summaryrefslogtreecommitdiff
path: root/src/mongo/db/auth
diff options
context:
space:
mode:
Diffstat (limited to 'src/mongo/db/auth')
-rw-r--r--src/mongo/db/auth/authorization_manager.cpp40
-rw-r--r--src/mongo/db/auth/authorization_manager.h24
-rw-r--r--src/mongo/db/auth/authorization_manager_test.cpp6
-rw-r--r--src/mongo/db/auth/authorization_session_test.cpp36
-rw-r--r--src/mongo/db/auth/authz_manager_external_state.cpp22
-rw-r--r--src/mongo/db/auth/authz_manager_external_state.h27
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_d.cpp17
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_d.h15
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_mock.cpp15
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_mock.h18
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_s.cpp7
-rw-r--r--src/mongo/db/auth/authz_manager_external_state_s.h15
12 files changed, 165 insertions, 77 deletions
diff --git a/src/mongo/db/auth/authorization_manager.cpp b/src/mongo/db/auth/authorization_manager.cpp
index a8043af6d6e..6946a27bfc3 100644
--- a/src/mongo/db/auth/authorization_manager.cpp
+++ b/src/mongo/db/auth/authorization_manager.cpp
@@ -299,8 +299,9 @@ namespace mongo {
return _externalState->hasAnyPrivilegeDocuments(txn);
}
- Status AuthorizationManager::writeAuthSchemaVersionIfNeeded() {
+ Status AuthorizationManager::writeAuthSchemaVersionIfNeeded(OperationContext* txn) {
Status status = _externalState->updateOne(
+ txn,
AuthorizationManager::versionCollectionNamespace,
AuthorizationManager::versionDocumentQuery,
BSON("$set" << BSON(AuthorizationManager::schemaVersionFieldName <<
@@ -313,28 +314,33 @@ namespace mongo {
return status;
}
- Status AuthorizationManager::insertPrivilegeDocument(const std::string& dbname,
+ Status AuthorizationManager::insertPrivilegeDocument(OperationContext* txn,
+ const std::string& dbname,
const BSONObj& userObj,
const BSONObj& writeConcern) const {
- return _externalState->insertPrivilegeDocument(dbname, userObj, writeConcern);
+ return _externalState->insertPrivilegeDocument(txn, dbname, userObj, writeConcern);
}
- Status AuthorizationManager::updatePrivilegeDocument(const UserName& user,
+ Status AuthorizationManager::updatePrivilegeDocument(OperationContext* txn,
+ const UserName& user,
const BSONObj& updateObj,
const BSONObj& writeConcern) const {
- return _externalState->updatePrivilegeDocument(user, updateObj, writeConcern);
+ return _externalState->updatePrivilegeDocument(txn, user, updateObj, writeConcern);
}
- Status AuthorizationManager::removePrivilegeDocuments(const BSONObj& query,
+ Status AuthorizationManager::removePrivilegeDocuments(OperationContext* txn,
+ const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved) const {
- return _externalState->removePrivilegeDocuments(query, writeConcern, numRemoved);
+ return _externalState->removePrivilegeDocuments(txn, query, writeConcern, numRemoved);
}
- Status AuthorizationManager::removeRoleDocuments(const BSONObj& query,
+ Status AuthorizationManager::removeRoleDocuments(OperationContext* txn,
+ const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved) const {
- Status status = _externalState->remove(rolesCollectionNamespace,
+ Status status = _externalState->remove(txn,
+ rolesCollectionNamespace,
query,
writeConcern,
numRemoved);
@@ -344,9 +350,11 @@ namespace mongo {
return status;
}
- Status AuthorizationManager::insertRoleDocument(const BSONObj& roleObj,
+ Status AuthorizationManager::insertRoleDocument(OperationContext* txn,
+ const BSONObj& roleObj,
const BSONObj& writeConcern) const {
- Status status = _externalState->insert(rolesCollectionNamespace,
+ Status status = _externalState->insert(txn,
+ rolesCollectionNamespace,
roleObj,
writeConcern);
if (status.isOK()) {
@@ -365,10 +373,12 @@ namespace mongo {
return status;
}
- Status AuthorizationManager::updateRoleDocument(const RoleName& role,
+ Status AuthorizationManager::updateRoleDocument(OperationContext* txn,
+ const RoleName& role,
const BSONObj& updateObj,
const BSONObj& writeConcern) const {
Status status = _externalState->updateOne(
+ txn,
rolesCollectionNamespace,
BSON(AuthorizationManager::ROLE_NAME_FIELD_NAME << role.getRole() <<
AuthorizationManager::ROLE_DB_FIELD_NAME << role.getDB()),
@@ -398,14 +408,16 @@ namespace mongo {
return _externalState->query(txn, collectionName, query, projection, resultProcessor);
}
- Status AuthorizationManager::updateAuthzDocuments(const NamespaceString& collectionName,
+ Status AuthorizationManager::updateAuthzDocuments(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
bool multi,
const BSONObj& writeConcern,
int* nMatched) const {
- return _externalState->update(collectionName,
+ return _externalState->update(txn,
+ collectionName,
query,
updatePattern,
upsert,
diff --git a/src/mongo/db/auth/authorization_manager.h b/src/mongo/db/auth/authorization_manager.h
index 6962e9d137a..b45712847d0 100644
--- a/src/mongo/db/auth/authorization_manager.h
+++ b/src/mongo/db/auth/authorization_manager.h
@@ -181,14 +181,15 @@ namespace mongo {
*
* Do not call if getAuthorizationVersion() reports a value other than schemaVersion26Final.
*/
- Status writeAuthSchemaVersionIfNeeded();
+ Status writeAuthSchemaVersionIfNeeded(OperationContext* txn);
/**
* Creates the given user object in the given database.
* 'writeConcern' contains the arguments to be passed to getLastError to block for
* successful completion of the write.
*/
- Status insertPrivilegeDocument(const std::string& dbname,
+ Status insertPrivilegeDocument(OperationContext* txn,
+ const std::string& dbname,
const BSONObj& userObj,
const BSONObj& writeConcern) const;
@@ -197,7 +198,8 @@ namespace mongo {
* 'writeConcern' contains the arguments to be passed to getLastError to block for
* successful completion of the write.
*/
- Status updatePrivilegeDocument(const UserName& user,
+ Status updatePrivilegeDocument(OperationContext* txn,
+ const UserName& user,
const BSONObj& updateObj,
const BSONObj& writeConcern) const;
@@ -207,7 +209,8 @@ namespace mongo {
* 'writeConcern' contains the arguments to be passed to getLastError to block for
* successful completion of the write.
*/
- Status removePrivilegeDocuments(const BSONObj& query,
+ Status removePrivilegeDocuments(OperationContext* txn,
+ const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved) const;
@@ -216,14 +219,17 @@ namespace mongo {
* 'writeConcern' contains the arguments to be passed to getLastError to block for
* successful completion of the write.
*/
- Status insertRoleDocument(const BSONObj& roleObj, const BSONObj& writeConcern) const;
+ Status insertRoleDocument(OperationContext* txn,
+ const BSONObj& roleObj,
+ const BSONObj& writeConcern) const;
/**
* Updates the given role object with the given update modifier.
* 'writeConcern' contains the arguments to be passed to getLastError to block for
* successful completion of the write.
*/
- Status updateRoleDocument(const RoleName& role,
+ Status updateRoleDocument(OperationContext* txn,
+ const RoleName& role,
const BSONObj& updateObj,
const BSONObj& writeConcern) const;
@@ -232,7 +238,8 @@ namespace mongo {
* Should only be called on collections with authorization documents in them
* (ie admin.system.users and admin.system.roles).
*/
- Status updateAuthzDocuments(const NamespaceString& collectionName,
+ Status updateAuthzDocuments(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
@@ -246,7 +253,8 @@ namespace mongo {
* 'writeConcern' contains the arguments to be passed to getLastError to block for
* successful completion of the write.
*/
- Status removeRoleDocuments(const BSONObj& query,
+ Status removeRoleDocuments(OperationContext* txn,
+ const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved) const;
diff --git a/src/mongo/db/auth/authorization_manager_test.cpp b/src/mongo/db/auth/authorization_manager_test.cpp
index e230dc1e405..64ca474ec48 100644
--- a/src/mongo/db/auth/authorization_manager_test.cpp
+++ b/src/mongo/db/auth/authorization_manager_test.cpp
@@ -170,7 +170,10 @@ namespace {
TEST_F(AuthorizationManagerTest, testAcquireV2User) {
externalState->setAuthzVersion(AuthorizationManager::schemaVersion26Final);
+ OperationContextNoop txn;
+
ASSERT_OK(externalState->insertPrivilegeDocument(
+ &txn,
"admin",
BSON("_id" << "admin.v2read" <<
"user" << "v2read" <<
@@ -179,6 +182,7 @@ namespace {
"roles" << BSON_ARRAY(BSON("role" << "read" << "db" << "test"))),
BSONObj()));
ASSERT_OK(externalState->insertPrivilegeDocument(
+ &txn,
"admin",
BSON("_id" << "admin.v2cluster" <<
"user" << "v2cluster" <<
@@ -187,8 +191,6 @@ namespace {
"roles" << BSON_ARRAY(BSON("role" << "clusterAdmin" << "db" << "admin"))),
BSONObj()));
- OperationContextNoop txn;
-
User* v2read;
ASSERT_OK(authzManager->acquireUser(&txn, UserName("v2read", "test"), &v2read));
ASSERT_EQUALS(UserName("v2read", "test"), v2read->getName());
diff --git a/src/mongo/db/auth/authorization_session_test.cpp b/src/mongo/db/auth/authorization_session_test.cpp
index 8c25e9b6e3d..e0263650651 100644
--- a/src/mongo/db/auth/authorization_session_test.cpp
+++ b/src/mongo/db/auth/authorization_session_test.cpp
@@ -135,7 +135,8 @@ namespace {
authzSession->addAndAuthorizeUser(&_txn, UserName("spencer", "test")));
// Add a user with readWrite and dbAdmin on the test DB
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "spencer" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
@@ -154,7 +155,8 @@ namespace {
otherFooCollResource, ActionType::insert));
// Add an admin user with readWriteAnyDatabase
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "admin" <<
"db" << "admin" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
@@ -195,7 +197,8 @@ namespace {
TEST_F(AuthorizationSessionTest, DuplicateRolesOK) {
// Add a user with doubled-up readWrite and single dbAdmin on the test DB
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "spencer" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
@@ -217,7 +220,8 @@ namespace {
}
TEST_F(AuthorizationSessionTest, SystemCollectionsAccessControl) {
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "rw" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
@@ -226,14 +230,16 @@ namespace {
BSON("role" << "dbAdmin" <<
"db" << "test"))),
BSONObj()));
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "useradmin" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
"roles" << BSON_ARRAY(BSON("role" << "userAdmin" <<
"db" << "test"))),
BSONObj()));
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "rwany" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
@@ -242,7 +248,8 @@ namespace {
BSON("role" << "dbAdminAnyDatabase" <<
"db" << "admin"))),
BSONObj()));
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "useradminany" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
@@ -331,7 +338,8 @@ namespace {
TEST_F(AuthorizationSessionTest, InvalidateUser) {
// Add a readWrite user
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "spencer" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
@@ -351,11 +359,13 @@ namespace {
// Change the user to be read-only
int ignored;
managerState->remove(
+ &_txn,
AuthorizationManager::usersCollectionNamespace,
BSONObj(),
BSONObj(),
&ignored);
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "spencer" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
@@ -376,6 +386,7 @@ namespace {
// Delete the user.
managerState->remove(
+ &_txn,
AuthorizationManager::usersCollectionNamespace,
BSONObj(),
BSONObj(),
@@ -392,7 +403,8 @@ namespace {
TEST_F(AuthorizationSessionTest, UseOldUserInfoInFaceOfConnectivityProblems) {
// Add a readWrite user
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "spencer" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
@@ -413,11 +425,13 @@ namespace {
int ignored;
managerState->setFindsShouldFail(true);
managerState->remove(
+ &_txn,
AuthorizationManager::usersCollectionNamespace,
BSONObj(),
BSONObj(),
&ignored);
- ASSERT_OK(managerState->insertPrivilegeDocument("admin",
+ ASSERT_OK(managerState->insertPrivilegeDocument(&_txn,
+ "admin",
BSON("user" << "spencer" <<
"db" << "test" <<
"credentials" << BSON("MONGODB-CR" << "a") <<
diff --git a/src/mongo/db/auth/authz_manager_external_state.cpp b/src/mongo/db/auth/authz_manager_external_state.cpp
index 4b9b3501a11..0520b0df526 100644
--- a/src/mongo/db/auth/authz_manager_external_state.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state.cpp
@@ -56,10 +56,11 @@ namespace mongo {
}
- Status AuthzManagerExternalState::insertPrivilegeDocument(const string& dbname,
+ Status AuthzManagerExternalState::insertPrivilegeDocument(OperationContext* txn,
+ const string& dbname,
const BSONObj& userObj,
const BSONObj& writeConcern) {
- Status status = insert(NamespaceString("admin.system.users"), userObj, writeConcern);
+ Status status = insert(txn, NamespaceString("admin.system.users"), userObj, writeConcern);
if (status.isOK()) {
return status;
}
@@ -76,9 +77,12 @@ namespace mongo {
return status;
}
- Status AuthzManagerExternalState::updatePrivilegeDocument(
- const UserName& user, const BSONObj& updateObj, const BSONObj& writeConcern) {
+ Status AuthzManagerExternalState::updatePrivilegeDocument(OperationContext* txn,
+ const UserName& user,
+ const BSONObj& updateObj,
+ const BSONObj& writeConcern) {
Status status = updateOne(
+ txn,
NamespaceString("admin.system.users"),
BSON(AuthorizationManager::USER_NAME_FIELD_NAME << user.getUser() <<
AuthorizationManager::USER_DB_FIELD_NAME << user.getDB()),
@@ -99,10 +103,12 @@ namespace mongo {
return status;
}
- Status AuthzManagerExternalState::removePrivilegeDocuments(const BSONObj& query,
+ Status AuthzManagerExternalState::removePrivilegeDocuments(OperationContext* txn,
+ const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved) {
- Status status = remove(NamespaceString("admin.system.users"),
+ Status status = remove(txn,
+ NamespaceString("admin.system.users"),
query,
writeConcern,
numRemoved);
@@ -113,13 +119,15 @@ namespace mongo {
}
Status AuthzManagerExternalState::updateOne(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
const BSONObj& writeConcern) {
int nMatched;
- Status status = update(collectionName,
+ Status status = update(txn,
+ collectionName,
query,
updatePattern,
upsert,
diff --git a/src/mongo/db/auth/authz_manager_external_state.h b/src/mongo/db/auth/authz_manager_external_state.h
index 566299fcef0..2483c682e9c 100644
--- a/src/mongo/db/auth/authz_manager_external_state.h
+++ b/src/mongo/db/auth/authz_manager_external_state.h
@@ -124,14 +124,16 @@ namespace mongo {
*
* TODO(spencer): remove dbname argument once users are only written into the admin db
*/
- Status insertPrivilegeDocument(const std::string& dbname,
+ Status insertPrivilegeDocument(OperationContext* txn,
+ const std::string& dbname,
const BSONObj& userObj,
const BSONObj& writeConcern);
/**
* Updates the given user object with the given update modifier.
