Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11312

reIndex command fails with user-defined roles

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major - P3 Major - P3
    • 2.5.4
    • None
    • Security
    • ALL

    Description

      Create a user with a single role that has the following privilege:

      { resource: {db: "test", collection: "x"}, actions: ["reIndex"] }

      If the user tries to reIndex collection "x", the command fails as shown below:

      > db.runCommand({reIndex: "x"})
      {
      	"nIndexesWas" : 1,
      	"msg" : "indexes dropped for collection",
      	"errmsg" : "exception: invalid ns to index",
      	"code" : 10096,
      	"ok" : 0
      }

      On the other hand, if the user has the dbAdmin role, then the command works just fine:

      > db.x.save({})
      > db.runCommand({
      ... createUser: "testUser",
      ... pwd: "password",
      ... roles: ["dbAdmin"]
      ... })
      { "ok" : 1 }
      > db.auth("testUser", "password")
      1
      > db.runCommand({reIndex: "x"})
      {
      	"nIndexesWas" : 1,
      	"msg" : "indexes dropped for collection",
      	"nIndexes" : 1,
      	"indexes" : [
      		{
      			"key" : {
      				"_id" : 1
      			},
      			"ns" : "test.x",
      			"name" : "_id_"
      		}
      	],
      	"ok" : 1
      }

      Attachments

        Activity

          People

            david.storch@mongodb.com David Storch
            david.storch@mongodb.com David Storch
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: