summaryrefslogtreecommitdiff
path: root/src/mongo/db/auth/auth_decorations.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/mongo/db/auth/auth_decorations.cpp')
-rw-r--r--src/mongo/db/auth/auth_decorations.cpp19
1 files changed, 19 insertions, 0 deletions
diff --git a/src/mongo/db/auth/auth_decorations.cpp b/src/mongo/db/auth/auth_decorations.cpp
index 9dc6ccf868e..c4eb1af64af 100644
--- a/src/mongo/db/auth/auth_decorations.cpp
+++ b/src/mongo/db/auth/auth_decorations.cpp
@@ -34,6 +34,7 @@
#include "mongo/db/auth/authorization_manager.h"
#include "mongo/db/auth/authorization_session.h"
+#include "mongo/db/auth/cluster_auth_mode.h"
#include "mongo/db/auth/sasl_options.h"
#include "mongo/db/client.h"
#include "mongo/db/commands/authentication_commands.h"
@@ -56,6 +57,9 @@ struct DisabledAuthMechanisms {
const auto getDisabledAuthMechanisms = ServiceContext::declareDecoration<DisabledAuthMechanisms>();
+const auto getClusterAuthMode =
+ ServiceContext::declareDecoration<synchronized_value<ClusterAuthMode>>();
+
class AuthzClientObserver final : public ServiceContext::ClientObserver {
public:
void onCreateClient(Client* client) override {
@@ -133,6 +137,21 @@ void AuthorizationSession::set(Client* client,
authzSession = std::move(authorizationSession);
}
+ClusterAuthMode ClusterAuthMode::get(ServiceContext* svcCtx) {
+ return getClusterAuthMode(svcCtx).get();
+}
+
+ClusterAuthMode ClusterAuthMode::set(ServiceContext* svcCtx, const ClusterAuthMode& mode) {
+ auto sv = getClusterAuthMode(svcCtx).synchronize();
+ if (!sv->canTransitionTo(mode)) {
+ uasserted(5579202,
+ fmt::format("Illegal state transition for clusterAuthMode from '{}' to '{}'",
+ sv->toString(),
+ mode.toString()));
+ }
+ return std::exchange(*sv, mode);
+}
+
void disableX509Auth(ServiceContext* svcCtx) {
getDisabledAuthMechanisms(svcCtx).x509 = true;
}
View Lorry Controller Status