[SERVER-84726] Pass an OpCtx or a Client to isClusterMember and other functions in Authentication / Authorization Created: 10/Jan/24 Updated: 05/Feb/24 |
|
| Status: | Open |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Shreyas Kalyan | Assignee: | Shreyas Kalyan |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Assigned Teams: |
Server Security
|
||||
| Sprint: | Security 2024-01-22, Security 2024-02-05, Security 2024-02-19 | ||||
| Participants: | |||||
| Linked BF Score: | 135 | ||||
| Description |
|
Currently, we have a lot of calls to cc() hidden in our Authentication and Authorization subsystem. However, in this system we should always be operating within a client and operation context, which means we should have the pointer to it somewhere above in the stack. Calling cc() seems like a byproduct of poor design, so we should audit calls to cc() within authz/n and ensure that we are passing a client or opCtx down whenever necessary. |