*/
- Status updatePrivilegeDocument(const UserName& user,
+ Status updatePrivilegeDocument(OperationContext* txn,
+ const UserName& user,
const BSONObj& updateObj,
const BSONObj& writeConcern);
@@ -139,7 +141,8 @@ namespace mongo {
* Removes users for the given database matching the given query.
* Writes into *numRemoved the number of user documents that were modified.
*/
- Status removePrivilegeDocuments(const BSONObj& query,
+ Status removePrivilegeDocuments(OperationContext* txn,
+ const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved);
@@ -176,7 +179,8 @@ namespace mongo {
* Inserts "document" into "collectionName".
* If there is a duplicate key error, returns a Status with code DuplicateKey.
*/
- virtual Status insert(const NamespaceString& collectionName,
+ virtual Status insert(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& document,
const BSONObj& writeConcern) = 0;
@@ -189,7 +193,8 @@ namespace mongo {
* NoMatchingDocument. The Status message in that case is not very descriptive and should
* not be displayed to the end user.
*/
- virtual Status updateOne(const NamespaceString& collectionName,
+ virtual Status updateOne(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
@@ -198,7 +203,8 @@ namespace mongo {
/**
* Updates documents matching "query" according to "updatePattern" in "collectionName".
*/
- virtual Status update(const NamespaceString& collectionName,
+ virtual Status update(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
@@ -209,7 +215,8 @@ namespace mongo {
/**
* Removes all documents matching "query" from "collectionName".
*/
- virtual Status remove(const NamespaceString& collectionName,
+ virtual Status remove(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved) = 0;
@@ -217,7 +224,8 @@ namespace mongo {
/**
* Creates an index with the given pattern on "collectionName".
*/
- virtual Status createIndex(const NamespaceString& collectionName,
+ virtual Status createIndex(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& pattern,
bool unique,
const BSONObj& writeConcern) = 0;
@@ -225,7 +233,8 @@ namespace mongo {
/**
* Drops indexes other than the _id index on "collectionName".
*/
- virtual Status dropIndexes(const NamespaceString& collectionName,
+ virtual Status dropIndexes(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& writeConcern) = 0;
/**
diff --git a/src/mongo/db/auth/authz_manager_external_state_d.cpp b/src/mongo/db/auth/authz_manager_external_state_d.cpp
index 63c5d9b9409..84798ef6d40 100644
--- a/src/mongo/db/auth/authz_manager_external_state_d.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_d.cpp
@@ -133,11 +133,12 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongod::insert(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& document,
const BSONObj& writeConcern) {
try {
- DBDirectClient client;
+ DBDirectClient client(txn);
client.insert(collectionName, document);
// Handle write concern
@@ -159,7 +160,8 @@ namespace mongo {
}
}
- Status AuthzManagerExternalStateMongod::update(const NamespaceString& collectionName,
+ Status AuthzManagerExternalStateMongod::update(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
@@ -167,7 +169,7 @@ namespace mongo {
const BSONObj& writeConcern,
int* nMatched) {
try {
- DBDirectClient client;
+ DBDirectClient client(txn);
client.update(collectionName, query, updatePattern, upsert, multi);
// Handle write concern
@@ -189,12 +191,13 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongod::remove(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved) {
try {
- DBDirectClient client;
+ DBDirectClient client(txn);
client.remove(collectionName, query);
// Handle write concern
@@ -216,11 +219,12 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongod::createIndex(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& pattern,
bool unique,
const BSONObj& writeConcern) {
- DBDirectClient client;
+ DBDirectClient client(txn);
try {
if (client.ensureIndex(collectionName.ns(),
pattern,
@@ -243,9 +247,10 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongod::dropIndexes(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& writeConcern) {
- DBDirectClient client;
