| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
| |
Also update generators.
|
| |
|
|
|
|
|
|
| |
control.
Also requires changing the privileges of the built-in roles. This patch takes the opportunity to remove the 2.2-style read-only roles in favor of the 2.4-style "read" and "readAnyDatabase" roles, and renames the 2.2-style read-write roles "dbOwner" and "root". The "root" name, at least, is subject to change prior to the next unstable release.
Test harnesses are updated as needed to use the correct builtin roles.
|
| |
|
|
|
|
|
|
|
| |
of required privileges.
This patch has two principal components. First, it changes the interface to Privilege and
AuthorizationSession to use ResourcePattern in place of std::string for identifying resources.
Second, it examines all call sites of the authorization session interface in commands and
other code to ensure that the correct resource requirements are conveyed to the authorization_session.
|
| |
|
|
| |
PrivilegeSet
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This new implementation embeds in PrivilegeSet the hierarchical privilege
checking algorithm. This is necessary in order to allow a connection with
multiple authenticated princiapls to correctly resolve whether or not a
command is authorized, given the case where one principal's authority provides
some of the required privileges, and another's provides the rest.
SERVER-7767
|
| |
|
|
| |
SERVER-7126
|
| | |
|
| |
|
