本文整理汇总了C++中Privilege函数的典型用法代码示例。如果您正苦于以下问题:C++ Privilege函数的具体用法?C++ Privilege怎么用?C++ Privilege使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了Privilege函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: addRequiredPrivileges
virtual void addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
ActionSet actions;
actions.addAction(ActionType::listCollections);
out->push_back(Privilege(ResourcePattern::forDatabaseName(dbname), actions));
}
开发者ID:DeathBorn,项目名称:mongo,代码行数:7,代码来源:list_collections.cpp
示例2: ns
Privilege AuthorizationSession::_modifyPrivilegeForSpecialCases(const Privilege& privilege) {
ActionSet newActions;
newActions.addAllActionsFromSet(privilege.getActions());
NamespaceString ns( privilege.getResource() );
if (ns.coll() == "system.users") {
if (newActions.contains(ActionType::insert) ||
newActions.contains(ActionType::update) ||
newActions.contains(ActionType::remove)) {
// End users can't modify system.users directly, only the system can.
newActions.addAction(ActionType::userAdminV1);
} else {
newActions.addAction(ActionType::userAdmin);
}
newActions.removeAction(ActionType::find);
newActions.removeAction(ActionType::insert);
newActions.removeAction(ActionType::update);
newActions.removeAction(ActionType::remove);
} else if (ns.coll() == "system.profile") {
newActions.removeAction(ActionType::find);
newActions.addAction(ActionType::profileRead);
} else if (ns.coll() == "system.indexes" && newActions.contains(ActionType::find)) {
newActions.removeAction(ActionType::find);
newActions.addAction(ActionType::indexRead);
}
return Privilege(privilege.getResource(), newActions);
}
开发者ID:kusora,项目名称:mongo,代码行数:28,代码来源:authorization_session.cpp
示例3: checkAuthorization
bool AuthorizationManager::checkAuthorization(const std::string& resource,
ActionSet actions) {
if (_externalState->shouldIgnoreAuthChecks())
return true;
return _acquiredPrivileges.hasPrivilege(Privilege(nsToDatabase(resource), actions));
}
开发者ID:jxn0715,项目名称:mongo,代码行数:7,代码来源:authorization_manager.cpp
示例4: logoutDatabase
void AuthorizationSession::addAuthorizedPrincipal(Principal* principal) {
// Log out any already-logged-in user on the same database as "principal".
logoutDatabase(principal->getName().getDB().toString()); // See SERVER-8144.
_authenticatedPrincipals.add(principal);
if (!principal->isImplicitPrivilegeAcquisitionEnabled())
return;
const std::string dbname = principal->getName().getDB().toString();
if (dbname == StringData("local", StringData::LiteralTag()) &&
principal->getName().getUser() == internalSecurity.user) {
// Grant full access to internal user
ActionSet allActions;
allActions.addAllActions();
acquirePrivilege(Privilege(PrivilegeSet::WILDCARD_RESOURCE, allActions),
principal->getName());
return;
}
_acquirePrivilegesForPrincipalFromDatabase(ADMIN_DBNAME, principal->getName());
principal->markDatabaseAsProbed(ADMIN_DBNAME);
_acquirePrivilegesForPrincipalFromDatabase(dbname, principal->getName());
principal->markDatabaseAsProbed(dbname);
_externalState->onAddAuthorizedPrincipal(principal);
}
开发者ID:NathanZamecnik,项目名称:mongo,代码行数:27,代码来源:authorization_session.cpp
示例5: checkAuthForCommand
virtual Status checkAuthForCommand( ClientBasic* client,
const std::string& dbname,
const BSONObj& cmdObj ) {