+ DBDirectClient client(txn);
try {
client.dropIndexes(collectionName.ns());
BSONObjBuilder gleBuilder;
diff --git a/src/mongo/db/auth/authz_manager_external_state_d.h b/src/mongo/db/auth/authz_manager_external_state_d.h
index 551bbba0850..613d4632ebb 100644
--- a/src/mongo/db/auth/authz_manager_external_state_d.h
+++ b/src/mongo/db/auth/authz_manager_external_state_d.h
@@ -62,25 +62,30 @@ namespace mongo {
const BSONObj& query,
const BSONObj& projection,
const stdx::function<void(const BSONObj&)>& resultProcessor);
- virtual Status insert(const NamespaceString& collectionName,
+ virtual Status insert(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& document,
const BSONObj& writeConcern);
- virtual Status update(const NamespaceString& collectionName,
+ virtual Status update(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
bool multi,
const BSONObj& writeConcern,
int* nMatched);
- virtual Status remove(const NamespaceString& collectionName,
+ virtual Status remove(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved);
- virtual Status createIndex(const NamespaceString& collectionName,
+ virtual Status createIndex(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& pattern,
bool unique,
const BSONObj& writeConcern);
- virtual Status dropIndexes(const NamespaceString& collectionName,
+ virtual Status dropIndexes(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& writeConcern);
virtual bool tryAcquireAuthzUpdateLock(const StringData& why);
virtual void releaseAuthzUpdateLock();
diff --git a/src/mongo/db/auth/authz_manager_external_state_mock.cpp b/src/mongo/db/auth/authz_manager_external_state_mock.cpp
index 91a92519cf5..1c41763072c 100644
--- a/src/mongo/db/auth/authz_manager_external_state_mock.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_mock.cpp
@@ -38,6 +38,7 @@
#include "mongo/db/jsobj.h"
#include "mongo/db/matcher/expression_parser.h"
#include "mongo/db/namespace_string.h"
+#include "mongo/db/operation_context_noop.h"
#include "mongo/db/ops/update_driver.h"
#include "mongo/platform/unordered_set.h"
#include "mongo/util/map_util.h"
@@ -88,8 +89,10 @@ namespace {
}
void AuthzManagerExternalStateMock::setAuthzVersion(int version) {
+ OperationContextNoop opCtx;
uassertStatusOK(
- updateOne(AuthorizationManager::versionCollectionNamespace,
+ updateOne(&opCtx,
+ AuthorizationManager::versionCollectionNamespace,
AuthorizationManager::versionDocumentQuery,
BSON("$set" << BSON(AuthorizationManager::schemaVersionFieldName <<
version)),
@@ -179,6 +182,7 @@ namespace {
}
Status AuthzManagerExternalStateMock::insert(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& document,
const BSONObj&) {
@@ -205,6 +209,7 @@ namespace {
}
Status AuthzManagerExternalStateMock::updateOne(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
@@ -252,14 +257,15 @@ namespace {
if (!status.isOK()) {
return status;
}
- return insert(collectionName, document.getObject(), writeConcern);
+ return insert(txn, collectionName, document.getObject(), writeConcern);
}
else {
return status;
}
}
- Status AuthzManagerExternalStateMock::update(const NamespaceString& collectionName,
+ Status AuthzManagerExternalStateMock::update(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
@@ -271,6 +277,7 @@ namespace {
}
Status AuthzManagerExternalStateMock::remove(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj&,
@@ -295,6 +302,7 @@ namespace {
}
Status AuthzManagerExternalStateMock::createIndex(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& pattern,
bool unique,
@@ -303,6 +311,7 @@ namespace {
}
Status AuthzManagerExternalStateMock::dropIndexes(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& writeConcern) {
return Status::OK();
diff --git a/src/mongo/db/auth/authz_manager_external_state_mock.h b/src/mongo/db/auth/authz_manager_external_state_mock.h
index 9078ed253db..6621698ab93 100644
--- a/src/mongo/db/auth/authz_manager_external_state_mock.h
+++ b/src/mongo/db/auth/authz_manager_external_state_mock.h
@@ -73,33 +73,39 @@ namespace mongo {
const stdx::function<void(const BSONObj&)>& resultProcessor);
// This implementation does not understand uniqueness constraints.
