Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-55049

access control: backup/restore roles should work with time-series collections

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major - P3 Major - P3
    • None
    • None
    • Security
    • None
    • Execution Team 2021-05-03, Execution Team 2021-05-17, Execution Team 2021-05-31

    Description

      These roles should give enough permissions to backup and restore time-series collections including any secondary indexes defined on them.

      The relevant privileges for the backup and restore roles are defined in the code here:

      The time-series collection is considered a normal resource in the access control system. However, this does not apply to the buckets collection because it resides in the system.buckets namespace.

      The AuthorizationSessionImpl::buildResourceSearchList function is responsible for checking whether an action is allowed to proceed on a resource.

      Attachments

        Activity

          People

            michael.gargiulo@mongodb.com Michael Gargiulo
            geert.bosch@mongodb.com Geert Bosch
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: