[SERVER-33008] Slice Authorization Framework with vtable to facilitate not using it in mobile Created: 30/Jan/18 Updated: 29/Oct/23 Resolved: 11/May/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | 3.7 Required |
| Fix Version/s: | 4.0.0-rc0 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | ADAM Martin (Inactive) | Assignee: | ADAM Martin (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||||||||||||||||||
| Sprint: | Platforms 2018-02-12, Platforms 2018-02-26, Platforms 2018-03-12, Platforms 2018-03-26, Platforms 2018-04-09, Platforms 2018-04-23, Platforms 2018-05-07, Platforms 2018-05-21 | ||||||||||||||||||||||||||||||||
| Participants: | |||||||||||||||||||||||||||||||||
| Comments |
| Comment by Githook User [ 11/May/18 ] |
|
Author: {'name': 'ADAM David Alan Martin', 'email': 'adam.martin@10gen.com', 'username': 'adamlsd'}Message: The Authorization framework was intertwined with many subsystems and |
| Comment by Githook User [ 11/May/18 ] |
|
Author: {'name': 'ADAM David Alan Martin', 'email': 'adam.martin@10gen.com', 'username': 'adamlsd'}Message: There are some enterprise changes that needed to be made to accomodate the new |
| Comment by Andy Schwerin [ 31/Jan/18 ] |
|
AuthorizationSession has a lot of methods on it, most of which are implemented in terms of just one or two methods. What's our motivation for stubbing these out in the library? I mean, I understand that access control is effectively disabled, so why have the code, but is there a stronger reason? |
| Comment by ADAM Martin (Inactive) [ 30/Jan/18 ] |
|
The two classes that I'm replacing with pure-virtual "interfaces" are `AuthorizationManager` and `AuthorizationSession`. Almost all of the code in the server uses these by pointer, so it should be a relatively simple change. The `AuthzExternalState` hierarchy will remain (effectively) identical as it does today, with the variants for MongoS and MongoD used to contain code specific to those processes. I'll add you to the review when I put it up. |
| Comment by Andy Schwerin [ 30/Jan/18 ] |
|
What types do you plan to do this to? Please include me in any WIP reviews,adam.martin. |