本文整理汇总了C++中UserName类的典型用法代码示例。如果您正苦于以下问题:C++ UserName类的具体用法?C++ UserName怎么用?C++ UserName使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了UserName类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: getUserDescription
Status AuthzManagerExternalStateMongos::getUserDescription(OperationContext* txn,
const UserName& userName,
BSONObj* result) {
BSONObj usersInfoCmd =
BSON("usersInfo" << BSON_ARRAY(BSON(AuthorizationManager::USER_NAME_FIELD_NAME
<< userName.getUser()
<< AuthorizationManager::USER_DB_FIELD_NAME
<< userName.getDB())) << "showPrivileges" << true
<< "showCredentials" << true);
BSONObjBuilder builder;
const bool ok = grid.catalogManager(txn)
->runUserManagementReadCommand(txn, "admin", usersInfoCmd, &builder);
BSONObj cmdResult = builder.obj();
if (!ok) {
return Command::getStatusFromCommandResult(cmdResult);
}
std::vector<BSONElement> foundUsers = cmdResult["users"].Array();
if (foundUsers.size() == 0) {
return Status(ErrorCodes::UserNotFound, "User \"" + userName.toString() + "\" not found");
}
if (foundUsers.size() > 1) {
return Status(ErrorCodes::UserDataInconsistent,
str::stream() << "Found multiple users on the \"" << userName.getDB()
<< "\" database with name \"" << userName.getUser() << "\"");
}
*result = foundUsers[0].Obj().getOwned();
return Status::OK();
}
开发者ID:CeperaCPP,项目名称:mongo,代码行数:30,代码来源:authz_manager_external_state_s.cpp
示例2: updatePrivilegeDocument
Status AuthzManagerExternalStateMongod::updatePrivilegeDocument(
const UserName& user, const BSONObj& updateObj) const {
string userNS = mongoutils::str::stream() << user.getDB() << ".system.users";
Client::GodScope gs;
Client::WriteContext ctx(userNS);
DBDirectClient client;
client.update(userNS,
QUERY("user" << user.getUser() << "userSource" << BSONNULL),
updateObj);
// 30 second timeout for w:majority
BSONObj res = client.getLastErrorDetailed(false, false, -1, 30*1000);
string err = client.getLastErrorString(res);
if (!err.empty()) {
return Status(ErrorCodes::UserModificationFailed, err);
}
int numUpdated = res["n"].numberInt();
dassert(numUpdated <= 1 && numUpdated >= 0);
if (numUpdated == 0) {
return Status(ErrorCodes::UserNotFound,
mongoutils::str::stream() << "User " << user.getFullName() <<
" not found");
}
return Status::OK();
}
开发者ID:ayonsinha,项目名称:mongo,代码行数:28,代码来源:authz_manager_external_state_d.cpp
示例3: _buildPrivilegeSetFromOldStylePrivilegeDocument
Status AuthorizationManager::_buildPrivilegeSetFromOldStylePrivilegeDocument(
const std::string& dbname,
const UserName& user,
const BSONObj& privilegeDocument,
PrivilegeSet* result) const {
if (!(privilegeDocument.hasField(AuthorizationManager::USER_NAME_FIELD_NAME) &&
privilegeDocument.hasField(AuthorizationManager::PASSWORD_FIELD_NAME))) {
return Status(ErrorCodes::UnsupportedFormat,
mongoutils::str::stream() << "Invalid old-style privilege document "
"received when trying to extract privileges: "
<< privilegeDocument,
0);
}
std::string userName = privilegeDocument[AuthorizationManager::USER_NAME_FIELD_NAME].str();
if (userName != user.getUser()) {
return Status(ErrorCodes::BadValue,
mongoutils::str::stream() << "Principal name from privilege document \""
<< userName
<< "\" doesn't match name of provided Principal \""
<< user.getUser()
<< "\"",
0);
}
bool readOnly = privilegeDocument[READONLY_FIELD_NAME].trueValue();
ActionSet actions = getActionsForOldStyleUser(dbname, readOnly);
std::string resourceName = (dbname == ADMIN_DBNAME || dbname == LOCAL_DBNAME) ?
PrivilegeSet::WILDCARD_RESOURCE : dbname;
result->grantPrivilege(Privilege(resourceName, actions), user);
return Status::OK();
}
开发者ID:igagnidz,项目名称:mongo,代码行数:33,代码来源:authorization_manager.cpp
示例4: getUserDescription
Status AuthzManagerExternalStateMongos::getUserDescription(const UserName& userName,
BSONObj* result) {
try {
scoped_ptr<ScopedDbConnection> conn(getConnectionForAuthzCollection(
AuthorizationManager::usersCollectionNamespace));
BSONObj cmdResult;
conn->get()->runCommand(
"admin",
BSON("usersInfo" <<
BSON_ARRAY(BSON(AuthorizationManager::USER_NAME_FIELD_NAME <<
userName.getUser() <<
AuthorizationManager::USER_SOURCE_FIELD_NAME <<
userName.getDB())) <<
"showPrivileges" << true <<
"showCredentials" << true),
cmdResult);
if (!cmdResult["ok"].trueValue()) {
int code = cmdResult["code"].numberInt();
if (code == 0) code = ErrorCodes::UnknownError;
return Status(ErrorCodes::Error(code), cmdResult["errmsg"].str());
}
*result = cmdResult["users"]["0"].Obj().getOwned();
conn->done();
return Status::OK();
} catch (const DBException& e) {
return e.toStatus();
}
}
开发者ID:ashleybrener,项目名称:mongo,代码行数:28,代码来源:authz_manager_external_state_s.cpp
示例5: updatePrivilegeDocument
Status AuthzManagerExternalStateMongos::updatePrivilegeDocument(
const UserName& user, const BSONObj& updateObj) {
try {
string userNS = mongoutils::str::stream() << user.getDB() << ".system.users";
scoped_ptr<ScopedDbConnection> conn(getConnectionForUsersCollection(userNS));
conn->get()->update(userNS,
QUERY("user" << user.getUser() << "userSource" << BSONNULL),
updateObj);
// 30 second timeout for w:majority
BSONObj res = conn->get()->getLastErrorDetailed(false, false, -1, 30*1000);
string err = conn->get()->getLastErrorString(res);
conn->done();
if (!err.empty()) {
return Status(ErrorCodes::UserModificationFailed, err);
}
int numUpdated = res["n"].numberInt();
dassert(numUpdated <= 1 && numUpdated >= 0);
if (numUpdated == 0) {
return Status(ErrorCodes::UserNotFound,
mongoutils::str::stream() << "User " << user.getFullName() <<
" not found");
}
return Status::OK();
} catch (const DBException& e) {
return e.toStatus();
}
}
开发者ID:man27382210,项目名称:mongo,代码行数:32,代码来源:authz_manager_external_state_s.cpp
示例6: _getUserDocument
Status AuthzManagerExternalStateMongod::_getUserDocument(const UserName& userName,
BSONObj* userDoc) {
Client::ReadContext ctx("admin");
int authzVersion;
Status status = getStoredAuthorizationVersion(&authzVersion);
if (!status.isOK())
return status;
switch (authzVersion) {
case AuthorizationManager::schemaVersion26Upgrade:
case AuthorizationManager::schemaVersion26Final:
break;
default:
return Status(ErrorCodes::AuthSchemaIncompatible, mongoutils::str::stream() <<
"Unsupported schema version for getUserDescription(): " <<
authzVersion);
}
status = findOne(
(authzVersion == AuthorizationManager::schemaVersion26Final ?
AuthorizationManager::usersCollectionNamespace :
AuthorizationManager::usersAltCollectionNamespace),
BSON(AuthorizationManager::USER_NAME_FIELD_NAME << userName.getUser() <<
AuthorizationManager::USER_DB_FIELD_NAME << userName.getDB()),
userDoc);
if (status == ErrorCodes::NoMatchingDocument) {
status = Status(ErrorCodes::UserNotFound, mongoutils::str::stream() <<
"Could not find user " << userName.getFullName());
}
return status;
}
开发者ID:Attnaorg,项目名称:mongo,代码行数:32,代码来源:authz_manager_external_state_d.cpp
示例7: getPrivilegeDocument
Status AuthzManagerExternalState::getPrivilegeDocument(const UserName& userName,
int authzVersion,
BSONObj* result) {
if (userName == internalSecurity.user->getName()) {
return Status(ErrorCodes::InternalError,
"Requested privilege document for the internal user");
}
StringData dbname = userName.getDB();
// Make sure the dbname is actually a database
if (dbname == StringData("$external", StringData::LiteralTag()) ||
dbname == AuthorizationManager::SERVER_RESOURCE_NAME ||
dbname == AuthorizationManager::CLUSTER_RESOURCE_NAME) {
return Status(ErrorCodes::UserNotFound,
mongoutils::str::stream() << "No privilege documents stored in the " <<
dbname << " user source.");
}
if (!NamespaceString::validDBName(dbname)) {
return Status(ErrorCodes::BadValue,
mongoutils::str::stream() << "Bad database name \"" << dbname << "\"");
}
// Build the query needed to get the privilege document
std::string usersNamespace;
BSONObjBuilder queryBuilder;
if (authzVersion == 1) {
usersNamespace = mongoutils::str::stream() << dbname << ".system.users";
queryBuilder.append(AuthorizationManager::V1_USER_NAME_FIELD_NAME, userName.getUser());
queryBuilder.appendNull(AuthorizationManager::V1_USER_SOURCE_FIELD_NAME);
} else if (authzVersion == 2) {
usersNamespace = "admin.system.users";
queryBuilder.append(AuthorizationManager::USER_NAME_FIELD_NAME, userName.getUser());
queryBuilder.append(AuthorizationManager::USER_SOURCE_FIELD_NAME, userName.getDB());
} else {
return Status(ErrorCodes::UnsupportedFormat,
mongoutils::str::stream() <<
"Unrecognized authorization format version: " << authzVersion);
}
// Query for the privilege document
BSONObj userBSONObj;
Status found = _findUser(usersNamespace, queryBuilder.obj(), &userBSONObj);
if (!found.isOK()) {
if (found.code() == ErrorCodes::UserNotFound) {
// Return more detailed status that includes user name.
return Status(ErrorCodes::UserNotFound,
mongoutils::str::stream() << "auth: couldn't find user " <<
userName.toString() << ", " << usersNamespace,
0);
} else {
return found;
}
}
*result = userBSONObj.getOwned();
return Status::OK();
}
开发者ID:man27382210,项目名称:mongo,代码行数:59,代码来源:authz_manager_external_state.cpp
示例8: getPrivilegeDocument
Status AuthzManagerExternalState::getPrivilegeDocument(const std::string& dbname,
const UserName& userName,
BSONObj* result) const {
if (dbname == StringData("$external", StringData::LiteralTag()) ||
dbname == AuthorizationManager::SERVER_RESOURCE_NAME ||
dbname == AuthorizationManager::CLUSTER_RESOURCE_NAME) {
return Status(ErrorCodes::UserNotFound,
mongoutils::str::stream() << "No privilege documents stored in the " <<
dbname << " user source.");
}
if (!NamespaceString::validDBName(dbname)) {
return Status(ErrorCodes::BadValue, "Bad database name \"" + dbname + "\"");
}
if (userName == internalSecurity.user) {
if (internalSecurity.pwd.empty()) {
return Status(ErrorCodes::UserNotFound,
"key file must be used to log in with internal user",
15889);
}
*result = BSON(AuthorizationManager::USER_NAME_FIELD_NAME <<
internalSecurity.user.getUser() <<
AuthorizationManager::PASSWORD_FIELD_NAME <<
internalSecurity.pwd).getOwned();
return Status::OK();
}
std::string usersNamespace = dbname + ".system.users";
BSONObj userBSONObj;
BSONObjBuilder queryBuilder;
queryBuilder.append(AuthorizationManager::USER_NAME_FIELD_NAME, userName.getUser());
if (userName.getDB() == dbname) {
queryBuilder.appendNull(AuthorizationManager::USER_SOURCE_FIELD_NAME);
}
else {
queryBuilder.append(AuthorizationManager::USER_SOURCE_FIELD_NAME,
userName.getDB());
}
Status found = _findUser(usersNamespace, queryBuilder.obj(), &userBSONObj);
if (!found.isOK()) {
if (found.code() == ErrorCodes::UserNotFound) {
// Return more detailed status that includes user name.
return Status(ErrorCodes::UserNotFound,
mongoutils::str::stream() << "auth: couldn't find user " <<
userName.toString() << ", " << usersNamespace,
0);
} else {
return found;
}
}
*result = userBSONObj.getOwned();
return Status::OK();
}
开发者ID:duraidxg,项目名称:mongo,代码行数:58,代码来源:authz_manager_external_state.cpp
示例9: uassertStatusOK
void SASLServerMechanismRegistry::advertiseMechanismNamesForUser(OperationContext* opCtx,
const BSONObj& isMasterCmd,
BSONObjBuilder* builder) {
BSONElement saslSupportedMechs = isMasterCmd["saslSupportedMechs"];
if (saslSupportedMechs.type() == BSONType::String) {
UserName userName = uassertStatusOK(UserName::parse(saslSupportedMechs.String()));
// Authenticating the [email protected] user to the admin database on mongos is required
// by the auth passthrough test suite.
if (getTestCommandsEnabled() &&
userName.getUser() == internalSecurity.user->getName().getUser() &&
userName.getDB() == "admin") {
userName = internalSecurity.user->getName();
}
AuthorizationManager* authManager = AuthorizationManager::get(opCtx->getServiceContext());
UserHandle user;
const auto swUser = authManager->acquireUser(opCtx, userName);
if (!swUser.isOK()) {
auto& status = swUser.getStatus();
if (status.code() == ErrorCodes::UserNotFound) {
log() << "Supported SASL mechanisms requested for unknown user '" << userName
<< "'";
return;
}
uassertStatusOK(status);
}
user = std::move(swUser.getValue());
BSONArrayBuilder mechanismsBuilder;
const auto& mechList = _getMapRef(userName.getDB());
for (const auto& factoryIt : mechList) {
SecurityPropertySet properties = factoryIt->properties();
if (!properties.hasAllProperties(SecurityPropertySet{SecurityProperty::kNoPlainText,
SecurityProperty::kMutualAuth}) &&
userName.getDB() != "$external") {
continue;
}
auto mechanismEnabled = _mechanismSupportedByConfig(factoryIt->mechanismName());
if (!mechanismEnabled && userName == internalSecurity.user->getName()) {
mechanismEnabled = factoryIt->isInternalAuthMech();
}
if (mechanismEnabled && factoryIt->canMakeMechanismForUser(user.get())) {
mechanismsBuilder << factoryIt->mechanismName();
}
}
builder->appendArray("saslSupportedMechs", mechanismsBuilder.arr());
}
}
开发者ID:jameswahlin,项目名称:mongo,代码行数:56,代码来源:sasl_mechanism_registry.cpp
示例10: Status
Status AuthzManagerExternalState::getPrivilegeDocumentV1(const StringData& dbname,
const UserName& userName,
BSONObj* result) {
if (userName == internalSecurity.user->getName()) {
return Status(ErrorCodes::InternalError,
"Requested privilege document for the internal user");
}
if (!NamespaceString::validDBName(dbname)) {
return Status(ErrorCodes::BadValue,
mongoutils::str::stream() << "Bad database name \"" << dbname << "\"");
}
const bool isUserFromTargetDB = (dbname == userName.getDB());
// Build the query needed to get the privilege document
BSONObjBuilder queryBuilder;
const NamespaceString usersNamespace(dbname, "system.users");
queryBuilder.append(AuthorizationManager::V1_USER_NAME_FIELD_NAME, userName.getUser());
if (isUserFromTargetDB) {
queryBuilder.appendNull(AuthorizationManager::V1_USER_SOURCE_FIELD_NAME);
}
else {
queryBuilder.append(AuthorizationManager::V1_USER_SOURCE_FIELD_NAME, userName.getDB());
}
// Query for the privilege document
BSONObj userBSONObj;
Status found = findOne(usersNamespace, queryBuilder.done(), &userBSONObj);
if (!found.isOK()) {
if (found.code() == ErrorCodes::NoMatchingDocument) {
// Return more detailed status that includes user name.
