[SERVER-33096] getRoles command does not return authenticationRestrictions Created: 02/Feb/18 Updated: 27/Oct/23 Resolved: 05/Feb/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 3.6.2 |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Ravind Kumar (Inactive) | Assignee: | Sara Golemon |
| Resolution: | Works as Designed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
MongoDB 3.6.2, possibly 3.6.0+ |
||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Description |
|
the getRoles command (and db.getRoles()) does not return any authenticationRestrictions associated to configured roles. Steps to reproduce: 1. Create new user, specifying authenticationRestrictions document with both clientSource and serverAddress Originally reported by user in the community slack channel. As far as I can tell there doesn't seem to be a way to check the configured authenticationRestrictions (if any) for a given role. Example:
|
| Comments |
| Comment by Spencer Brown [ 09/Jan/20 ] | ||||||||||||||||||||||||||||||||||||||||||||
|
looks like it needs to be showAuthenticationRestrictions: true
| ||||||||||||||||||||||||||||||||||||||||||||
| Comment by Sara Golemon [ 05/Feb/18 ] | ||||||||||||||||||||||||||||||||||||||||||||
|
"authenticationRestrictions" are available via getRoles(), but only if the (currently undocumented) parameter {showAuthenticationRestrictions: 1}is passed to the command. This is consistent with the showPrivileges and showBuiltinRoles idioms. I've filed a DOCS ticket to get the manual updated. |