bool run(OperationContext* txn,
const string& dbname,
BSONObj& cmdObj,
int options,
string& errmsg,
BSONObjBuilder& result) {
const bool ok = grid.catalogManager(txn)->runUserManagementWriteCommand(
txn, this->name, dbname, cmdObj, &result);
AuthorizationManager* authzManager = getGlobalAuthorizationManager();
invariant(authzManager);
authzManager->invalidateUsersFromDB(dbname);
return ok;
}
bool run(const string& dbname,
BSONObj& cmdObj,
int options,
string& errmsg,
BSONObjBuilder& result,
bool fromRepl) {
AuthorizationManager* authzManager = getGlobalAuthorizationManager();
AuthzDocumentsUpdateGuard updateGuard(authzManager);
if (!updateGuard.tryLock("Remove all users from database")) {
addStatus(Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."),
result);
return false;
}
BSONObj writeConcern;
Status status = auth::parseAndValidateRemoveUsersFromDatabaseCommand(cmdObj,
dbname,
&writeConcern);
if (!status.isOK()) {
addStatus(status, result);
return false;
}
int numRemoved;
status = authzManager->removePrivilegeDocuments(
BSON(AuthorizationManager::USER_SOURCE_FIELD_NAME << dbname),
writeConcern,
&numRemoved);
// Must invalidate even on bad status - what if the write succeeded but the GLE failed?
authzManager->invalidateUsersFromDB(dbname);
if (!status.isOK()) {
addStatus(status, result);
return false;
}
result.append("n", numRemoved);
return true;
}