[SERVER-77940] Remove boost::none default for RP::forAnyNormalResource() calls Created: 09/Jun/23  Updated: 29/Oct/23  Resolved: 20/Jun/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.1.0-rc0

Type: Improvement Priority: Major - P3
Reporter: Sara Golemon Assignee: Gabriel Marks
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by SERVER-76195 Remove non-tenant aware APIs from Res... Closed
Related
related to SERVER-78267 Complete TODO listed in SERVER-77940 Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 2023-06-26
Participants:

 Description   

Currently, the `ResourcePattern::forAnyNormalResource()` API provides a default argument value of `boost::none` for its tenantId parameter.  This must be removed as a default and all callsites must be updated to provide an appropriate tenantId based on their local context.  This will usually come from a NamespaceString or DatabaseName being active examined.

For example, here: the privilege check is relative to the `dbname` extracted from the `request` object, so we'd change the call to:  `ResourcePattern::forAnyNormalResource(dbname.tenantId())`. 



 Comments   
Comment by Githook User [ 21/Jun/23 ]

Author:

{'name': 'Gabriel Marks', 'email': 'gabriel.marks@mongodb.com', 'username': 'marksg07'}

Message: SERVER-78267 Remove TODO listed in SERVER-77940
Branch: master
https://github.com/mongodb/mongo/commit/0dd4d94f8be79f9f0bdb11da1bafab07fa799204

Comment by Githook User [ 16/Jun/23 ]

Author:

{'name': 'Gabriel Marks', 'email': 'gabriel.marks@mongodb.com', 'username': 'marksg07'}

Message: SERVER-77940 Remove boost::none default for RP::forAnyNormalResource() calls
Branch: master
https://github.com/mongodb/mongo/commit/095b59f3d9569c9d49a8b0672874e3d859c850c1

Generated at Thu Feb 08 06:37:02 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.