Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-13696

Allow revoke/deny role permissions

    XMLWordPrintable

    Details

    • Case:

      Description

      Allow deny/revoke privs to apply to roles. Since the current system has "grant" based roles implicitly there is no way to do this now without explicitly specifying each resource (db/collection) ahead of time.

      Orig
      We have a situation where our code creates and drops DBs regularly to hold temp data. In order to do this the application role must get a high level of permissions. We would like however to be able to prevent the application from dropping the core DB that is our data store. Would like to have ability to give permissions on `all DBs except ...`

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              backlog-server-security Backlog - Security Team
              Reporter:
              dancerjohn John Butler
              Participants:
              Votes:
              4 Vote for this issue
              Watchers:
              11 Start watching this issue

                Dates

                Created:
                Updated: