Permalink
Browse files

SERVER-7982 Export some useful constants on AuthorizationManager.

  • Loading branch information...
1 parent a7d5f6f commit ec846a5f38699bacece205d920a863b6944ebf87 @andy10gen andy10gen committed Dec 21, 2012
@@ -22,10 +22,6 @@
namespace mongo {
- static const char USER_FIELD[] = "user";
- static const char USER_SOURCE_FIELD[] = "userSource";
- static const char PASSWORD_FIELD[] = "pwd";
-
AuthExternalState::AuthExternalState() {}
AuthExternalState::~AuthExternalState() {}
@@ -38,21 +34,24 @@ namespace mongo {
"key file must be used to log in with internal user",
15889);
}
- *result = BSON(USER_FIELD << internalSecurity.user <<
- PASSWORD_FIELD << internalSecurity.pwd).getOwned();
+ *result = BSON(AuthorizationManager::USER_NAME_FIELD_NAME <<
+ internalSecurity.user <<
+ AuthorizationManager::PASSWORD_FIELD_NAME <<
+ internalSecurity.pwd).getOwned();
return Status::OK();
}
std::string usersNamespace = dbname + ".system.users";
BSONObj userBSONObj;
BSONObjBuilder queryBuilder;
- queryBuilder.append(USER_FIELD, principalName.getUser());
+ queryBuilder.append(AuthorizationManager::USER_NAME_FIELD_NAME, principalName.getUser());
if (principalName.getDB() == dbname) {
- queryBuilder.appendNull(USER_SOURCE_FIELD);
+ queryBuilder.appendNull(AuthorizationManager::USER_SOURCE_FIELD_NAME);
}
else {
- queryBuilder.append(USER_SOURCE_FIELD, principalName.getDB());
+ queryBuilder.append(AuthorizationManager::USER_SOURCE_FIELD_NAME,
+ principalName.getDB());
}
bool found = _findUser(usersNamespace, queryBuilder.obj(), &userBSONObj);
@@ -46,6 +46,9 @@ namespace mongo {
const std::string AuthorizationManager::SERVER_RESOURCE_NAME = "$SERVER";
const std::string AuthorizationManager::CLUSTER_RESOURCE_NAME = "$CLUSTER";
+ const std::string AuthorizationManager::USER_NAME_FIELD_NAME = "user";
+ const std::string AuthorizationManager::USER_SOURCE_FIELD_NAME = "userSource";
+ const std::string AuthorizationManager::PASSWORD_FIELD_NAME = "pwd";
namespace {
const std::string ADMIN_DBNAME = "admin";
@@ -54,9 +57,6 @@ namespace {
const std::string ROLES_FIELD_NAME = "roles";
const std::string OTHER_DB_ROLES_FIELD_NAME = "otherDBRoles";
const std::string READONLY_FIELD_NAME = "readOnly";
- const std::string USERNAME_FIELD_NAME = "user";
- const std::string USERSOURCE_FIELD_NAME = "userSource";
- const std::string PASSWORD_FIELD_NAME = "pwd";
const std::string SYSTEM_ROLE_READ = "read";
const std::string SYSTEM_ROLE_READ_WRITE = "readWrite";
@@ -247,8 +247,8 @@ namespace {
Status AuthorizationManager::checkValidPrivilegeDocument(const StringData& dbname,
const BSONObj& doc) {
- BSONElement userElement = doc[USERNAME_FIELD_NAME];
- BSONElement userSourceElement = doc[USERSOURCE_FIELD_NAME];
+ BSONElement userElement = doc[USER_NAME_FIELD_NAME];
+ BSONElement userSourceElement = doc[USER_SOURCE_FIELD_NAME];
BSONElement passwordElement = doc[PASSWORD_FIELD_NAME];
BSONElement rolesElement = doc[ROLES_FIELD_NAME];
BSONElement otherDBRolesElement = doc[OTHER_DB_ROLES_FIELD_NAME];
@@ -474,7 +474,7 @@ namespace {
const PrincipalName& principal,
const BSONObj& privilegeDocument,
PrivilegeSet* result) {
- if (!(privilegeDocument.hasField(USERNAME_FIELD_NAME) &&
+ if (!(privilegeDocument.hasField(USER_NAME_FIELD_NAME) &&
privilegeDocument.hasField(PASSWORD_FIELD_NAME))) {
return Status(ErrorCodes::UnsupportedFormat,
@@ -483,10 +483,10 @@ namespace {
<< privilegeDocument,
0);
}
- if (privilegeDocument[USERNAME_FIELD_NAME].str() != principal.getUser()) {
+ if (privilegeDocument[USER_NAME_FIELD_NAME].str() != principal.getUser()) {
return Status(ErrorCodes::BadValue,
mongoutils::str::stream() << "Principal name from privilege document \""
- << privilegeDocument[USERNAME_FIELD_NAME].str()
+ << privilegeDocument[USER_NAME_FIELD_NAME].str()
<< "\" doesn't match name of provided Principal \""
<< principal.getUser()
<< "\"",
@@ -59,6 +59,10 @@ namespace mongo {
static const std::string SERVER_RESOURCE_NAME;
static const std::string CLUSTER_RESOURCE_NAME;
+ static const std::string USER_NAME_FIELD_NAME;
+ static const std::string USER_SOURCE_FIELD_NAME;
+ static const std::string PASSWORD_FIELD_NAME;
+
// Checks to see if "doc" is a valid privilege document, assuming it is stored in the
// "system.users" collection of database "dbname".
//

0 comments on commit ec846a5

Please sign in to comment.