[SERVER-24724] Views works with authorization Created: 22/Jun/16 Updated: 08/Aug/17 Resolved: 11/Aug/16 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | 3.3.11 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Kyle Suarez | Assignee: | Kyle Suarez |
| Resolution: | Done | Votes: | 0 |
| Labels: | read-only-views | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||||||||||||||
| Sprint: | Integration 18 (08/05/16), Integration 2016-08-29 | ||||||||||||||||||||||||||||
| Participants: | |||||||||||||||||||||||||||||
| Description |
|
Access control on views should work exactly as it does for collections.
There are also some interesting security concerns to consider with regard to access control on a view's backing namespace:
However, this ticket *does not* cover authorization checks when calling getMore on a cursor returned by a view. (This means that a user authorized to read a view will still get an authorization error when calling getMore on that cursor.) The work for that will be tracked in |
| Comments |
| Comment by Andy Schwerin [ 11/Aug/16 ] |
|
I think the view creation documentation should describe the privileges required, but everything else is pretty much the same as for regular collections. Please edit the description of this ticket to more clearly indicate that this work does not cover authorization checks for getmore operations on views, and to indicate which ticket does cover that work. |
| Comment by Kyle Suarez [ 11/Aug/16 ] |
|
Unsure if documentation changes are needed – authz for views is a special case in terms of privileges and may be worthy of explicit clarification in the documentation. |
| Comment by Githook User [ 11/Aug/16 ] |
|
Author: {u'username': u'ksuarz', u'name': u'Kyle Suarez', u'email': u'kyle.suarez@mongodb.com'}Message: Adds special authorization logic to prevent a user from reading |