Esempi in C++ (Cpp) per AuthorizationSession::checkAuthForPrivileges

Linguaggio di programmazione: C++ (Cpp)

Classe/tipologia: AuthorizationSession

Metodo/funzione: checkAuthForPrivileges

Esempi su hotexamples.com: 2

AuthorizationSession::checkAuthForPrivileges in C++ (Cpp): 2 esempi trovati. Questi sono i migliori esempi reali in C++ (Cpp) per AuthorizationSession::checkAuthForPrivileges, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Metodi utilizzati di frequente

Mostra Nascondi

isAuthorizedForActionsOnResource(24)

getAuthenticatedUserNames(5)

grantInternalAuthorization(5)

lookupUser(4)

addAndAuthorizeUser(4)

getAuthorizationManager(3)

logoutDatabase(2)

isCoauthorizedWithClient(2)

addAndAuthorizePrincipal(2)

checkAuthForQuery(2)

addAuthorizedPrincipal(2)

checkAuthForPrivileges(2)

checkAuthForKillCursors(2)

checkAuthForFind(2)

checkAuthForGetMore(2)

getAuthenticatedRoleNames(1)

isAuthorizedToChangeOwnCustomDataAsUser(1)

isAuthorizedToListCollections(1)

isAuthorizedToCreateRole(1)

isAuthorizedToChangeOwnPasswordAsUser(1)

isAuthorizedForAnyActionOnResource(1)

isAuthorizedForPrivileges(1)

isAuthorizedForPrivilege(1)

checkAuthorization(1)

isAuthorizedForActionsOnNamespace(1)

isAuthenticatedAsUserWithRole(1)

getSingleUser(1)

isAuthenticated(1)

Esempio n. 1

Mostra file

File: s_only.cpp Progetto: Aricg/mongo

    void Command::execCommandClientBasic(Command * c ,
                                         ClientBasic& client,
                                         int queryOptions,
                                         const char *ns,
                                         BSONObj& cmdObj,
                                         BSONObjBuilder& result,
                                         bool fromRepl ) {
        verify(c);

        std::string dbname = nsToDatabase(ns);

        // Access control checks
        if (AuthorizationManager::isAuthEnabled()) {
            std::vector<Privilege> privileges;
            c->addRequiredPrivileges(dbname, cmdObj, &privileges);
            AuthorizationSession* authSession = client.getAuthorizationSession();
            if (!authSession->checkAuthForPrivileges(privileges).isOK()) {
                result.append("note", str::stream() << "not authorized for command: " <<
                                    c->name << " on database " << dbname);
                appendCommandStatus(result, false, "unauthorized");
                return;
            }
        }
        if (c->adminOnly() &&
                c->localHostOnlyIfNoAuth(cmdObj) &&
                !AuthorizationManager::isAuthEnabled() &&
                !client.getIsLocalHostConnection()) {
            log() << "command denied: " << cmdObj.toString() << endl;
            appendCommandStatus(result,
                               false,
                               "unauthorized: this command must run from localhost when running db "
                               "without auth");
            return;
        }
        if (c->adminOnly() && !startsWith(ns, "admin.")) {
            log() << "command denied: " << cmdObj.toString() << endl;
            appendCommandStatus(result, false, "access denied - use admin db");
            return;
        }
        // End of access control checks

        if (cmdObj.getBoolField("help")) {
            stringstream help;
            help << "help for: " << c->name << " ";
            c->help( help );
            result.append( "help" , help.str() );
            result.append( "lockType" , c->locktype() );
            appendCommandStatus(result, true, "");
            return;
        }
        std::string errmsg;
        bool ok;
        try {
            ok = c->run( dbname , cmdObj, queryOptions, errmsg, result, false );
        }
        catch (DBException& e) {
            ok = false;
            int code = e.getCode();
            if (code == RecvStaleConfigCode) { // code for StaleConfigException
                throw;
            }

            stringstream ss;
            ss << "exception: " << e.what();
            errmsg = ss.str();
            result.append( "code" , code );
        }

        appendCommandStatus(result, ok, errmsg);
    }

Esempio n. 2

Mostra file

File: server_status.cpp Progetto: ChowZenki/mongo

        bool run(const string& dbname, BSONObj& cmdObj, int, string& errmsg, BSONObjBuilder& result, bool fromRepl) {
            
            _runCalled = true;

            long long start = Listener::getElapsedTimeMillis();
            BSONObjBuilder timeBuilder(256);

            const ClientBasic* myClientBasic = ClientBasic::getCurrent();
            AuthorizationSession* authSession = myClientBasic->getAuthorizationSession();
            
            // --- basic fields that are global

            result.append("host", prettyHostName() );
            result.append("version", versionString);
            result.append("process",cmdLine.binaryName);
            result.append("pid", ProcessId::getCurrent().asLongLong());
            result.append("uptime",(double) (time(0)-cmdLine.started));
            result.append("uptimeMillis", (long long)(curTimeMillis64()-_started));
            result.append("uptimeEstimate",(double) (start/1000));
            result.appendDate( "localTime" , jsTime() );

            timeBuilder.appendNumber( "after basic" , Listener::getElapsedTimeMillis() - start );
            
            // --- all sections
            
            for ( SectionMap::const_iterator i = _sections->begin(); i != _sections->end(); ++i ) {
                ServerStatusSection* section = i->second;
                
                std::vector<Privilege> requiredPrivileges;
                section->addRequiredPrivileges(&requiredPrivileges);
                if (!authSession->checkAuthForPrivileges(requiredPrivileges).isOK())
                    continue;

                bool include = section->includeByDefault();
                
                BSONElement e = cmdObj[section->getSectionName()];
                if ( e.type() ) {
                    include = e.trueValue();
                }
                
                if ( ! include )
                    continue;
                
                BSONObj data = section->generateSection(e);
                if ( data.isEmpty() )
                    continue;

                result.append( section->getSectionName(), data );
                timeBuilder.appendNumber( static_cast<string>(str::stream() << "after " << section->getSectionName()), 
                                          Listener::getElapsedTimeMillis() - start );
            }

            // --- counters
            bool includeMetricTree = MetricTree::theMetricTree != NULL;
            if ( cmdObj["metrics"].type() && !cmdObj["metrics"].trueValue() )
                includeMetricTree = false;

            if ( includeMetricTree ) {
                MetricTree::theMetricTree->appendTo( result );
            }

            // --- some hard coded global things hard to pull out

            {
                RamLog::LineIterator rl(RamLog::get("warnings"));
                if (rl.lastWrite() >= time(0)-(10*60)){  // only show warnings from last 10 minutes
                    BSONArrayBuilder arr(result.subarrayStart("warnings"));
                    while (rl.more()) {
                        arr.append(rl.next());
                    }
                    arr.done();
                }
            }

            timeBuilder.appendNumber( "at end" , Listener::getElapsedTimeMillis() - start );
            if ( Listener::getElapsedTimeMillis() - start > 1000 ) {
                BSONObj t = timeBuilder.obj();
                log() << "serverStatus was very slow: " << t << endl;
                result.append( "timing" , t );
            }

            return true;
        }