ) == 0 );
diff --git a/src/mongo/db/ttl.cpp b/src/mongo/db/ttl.cpp
index c497c8ed7e4..be47f16d3d3 100644
--- a/src/mongo/db/ttl.cpp
+++ b/src/mongo/db/ttl.cpp
@@ -113,10 +113,9 @@ namespace mongo {
long long n = 0;
{
- const string ns = idx["ns"].String();
-
+ string ns = idx["ns"].String();
+ Client::WriteContext ctx( ns );
OperationContextImpl txn;
- Client::WriteContext ctx(&txn, ns );
Collection* collection = ctx.ctx().db()->getCollection( ns );
if ( !collection ) {
// collection was dropped
@@ -172,8 +171,7 @@ namespace mongo {
set<string> dbs;
{
- OperationContextImpl txn; // XXX?
- Lock::DBRead lk(txn.lockState(), "local");
+ Lock::DBRead lk( "local" );
dbHolder().getAllShortNames( dbs );
}
View Lorry Controller Status