[SERVER-63174] Add "mayBypassWriteBlockingMode" method to AuthorizationSession Created: 01/Feb/22  Updated: 29/Oct/23  Resolved: 11/Feb/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.3.0

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Gabriel Marks
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by SERVER-63175 Populate WriteBlockBypass in command ... Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 2022-02-07, Security 2022-02-21
Participants:

 Description   

We must add an ActionType named bypassWriteBlockingMode, and attach it to the restore role.

AuthorizationSession should maintain a cached copy of whether it is authorized for this ActionType on the cluster resource. This cache should be updated whenever a user's authorization right are added to, removed from, or updated within the Session.

We must add a mayBypassWriteBlockingMode method to the AuthorizationSession, which will access the cached value with as minimal overhead as possible.

We should include C++ unittests to validate that the cache update behaviour is reflected in mayBypassWriteBlockingMode.



 Comments   
Comment by Githook User [ 10/Feb/22 ]

Author:

{'name': 'Gabriel Marks', 'email': 'gabriel.marks@mongodb.com', 'username': 'marksg07'}

Message: SERVER-63174 Add AuthorizationSession::mayBypassWriteBlockingMode()
Branch: master
https://github.com/mongodb/mongo/commit/26292d02824c0e804eea510302019add57b6cccc

Generated at Thu Feb 08 05:57:04 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.