Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-10963

Fix required privileges for aggregation with $out.

    XMLWordPrintableJSON

Details

    • ALL

    Description

      While the implementation of $out involves creating a temporary collection and creating indexes thereon, the end effect is equivalent to doing inserts and removes on the target collection. Therefore, it seems that the correct privileges for the $out target namespace, "target" are ActionType::remove and ActionType::insert, only. Since create-collection is implicit in ActionType::insert, those should be sufficient privileges.

      Attachments

        Activity

          People

            spencer@mongodb.com Spencer Brody (Inactive)
            schwerin@mongodb.com Andy Schwerin
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: