Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11827

Allow user defined roles on non-admin databases to grant permission for users to change their own passwords

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 2.5.4
    • Fix Version/s: 2.5.5
    • Component/s: Security, Usability
    • Labels:
      None
    • Backwards Compatibility:
      Minor Change
    • Operating System:
      ALL

      Description

      Currently the "changeOwnPassword" action needs to be granted to the cluster resource to be effective in allowing a user to change their own password. But roles on non-admin dbs can't have privileges on the cluster resource. Instead, permission to change one's own password should be based on the possession of changeOwnPassword on the database resource for the database the user is defined on.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              spencer Spencer Brody (Inactive)
              Reporter:
              spencer Spencer Brody (Inactive)
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: