Details
Description
Resource document within Collection-Level Access Control currently supports the following.
1. Explicit values :
|
inventory collection in products database |
|
|
{ db: "products", collection: "inventory" }
|
|
2. Empty strings that includes the entire scope :
|
all collections in products database |
|
|
{ db: "products", collection: "" }
|
|
Request is to have a pattern matching on either db or collection fileds, this way permissions can be granted based on the matching pattern rather then explicit literals.
3. regexp example
|
Collections starting with "inve" in products database |
|
|
{ db: "products", collection: "^inve*" }
|
|
Attachments
Issue Links
- duplicates
-
SERVER-48632 Use wildcard collections in user role privileges
-
- Closed
-
- is duplicated by
-
SERVER-78575 Use wildcard databases in user role privileges (like collections)
-
- Closed
-
- related to
-
SERVER-13696 Allow revoke/deny role permissions
-
- Open
-