[DOCS-7664] Clarify descriptions of Query and Write Privilege Actions Created: 15/Apr/16 Updated: 30/Oct/23 Resolved: 03/Oct/16 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | manual |
| Affects Version/s: | None |
| Fix Version/s: | Server_Docs_20231030 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Jeffrey Yemin | Assignee: | Allison Reinheimer Moore |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||
| Participants: | |||||||||||||||||||||
| Days since reply: | 7 years, 19 weeks, 2 days ago | ||||||||||||||||||||
| Story Points: | 1 | ||||||||||||||||||||
| Description |
|
In the query and write actions section of the Privilege Acitons page, we should describe all the actions in terms of the commands that they imply. Currently insert and update are described that way, but find and remove are not.
|
| Comments |
| Comment by Githook User [ 04/Oct/16 ] |
|
Author: {u'username': u'schmalliso', u'name': u'Allison Moore', u'email': u'allison.moore@10gen.com'}Message: Signed-off-by: kay <kay.kim@10gen.com> |
| Comment by Githook User [ 04/Oct/16 ] |
|
Author: {u'username': u'schmalliso', u'name': u'Allison Moore', u'email': u'allison.moore@10gen.com'}Message: Signed-off-by: kay <kay.kim@10gen.com> |
| Comment by Jeffrey Yemin [ 03/May/16 ] |
|
I don't see that. The build-in roles page lists the actions each role grants, but not the list of commands that each action implies. It's a bit confusing because so many of the actions have the same name as the single command that it implies. But the 'find' action happens to imply more than one command. |
| Comment by Steve Renaker (Inactive) [ 02/May/16 ] |
|
The section on Built-In Roles (https://docs.mongodb.org/manual/reference/built-in-roles/) has lists of commands each privilege action implies. Should we expand the descriptions of Find, Insert, Remove, and Update on the Privilege Actions page as well? |
| Comment by Andreas Nilsson [ 20/Apr/16 ] |
|
Ah yes, we had to let find -> killCursors for the clusterMonitor role until we have a better story around cursor ownership. For getMore it depends on what type of query it was, see https://github.com/mongodb/mongo/blob/master/src/mongo/db/auth/authorization_session.cpp#L203-L244 Idk what parallellCollectionScan is but I will believe u. |
| Comment by Jeffrey Yemin [ 19/Apr/16 ] |
|
Yes, I tested it. I created a user that had only the "find" privilege, and confirmed that I could execute all of these commands. |
| Comment by Andreas Nilsson [ 19/Apr/16 ] |
|
I'm not sure find permission -> getMore and killCursors straight off. Are you sure about this jeff.yemin? |