Status AuthzManagerExternalStateMongos::updatePrivilegeDocument( const UserName& user, const BSONObj& updateObj) { try { string userNS = mongoutils::str::stream() << user.getDB() << ".system.users"; scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(userNS)); conn->get()->update(userNS, QUERY("user" << user.getUser() << "userSource" << BSONNULL), updateObj); // 30 second timeout for w:majority BSONObj res = conn->get()->getLastErrorDetailed(false, false, -1, 30*1000); string err = conn->get()->getLastErrorString(res); conn->done(); if (!err.empty()) { return Status(ErrorCodes::UserModificationFailed, err); } int numUpdated = res["n"].numberInt(); dassert(numUpdated <= 1 && numUpdated >= 0); if (numUpdated == 0) { return Status(ErrorCodes::UserNotFound, mongoutils::str::stream() << "User " << user.getFullName() << " not found"); } return Status::OK(); } catch (const DBException& e) { return e.toStatus(); } }
Status AuthzManagerExternalStateMongos::removePrivilegeDocuments(const string& dbname, const BSONObj& query) { try { string userNS = dbname + ".system.users"; scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(userNS)); conn->get()->remove(userNS, query); // 30 second timeout for w:majority BSONObj res = conn->get()->getLastErrorDetailed(false, false, -1, 30*1000); string err = conn->get()->getLastErrorString(res); conn->done(); if (!err.empty()) { return Status(ErrorCodes::UserModificationFailed, err); } int numUpdated = res["n"].numberInt(); if (numUpdated == 0) { return Status(ErrorCodes::UserNotFound, mongoutils::str::stream() << "No users found on database \"" << dbname << "\" matching query: " << query.toString()); } return Status::OK(); } catch (const DBException& e) { return e.toStatus(); } }
Status AuthzManagerExternalStateMongos::insertPrivilegeDocument(const string& dbname, const BSONObj& userObj) { try { string userNS = dbname + ".system.users"; scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(userNS)); conn->get()->insert(userNS, userObj); // 30 second timeout for w:majority BSONObj res = conn->get()->getLastErrorDetailed(false, false, -1, 30*1000); string errstr = conn->get()->getLastErrorString(res); conn->done(); if (errstr.empty()) { return Status::OK(); } if (res.hasField("code") && res["code"].Int() == ASSERT_ID_DUPKEY) { return Status(ErrorCodes::DuplicateKey, mongoutils::str::stream() << "User \"" << userObj["user"].String() << "\" already exists on database \"" << dbname << "\""); } return Status(ErrorCodes::UserModificationFailed, errstr); } catch (const DBException& e) { return e.toStatus(); } }
bool AuthGlobalExternalStateMongos::_findUser(const string& usersNamespace, const BSONObj& query, BSONObj* result) const { scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(usersNamespace)); *result = conn->get()->findOne(usersNamespace, query).getOwned(); conn->done(); return !result->isEmpty(); }
std::vector<BSONObj> AuthzManagerExternalStateMongos::getAllV1PrivilegeDocsForDB( const std::string& dbname) const { std::vector<BSONObj> userDocs; std::string usersNamespace = dbname + ".system.users"; scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(usersNamespace)); conn->get()->findN(userDocs, usersNamespace, Query(), 0); conn->done(); return userDocs; }
Status AuthzManagerExternalStateMongos::_findUser(const string& usersNamespace, const BSONObj& query, BSONObj* result) { try { scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(usersNamespace)); *result = conn->get()->findOne(usersNamespace, query).getOwned(); conn->done(); if (result->isEmpty()) { return userNotFoundStatus; } return Status::OK(); } catch (const DBException& e) { return e.toStatus(); } }
Status AuthzManagerExternalStateMongos::getAllV1PrivilegeDocsForDB( const std::string& dbname, std::vector<BSONObj>* privDocs) { try { std::string usersNamespace = dbname + ".system.users"; scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(usersNamespace)); auto_ptr<DBClientCursor> c = conn->get()->query(usersNamespace, Query()); while (c->more()) { privDocs->push_back(c->nextSafe().getOwned()); } conn->done(); return Status::OK(); } catch (const DBException& e) { return e.toStatus(); } }
Status AuthzManagerExternalStateMongos::getAllDatabaseNames( std::vector<std::string>* dbnames) const { std::vector<BSONObj> dbDocs; scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection("config.databases")); conn->get()->findN(dbDocs, DatabaseType::ConfigNS, Query(), 0); conn->done(); for (std::vector<BSONObj>::const_iterator it = dbDocs.begin(); it != dbDocs.end(); ++it) { DatabaseType dbInfo; std::string errmsg; if (!dbInfo.parseBSON( *it, &errmsg) || !dbInfo.isValid( &errmsg )) { return Status(ErrorCodes::FailedToParse, errmsg); } dbnames->push_back(dbInfo.getName()); } dbnames->push_back("config"); // config db isn't listed in config.databases return Status::OK(); }
Status AuthzManagerExternalStateMongos::getAllDatabaseNames( std::vector<std::string>* dbnames) { try { scoped_ptr<ScopedDbConnection> conn( getConnectionForUsersCollection(DatabaseType::ConfigNS)); auto_ptr<DBClientCursor> c = conn->get()->query(DatabaseType::ConfigNS, Query()); while (c->more()) { DatabaseType dbInfo; std::string errmsg; if (!dbInfo.parseBSON( c->nextSafe(), &errmsg) || !dbInfo.isValid( &errmsg )) { return Status(ErrorCodes::FailedToParse, errmsg); } dbnames->push_back(dbInfo.getName()); } conn->done(); dbnames->push_back("config"); // config db isn't listed in config.databases return Status::OK(); } catch (const DBException& e) { return e.toStatus(); } }