[SERVER-77940] Remove boost::none default for RP::forAnyNormalResource() calls Created: 09/Jun/23 Updated: 29/Oct/23 Resolved: 20/Jun/23 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 7.1.0-rc0 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Sara Golemon | Assignee: | Gabriel Marks |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||
| Sprint: | Security 2023-06-26 | ||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
Currently, the `ResourcePattern::forAnyNormalResource()` API provides a default argument value of `boost::none` for its tenantId parameter. This must be removed as a default and all callsites must be updated to provide an appropriate tenantId based on their local context. This will usually come from a NamespaceString or DatabaseName being active examined. For example, here: the privilege check is relative to the `dbname` extracted from the `request` object, so we'd change the call to: `ResourcePattern::forAnyNormalResource(dbname.tenantId())`. |
| Comments |
| Comment by Githook User [ 21/Jun/23 ] |
|
Author: {'name': 'Gabriel Marks', 'email': 'gabriel.marks@mongodb.com', 'username': 'marksg07'}Message: |
| Comment by Githook User [ 16/Jun/23 ] |
|
Author: {'name': 'Gabriel Marks', 'email': 'gabriel.marks@mongodb.com', 'username': 'marksg07'}Message: |