Resource document within Collection-Level Access Control currently supports the following.
1. Explicit values :
inventory collection in products database
{ db: "products", collection: "inventory" }
2. Empty strings that includes the entire scope :
all collections in products database
{ db: "products", collection: "" }
Request is to have a pattern matching on either db or collection fileds, this way permissions can be granted based on the matching pattern rather then explicit literals.
3. regexp example
Collections starting with "inve" in products database
{ db: "products", collection: "^inve*" }
- duplicates
-
SERVER-48632 Use wildcard collections in user role privileges
-
- Closed
-
- is duplicated by
-
SERVER-78575 Use wildcard databases in user role privileges (like collections)
-
- Closed
-
- related to
-
-
- Open
-