[SERVER-11827] Allow user defined roles on non-admin databases to grant permission for users to change their own passwords Created: 22/Nov/13  Updated: 01/Jul/14  Resolved: 22/Nov/13

Status: Closed
Project: Core Server
Component/s: Security, Usability
Affects Version/s: 2.5.4
Fix Version/s: 2.5.5

Type: Bug Priority: Major - P3
Reporter: Spencer Brody (Inactive) Assignee: Spencer Brody (Inactive)
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to DOCS-3584 Provide example on how to setup chang... Closed
Backwards Compatibility: Minor Change
Operating System: ALL
Participants:

 Description   

Currently the "changeOwnPassword" action needs to be granted to the cluster resource to be effective in allowing a user to change their own password. But roles on non-admin dbs can't have privileges on the cluster resource. Instead, permission to change one's own password should be based on the possession of changeOwnPassword on the database resource for the database the user is defined on.



 Comments   
Comment by Githook User [ 22/Nov/13 ]

Author:

{u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@10gen.com'}

Message: SERVER-11827 Make changeOwnPassword privilege target the user's database rather than the cluster
Branch: master
https://github.com/mongodb/mongo/commit/8e3635dad80633495b0be44edd6cd782921aff4c

Generated at Thu Feb 08 03:26:51 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.