Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-52860

Split Namespace used for Authorization Actions and Audit Events

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 4.9.0
    • Affects Version/s: None
    • Component/s: Internal Code
    • Labels:
      None
    • Fully Compatible
    • Security 2020-11-30, Security 2020-12-14

      Currently, all audit event types are valid authorization ActionTypes. This means that audit event types can be granted as meaningless authorization rights. We should create a second set of ActionTypes for use with auditing, which contains all existing ActionTypes used for auditing purposes. All new event types shall be added exclusively to the new set. Existing audit event types in the authorization set shall not be removed, for backwards compatibility, but shall be marked as deprecated.

            Assignee:
            shreyas.kalyan@mongodb.com Shreyas Kalyan
            Reporter:
            spencer.jackson@mongodb.com Spencer Jackson
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: