[SERVER-9740] Give checkAuthFor[insert,update,remove,etc] all the information they need to handle all special namespaces. Created: 21/May/13  Updated: 11/Jul/16  Resolved: 09/Jul/13

Status: Closed
Project: Core Server
Component/s: Internal Code, Security
Affects Version/s: 2.4.3
Fix Version/s: 2.5.1

Type: Task Priority: Major - P3
Reporter: Spencer Brody (Inactive) Assignee: Spencer Brody (Inactive)
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Participants:

 Description   

Right now we have special handling of system namespaces in multiple places. system.profile and system.users are handled by _modifyPrivilegeForSpecialNamespaces in the AuthorizationManager, but system.indexes is handled specially elsewhere in code.
We'd like to consolidate the special casing of system indexes to all be within the AuthorizationManager. This can't happen right now because the checkAuth* methods only take a namespace, they don't take the object being inserted, updated, queried, etc.



 Comments   
Comment by auto [ 09/Jul/13 ]

Author:

{u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@10gen.com'}

Message: SERVER-9740 Make all the CRUD checkAuthFor* methods take in all the information about the operation.
Branch: master
https://github.com/mongodb/mongo/commit/02435802ba79742942d9ab1cb6932344a2a0b821

Comment by auto [ 09/Jul/13 ]

Author:

{u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@10gen.com'}

Message: SERVER-9740 Add checkAuthForCommand method to all commands and use that for auth checking from now on
Branch: master
https://github.com/mongodb/mongo/commit/d067cc3531d62db6791d095c0471ee1aa245d471

Comment by Spencer Brody (Inactive) [ 02/Jul/13 ]

Current plan of attack:

  1. Add checkAuthForCommand virtual function to every command that actually does the auth check and returns a Status. The default implementation just uses addRequiredPrivileges.
  2. Change auth checking for commands to use checkAuthForCommand rather than addRequiredPrivileges.
  3. Change checkAuthForQuery to take its query obj, checkAuthForUpdate to take the query and update modifier, etc, so that each checkAuthFor* function has all the information it needs to make the full authorization decision, including the special handling of system namespaces.
  4. Get rid of special casing of any system namespaces (mainly for index building) that takes place outside the AuthorizationSession.

This has the nice advantage of once the new write commands are implemented their checkAuthForCommand methods can delegate to the relevant CRUD checkAuthFor* method.

Generated at Thu Feb 08 03:21:19 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.