return client->getAuthorizationSession()->checkAuthForPrivilege(
Privilege( AuthorizationManager::CLUSTER_RESOURCE_NAME,
ActionType::mergeChunks ) );
}
开发者ID:ChowZenki,项目名称:mongo,代码行数:7,代码来源:merge_chunks_cmd.cpp
示例6: addRequiredPrivileges
void CmdShutdown::addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
ActionSet actions;
actions.addAction(ActionType::shutdown);
out->push_back(Privilege(ResourcePattern::forClusterResource(), actions));
}
开发者ID:pharrell84,项目名称:rtree-mongo-mf,代码行数:7,代码来源:dbcommands_generic.cpp
示例7: addRequiredPrivileges
virtual void addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
ActionSet actions;
actions.addAction(ActionType::getShardMap);
out->push_back(Privilege(AuthorizationManager::CLUSTER_RESOURCE_NAME, actions));
}
开发者ID:ahopedog,项目名称:mongo,代码行数:7,代码来源:shard.cpp
示例8: addRequiredPrivileges
virtual void addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
ActionSet actions;
actions.addAction(ActionType::find);
out->push_back(Privilege(parseNs(dbname, cmdObj), actions));
}
开发者ID:10genReviews,项目名称:mongo,代码行数:7,代码来源:geonear.cpp
示例9: addPrivilegesRequiredForFindAndModify
void addPrivilegesRequiredForFindAndModify(Command* commandTemplate,
const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
bool update = cmdObj["update"].trueValue();
bool upsert = cmdObj["upsert"].trueValue();
bool remove = cmdObj["remove"].trueValue();
ActionSet actions;
actions.addAction(ActionType::find);
if (update) {
actions.addAction(ActionType::update);
}
if (upsert) {
actions.addAction(ActionType::insert);
}
if (remove) {
actions.addAction(ActionType::remove);
}
ResourcePattern resource(commandTemplate->parseResourcePattern(dbname, cmdObj));
uassert(17137,
"Invalid target namespace " + resource.toString(),
resource.isExactNamespacePattern());
out->push_back(Privilege(resource, actions));
}
开发者ID:DavidAlphaFox,项目名称:mongodb,代码行数:25,代码来源:find_and_modify_common.cpp
示例10: addRequiredPrivileges
void addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) const override {
ActionSet actions;
actions.addAction(ActionType::convertToCapped);
out->push_back(Privilege(parseResourcePattern(dbname, cmdObj), actions));
}
开发者ID:zpzxgcr,项目名称:mongo,代码行数:7,代码来源:commands_public.cpp
示例11: Status
Status AuthorizationManager::_buildPrivilegeSetFromOldStylePrivilegeDocument(
const std::string& dbname,
const PrincipalName& principal,
const BSONObj& privilegeDocument,
PrivilegeSet* result) {
if (!(privilegeDocument.hasField(USERNAME_FIELD_NAME) &&
privilegeDocument.hasField(PASSWORD_FIELD_NAME))) {
return Status(ErrorCodes::UnsupportedFormat,
mongoutils::str::stream() << "Invalid old-style privilege document "
"received when trying to extract privileges: "
<< privilegeDocument,
0);
}
if (privilegeDocument[USERNAME_FIELD_NAME].str() != principal.getUser()) {
return Status(ErrorCodes::BadValue,
mongoutils::str::stream() << "Principal name from privilege document \""
<< privilegeDocument[USERNAME_FIELD_NAME].str()
<< "\" doesn't match name of provided Principal \""
<< principal.getUser()
<< "\"",
0);
}
bool readOnly = privilegeDocument[READONLY_FIELD_NAME].trueValue();
ActionSet actions = getActionsForOldStyleUser(dbname, readOnly);
std::string resourceName = (dbname == ADMIN_DBNAME || dbname == LOCAL_DBNAME) ?
