Status AuthzManagerExternalStateMongos::updatePrivilegeDocument(
            const UserName& user, const BSONObj& updateObj) {
        try {
            string userNS = mongoutils::str::stream() << user.getDB() << ".system.users";
            scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(userNS));

            conn->get()->update(userNS,
                                QUERY("user" << user.getUser() << "userSource" << BSONNULL),
                                updateObj);

            // 30 second timeout for w:majority
            BSONObj res = conn->get()->getLastErrorDetailed(false, false, -1, 30*1000);
            string err = conn->get()->getLastErrorString(res);
            conn->done();

            if (!err.empty()) {
                return Status(ErrorCodes::UserModificationFailed, err);
            }

            int numUpdated = res["n"].numberInt();
            dassert(numUpdated <= 1 && numUpdated >= 0);
            if (numUpdated == 0) {
                return Status(ErrorCodes::UserNotFound,
                              mongoutils::str::stream() << "User " << user.getFullName() <<
                                      " not found");
            }

            return Status::OK();
        } catch (const DBException& e) {
            return e.toStatus();
        }
    }
    Status AuthzManagerExternalStateMongos::removePrivilegeDocuments(const string& dbname,
                                                                     const BSONObj& query) {
        try {
            string userNS = dbname + ".system.users";
            scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(userNS));

            conn->get()->remove(userNS, query);

            // 30 second timeout for w:majority
            BSONObj res = conn->get()->getLastErrorDetailed(false, false, -1, 30*1000);
            string err = conn->get()->getLastErrorString(res);
            conn->done();

            if (!err.empty()) {
                return Status(ErrorCodes::UserModificationFailed, err);
            }

            int numUpdated = res["n"].numberInt();
            if (numUpdated == 0) {
                return Status(ErrorCodes::UserNotFound,
                              mongoutils::str::stream() << "No users found on database \"" << dbname
                                      << "\" matching query: " << query.toString());
            }
            return Status::OK();
        } catch (const DBException& e) {
            return e.toStatus();
        }
    }
    Status AuthzManagerExternalStateMongos::insertPrivilegeDocument(const string& dbname,
                                                                    const BSONObj& userObj) {
        try {
            string userNS = dbname + ".system.users";
            scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(userNS));

            conn->get()->insert(userNS, userObj);

            // 30 second timeout for w:majority
            BSONObj res = conn->get()->getLastErrorDetailed(false, false, -1, 30*1000);
            string errstr = conn->get()->getLastErrorString(res);
            conn->done();

            if (errstr.empty()) {
                return Status::OK();
            }
            if (res.hasField("code") && res["code"].Int() == ASSERT_ID_DUPKEY) {
                return Status(ErrorCodes::DuplicateKey,
                              mongoutils::str::stream() << "User \"" << userObj["user"].String() <<
                                     "\" already exists on database \"" << dbname << "\"");
            }
            return Status(ErrorCodes::UserModificationFailed, errstr);
        } catch (const DBException& e) {
            return e.toStatus();
        }
    }
Ejemplo n.º 4
0
 bool AuthGlobalExternalStateMongos::_findUser(const string& usersNamespace,
                                               const BSONObj& query,
                                               BSONObj* result) const {
     scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(usersNamespace));
     *result = conn->get()->findOne(usersNamespace, query).getOwned();
     conn->done();
     return !result->isEmpty();
 }
 std::vector<BSONObj> AuthzManagerExternalStateMongos::getAllV1PrivilegeDocsForDB(
         const std::string& dbname) const {
     std::vector<BSONObj> userDocs;
     std::string usersNamespace = dbname + ".system.users";
     scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(usersNamespace));
     conn->get()->findN(userDocs, usersNamespace, Query(), 0);
     conn->done();
     return userDocs;
 }
 Status AuthzManagerExternalStateMongos::_findUser(const string& usersNamespace,
                                                   const BSONObj& query,
                                                   BSONObj* result) {
     try {
         scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(usersNamespace));
         *result = conn->get()->findOne(usersNamespace, query).getOwned();
         conn->done();
         if (result->isEmpty()) {
             return userNotFoundStatus;
         }
         return Status::OK();
     } catch (const DBException& e) {
         return e.toStatus();
     }
 }
    Status AuthzManagerExternalStateMongos::getAllV1PrivilegeDocsForDB(
            const std::string& dbname, std::vector<BSONObj>* privDocs) {
        try {
            std::string usersNamespace = dbname + ".system.users";
            scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(usersNamespace));
            auto_ptr<DBClientCursor> c = conn->get()->query(usersNamespace, Query());

            while (c->more()) {
                privDocs->push_back(c->nextSafe().getOwned());
            }
            conn->done();
            return Status::OK();
        } catch (const DBException& e) {
            return e.toStatus();
        }
    }
    Status AuthzManagerExternalStateMongos::getAllDatabaseNames(
            std::vector<std::string>* dbnames) const {
        std::vector<BSONObj> dbDocs;
        scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection("config.databases"));
        conn->get()->findN(dbDocs, DatabaseType::ConfigNS, Query(), 0);
        conn->done();

        for (std::vector<BSONObj>::const_iterator it = dbDocs.begin();
                it != dbDocs.end(); ++it) {
            DatabaseType dbInfo;
            std::string errmsg;
            if (!dbInfo.parseBSON( *it, &errmsg) || !dbInfo.isValid( &errmsg )) {
                 return Status(ErrorCodes::FailedToParse, errmsg);
            }
            dbnames->push_back(dbInfo.getName());
        }
        dbnames->push_back("config"); // config db isn't listed in config.databases
        return Status::OK();
    }
    Status AuthzManagerExternalStateMongos::getAllDatabaseNames(
            std::vector<std::string>* dbnames) {
        try {
            scoped_ptr<ScopedDbConnection> conn(
                    getConnectionForUsersCollection(DatabaseType::ConfigNS));
            auto_ptr<DBClientCursor> c = conn->get()->query(DatabaseType::ConfigNS, Query());

            while (c->more()) {
                DatabaseType dbInfo;
                std::string errmsg;
                if (!dbInfo.parseBSON( c->nextSafe(), &errmsg) || !dbInfo.isValid( &errmsg )) {
                    return Status(ErrorCodes::FailedToParse, errmsg);
                }
                dbnames->push_back(dbInfo.getName());
            }
            conn->done();
            dbnames->push_back("config"); // config db isn't listed in config.databases
            return Status::OK();
        } catch (const DBException& e) {
            return e.toStatus();
        }
    }