diff options
Diffstat (limited to 'src/mongo/db/auth/impersonation_session.cpp')
-rw-r--r-- | src/mongo/db/auth/impersonation_session.cpp | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/src/mongo/db/auth/impersonation_session.cpp b/src/mongo/db/auth/impersonation_session.cpp index 88742e20357..1cf9d790e06 100644 --- a/src/mongo/db/auth/impersonation_session.cpp +++ b/src/mongo/db/auth/impersonation_session.cpp @@ -55,9 +55,19 @@ ImpersonationSessionGuard::ImpersonationSessionGuard(OperationContext* opCtx) : authSession->isAuthorizedForPrivilege( Privilege(ResourcePattern::forClusterResource(), ActionType::impersonate))); fassert(ErrorCodes::InternalError, !authSession->isImpersonating()); - fassert(ErrorCodes::InternalError, impersonatedUsersAndRoles->getUsers().size() == 1); - authSession->setImpersonatedUserData(impersonatedUsersAndRoles->getUsers()[0], - impersonatedUsersAndRoles->getRoles()); + if (impersonatedUsersAndRoles->getUser()) { + fassert(ErrorCodes::InternalError, + impersonatedUsersAndRoles->getUsers() == boost::none); + + authSession->setImpersonatedUserData(impersonatedUsersAndRoles->getUser().get(), + impersonatedUsersAndRoles->getRoles()); + + } else if (impersonatedUsersAndRoles->getUsers()) { + // TODO SERVER-72448: Remove + fassert(ErrorCodes::InternalError, impersonatedUsersAndRoles->getUsers()->size() == 1); + authSession->setImpersonatedUserData(impersonatedUsersAndRoles->getUsers().get()[0], + impersonatedUsersAndRoles->getRoles()); + } _active = true; return; } |