Details
-
Bug
-
Resolution: Works as Designed
-
Major - P3
-
None
-
None
-
None
-
ALL
Description
$ mogno 'mongodb://user:password@localhost:27017/?authSource=admin'
|
MongoDB shell version v3.6.3
|
connecting to: mongodb://localhost:27017/?authSource=admin
|
MongoDB server version: 3.6.3
|
MongoDB Enterprise 9be5809a-ea19-4dfd-b276-de020c05d333:PRIMARY> use test
|
switched to db test
|
MongoDB Enterprise 9be5809a-ea19-4dfd-b276-de020c05d333:PRIMARY> db.runCommand({connectionStatus: 1, showPrivileges: false})
|
{
|
"authInfo" : {
|
"authenticatedUsers" : [
|
{
|
"user" : "user",
|
"db" : "admin"
|
}
|
],
|
"authenticatedUserRoles" : [
|
{
|
"role" : "readWriteAnyDatabase",
|
"db" : "admin"
|
},
|
{
|
"role" : "dbAdminAnyDatabase",
|
"db" : "admin"
|
},
|
{
|
"role" : "clusterAdmin",
|
"db" : "admin"
|
},
|
{
|
"role" : "userAdminAnyDatabase",
|
"db" : "admin"
|
}
|
]
|
},
|
"ok" : 1,
|
"operationTime" : Timestamp(1527724978, 1),
|
"$clusterTime" : {
|
"clusterTime" : Timestamp(1527724978, 1),
|
"signature" : {
|
"hash" : BinData(0,"bS8d9oGZjPnm4m82HzJu4fj9YjA="),
|
"keyId" : NumberLong("6561523985954111489")
|
}
|
}
|
}
|
MongoDB Enterprise 9be5809a-ea19-4dfd-b276-de020c05d333:PRIMARY> db.runCommand({insert:"system.js", documents:[{_id:"func", value:function(k){return k;}}], bypassDocumentValidation: false})
|
{
|
"n" : 1,
|
"opTime" : {
|
"ts" : Timestamp(1527724994, 1),
|
"t" : NumberLong(2)
|
},
|
"electionId" : ObjectId("7fffffff0000000000000002"),
|
"ok" : 1,
|
"operationTime" : Timestamp(1527724994, 1),
|
"$clusterTime" : {
|
"clusterTime" : Timestamp(1527724994, 1),
|
"signature" : {
|
"hash" : BinData(0,"or3MniluGCizPnkeVRkbQg/31Bo="),
|
"keyId" : NumberLong("6561523985954111489")
|
}
|
}
|
}
|
MongoDB Enterprise 9be5809a-ea19-4dfd-b276-de020c05d333:PRIMARY> db.runCommand({insert:"system.js", documents:[{_id:"func2", value:function(k){return k;}}], bypassDocumentValidation: true})
|
{
|
"operationTime" : Timestamp(1527724994, 1),
|
"ok" : 0,
|
"errmsg" : "not authorized on test to execute command { insert: \"system.js\", bypassDocumentValidation: true, $clusterTime: { clusterTime: Timestamp(1527724994, 1), signature: { hash: BinData(0, A2BDCC9E296E1828B33E791E55191B420FF7D41A), keyId: 6561523985954111489 } }, $db: \"test\" }",
|
"code" : 13,
|
"codeName" : "Unauthorized",
|
"$clusterTime" : {
|
"clusterTime" : Timestamp(1527724994, 1),
|
"signature" : {
|
"hash" : BinData(0,"or3MniluGCizPnkeVRkbQg/31Bo="),
|
"keyId" : NumberLong("6561523985954111489")
|
}
|
}
|
}
|
I'd expect this to work since the user has the bypassDocumentValidation privilege (provided by dbAdminAnyDatabase).
Attachments
Issue Links
- is related to
-
TOOLS-2030 mongodump does not dump system.js collections
-
- Closed
-
- related to
-
SERVER-38545 Inconsistency between different roles when inserting to system.js with bypassDocumentValidation=true
-
- Closed
-
-
SERVER-5972 Cannot drop system.js collection
-
- Closed
-