PrivilegeSet::WILDCARD_RESOURCE : dbname;
result->grantPrivilege(Privilege(resourceName, actions), principal);
return Status::OK();
}
开发者ID:jxn0715,项目名称:mongo,代码行数:32,代码来源:authorization_manager.cpp
示例12: addRequiredPrivileges
virtual void addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
ActionSet actions;
actions.addAction(ActionType::dropIndex);
out->push_back(Privilege(parseResourcePattern(dbname, cmdObj), actions));
}
开发者ID:javacruft,项目名称:mongo,代码行数:7,代码来源:drop_indexes.cpp
示例13: addRequiredPrivileges
virtual void addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
ActionSet actions;
actions.addAction(ActionType::connPoolStats);
out->push_back(Privilege(ResourcePattern::forClusterResource(), actions));
}
开发者ID:himanshugpt,项目名称:mongo,代码行数:7,代码来源:commands.cpp
示例14: inputNs
Status Pipeline::checkAuthForCommand(ClientBasic* client,
const std::string& db,
const BSONObj& cmdObj) {
NamespaceString inputNs(db, cmdObj.firstElement().str());
auto inputResource = ResourcePattern::forExactNamespace(inputNs);
uassert(17138,
mongoutils::str::stream() << "Invalid input namespace, " << inputNs.ns(),
inputNs.isValid());
std::vector<Privilege> privileges;
if (cmdObj.getFieldDotted("pipeline.0.$indexStats")) {
Privilege::addPrivilegeToPrivilegeVector(
&privileges,
Privilege(ResourcePattern::forAnyNormalResource(), ActionType::indexStats));
} else {
// If no source requiring an alternative permission scheme is specified then default to
// requiring find() privileges on the given namespace.
Privilege::addPrivilegeToPrivilegeVector(&privileges,
Privilege(inputResource, ActionType::find));
}
BSONObj pipeline = cmdObj.getObjectField("pipeline");
BSONForEach(stageElem, pipeline) {
BSONObj stage = stageElem.embeddedObjectUserCheck();
StringData stageName = stage.firstElementFieldName();
if (stageName == "$out" && stage.firstElementType() == String) {
NamespaceString outputNs(db, stage.firstElement().str());
uassert(17139,
mongoutils::str::stream() << "Invalid $out target namespace, " << outputNs.ns(),
outputNs.isValid());
ActionSet actions;
actions.addAction(ActionType::remove);
actions.addAction(ActionType::insert);
if (shouldBypassDocumentValidationForCommand(cmdObj)) {
actions.addAction(ActionType::bypassDocumentValidation);
}
Privilege::addPrivilegeToPrivilegeVector(
&privileges, Privilege(ResourcePattern::forExactNamespace(outputNs), actions));
} else if (stageName == "$lookup" && stage.firstElementType() == Object) {
NamespaceString fromNs(db, stage.firstElement()["from"].str());
Privilege::addPrivilegeToPrivilegeVector(
&privileges,
Privilege(ResourcePattern::forExactNamespace(fromNs), ActionType::find));
}
}
开发者ID:CeperaCPP,项目名称:mongo,代码行数:47,代码来源:pipeline.cpp
示例15: _addPrivilegesForSystemRole
/**
* Adds to "outPrivileges" the privileges associated with having the named "role" on "dbname".
*
* Returns non-OK status if "role" is not a defined role in "dbname".
*/
static Status _addPrivilegesForSystemRole(const std::string& dbname,
const std::string& role,
std::vector<Privilege>* outPrivileges) {
const bool isAdminDB = (dbname == ADMIN_DBNAME);
if (role == SYSTEM_ROLE_READ) {
outPrivileges->push_back(Privilege(dbname, readRoleActions));
}
else if (role == SYSTEM_ROLE_READ_WRITE) {
outPrivileges->push_back(Privilege(dbname, readWriteRoleActions));
}
else if (role == SYSTEM_ROLE_USER_ADMIN) {
outPrivileges->push_back(Privilege(dbname, userAdminRoleActions));
}
else if (role == SYSTEM_ROLE_DB_ADMIN) {
outPrivileges->push_back(Privilege(dbname, dbAdminRoleActions));
}
else if (isAdminDB && role == SYSTEM_ROLE_READ_ANY_DB) {
