diff options
Diffstat (limited to 'src/mongo/db/commands/write_commands/write_commands.cpp')
-rw-r--r-- | src/mongo/db/commands/write_commands/write_commands.cpp | 50 |
1 files changed, 22 insertions, 28 deletions
diff --git a/src/mongo/db/commands/write_commands/write_commands.cpp b/src/mongo/db/commands/write_commands/write_commands.cpp index 0f9919e038a..6f0f2c72a6e 100644 --- a/src/mongo/db/commands/write_commands/write_commands.cpp +++ b/src/mongo/db/commands/write_commands/write_commands.cpp @@ -71,17 +71,6 @@ void redactTooLongLog(mutablebson::Document* cmdObj, StringData fieldName) { } } -Status checkAuthForWriteCommand(Client* client, - BatchedCommandRequest::BatchType batchType, - const OpMsgRequest& request) { - Status status = - auth::checkAuthForWriteCommand(AuthorizationSession::get(client), batchType, request); - if (!status.isOK()) { - LastError::get(client).setLastError(status.code(), status.reason()); - } - return status; -} - bool shouldSkipOutput(OperationContext* opCtx) { const WriteConcernOptions& writeConcern = opCtx->getWriteConcern(); return writeConcern.wMode.empty() && writeConcern.wNumNodes == 0 && @@ -202,7 +191,7 @@ public: explicit WriteCommand(StringData name) : Command(name) {} std::unique_ptr<CommandInvocation> parse(OperationContext* opCtx, - const OpMsgRequest& request) override; + const OpMsgRequest& request) final; AllowedOnSecondary secondaryAllowed(ServiceContext*) const final { return AllowedOnSecondary::kNever; @@ -229,6 +218,8 @@ public: private: class Invocation; + + virtual BatchedCommandRequest::BatchType writeType() const = 0; }; class WriteCommand::Invocation : public CommandInvocation { @@ -277,7 +268,13 @@ private: } void doCheckAuthorization(OperationContext* opCtx) const final { - uassertStatusOK(command()->checkAuthForRequest(opCtx, *_request)); + try { + auth::checkAuthForWriteCommand( + AuthorizationSession::get(opCtx->getClient()), command()->writeType(), *_request); + } catch (const DBException& e) { + LastError::get(opCtx->getClient()).setLastError(e.code(), e.reason()); + throw; + } } const WriteCommand* command() const { @@ -306,11 +303,6 @@ public: return "insert documents"; } - Status checkAuthForRequest(OperationContext* opCtx, const OpMsgRequest& request) const final { - return checkAuthForWriteCommand( - opCtx->getClient(), BatchedCommandRequest::BatchType_Insert, request); - } - void runImpl(OperationContext* opCtx, const OpMsgRequest& request, BSONObjBuilder& result) const final { @@ -323,6 +315,10 @@ public: std::move(reply), &result); } + + BatchedCommandRequest::BatchType writeType() const override { + return BatchedCommandRequest::BatchType_Insert; + } } cmdInsert; class CmdUpdate final : public WriteCommand { @@ -337,11 +333,6 @@ public: return "update documents"; } - Status checkAuthForRequest(OperationContext* opCtx, const OpMsgRequest& request) const final { - return checkAuthForWriteCommand( - opCtx->getClient(), BatchedCommandRequest::BatchType_Update, request); - } - void runImpl(OperationContext* opCtx, const OpMsgRequest& request, BSONObjBuilder& result) const final { @@ -388,6 +379,10 @@ public: Explain::explainStages(exec.get(), collection.getCollection(), verbosity, out); return Status::OK(); } + + BatchedCommandRequest::BatchType writeType() const override { + return BatchedCommandRequest::BatchType_Update; + } } cmdUpdate; class CmdDelete final : public WriteCommand { @@ -402,11 +397,6 @@ public: return "delete documents"; } - Status checkAuthForRequest(OperationContext* opCtx, const OpMsgRequest& request) const final { - return checkAuthForWriteCommand( - opCtx->getClient(), BatchedCommandRequest::BatchType_Delete, request); - } - void runImpl(OperationContext* opCtx, const OpMsgRequest& request, BSONObjBuilder& result) const final { @@ -449,6 +439,10 @@ public: Explain::explainStages(exec.get(), collection.getCollection(), verbosity, out); return Status::OK(); } + + BatchedCommandRequest::BatchType writeType() const override { + return BatchedCommandRequest::BatchType_Delete; + } } cmdDelete; } // namespace |