Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Duplicate
Priority: Minor - P4
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:
None

Some use cases have a need for "views" per user, and need to be able to grant access only to certain collections in a single database. This can be achieved easily using user-defined roles, with the correct permissions.

However, when configuring roles this way, users can still use the listCollections command, and list collections that they cannot read from.

duplicates

SERVER-32942 mongo shell: for users authorized to certain namespace, make discovery easy

Closed

is duplicated by

SERVER-25655 mongodb permission issues

Closed

is related to

SERVER-33148 add db.collection.getInfo() collection method

Backlog

Assignee:: Sara Golemon

Reporter:: Charles Sarrazin (Inactive)

Participants:: Andy Schwerin, Charles Sarrazin, Sara Golemon, Spencer Brody

Votes:: 0 Vote for this issue

Watchers:: 16 Start watching this issue

Created:: Aug 24 2016 09:57:20 AM UTC

Updated:: Apr 23 2018 09:59:59 PM UTC

Resolved:: Mar 14 2018 09:15:29 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates