SERVER-45966 Add ClientMetadataPropagationEgressHook for NetworkInterface used by ReplicaSetNodeProcessInterface

6 files changed, 127 insertions, 3 deletions

diff --git a/src/mongo/db/SConscript b/src/mongo/db/SConscript
index 780a18011d4..f1f41daa4c2 100644
--- a/src/mongo/db/SConscript
+++ b/src/mongo/db/SConscript
@@ -1590,6 +1590,17 @@ env.Library(
 )
 
 env.Library(
+    target='client_metadata_propagation_egress_hook',
+    source=[
+        'client_metadata_propagation_egress_hook.cpp',
+    ],
+    LIBDEPS=[
+        '$BUILD_DIR/mongo/rpc/client_metadata',
+        '$BUILD_DIR/mongo/rpc/metadata_impersonated_user',
+    ],
+)
+
+env.Library(
     target= 'logical_clock_test_fixture',
     source= [
         'logical_clock_test_fixture.cpp',
diff --git a/src/mongo/db/client_metadata_propagation_egress_hook.cpp b/src/mongo/db/client_metadata_propagation_egress_hook.cpp
new file mode 100644
index 00000000000..2da3c615fd5
--- /dev/null
+++ b/src/mongo/db/client_metadata_propagation_egress_hook.cpp
@@ -0,0 +1,56 @@
+/**
+ *    Copyright (C) 2020-present MongoDB, Inc.
+ *
+ *    This program is free software: you can redistribute it and/or modify
+ *    it under the terms of the Server Side Public License, version 1,
+ *    as published by MongoDB, Inc.
+ *
+ *    This program is distributed in the hope that it will be useful,
+ *    but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *    Server Side Public License for more details.
+ *
+ *    You should have received a copy of the Server Side Public License
+ *    along with this program. If not, see
+ *    <http://www.mongodb.com/licensing/server-side-public-license>.
+ *
+ *    As a special exception, the copyright holders give permission to link the
+ *    code of portions of this program with the OpenSSL library under certain
+ *    conditions as described in each individual source file and distribute
+ *    linked combinations including the program with the OpenSSL library. You
+ *    must comply with the Server Side Public License in all respects for
+ *    all of the code used other than as permitted herein. If you modify file(s)
+ *    with this exception, you may extend this exception to your version of the
+ *    file(s), but you are not obligated to do so. If you do not wish to do so,
+ *    delete this exception statement from your version. If you delete this
+ *    exception statement from all source files in the program, then also delete
+ *    it in the license file.
+ */
+
+#include "mongo/db/client_metadata_propagation_egress_hook.h"
+
+#include "mongo/rpc/metadata/client_metadata_ismaster.h"
+#include "mongo/rpc/metadata/impersonated_user_metadata.h"
+
+namespace mongo {
+namespace rpc {
+
+Status ClientMetadataPropagationEgressHook::writeRequestMetadata(OperationContext* opCtx,
+                                                                 BSONObjBuilder* metadataBob) {
+    try {
+        writeAuthDataToImpersonatedUserMetadata(opCtx, metadataBob);
+        ClientMetadataIsMasterState::writeToMetadata(opCtx, metadataBob);
+        return Status::OK();
+    } catch (...) {
+        return exceptionToStatus();
+    }
+}
+
+Status ClientMetadataPropagationEgressHook::readReplyMetadata(OperationContext* opCtx,
+                                                              StringData replySource,
+                                                              const BSONObj& metadataObj) {
+    return Status::OK();
+}
+
+}  // namespace rpc
+}  // namespace mongo
diff --git a/src/mongo/db/client_metadata_propagation_egress_hook.h b/src/mongo/db/client_metadata_propagation_egress_hook.h
new file mode 100644
index 00000000000..b2831af3baf
--- /dev/null
+++ b/src/mongo/db/client_metadata_propagation_egress_hook.h
@@ -0,0 +1,52 @@
+/**
+ *    Copyright (C) 2020-present MongoDB, Inc.
+ *
+ *    This program is free software: you can redistribute it and/or modify
+ *    it under the terms of the Server Side Public License, version 1,
+ *    as published by MongoDB, Inc.
+ *
+ *    This program is distributed in the hope that it will be useful,
+ *    but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *    Server Side Public License for more details.
+ *
+ *    You should have received a copy of the Server Side Public License
+ *    along with this program. If not, see
+ *    <http://www.mongodb.com/licensing/server-side-public-license>.
+ *
+ *    As a special exception, the copyright holders give permission to link the
+ *    code of portions of this program with the OpenSSL library under certain
+ *    conditions as described in each individual source file and distribute
+ *    linked combinations including the program with the OpenSSL library. You
+ *    must comply with the Server Side Public License in all respects for
+ *    all of the code used other than as permitted herein. If you modify file(s)
+ *    with this exception, you may extend this exception to your version of the
+ *    file(s), but you are not obligated to do so. If you do not wish to do so,
+ *    delete this exception statement from your version. If you delete this
+ *    exception statement from all source files in the program, then also delete
+ *    it in the license file.
+ */
+
+#pragma once
+
+#include "mongo/db/service_context.h"
+#include "mongo/rpc/metadata/metadata_hook.h"
+
+namespace mongo {
+namespace rpc {
+
+/**
+ * Hook for attaching client and auth metadata for requests made on behalf of a user.
+ */
+class ClientMetadataPropagationEgressHook : public rpc::EgressMetadataHook {
+public:
+    virtual ~ClientMetadataPropagationEgressHook() = default;
+
+    Status readReplyMetadata(OperationContext* opCtx,
+                             StringData replySource,
+                             const BSONObj& metadataObj) final;
+    Status writeRequestMetadata(OperationContext* opCtx, BSONObjBuilder* metadataBob) final;
+};
+
+}  // namespace rpc
+}  // namespace mongo
diff --git a/src/mongo/db/db.cpp b/src/mongo/db/db.cpp
index bc6dfa256ec..a893d1c0059 100644
--- a/src/mongo/db/db.cpp
+++ b/src/mongo/db/db.cpp
@@ -60,6 +60,7 @@
 #include "mongo/db/catalog/index_catalog.h"
 #include "mongo/db/catalog/index_key_validate.h"
 #include "mongo/db/client.h"
+#include "mongo/db/client_metadata_propagation_egress_hook.h"
 #include "mongo/db/clientcursor.h"
 #include "mongo/db/commands/feature_compatibility_version.h"
 #include "mongo/db/commands/feature_compatibility_version_gen.h"
@@ -888,8 +889,9 @@ auto makeReplicaSetNodeExecutor(ServiceContext* serviceContext) {
     tpOptions.onCreateThread = [](const std::string& threadName) {
         Client::initThread(threadName.c_str());
     };
-    // TODO SERVER-45966 Add necessary hooks.
-    auto hookList = nullptr;
+    auto hookList = std::make_unique<rpc::EgressMetadataHookList>();
+    hookList->addHook(std::make_unique<rpc::LogicalTimeMetadataHook>(serviceContext));
+    hookList->addHook(std::make_unique<rpc::ClientMetadataPropagationEgressHook>());
     return std::make_unique<executor::ThreadPoolTaskExecutor>(
         std::make_unique<ThreadPool>(tpOptions),
         executor::makeNetworkInterface("ReplNodeDbWorkerNetwork", nullptr, std::move(hookList)));
@@ -947,7 +949,7 @@ void setUpReplication(ServiceContext* serviceContext) {
         SecureRandom().nextInt64());
     // Only create a ReplicaSetNodeExecutor if sharding is disabled and replication is enabled.
     // Note that sharding sets up its own executors for scheduling work to remote nodes.
-    if (!ShardingState::get(serviceContext)->enabled() && replCoord->isReplEnabled())
+    if (serverGlobalParams.clusterRole == ClusterRole::None && replCoord->isReplEnabled())
         ReplicaSetNodeProcessInterface::setReplicaSetNodeExecutor(
             serviceContext, makeReplicaSetNodeExecutor(serviceContext));
 
diff --git a/src/mongo/db/s/SConscript b/src/mongo/db/s/SConscript
index ea1cdc44cab..4b536cf9d80 100644
--- a/src/mongo/db/s/SConscript
+++ b/src/mongo/db/s/SConscript
@@ -80,6 +80,7 @@ env.Library(
     ],
     LIBDEPS=[
         '$BUILD_DIR/mongo/db/catalog/multi_index_block',
+        '$BUILD_DIR/mongo/db/client_metadata_propagation_egress_hook',
         '$BUILD_DIR/mongo/db/commands/mongod_fcv',
         '$BUILD_DIR/mongo/db/db_raii',
         '$BUILD_DIR/mongo/db/dbhelpers',
diff --git a/src/mongo/db/s/sharding_initialization_mongod.cpp b/src/mongo/db/s/sharding_initialization_mongod.cpp
index 44b31aed18e..e35e529e9df 100644
--- a/src/mongo/db/s/sharding_initialization_mongod.cpp
+++ b/src/mongo/db/s/sharding_initialization_mongod.cpp
@@ -39,6 +39,7 @@
 #include "mongo/client/remote_command_targeter_factory_impl.h"
 #include "mongo/client/replica_set_monitor.h"
 #include "mongo/db/catalog_raii.h"
+#include "mongo/db/client_metadata_propagation_egress_hook.h"
 #include "mongo/db/concurrency/d_concurrency.h"
 #include "mongo/db/dbhelpers.h"
 #include "mongo/db/logical_time_metadata_hook.h"
@@ -81,6 +82,7 @@ const auto getInstance = ServiceContext::declareDecoration<ShardingInitializatio
 auto makeEgressHooksList(ServiceContext* service) {
     auto unshardedHookList = std::make_unique<rpc::EgressMetadataHookList>();
     unshardedHookList->addHook(std::make_unique<rpc::LogicalTimeMetadataHook>(service));
+    unshardedHookList->addHook(std::make_unique<rpc::ClientMetadataPropagationEgressHook>());
     unshardedHookList->addHook(std::make_unique<rpc::ShardingEgressMetadataHookForMongod>(service));
 
     return unshardedHookList;