return Status(ErrorCodes::UserNotFound,
mongoutils::str::stream() << "auth: couldn't find user " <<
userName.toString() << ", " << usersNamespace.ns(),
0);
} else {
return found;
}
}
if (isUserFromTargetDB) {
if (userBSONObj[AuthorizationManager::PASSWORD_FIELD_NAME].eoo()) {
return Status(ErrorCodes::AuthSchemaIncompatible, mongoutils::str::stream() <<
"User documents with schema version " <<
AuthorizationManager::schemaVersion24 <<
" must have a \"" <<
AuthorizationManager::PASSWORD_FIELD_NAME <<
"\" field.");
}
}
*result = userBSONObj.getOwned();
return Status::OK();
}
开发者ID:504com,项目名称:mongo,代码行数:56,代码来源:authz_manager_external_state.cpp
示例11: Status
Status CmdAuthenticate::_authenticateX509(const UserName& user, const BSONObj& cmdObj) {
if (!getSSLManager()) {
return Status(ErrorCodes::ProtocolError,
"SSL support is required for the MONGODB-X509 mechanism.");
}
if(user.getDB() != "$external") {
return Status(ErrorCodes::ProtocolError,
"X.509 authentication must always use the $external database.");
}
ClientBasic *client = ClientBasic::getCurrent();
AuthorizationSession* authorizationSession = client->getAuthorizationSession();
std::string subjectName = client->port()->getX509SubjectName();
if (user.getUser() != subjectName) {
return Status(ErrorCodes::AuthenticationFailed,
"There is no x.509 client certificate matching the user.");
}
else {
std::string srvSubjectName = getSSLManager()->getServerSubjectName();
size_t srvClusterIdPos = srvSubjectName.find(",OU=");
size_t peerClusterIdPos = subjectName.find(",OU=");
std::string srvClusterId = srvClusterIdPos != std::string::npos ?
srvSubjectName.substr(srvClusterIdPos) : "";
std::string peerClusterId = peerClusterIdPos != std::string::npos ?
subjectName.substr(peerClusterIdPos) : "";
// Handle internal cluster member auth, only applies to server-server connections
int clusterAuthMode = serverGlobalParams.clusterAuthMode.load();
if (srvClusterId == peerClusterId && !srvClusterId.empty()) {
if (clusterAuthMode == ServerGlobalParams::ClusterAuthMode_undefined ||
clusterAuthMode == ServerGlobalParams::ClusterAuthMode_keyFile) {
return Status(ErrorCodes::AuthenticationFailed, "The provided certificate "
"can only be used for cluster authentication, not client "
"authentication. The current configuration does not allow "
"x.509 cluster authentication, check the --clusterAuthMode flag");
}
authorizationSession->grantInternalAuthorization();
}
// Handle normal client authentication, only applies to client-server connections
else {
if (_isX509AuthDisabled) {
return Status(ErrorCodes::BadValue,
_x509AuthenticationDisabledMessage);
}
Status status = authorizationSession->addAndAuthorizeUser(user);
if (!status.isOK()) {
return status;
}
}
return Status::OK();
}
}
开发者ID:hshinde,项目名称:mongo,代码行数:55,代码来源:authentication_commands.cpp
示例12: cmdToLog
bool CmdAuthenticate::run(OperationContext* opCtx,
const string& dbname,
const BSONObj& cmdObj,
BSONObjBuilder& result) {
if (!serverGlobalParams.quiet.load()) {
mutablebson::Document cmdToLog(cmdObj, mutablebson::Document::kInPlaceDisabled);
redactForLogging(&cmdToLog);
log() << " authenticate db: " << dbname << " " << cmdToLog;
}
std::string mechanism = cmdObj.getStringField("mechanism");
if (mechanism.empty()) {
mechanism = "MONGODB-CR";
}
UserName user;
auto& sslPeerInfo = SSLPeerInfo::forSession(opCtx->getClient()->session());
if (mechanism == "MONGODB-X509" && !cmdObj.hasField("user")) {
user = UserName(sslPeerInfo.subjectName, dbname);
} else {
user = UserName(cmdObj.getStringField("user"), dbname);
}
if (Command::testCommandsEnabled && user.getDB() == "admin" &&
user.getUser() == internalSecurity.user->getName().getUser()) {
// Allows authenticating as the internal user against the admin database. This is to
// support the auth passthrough test framework on mongos (since you can't use the local
// database on a mongos, so you can't auth as the internal user without this).
user = internalSecurity.user->getName();
}
Status status = _authenticate(opCtx, mechanism, user, cmdObj);
audit::logAuthentication(Client::getCurrent(), mechanism, user, status.code());
if (!status.isOK()) {
if (!serverGlobalParams.quiet.load()) {
auto const client = opCtx->getClient();
log() << "Failed to authenticate " << user
<< (client->hasRemote() ? (" from client " + client->getRemote().toString()) : "")
<< " with mechanism " << mechanism << ": " << status;
}
if (status.code() == ErrorCodes::AuthenticationFailed) {
// Statuses with code AuthenticationFailed may contain messages we do not wish to
// reveal to the user, so we return a status with the message "auth failed".
