[SERVER-11827] Allow user defined roles on non-admin databases to grant permission for users to change their own passwords - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: 2.5.4
Fix Version/s: 2.5.5
Component/s: Security, Usability
Labels:
None

Backwards Compatibility:
Minor Change
Operating System:
ALL

Description

Currently the "changeOwnPassword" action needs to be granted to the cluster resource to be effective in allowing a user to change their own password. But roles on non-admin dbs can't have privileges on the cluster resource. Instead, permission to change one's own password should be based on the possession of changeOwnPassword on the database resource for the database the user is defined on.

Attachments

Issue Links

is related to

DOCS-3584 Provide example on how to setup changeOwnPassword

Closed

Activity

People

Assignee:: Spencer Brody (Inactive)

Reporter:: Spencer Brody (Inactive)

Participants:: Githook User, Spencer Brody

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: Nov 22 2013 05:22:22 PM UTC

Updated:: Jul 01 2014 01:34:21 AM UTC

Resolved:: Nov 22 2013 09:19:56 PM UTC