Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-12141

Docs for SERVER-37551: Add {authorizedDatabases:bool} param to {listDatabases} command.

    XMLWordPrintable

Details

    • Task
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • 4.1.4, 4.0.5
    • manual, Server
    • None

    Description

      Description

      Description:

      This change introduces a new optional boolean argument to the

      {listDatabases:1}

      command called "authorizedDatabases".

      The value of the argument must be either true or false if present.

      If present and true, then only those databases which the user has the `find` privilege on will be returned, even if they have the `listDatabases` privilege which would otherwise grant permissions to enumate all databases.

      If present and false, the all databases will be included, but ONLY if the user also has the listDatabases privilege. If they do not possess this privilege, but ask for all databases anyway (by passing false), then an Unauthorized error will be returned.

      If the new param is not present, the command behaves as it currently does, returning all databases for users with the `listDatabases` privilege, and only those databases which the user has `find` privileges on for all others.

      Scope of changes

      • listDatabases command
      • built-in roles + auth actions privileges
      • Although we have some scripts that use listDatabases, for now, will not call out since we use the default. Although, may, want to blurb to check privileges in those spots.

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

      Attachments

        Issue Links

          Activity

            People

              kay.kim@mongodb.com Kay Kim (Inactive)
              kay.kim@mongodb.com Kay Kim (Inactive)
              Kay Kim Kay Kim (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                3 years, 27 weeks, 4 days ago