appendCommandStatus(result, Status(ErrorCodes::AuthenticationFailed, "auth failed"));
} else {
appendCommandStatus(result, status);
}
sleepmillis(saslGlobalParams.authFailedDelay.load());
return false;
}
result.append("dbname", user.getDB());
result.append("user", user.getUser());
return true;
}
开发者ID:vnvizitiu,项目名称:mongo,代码行数:52,代码来源:authentication_commands.cpp
示例13: Status
Status CmdAuthenticate::_authenticateX509(
OperationContext* txn, const UserName& user, const BSONObj& cmdObj) {
if (!getSSLManager()) {
return Status(ErrorCodes::ProtocolError,
"SSL support is required for the MONGODB-X509 mechanism.");
}
if(user.getDB() != "$external") {
return Status(ErrorCodes::ProtocolError,
"X.509 authentication must always use the $external database.");
}
ClientBasic *client = ClientBasic::getCurrent();
AuthorizationSession* authorizationSession = AuthorizationSession::get(client);
std::string subjectName = client->port()->getX509SubjectName();
if (!getSSLManager()->getSSLConfiguration().hasCA) {
return Status(ErrorCodes::AuthenticationFailed,
"Unable to verify x.509 certificate, as no CA has been provided.");
}
else if (user.getUser() != subjectName) {
return Status(ErrorCodes::AuthenticationFailed,
"There is no x.509 client certificate matching the user.");
}
else {
std::string srvSubjectName = getSSLManager()->getSSLConfiguration().serverSubjectName;
// Handle internal cluster member auth, only applies to server-server connections
if (_clusterIdMatch(subjectName, srvSubjectName)) {
int clusterAuthMode = serverGlobalParams.clusterAuthMode.load();
if (clusterAuthMode == ServerGlobalParams::ClusterAuthMode_undefined ||
clusterAuthMode == ServerGlobalParams::ClusterAuthMode_keyFile) {
return Status(ErrorCodes::AuthenticationFailed, "The provided certificate "
"can only be used for cluster authentication, not client "
"authentication. The current configuration does not allow "
"x.509 cluster authentication, check the --clusterAuthMode flag");
}
authorizationSession->grantInternalAuthorization();
}
// Handle normal client authentication, only applies to client-server connections
else {
if (_isX509AuthDisabled) {
return Status(ErrorCodes::BadValue,
_x509AuthenticationDisabledMessage);
}
Status status = authorizationSession->addAndAuthorizeUser(txn, user);
if (!status.isOK()) {
return status;
}
}
return Status::OK();
}
}
开发者ID:7segments,项目名称:mongo-1,代码行数:52,代码来源:authentication_commands.cpp
示例14: acquirePrivilege
Status AuthorizationSession::acquirePrivilege(const Privilege& privilege,
const UserName& authorizingUser) {
if (!_authenticatedPrincipals.lookup(authorizingUser)) {
return Status(ErrorCodes::UserNotFound,
mongoutils::str::stream()
<< "No authenticated user found with name: "
<< authorizingUser.getUser()
<< " from database "
<< authorizingUser.getDB(),
0);
}
_acquiredPrivileges.grantPrivilege(privilege, authorizingUser);
return Status::OK();
}
开发者ID:citsoft,项目名称:mongo,代码行数:14,代码来源:authorization_session.cpp
示例15: run
bool run(const string& dbname,
BSONObj& cmdObj,
int options,
string& errmsg,
BSONObjBuilder& result,
bool fromRepl) {
AuthorizationManager* authzManager = getGlobalAuthorizationManager();
AuthzDocumentsUpdateGuard updateGuard(authzManager);
if (!updateGuard.tryLock("Remove user")) {
addStatus(Status(ErrorCodes::LockBusy, "Could not lock auth data update lock."),
result);
return false;
}
UserName userName;
BSONObj writeConcern;
Status status = auth::parseAndValidateRemoveUserCommand(cmdObj,
dbname,
&userName,
&writeConcern);
if (!status.isOK()) {
addStatus(status, result);
return false;
}
int numUpdated;
status = authzManager->removePrivilegeDocuments(
BSON(AuthorizationManager::USER_NAME_FIELD_NAME << userName.getUser() <<
AuthorizationManager::USER_SOURCE_FIELD_NAME << userName.getDB()),
writeConcern,
&numUpdated);
// Must invalidate even on bad status - what if the write succeeded but the GLE failed?
