diff options
Diffstat (limited to 'db/dbeval.cpp')
| -rw-r--r-- | db/dbeval.cpp | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/db/dbeval.cpp b/db/dbeval.cpp index a3be894..e8a42b2 100644 --- a/db/dbeval.cpp +++ b/db/dbeval.cpp @@ -17,11 +17,11 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "stdafx.h" +#include "pch.h" #include "query.h" #include "pdfile.h" #include "jsobj.h" -#include "../util/builder.h" +#include "../bson/util/builder.h" #include <time.h> #include "introspect.h" #include "btree.h" @@ -108,20 +108,30 @@ namespace mongo { class CmdEval : public Command { public: - virtual bool slaveOk() { + virtual bool slaveOk() const { return false; } + virtual void help( stringstream &help ) const { + help << "Evaluate javascript at the server.\n" "http://www.mongodb.org/display/DOCS/Server-side+Code+Execution"; + } // We need at least read only access to run db.eval - auth for eval'd writes will be checked // as they are requested. virtual bool requiresAuth() { return false; } - virtual LockType locktype(){ return WRITE; } - CmdEval() : Command("$eval") { } - bool run(const char *ns, BSONObj& cmdObj, string& errmsg, BSONObjBuilder& result, bool fromRepl) { + virtual LockType locktype() const { return NONE; } + CmdEval() : Command("eval", false, "$eval") { } + bool run(const string& dbname , BSONObj& cmdObj, string& errmsg, BSONObjBuilder& result, bool fromRepl) { + AuthenticationInfo *ai = cc().getAuthenticationInfo(); - uassert( 12598 , "$eval reads unauthorized", ai->isAuthorizedReads(cc().database()->name.c_str())); - return dbEval(ns, cmdObj, result, errmsg); + uassert( 12598 , "$eval reads unauthorized", ai->isAuthorizedReads(dbname.c_str()) ); + + // write security will be enforced in DBDirectClient + mongolock lk( ai->isAuthorized( dbname.c_str() ) ); + Client::Context ctx( dbname ); + + + return dbEval(dbname.c_str(), cmdObj, result, errmsg); } } cmdeval; |