From d66405f651b0a49a06aacb286e3d1740a0b020af Mon Sep 17 00:00:00 2001
From: Tess Avitabile <tess.avitabile@mongodb.com>
Date: Tue, 21 Mar 2017 11:22:11 -0400
Subject: SERVER-9609 Ensure users can only call getMore on cursors they
 created

---
 src/mongo/db/clientcursor.h | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'src/mongo/db/clientcursor.h')

diff --git a/src/mongo/db/clientcursor.h b/src/mongo/db/clientcursor.h
index 91e7a0d325c..384cede1fd6 100644
--- a/src/mongo/db/clientcursor.h
+++ b/src/mongo/db/clientcursor.h
@@ -29,6 +29,7 @@
 #pragma once
 
 #include "mongo/client/dbclientinterface.h"
+#include "mongo/db/auth/user_name.h"
 #include "mongo/db/cursor_id.h"
 #include "mongo/db/jsobj.h"
 #include "mongo/db/query/plan_executor.h"
@@ -52,6 +53,7 @@ class RecoveryUnit;
 struct ClientCursorParams {
     ClientCursorParams(std::unique_ptr<PlanExecutor> planExecutor,
                        NamespaceString nss,
+                       UserNameIterator authenticatedUsersIter,
                        bool isReadCommitted,
                        BSONObj originatingCommandObj)
         : exec(std::move(planExecutor)),
@@ -60,10 +62,15 @@ struct ClientCursorParams {
           queryOptions(exec->getCanonicalQuery()
                            ? exec->getCanonicalQuery()->getQueryRequest().getOptions()
                            : 0),
-          originatingCommandObj(originatingCommandObj.getOwned()) {}
+          originatingCommandObj(originatingCommandObj.getOwned()) {
+        while (authenticatedUsersIter.more()) {
+            authenticatedUsers.emplace_back(authenticatedUsersIter.next());
+        }
+    }
 
     std::unique_ptr<PlanExecutor> exec;
     const NamespaceString nss;
+    std::vector<UserName> authenticatedUsers;
     bool isReadCommitted = false;
     int queryOptions = 0;
     BSONObj originatingCommandObj;
@@ -97,6 +104,10 @@ public:
         return _nss;
     }
 
+    UserNameIterator getAuthenticatedUsers() const {
+        return makeUserNameIterator(_authenticatedUsers.begin(), _authenticatedUsers.end());
+    }
+
     bool isReadCommitted() const {
         return _isReadCommitted;
     }
@@ -253,6 +264,9 @@ private:
     // The namespace we're operating on.
     const NamespaceString _nss;
 
+    // The set of authenticated users when this cursor was created.
+    std::vector<UserName> _authenticatedUsers;
+
     const bool _isReadCommitted = false;
 
     // A pointer to the CursorManager which owns this cursor. This must be filled out when the
-- 
cgit v1.2.1