MojErr MojDbIndex::addWatch(const MojDbQueryPlan& plan, MojDbCursor& cursor, MojDbWatcher* watcher, MojDbReq& req)
{
MojAssert(watcher);
MojLogTrace(s_log);
// TODO: use interval tree instead of vector for watches
MojThreadWriteGuard guard(m_lock);
MojErr err = m_watcherVec.push(watcher);
MojErrCheck(err);
// update count map
watcher->domain(req.domain());
WatcherMap::Iterator iter;
err = m_watcherMap.find(req.domain(), iter);
MojErrCheck(err);
if (iter == m_watcherMap.end()) {
err = m_watcherMap.put(req.domain(), 1);
MojErrCheck(err);
} else {
iter.value() += 1;
if (iter.value() > WatchWarningThreshold) {
MojLogWarning(s_log, _T("db:'%s' has %zd watches open on index '%s - %s'"),
req.domain().data(), iter.value(), m_kind->id().data(), m_name.data());
}
}
MojLogInfo(s_log, _T("DbIndex_addWatch - '%s' on index '%s - %s'"),
req.domain().data(), m_kind->id().data(), m_name.data());
// drop lock before acquiring watcher mutex in init
guard.unlock();
watcher->init(this, plan.ranges(), plan.desc(), false);
return MojErrNone;
}
MojDbPermissionEngine::Value MojDbKind::objectPermission(const MojChar* op, MojDbReq& req)
{
MojDbPermissionEngine::Value val = m_kindEngine->permissionEngine()->
check(PermissionType, m_id, req.domain(), op);
if (val == MojDbPermissionEngine::ValueUndefined && !m_supers.empty()) {
val = m_supers[0]->objectPermission(op, req);
}
return val;
}
MojErr MojDbKind::deny(MojDbReq& req)
{
MojLogWarning(s_log, _T("db: permission denied for caller '%s' on kind '%s'"), req.domain().data(), m_id.data());
if (m_kindEngine->permissionEngine()->enabled()) {
// don't leak any information in an error message
MojErrThrow(MojErrDbPermissionDenied);
}
return MojErrNone;
}
MojErr MojDbIndex::addWatch(const MojDbQueryPlan& plan, MojDbCursor& cursor, MojDbWatcher* watcher, MojDbReq& req)
{
LOG_TRACE("Entering function %s", __FUNCTION__);
MojAssert(watcher);
// TODO: use interval tree instead of vector for watches
MojThreadWriteGuard guard(m_lock);
MojErr err = m_watcherVec.push(watcher);
MojErrCheck(err);
// update count map
watcher->domain(req.domain());
WatcherMap::Iterator iter;
err = m_watcherMap.find(req.domain(), iter);
MojErrCheck(err);
if (iter == m_watcherMap.end()) {
err = m_watcherMap.put(req.domain(), 1);
MojErrCheck(err);
} else {
iter.value() += 1;
if (iter.value() > WatchWarningThreshold) {
LOG_WARNING(MSGID_MOJ_DB_INDEX_WARNING, 4,
PMLOGKS("domain", req.domain().data()),
PMLOGKFV("iter", "%zd", iter.value()),
PMLOGKS("kindId", m_kind->id().data()),
PMLOGKS("name", m_name.data()),
"db:'domain' has 'iter' watches open on index 'kindId - name'");
}
}
LOG_DEBUG("[db_mojodb] DbIndex_addWatch - '%s' on index '%s - %s'",
req.domain().data(), m_kind->id().data(), m_name.data());
// drop lock before acquiring watcher mutex in init
guard.unlock();
watcher->init(this, plan.ranges(), plan.desc(), false);
return MojErrNone;
}
bool MojDbKind::hasOwnerPermission(MojDbReq& req)
{
return (req.admin() || req.domain() == m_owner);
}