diff options
Diffstat (limited to 'src/mongo/db/auth/role_graph_update.cpp')
-rw-r--r-- | src/mongo/db/auth/role_graph_update.cpp | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/src/mongo/db/auth/role_graph_update.cpp b/src/mongo/db/auth/role_graph_update.cpp index d8148f56132..12296e50286 100644 --- a/src/mongo/db/auth/role_graph_update.cpp +++ b/src/mongo/db/auth/role_graph_update.cpp @@ -186,12 +186,22 @@ Status handleOplogUpdate(OperationContext* opCtx, status = AuthorizationManager::getBSONForRole(roleGraph, roleToUpdate, roleDocument.root()); if (status == ErrorCodes::RoleNotFound) { // The query pattern will only contain _id, no other immutable fields are present - status = driver.populateDocumentWithQueryFields(opCtx, queryPattern, NULL, roleDocument); + const FieldRef idFieldRef("_id"); + FieldRefSet immutablePaths; + invariant(immutablePaths.insert(&idFieldRef)); + status = driver.populateDocumentWithQueryFields( + opCtx, queryPattern, immutablePaths, roleDocument); } if (!status.isOK()) return status; - status = driver.update(StringData(), &roleDocument); + // The original document can be empty because it is only needed for validation of immutable + // paths. + const BSONObj emptyOriginal; + const bool validateForStorage = false; + const FieldRefSet emptyImmutablePaths; + status = driver.update( + StringData(), emptyOriginal, &roleDocument, validateForStorage, emptyImmutablePaths); if (!status.isOK()) return status; |