authzManager->invalidateUserByName(userName);
if (!status.isOK()) {
addStatus(status, result);
return false;
}
if (numUpdated == 0) {
addStatus(Status(ErrorCodes::UserNotFound,
mongoutils::str::stream() << "User '" << userName.getFullName() <<
"' not found"),
result);
return false;
}
return true;
}
开发者ID:leeon,项目名称:mongo,代码行数:49,代码来源:user_management_commands.cpp
示例16: _getUserDocument
Status AuthzManagerExternalStateLocal::_getUserDocument(OperationContext* txn,
const UserName& userName,
BSONObj* userDoc) {
Status status = findOne(
txn,
AuthorizationManager::usersCollectionNamespace,
BSON(AuthorizationManager::USER_NAME_FIELD_NAME << userName.getUser() <<
AuthorizationManager::USER_DB_FIELD_NAME << userName.getDB()),
userDoc);
if (status == ErrorCodes::NoMatchingDocument) {
status = Status(ErrorCodes::UserNotFound, mongoutils::str::stream() <<
"Could not find user " << userName.getFullName());
}
return status;
}
开发者ID:wjin,项目名称:mongo,代码行数:15,代码来源:authz_manager_external_state_local.cpp
示例17: main
int main()
{
UserName test;
vector<string> coll;
coll.push_back("MasterOfDisaster");
coll.push_back("DingBat");
coll.push_back("Orpheus");
coll.push_back("WolfMan");
coll.push_back("MrKnowItAll");
coll.push_back("TygerTyger");
coll.push_back("TygerTyger1");
cout << test.newMember(coll, "TygerTyger") << endl;
return EXIT_SUCCESS;
}
开发者ID:getov,项目名称:TopCoder,代码行数:16,代码来源:UserName.cpp
示例18: acquirePrivilegesFromPrivilegeDocument
Status AuthorizationSession::acquirePrivilegesFromPrivilegeDocument(
const std::string& dbname, const UserName& user, const BSONObj& privilegeDocument) {
if (!_authenticatedPrincipals.lookup(user)) {
return Status(ErrorCodes::UserNotFound,
mongoutils::str::stream()
<< "No authenticated principle found with name: "
<< user.getUser()
<< " from database "
<< user.getDB(),
0);
}
return _externalState->getAuthorizationManager().buildPrivilegeSet(dbname,
user,
privilegeDocument,
&_acquiredPrivileges);
}
开发者ID:citsoft,项目名称:mongo,代码行数:16,代码来源:authorization_session.cpp
示例19: checkAuthForDropUserCommand
Status checkAuthForDropUserCommand(Client* client,
const std::string& dbname,
const BSONObj& cmdObj) {
AuthorizationSession* authzSession = AuthorizationSession::get(client);
UserName userName;
Status status = auth::parseAndValidateDropUserCommand(cmdObj, dbname, &userName);
if (!status.isOK()) {
return status;
}
if (!authzSession->isAuthorizedForActionsOnResource(
ResourcePattern::forDatabaseName(userName.getDB()), ActionType::dropUser)) {
return Status(ErrorCodes::Unauthorized,
str::stream() << "Not authorized to drop users from the " << userName.getDB()
<< " database");
}
return Status::OK();
}
开发者ID:asya999,项目名称:mongo,代码行数:18,代码来源:user_management_commands_common.cpp
示例20: Status
Status AuthzManagerExternalState::getPrivilegeDocumentV1(const StringData& dbname,
const UserName& userName,
BSONObj* result) {
if (userName == internalSecurity.user->getName()) {
return Status(ErrorCodes::InternalError,
"Requested privilege document for the internal user");
}
if (!NamespaceString::validDBName(dbname)) {
return Status(ErrorCodes::BadValue,
mongoutils::str::stream() << "Bad database name \"" << dbname << "\"");
}
// Build the query needed to get the privilege document
std::string usersNamespace;
BSONObjBuilder queryBuilder;
usersNamespace = mongoutils::str::stream() << dbname << ".system.users";
queryBuilder.append(AuthorizationManager::V1_USER_NAME_FIELD_NAME, userName.getUser());
if (dbname == userName.getDB()) {
queryBuilder.appendNull(AuthorizationManager::V1_USER_SOURCE_FIELD_NAME);
}
else {
queryBuilder.append(AuthorizationManager::V1_US
|
请发表评论