SERVER-6246 SERVER-9518 Invalidate users even if update returned bad Status

author: Spencer T Brody <spencer@10gen.com> 2013-09-24 13:49:39 -0400
committer: Spencer T Brody <spencer@10gen.com> 2013-09-24 14:29:54 -0400
commit: ff60a1debd72cda29197871d1c19f536fb434eac (patch)
tree: cac5f7a633e2a63b14e3ec000a228e12d4b5cdc3 /src
parent: 52cf8ca8e15295690a21d9442cbd7d066651fc62 (diff)
download: mongo-ff60a1debd72cda29197871d1c19f536fb434eac.tar.gz
1 files changed, 14 insertions, 8 deletions
diff --git a/src/mongo/db/commands/user_management_commands.cpp b/src/mongo/db/commands/user_management_commands.cpp
index bb6a52a9727..dd809623ab3 100644
--- a/src/mongo/db/commands/user_management_commands.cpp
+++ b/src/mongo/db/commands/user_management_commands.cpp
@@ -234,12 +234,13 @@ namespace mongo {
             }
 
             status = authzManager->updatePrivilegeDocument(userName, updateObj, writeConcern);
+            // Must invalidate even on bad status - what if the write succeeded but the GLE failed?
+            authzManager->invalidateUserByName(userName);
             if (!status.isOK()) {
                 addStatus(status, result);
                 return false;
             }
 
-            authzManager->invalidateUserByName(userName);
             return true;
         }
 
@@ -313,6 +314,8 @@ namespace mongo {
                          AuthorizationManager::USER_SOURCE_FIELD_NAME << dbname),
                     writeConcern,
                     &numUpdated);
+            // Must invalidate even on bad status - what if the write succeeded but the GLE failed?
+            authzManager->invalidateUserByName(UserName(user, dbname));
             if (!status.isOK()) {
                 addStatus(status, result);
                 return false;
@@ -326,7 +329,6 @@ namespace mongo {
                 return false;
             }
 
-            authzManager->invalidateUserByName(UserName(user, dbname));
             return true;
         }
 
@@ -388,14 +390,14 @@ namespace mongo {
                     BSON(AuthorizationManager::USER_SOURCE_FIELD_NAME << dbname),
                     writeConcern,
                     &numRemoved);
+            // Must invalidate even on bad status - what if the write succeeded but the GLE failed?
+            authzManager->invalidateUsersFromDB(dbname);
             if (!status.isOK()) {
                 addStatus(status, result);
                 return false;
             }
 
             result.append("n", numRemoved);
-
-            authzManager->invalidateUsersFromDB(dbname);
             return true;
         }
 
@@ -479,12 +481,13 @@ namespace mongo {
             BSONArray newRolesBSONArray = rolesToBSONArray(userRoles);
             status = authzManager->updatePrivilegeDocument(
                     userName, BSON("$set" << BSON("roles" << newRolesBSONArray)), writeConcern);
+            // Must invalidate even on bad status - what if the write succeeded but the GLE failed?
+            authzManager->invalidateUserByName(userName);
             if (!status.isOK()) {
                 addStatus(status, result);
                 return false;
             }
 
-            authzManager->invalidateUserByName(userName);
             return true;
         }
 
@@ -576,12 +579,13 @@ namespace mongo {
             BSONArray newRolesBSONArray = rolesToBSONArray(userRoles);
             status = authzManager->updatePrivilegeDocument(
                     userName, BSON("$set" << BSON("roles" << newRolesBSONArray)), writeConcern);
+            // Must invalidate even on bad status - what if the write succeeded but the GLE failed?
+            authzManager->invalidateUserByName(userName);
             if (!status.isOK()) {
                 addStatus(status, result);
                 return false;
             }
 
-            authzManager->invalidateUserByName(userName);
             return true;
         }
 
@@ -665,12 +669,13 @@ namespace mongo {
             BSONArray newRolesBSONArray = rolesToBSONArray(userRoles);
             status = authzManager->updatePrivilegeDocument(
                     userName, BSON("$set" << BSON("roles" << newRolesBSONArray)), writeConcern);
+            // Must invalidate even on bad status - what if the write succeeded but the GLE failed?
+            authzManager->invalidateUserByName(userName);
             if (!status.isOK()) {
                 addStatus(status, result);
                 return false;
             }
 
-            authzManager->invalidateUserByName(userName);
             return true;
         }
 
@@ -762,12 +767,13 @@ namespace mongo {
             BSONArray newRolesBSONArray = rolesToBSONArray(userRoles);
             status = authzManager->updatePrivilegeDocument(
                     userName, BSON("$set" << BSON("roles" << newRolesBSONArray)), writeConcern);
+            // Must invalidate even on bad status - what if the write succeeded but the GLE failed?
+            authzManager->invalidateUserByName(userName);
             if (!status.isOK()) {
                 addStatus(status, result);
                 return false;
             }
 
-            authzManager->invalidateUserByName(userName);
             return true;
         }
author	Spencer T Brody <spencer@10gen.com>	2013-09-24 13:49:39 -0400
committer	Spencer T Brody <spencer@10gen.com>	2013-09-24 14:29:54 -0400
commit	ff60a1debd72cda29197871d1c19f536fb434eac (patch)
tree	cac5f7a633e2a63b14e3ec000a228e12d4b5cdc3 /src
parent	52cf8ca8e15295690a21d9442cbd7d066651fc62 (diff)
download	mongo-ff60a1debd72cda29197871d1c19f536fb434eac.tar.gz