Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11381

grantPrivilegesToRole and revokePrivilegesFromRole should reject empty 'privileges' argument

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.5.5
    • Affects Version/s: 2.5.3
    • Component/s: Security
    • ALL
    • None
    • 0
    • None
    • None
    • None
    • None
    • None
    • None

      > db.runCommand(

      { grantPrivilegesToRole: "roleName", privileges: [] }

      )
      > db.runCommand(

      { revokePrivilegesFromRole: "roleName", privileges: [] }

      )

      expect commands to fail, because 'privileges' array is empty. Instead, get

      { "ok" : 1 }

      This is a bug for the sake of consistency with other role-related commands. For example, the grantRoleToRole() and grantRoleToUser() commands will fail if you pass an empty 'roles' array to either. These commands require at least one specified granted role in order to succeed.

            Assignee:
            spencer@mongodb.com Spencer Brody (Inactive)
            Reporter:
            samantha.ritter@mongodb.com Samantha Ritter (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: