std::string PolicyKey::toString(void) const {
std::stringstream ss;
ss << client().toString() << "\t"
<< user().toString() << "\t"
<< privilege().toString();
return ss.str();
}
void AuthorizationManager::grantInternalAuthorization() {
Principal* internalPrincipal = new Principal("__system");
_authenticatedPrincipals.add(internalPrincipal);
ActionSet allActions;
allActions.addAllActions();
AcquiredPrivilege privilege(Privilege("*", allActions), internalPrincipal);
Status status = acquirePrivilege(privilege);
verify (status == Status::OK());
}
// TODO: remove this default implementation so that all Command subclasses have to explicitly
// declare their own.
void Command::addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
if (!requiresAuth()) {
return;
}
ActionSet actions;
actions.addAction(locktype() == WRITE ? ActionType::oldWrite : ActionType::oldRead);
Privilege privilege(adminOnly() ? "admin" : dbname, actions);
out->push_back(privilege);
}
