[SERVER-11961] Make names of direct/indirect roles/privilege consistent in rolesInfo and usersInfo Created: 04/Dec/13  Updated: 30/Oct/15  Resolved: 07/Jan/14

Status: Closed
Project: Core Server
Component/s: Security, Usability
Affects Version/s: 2.5.4
Fix Version/s: 2.5.5

Type: Improvement Priority: Major - P3
Reporter: Spencer Brody (Inactive) Assignee: Spencer Brody (Inactive)
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
is duplicated by SERVER-11963 rename field "indirectRoles" in outpu... Closed
Backwards Compatibility: Minor Change
Participants:

 Description   

Currently usersInfo and rolesInfo have "roles", "indirectRoles", and "privileges" fields, though "privileges" represents the full set of privileges from the user's full set of indirect roles.

I propose renaming "indirectRoles" to "inheritedRoles" and the current "privileges" field to "inheritedPrivileges", and adding a new field to rolesInfo called "privileges" that is just that role's direct privileges.

This also includes the benefit of providing a way to see just the direct privileges of a role via rolesInfo, which is important to have when managing (especially removing) the privileges that a role has.



 Comments   
Comment by Githook User [ 07/Jan/14 ]

Author:

{u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@10gen.com'}

Message: SERVER-11961 Make names of the direct and indirect privileges and roles fields consistent in usersInfo and rolesInfo
Branch: master
https://github.com/mongodb/mongo/commit/e6997d6ab5e5e048b1f99c764cd5e0c17d30808d

Comment by Spencer Brody (Inactive) [ 06/Jan/14 ]

Alternate proposal: "roles", "directRoles", "privileges", and "directPrivileges. So rolesInfo output would have all 4 of those, while usersInfo output would have all but "directPrivileges".

Comment by Andreas Nilsson [ 04/Dec/13 ]

I like it.

Generated at Thu Feb 08 03:27:13 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.