[DOCS-9473] Document behavior of views when auth is enabled Created: 02/Dec/16 Updated: 05/Feb/20 Resolved: 07/Aug/17 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 3.4.0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Emily Hall | Assignee: | Kay Kim (Inactive) |
| Resolution: | Done | Votes: | 0 |
| Labels: | read-only-views | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Participants: | |||||||||||||||||
| Days since reply: | 6 years, 27 weeks, 2 days ago | ||||||||||||||||
| Epic Link: | 3.4: Views | ||||||||||||||||
| Description |
|
We should document how views behave when auth is enabled, because commands that interact with views require specific actions or have restrictions in their authorization checks:
Original Engineering Ticket DescriptionAccess control on views should work exactly as it does for collections.
There are also some interesting security concerns to consider with regard to access control on a view's backing namespace:
However, this ticket *does not* cover authorization checks when calling getMore on a cursor returned by a view. (This means that a user authorized to read a view will still get an authorization error when calling getMore on that cursor.) The work for that will be tracked in |
| Comments |
| Comment by Githook User [ 07/Aug/17 ] |
|
Author: {'username': 'kay-kim', 'email': 'kay.kim@10gen.com', 'name': 'kay'}Message: |
| Comment by Githook User [ 07/Aug/17 ] |
|
Author: {'name': 'kay', 'username': 'kay-kim', 'email': 'kay.kim@10gen.com'}Message: |
| Comment by Kyle Suarez [ 07/Dec/16 ] |
|
I don't think I've seen any documentation regarding views and authorization, so I've modified the ticket to describe what I think we should document. (If I'm wrong, and there does exist documentation, please let me know.) Feel free to split this up into sub-tickets, since there are several commands affected. I've also linked this ticket to both |