outPrivileges->push_back(Privilege(PrivilegeSet::WILDCARD_RESOURCE, readRoleActions));
}
else if (isAdminDB && role == SYSTEM_ROLE_READ_WRITE_ANY_DB) {
outPrivileges->push_back(
Privilege(PrivilegeSet::WILDCARD_RESOURCE, readWriteRoleActions));
}
else if (isAdminDB && role == SYSTEM_ROLE_USER_ADMIN_ANY_DB) {
outPrivileges->push_back(
Privilege(PrivilegeSet::WILDCARD_RESOURCE, userAdminRoleActions));
}
else if (isAdminDB && role == SYSTEM_ROLE_DB_ADMIN_ANY_DB) {
outPrivileges->push_back(
Privilege(PrivilegeSet::WILDCARD_RESOURCE, dbAdminRoleActions));
}
else if (isAdminDB && role == SYSTEM_ROLE_SERVER_ADMIN) {
outPrivileges->push_back(
Privilege(PrivilegeSet::WILDCARD_RESOURCE, serverAdminRoleActions));
}
else if (isAdminDB && role == SYSTEM_ROLE_CLUSTER_ADMIN) {
outPrivileges->push_back(
Privilege(PrivilegeSet::WILDCARD_RESOURCE, clusterAdminRoleActions));
}
else {
return Status(ErrorCodes::BadValue,
mongoutils::str::stream() <<"No such role, " << role <<
", in database " << dbname);
}
return Status::OK();
}
开发者ID:chenbk85,项目名称:mongo,代码行数:52,代码来源:authorization_manager.cpp
示例16: addRequiredPrivileges
virtual void addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
// TODO: update this with the new rules around user creation in 2.6.
ActionSet actions;
actions.addAction(ActionType::userAdmin);
out->push_back(Privilege(dbname, actions));
}
开发者ID:328500920,项目名称:mongo,代码行数:8,代码来源:user_management_commands.cpp
示例17: Principal
void AuthorizationSession::grantInternalAuthorization(const UserName& userName) {
Principal* principal = new Principal(userName);
ActionSet actions;
actions.addAllActions();
addAuthorizedPrincipal(principal);
fassert(16581, acquirePrivilege(Privilege(PrivilegeSet::WILDCARD_RESOURCE, actions),
principal->getName()).isOK());
}
开发者ID:citsoft,项目名称:mongo,代码行数:9,代码来源:authorization_session.cpp
示例18: Principal
void AuthorizationManager::grantInternalAuthorization() {
Principal* internalPrincipal = new Principal("__system");
_authenticatedPrincipals.add(internalPrincipal);
ActionSet allActions;
allActions.addAllActions();
AcquiredPrivilege privilege(Privilege("*", allActions), internalPrincipal);
Status status = acquirePrivilege(privilege);
verify (status == Status::OK());
}
开发者ID:abarriga,项目名称:mongo,代码行数:9,代码来源:authorization_manager.cpp
示例19: Principal
void AuthorizationManager::grantInternalAuthorization(const std::string& principalName) {
Principal* principal = new Principal(PrincipalName(principalName, "local"));
ActionSet actions;
actions.addAllActions();
addAuthorizedPrincipal(principal);
fassert(16581, acquirePrivilege(Privilege(PrivilegeSet::WILDCARD_RESOURCE, actions),
principal->getName()).isOK());
}
开发者ID:chenbk85,项目名称:mongo,代码行数:9,代码来源:authorization_manager.cpp
示例20: addRequiredPrivileges
virtual void addRequiredPrivileges(const std::string& dbname,
const BSONObj& cmdObj,
std::vector<Privilege>* out) {
ActionSet sourceActions;
sourceActions.addAction(ActionType::find);
out->push_back(Privilege(parseResourcePattern(dbname, cmdObj), sourceActions));
ActionSet targetActions;
targetActions.addAction(ActionType::insert);
targetActions.addAction(ActionType::createIndex);
targetActions.addAction(ActionType::convertToCapped);
std::string collection = cmdObj.getStringField("toCollection");
uassert(16708, "bad 'toCollection' value", !collection.empty());
out->push_back(Privilege(ResourcePattern::forExactNamespace(
NamespaceString(dbname, collection)),
targetActions));
}
开发者ID:glenlray,项目名称:mongo,代码行数:18,代码来源:collection_to_capped.cpp
注:本文中的Privilege函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论