void AuthorizationManager::_invalidateRelevantCacheData(const char* op,
const char* ns,
const BSONObj& o,
const BSONObj* o2) {
if (ns == AuthorizationManager::rolesCollectionNamespace.ns() ||
ns == AuthorizationManager::versionCollectionNamespace.ns()) {
invalidateUserCache();
return;
}
if (*op == 'i' || *op == 'd' || *op == 'u') {
// If you got into this function isAuthzNamespace() must have returned true, and we've
// already checked that it's not the roles or version collection.
invariant(ns == AuthorizationManager::usersCollectionNamespace.ns());
StatusWith<UserName> userName(Status::OK());
if (*op == 'u') {
userName = extractUserNameFromIdString((*o2)["_id"].str());
} else {
userName = extractUserNameFromIdString(o["_id"].str());
}
if (!userName.isOK()) {
warning() << "Invalidating user cache based on user being updated failed, will "
"invalidate the entire cache instead: " << userName.getStatus() << endl;
invalidateUserCache();
return;
}
invalidateUserByName(userName.getValue());
} else {
invalidateUserCache();
}
}
Status AuthorizationManager::initialize() {
invalidateUserCache();
Status status = _externalState->initialize();
if (!status.isOK())
return status;
return Status::OK();
}
Status AuthorizationManagerImpl::initialize(OperationContext* opCtx) {
invalidateUserCache();
Status status = _externalState->initialize(opCtx);
if (!status.isOK())
return status;
return Status::OK();
}
Status AuthorizationManagerImpl::initialize(OperationContext* opCtx) {
Status status = _externalState->initialize(opCtx);
if (!status.isOK())
return status;
authorizationManagerPinnedUsers.setAuthzManager(this);
invalidateUserCache(opCtx);
return Status::OK();
}
Status AuthorizationManager::upgradeSchema(
OperationContext* txn, int maxSteps, const BSONObj& writeConcern) {
if (maxSteps < 1) {
return Status(ErrorCodes::BadValue,
"Minimum value for maxSteps parameter to upgradeSchema is 1");
}
invalidateUserCache();
for (int i = 0; i < maxSteps; ++i) {
bool isDone;
Status status = upgradeSchemaStep(txn, writeConcern, &isDone);
invalidateUserCache();
if (!status.isOK() || isDone) {
return status;
}
}
return Status(ErrorCodes::OperationIncomplete, mongoutils::str::stream() <<
"Auth schema upgrade incomplete after " << maxSteps << " successful steps.");
}