- virtual Status insert(const NamespaceString& collectionName,
+ virtual Status insert(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& document,
const BSONObj& writeConcern);
// This implementation does not understand uniqueness constraints, ignores writeConcern,
// and only correctly handles some upsert behaviors.
- virtual Status updateOne(const NamespaceString& collectionName,
+ virtual Status updateOne(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
const BSONObj& writeConcern);
- virtual Status update(const NamespaceString& collectionName,
+ virtual Status update(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
bool multi,
const BSONObj& writeConcern,
int* nMatched);
- virtual Status remove(const NamespaceString& collectionName,
+ virtual Status remove(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved);
- virtual Status createIndex(const NamespaceString& collectionName,
+ virtual Status createIndex(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& pattern,
bool unique,
const BSONObj& writeConcern);
- virtual Status dropIndexes(const NamespaceString& collectionName,
+ virtual Status dropIndexes(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& writeConcern);
virtual bool tryAcquireAuthzUpdateLock(const StringData& why);
virtual void releaseAuthzUpdateLock();
diff --git a/src/mongo/db/auth/authz_manager_external_state_s.cpp b/src/mongo/db/auth/authz_manager_external_state_s.cpp
index b6cdf8ed6d3..cc2fdb5a83d 100644
--- a/src/mongo/db/auth/authz_manager_external_state_s.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_s.cpp
@@ -254,13 +254,15 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongos::insert(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& document,
const BSONObj& writeConcern) {
return clusterInsert(collectionName, document, writeConcern, NULL);
}
- Status AuthzManagerExternalStateMongos::update(const NamespaceString& collectionName,
+ Status AuthzManagerExternalStateMongos::update(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
@@ -284,6 +286,7 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongos::remove(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& writeConcern,
@@ -299,6 +302,7 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongos::createIndex(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& pattern,
bool unique,
@@ -307,6 +311,7 @@ namespace mongo {
}
Status AuthzManagerExternalStateMongos::dropIndexes(
+ OperationContext* txn,
const NamespaceString& collectionName,
const BSONObj& writeConcern) {
diff --git a/src/mongo/db/auth/authz_manager_external_state_s.h b/src/mongo/db/auth/authz_manager_external_state_s.h
index 785c940131c..333b8cac917 100644
--- a/src/mongo/db/auth/authz_manager_external_state_s.h
+++ b/src/mongo/db/auth/authz_manager_external_state_s.h
@@ -90,25 +90,30 @@ namespace mongo {
const BSONObj& projection,
const stdx::function<void(const BSONObj&)>& resultProcessor);
- virtual Status insert(const NamespaceString& collectionName,
+ virtual Status insert(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& document,
const BSONObj& writeConcern);
- virtual Status update(const NamespaceString& collectionName,
+ virtual Status update(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& updatePattern,
bool upsert,
bool multi,
const BSONObj& writeConcern,
int* nMatched);
- virtual Status remove(const NamespaceString& collectionName,
+ virtual Status remove(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& query,
const BSONObj& writeConcern,
int* numRemoved);
- virtual Status createIndex(const NamespaceString& collectionName,
+ virtual Status createIndex(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& pattern,
bool unique,
const BSONObj& writeConcern);
- virtual Status dropIndexes(const NamespaceString& collectionName,
+ virtual Status dropIndexes(OperationContext* txn,
+ const NamespaceString& collectionName,
const BSONObj& writeConcern);
virtual bool tryAcquireAuthzUpdateLock(const StringData& why);
virtual void releaseAuthzUpdateLock();
View Lorry Controller Status