diff options
| -rw-r--r-- | src/mongo/SConscript | 1 | ||||
| -rw-r--r-- | src/mongo/db/SConscript | 11 | ||||
| -rw-r--r-- | src/mongo/db/client_metadata_propagation_egress_hook.cpp | 56 | ||||
| -rw-r--r-- | src/mongo/db/client_metadata_propagation_egress_hook.h | 52 | ||||
| -rw-r--r-- | src/mongo/db/db.cpp | 8 | ||||
| -rw-r--r-- | src/mongo/db/s/SConscript | 1 | ||||
| -rw-r--r-- | src/mongo/db/s/sharding_initialization_mongod.cpp | 2 | ||||
| -rw-r--r-- | src/mongo/s/SConscript | 1 | ||||
| -rw-r--r-- | src/mongo/s/server.cpp | 4 | ||||
| -rw-r--r-- | src/mongo/s/sharding_egress_metadata_hook.cpp | 2 | ||||
| -rw-r--r-- | src/mongo/s/sharding_router_test_fixture.cpp | 2 |
11 files changed, 135 insertions, 5 deletions
diff --git a/src/mongo/SConscript b/src/mongo/SConscript index ed2c87c6be7..57cdf022a47 100644 --- a/src/mongo/SConscript +++ b/src/mongo/SConscript @@ -372,6 +372,7 @@ mongod = env.Program( 'db/catalog/document_validation', 'db/catalog/health_log', 'db/catalog/index_key_validate', + 'db/client_metadata_propagation_egress_hook', 'db/cloner', 'db/collection_index_usage_tracker', 'db/commands/mongod', diff --git a/src/mongo/db/SConscript b/src/mongo/db/SConscript index 780a18011d4..f1f41daa4c2 100644 --- a/src/mongo/db/SConscript +++ b/src/mongo/db/SConscript @@ -1590,6 +1590,17 @@ env.Library( ) env.Library( + target='client_metadata_propagation_egress_hook', + source=[ + 'client_metadata_propagation_egress_hook.cpp', + ], + LIBDEPS=[ + '$BUILD_DIR/mongo/rpc/client_metadata', + '$BUILD_DIR/mongo/rpc/metadata_impersonated_user', + ], +) + +env.Library( target= 'logical_clock_test_fixture', source= [ 'logical_clock_test_fixture.cpp', diff --git a/src/mongo/db/client_metadata_propagation_egress_hook.cpp b/src/mongo/db/client_metadata_propagation_egress_hook.cpp new file mode 100644 index 00000000000..2da3c615fd5 --- /dev/null +++ b/src/mongo/db/client_metadata_propagation_egress_hook.cpp @@ -0,0 +1,56 @@ +/** + * Copyright (C) 2020-present MongoDB, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the Server Side Public License, version 1, + * as published by MongoDB, Inc. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * Server Side Public License for more details. + * + * You should have received a copy of the Server Side Public License + * along with this program. If not, see + * <http://www.mongodb.com/licensing/server-side-public-license>. + * + * As a special exception, the copyright holders give permission to link the + * code of portions of this program with the OpenSSL library under certain + * conditions as described in each individual source file and distribute + * linked combinations including the program with the OpenSSL library. You + * must comply with the Server Side Public License in all respects for + * all of the code used other than as permitted herein. If you modify file(s) + * with this exception, you may extend this exception to your version of the + * file(s), but you are not obligated to do so. If you do not wish to do so, + * delete this exception statement from your version. If you delete this + * exception statement from all source files in the program, then also delete + * it in the license file. + */ + +#include "mongo/db/client_metadata_propagation_egress_hook.h" + +#include "mongo/rpc/metadata/client_metadata_ismaster.h" +#include "mongo/rpc/metadata/impersonated_user_metadata.h" + +namespace mongo { +namespace rpc { + +Status ClientMetadataPropagationEgressHook::writeRequestMetadata(OperationContext* opCtx, + BSONObjBuilder* metadataBob) { + try { + writeAuthDataToImpersonatedUserMetadata(opCtx, metadataBob); + ClientMetadataIsMasterState::writeToMetadata(opCtx, metadataBob); + return Status::OK(); + } catch (...) { + return exceptionToStatus(); + } +} + +Status ClientMetadataPropagationEgressHook::readReplyMetadata(OperationContext* opCtx, + StringData replySource, + const BSONObj& metadataObj) { + return Status::OK(); +} + +} // namespace rpc +} // namespace mongo diff --git a/src/mongo/db/client_metadata_propagation_egress_hook.h b/src/mongo/db/client_metadata_propagation_egress_hook.h new file mode 100644 index 00000000000..b2831af3baf --- /dev/null +++ b/src/mongo/db/client_metadata_propagation_egress_hook.h @@ -0,0 +1,52 @@ +/** + * Copyright (C) 2020-present MongoDB, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the Server Side Public License, version 1, + * as published by MongoDB, Inc. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * Server Side Public License for more details. + * + * You should have received a copy of the Server Side Public License + * along with this program. If not, see + * <http://www.mongodb.com/licensing/server-side-public-license>. + * + * As a special exception, the copyright holders give permission to link the + * code of portions of this program with the OpenSSL library under certain + * conditions as described in each individual source file and distribute + * linked combinations including the program with the OpenSSL library. You + * must comply with the Server Side Public License in all respects for + * all of the code used other than as permitted herein. If you modify file(s) + * with this exception, you may extend this exception to your version of the + * file(s), but you are not obligated to do so. If you do not wish to do so, + * delete this exception statement from your version. If you delete this + * exception statement from all source files in the program, then also delete + * it in the license file. + */ + +#pragma once + +#include "mongo/db/service_context.h" +#include "mongo/rpc/metadata/metadata_hook.h" + +namespace mongo { +namespace rpc { + +/** + * Hook for attaching client and auth metadata for requests made on behalf of a user. + */ +class ClientMetadataPropagationEgressHook : public rpc::EgressMetadataHook { +public: + virtual ~ClientMetadataPropagationEgressHook() = default; + + Status readReplyMetadata(OperationContext* opCtx, + StringData replySource, + const BSONObj& metadataObj) final; + Status writeRequestMetadata(OperationContext* opCtx, BSONObjBuilder* metadataBob) final; +}; + +} // namespace rpc +} // namespace mongo diff --git a/src/mongo/db/db.cpp b/src/mongo/db/db.cpp index bc6dfa256ec..a893d1c0059 100644 --- a/src/mongo/db/db.cpp +++ b/src/mongo/db/db.cpp @@ -60,6 +60,7 @@ #include "mongo/db/catalog/index_catalog.h" #include "mongo/db/catalog/index_key_validate.h" #include "mongo/db/client.h" +#include "mongo/db/client_metadata_propagation_egress_hook.h" #include "mongo/db/clientcursor.h" #include "mongo/db/commands/feature_compatibility_version.h" #include "mongo/db/commands/feature_compatibility_version_gen.h" @@ -888,8 +889,9 @@ auto makeReplicaSetNodeExecutor(ServiceContext* serviceContext) { tpOptions.onCreateThread = [](const std::string& threadName) { Client::initThread(threadName.c_str()); }; - // TODO SERVER-45966 Add necessary hooks. - auto hookList = nullptr; + auto hookList = std::make_unique<rpc::EgressMetadataHookList>(); + hookList->addHook(std::make_unique<rpc::LogicalTimeMetadataHook>(serviceContext)); + hookList->addHook(std::make_unique<rpc::ClientMetadataPropagationEgressHook>()); return std::make_unique<executor::ThreadPoolTaskExecutor>( std::make_unique<ThreadPool>(tpOptions), executor::makeNetworkInterface("ReplNodeDbWorkerNetwork", nullptr, std::move(hookList))); @@ -947,7 +949,7 @@ void setUpReplication(ServiceContext* serviceContext) { SecureRandom().nextInt64()); // Only create a ReplicaSetNodeExecutor if sharding is disabled and replication is enabled. // Note that sharding sets up its own executors for scheduling work to remote nodes. - if (!ShardingState::get(serviceContext)->enabled() && replCoord->isReplEnabled()) + if (serverGlobalParams.clusterRole == ClusterRole::None && replCoord->isReplEnabled()) ReplicaSetNodeProcessInterface::setReplicaSetNodeExecutor( serviceContext, makeReplicaSetNodeExecutor(serviceContext)); diff --git a/src/mongo/db/s/SConscript b/src/mongo/db/s/SConscript index ea1cdc44cab..4b536cf9d80 100644 --- a/src/mongo/db/s/SConscript +++ b/src/mongo/db/s/SConscript @@ -80,6 +80,7 @@ env.Library( ], LIBDEPS=[ '$BUILD_DIR/mongo/db/catalog/multi_index_block', + '$BUILD_DIR/mongo/db/client_metadata_propagation_egress_hook', '$BUILD_DIR/mongo/db/commands/mongod_fcv', '$BUILD_DIR/mongo/db/db_raii', '$BUILD_DIR/mongo/db/dbhelpers', diff --git a/src/mongo/db/s/sharding_initialization_mongod.cpp b/src/mongo/db/s/sharding_initialization_mongod.cpp index 44b31aed18e..e35e529e9df 100644 --- a/src/mongo/db/s/sharding_initialization_mongod.cpp +++ b/src/mongo/db/s/sharding_initialization_mongod.cpp @@ -39,6 +39,7 @@ #include "mongo/client/remote_command_targeter_factory_impl.h" #include "mongo/client/replica_set_monitor.h" #include "mongo/db/catalog_raii.h" +#include "mongo/db/client_metadata_propagation_egress_hook.h" #include "mongo/db/concurrency/d_concurrency.h" #include "mongo/db/dbhelpers.h" #include "mongo/db/logical_time_metadata_hook.h" @@ -81,6 +82,7 @@ const auto getInstance = ServiceContext::declareDecoration<ShardingInitializatio auto makeEgressHooksList(ServiceContext* service) { auto unshardedHookList = std::make_unique<rpc::EgressMetadataHookList>(); unshardedHookList->addHook(std::make_unique<rpc::LogicalTimeMetadataHook>(service)); + unshardedHookList->addHook(std::make_unique<rpc::ClientMetadataPropagationEgressHook>()); unshardedHookList->addHook(std::make_unique<rpc::ShardingEgressMetadataHookForMongod>(service)); return unshardedHookList; diff --git a/src/mongo/s/SConscript b/src/mongo/s/SConscript index 40e5544df80..e6f2df05788 100644 --- a/src/mongo/s/SConscript +++ b/src/mongo/s/SConscript @@ -327,6 +327,7 @@ env.Library( 'sharding_egress_metadata_hook.cpp', ], LIBDEPS=[ + '$BUILD_DIR/mongo/db/client_metadata_propagation_egress_hook', '$BUILD_DIR/mongo/util/concurrency/thread_pool', 'grid', ], diff --git a/src/mongo/s/server.cpp b/src/mongo/s/server.cpp index 1730281ad83..cddd8e36849 100644 --- a/src/mongo/s/server.cpp +++ b/src/mongo/s/server.cpp @@ -49,6 +49,7 @@ #include "mongo/db/auth/authz_manager_external_state_s.h" #include "mongo/db/auth/user_cache_invalidator_job.h" #include "mongo/db/client.h" +#include "mongo/db/client_metadata_propagation_egress_hook.h" #include "mongo/db/dbdirectclient.h" #include "mongo/db/ftdc/ftdc_mongos.h" #include "mongo/db/initialize_server_global_state.h" @@ -424,6 +425,7 @@ Status initializeSharding(OperationContext* opCtx) { std::make_unique<rpc::LogicalTimeMetadataHook>(opCtx->getServiceContext())); hookList->addHook( std::make_unique<rpc::CommittedOpTimeMetadataHook>(opCtx->getServiceContext())); + hookList->addHook(std::make_unique<rpc::ClientMetadataPropagationEgressHook>()); hookList->addHook(std::make_unique<rpc::ShardingEgressMetadataHookForMongos>( opCtx->getServiceContext())); return hookList; @@ -559,6 +561,7 @@ ExitCode runMongosServer(ServiceContext* serviceContext) { auto unshardedHookList = std::make_unique<rpc::EgressMetadataHookList>(); unshardedHookList->addHook(std::make_unique<rpc::LogicalTimeMetadataHook>(serviceContext)); + unshardedHookList->addHook(std::make_unique<rpc::ClientMetadataPropagationEgressHook>()); unshardedHookList->addHook( std::make_unique<rpc::ShardingEgressMetadataHookForMongos>(serviceContext)); // TODO SERVER-33053: readReplyMetadata is not called on hooks added through @@ -571,6 +574,7 @@ ExitCode runMongosServer(ServiceContext* serviceContext) { auto shardedHookList = std::make_unique<rpc::EgressMetadataHookList>(); shardedHookList->addHook(std::make_unique<rpc::LogicalTimeMetadataHook>(serviceContext)); + shardedHookList->addHook(std::make_unique<rpc::ClientMetadataPropagationEgressHook>()); shardedHookList->addHook( std::make_unique<rpc::ShardingEgressMetadataHookForMongos>(serviceContext)); shardedHookList->addHook(std::make_unique<rpc::CommittedOpTimeMetadataHook>(serviceContext)); diff --git a/src/mongo/s/sharding_egress_metadata_hook.cpp b/src/mongo/s/sharding_egress_metadata_hook.cpp index 1ecabefa1ee..45eafc5027e 100644 --- a/src/mongo/s/sharding_egress_metadata_hook.cpp +++ b/src/mongo/s/sharding_egress_metadata_hook.cpp @@ -56,8 +56,6 @@ ShardingEgressMetadataHook::ShardingEgressMetadataHook(ServiceContext* serviceCo Status ShardingEgressMetadataHook::writeRequestMetadata(OperationContext* opCtx, BSONObjBuilder* metadataBob) { try { - writeAuthDataToImpersonatedUserMetadata(opCtx, metadataBob); - ClientMetadataIsMasterState::writeToMetadata(opCtx, metadataBob); rpc::ConfigServerMetadata(_getConfigServerOpTime()).writeToMetadata(metadataBob); return Status::OK(); } catch (...) { diff --git a/src/mongo/s/sharding_router_test_fixture.cpp b/src/mongo/s/sharding_router_test_fixture.cpp index 2db8035dc6e..c4114df7138 100644 --- a/src/mongo/s/sharding_router_test_fixture.cpp +++ b/src/mongo/s/sharding_router_test_fixture.cpp @@ -39,6 +39,7 @@ #include "mongo/client/remote_command_targeter_factory_mock.h" #include "mongo/client/remote_command_targeter_mock.h" #include "mongo/db/client.h" +#include "mongo/db/client_metadata_propagation_egress_hook.h" #include "mongo/db/commands.h" #include "mongo/db/logical_time_metadata_hook.h" #include "mongo/db/namespace_string.h" @@ -112,6 +113,7 @@ ShardingTestFixture::ShardingTestFixture() { auto hookList = std::make_unique<rpc::EgressMetadataHookList>(); hookList->addHook(std::make_unique<rpc::LogicalTimeMetadataHook>(service)); hookList->addHook(std::make_unique<rpc::CommittedOpTimeMetadataHook>(service)); + hookList->addHook(std::make_unique<rpc::ClientMetadataPropagationEgressHook>()); hookList->addHook(std::make_unique<rpc::ShardingEgressMetadataHookForMongos>(service)); return hookList; }; |