Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-22951

Using regexp patterns for resource scope in user-defined roles

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Major - P3
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: Backlog
    • Component/s: Security
    • Labels:
    • Case:

      Description

      Resource document within Collection-Level Access Control currently supports the following.
      1. Explicit values :

      inventory collection in products database

       
      { db: "products", collection: "inventory" }
      
      

      2. Empty strings that includes the entire scope :

      all collections in products database

       
      { db: "products", collection: "" }
      
      

      Request is to have a pattern matching on either db or collection fileds, this way permissions can be granted based on the matching pattern rather then explicit literals.

      3. regexp example

      Collections starting with "inve" in products database

       
      { db: "products", collection: "^inve*" }
      
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              backlog-server-security Backlog - Security Team
              Reporter:
              pavel.duchovny Pavel Duchovny
              Participants:
              Votes:
              8 Vote for this issue
              Watchers:
              24 Start watching this issue

                Dates

                Created:
                Updated: