Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-55049

access control: backup/restore roles should work with time-series collections

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Execution Team 2021-05-03, Execution Team 2021-05-17, Execution Team 2021-05-31

      These roles should give enough permissions to backup and restore time-series collections including any secondary indexes defined on them.

      The relevant privileges for the backup and restore roles are defined in the code here:

      The time-series collection is considered a normal resource in the access control system. However, this does not apply to the buckets collection because it resides in the system.buckets namespace.

      The AuthorizationSessionImpl::buildResourceSearchList function is responsible for checking whether an action is allowed to proceed on a resource.

            Assignee:
            michael.gargiulo@mongodb.com Michael Gargiulo
            Reporter:
            geert.bosch@mongodb.com Geert Bosch
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: