diff options
Diffstat (limited to 'src/mongo/db/auth/authorization_session.h')
| -rw-r--r-- | src/mongo/db/auth/authorization_session.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/mongo/db/auth/authorization_session.h b/src/mongo/db/auth/authorization_session.h index ab4c5dec27c..f93aec27d6a 100644 --- a/src/mongo/db/auth/authorization_session.h +++ b/src/mongo/db/auth/authorization_session.h @@ -301,9 +301,12 @@ protected: private: // If any users authenticated on this session are marked as invalid this updates them with // up-to-date information. May require a read lock on the "admin" db to read the user data. + // + // When refreshing a user document, we will use the current user's id to confirm that our + // user is of the same generation as the refreshed user document. If the generations don't + // match we will remove the outdated user document from the cache. void _refreshUserInfoAsNeeded(OperationContext* opCtx); - // Checks if this connection is authorized for the given Privilege, ignoring whether or not // we should even be doing authorization checks in general. Note: this may acquire a read // lock on the admin database (to update out-of-date user privilege information). |