Loading...

XML

Word

Printable

JSON

Details

Type: New Feature
Resolution: Unresolved
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:
- security

Assigned Teams:

Server Security
Case:

Description

Resource document within Collection-Level Access Control currently supports the following.
1. Explicit values :

inventory collection in products database

{ db: "products", collection: "inventory" }

2. Empty strings that includes the entire scope :

all collections in products database

{ db: "products", collection: "" }

Request is to have a pattern matching on either db or collection fileds, this way permissions can be granted based on the matching pattern rather then explicit literals.

3. regexp example

Collections starting with "inve" in products database

{ db: "products", collection: "^inve*" }

Attachments

Issue Links

duplicates

SERVER-48632 Use wildcard collections in user role privileges

Closed

is duplicated by

SERVER-78575 Use wildcard databases in user role privileges (like collections)

Closed

related to

SERVER-13696 Allow revoke/deny role permissions

Open

Activity

People

Assignee:: Backlog - Security Team

Reporter:: Pavel Duchovny

Participants:: Backlog - Security Team, Pavel Duchovny, Salman Baset, Shanjeef Satchithanantham, Spencer Brown, Teddy poujol

Votes:: 10 Vote for this issue

Watchers:: 29 Start watching this issue

Dates

Created:: Mar 03 2016 08:21:19 PM UTC

Updated:: Dec 11 2023 10:57:32 AM UTC