bool run(const string&, BSONObj& cmdObj, int, string& errmsg,
BSONObjBuilder& result, bool fromRepl) {
AuthorizationSession* authSession =
ClientBasic::getCurrent()->getAuthorizationSession();
BSONObjBuilder authInfo(result.subobjStart("authInfo"));
{
BSONArrayBuilder authenticatedUsers(authInfo.subarrayStart("authenticatedUsers"));
UserNameIterator nameIter = authSession->getAuthenticatedUserNames();
for ( ; nameIter.more(); nameIter.next()) {
BSONObjBuilder userInfoBuilder(authenticatedUsers.subobjStart());
userInfoBuilder.append(AuthorizationManager::USER_NAME_FIELD_NAME,
nameIter->getUser());
userInfoBuilder.append(AuthorizationManager::USER_DB_FIELD_NAME,
nameIter->getDB());
userInfoBuilder.doneFast();
}
authenticatedUsers.doneFast();
}
authInfo.doneFast();
return true;
}
bool run(OperationContext* txn,
const string&,
BSONObj& cmdObj,
int,
string& errmsg,
BSONObjBuilder& result) {
AuthorizationSession* authSession = AuthorizationSession::get(ClientBasic::getCurrent());
bool showPrivileges;
Status status =
bsonExtractBooleanFieldWithDefault(cmdObj, "showPrivileges", false, &showPrivileges);
if (!status.isOK()) {
return appendCommandStatus(result, status);
}
BSONObjBuilder authInfo(result.subobjStart("authInfo"));
{
BSONArrayBuilder authenticatedUsers(authInfo.subarrayStart("authenticatedUsers"));
UserNameIterator nameIter = authSession->getAuthenticatedUserNames();
for (; nameIter.more(); nameIter.next()) {
BSONObjBuilder userInfoBuilder(authenticatedUsers.subobjStart());
userInfoBuilder.append(AuthorizationManager::USER_NAME_FIELD_NAME,
nameIter->getUser());
userInfoBuilder.append(AuthorizationManager::USER_DB_FIELD_NAME, nameIter->getDB());
}
}
{
BSONArrayBuilder authenticatedRoles(authInfo.subarrayStart("authenticatedUserRoles"));
RoleNameIterator roleIter = authSession->getAuthenticatedRoleNames();
for (; roleIter.more(); roleIter.next()) {
BSONObjBuilder roleInfoBuilder(authenticatedRoles.subobjStart());
roleInfoBuilder.append(AuthorizationManager::ROLE_NAME_FIELD_NAME,
roleIter->getRole());
roleInfoBuilder.append(AuthorizationManager::ROLE_DB_FIELD_NAME, roleIter->getDB());
}
}
if (showPrivileges) {
BSONArrayBuilder authenticatedPrivileges(
authInfo.subarrayStart("authenticatedUserPrivileges"));
// Create a unified map of resources to privileges, to avoid duplicate
// entries in the connection status output.
User::ResourcePrivilegeMap unifiedResourcePrivilegeMap;
UserNameIterator nameIter = authSession->getAuthenticatedUserNames();
for (; nameIter.more(); nameIter.next()) {
User* authUser = authSession->lookupUser(*nameIter);
const User::ResourcePrivilegeMap& resourcePrivilegeMap = authUser->getPrivileges();
for (User::ResourcePrivilegeMap::const_iterator it = resourcePrivilegeMap.begin();
it != resourcePrivilegeMap.end();
++it) {
if (unifiedResourcePrivilegeMap.find(it->first) ==
unifiedResourcePrivilegeMap.end()) {
unifiedResourcePrivilegeMap[it->first] = it->second;
} else {
unifiedResourcePrivilegeMap[it->first].addActions(it->second.getActions());
}
}
}
for (User::ResourcePrivilegeMap::const_iterator it =
unifiedResourcePrivilegeMap.begin();
it != unifiedResourcePrivilegeMap.end();
++it) {
authenticatedPrivileges << it->second.toBSON();
}
}
authInfo.doneFast();
return true;
}