diff options
author | Sara Golemon <sara.golemon@mongodb.com> | 2020-09-16 21:29:13 +0000 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2020-09-18 15:42:24 +0000 |
commit | cf4fa7e9e0b5a1b0c358da1c981083b5ec179c30 (patch) | |
tree | 5c250802f3e8a36cdf92d79ed82ca7417d02a2c2 /src/mongo/rpc | |
parent | 6b15e4de5d249f2a91fcc60c848e584af6756dbc (diff) | |
download | mongo-cf4fa7e9e0b5a1b0c358da1c981083b5ec179c30.tar.gz |
SERVER-50394 Forward impersonatedUser/Role information when available
Diffstat (limited to 'src/mongo/rpc')
-rw-r--r-- | src/mongo/rpc/metadata/impersonated_user_metadata.cpp | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/src/mongo/rpc/metadata/impersonated_user_metadata.cpp b/src/mongo/rpc/metadata/impersonated_user_metadata.cpp index 66b0b495a88..bf068490f41 100644 --- a/src/mongo/rpc/metadata/impersonated_user_metadata.cpp +++ b/src/mongo/rpc/metadata/impersonated_user_metadata.cpp @@ -74,18 +74,22 @@ void writeAuthDataToImpersonatedUserMetadata(OperationContext* opCtx, BSONObjBui // Otherwise construct a metadata section from the list of authenticated users/roles auto authSession = AuthorizationSession::get(opCtx->getClient()); - ImpersonatedUserMetadata metadata; - metadata.setUsers(userNameIteratorToContainer<std::vector<UserName>>( - authSession->getAuthenticatedUserNames())); - - metadata.setRoles(roleNameIteratorToContainer<std::vector<RoleName>>( - authSession->getAuthenticatedRoleNames())); + auto userNames = authSession->getImpersonatedUserNames(); + auto roleNames = authSession->getImpersonatedRoleNames(); + if (!userNames.more() && !roleNames.more()) { + userNames = authSession->getAuthenticatedUserNames(); + roleNames = authSession->getAuthenticatedRoleNames(); + } // If there are no users/roles being impersonated just exit - if (metadata.getUsers().empty() && metadata.getRoles().empty()) { + if (!userNames.more() && !roleNames.more()) { return; } + ImpersonatedUserMetadata metadata; + metadata.setUsers(userNameIteratorToContainer<std::vector<UserName>>(userNames)); + metadata.setRoles(roleNameIteratorToContainer<std::vector<RoleName>>(roleNames)); + BSONObjBuilder section(out->subobjStart(kImpersonationMetadataSectionName)); metadata.serialize(§ion); } |