[DOCS-14282] Investigate changes in SERVER-36263: Bypassing operation validation in applyOps should require special privilege Created: 10/Mar/21 Updated: 13/Nov/23 Resolved: 04/Aug/21 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | manual, Server |
| Affects Version/s: | None |
| Fix Version/s: | 4.9.0, 4.2.16, 4.0.27, 4.4.9, Server_Docs_20231030, Server_Docs_20231106, Server_Docs_20231105, Server_Docs_20231113 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Backlog - Core Eng Program Management Team | Assignee: | Ian Fogelman |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Days since reply: | 2 years, 27 weeks, 1 day ago | ||||||||
| Epic Link: | DOCSP-15042 | ||||||||
| Story Points: | 2 | ||||||||
| Description |
DescriptionDownstream Change Summary We are adding a new privilege that must be acquired to be able to perform Description of Linked Ticket As of We will create a new privilege bypassing system-level invariants in applyOps. Today, this privilege will be required in order to run applyOps at all, since we have not implemented a version of applyOps that performs validation. The privilege will be included in dbAdminAnyDatabase, which is included in the custom role atlasAdmin and the temporary user that we create for Live Imports (mongomirror). Scope of changesAdd new privilege to https://docs.mongodb.com/manual/reference/privilege-actions/ See what roles have this privilege and add the privilege to the corresponding roles on https://docs.mongodb.com/manual/reference/built-in-roles/. Impact to Other DocsMVP (Work and Date)Resources (Scope or Design Docs, Invision, etc.) |
| Comments |
| Comment by Githook User [ 03/Aug/21 ] |
|
Author: {'name': 'ian fogelman', 'email': 'ian.fogelman@mongodb.com', 'username': 'ianf-mongodb'}Message: |