[SERVER-33145] Access control checks for commitTransaction and abortTransaction commands Created: 06/Feb/18 Updated: 29/Oct/23 Resolved: 13/Apr/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Replication |
| Affects Version/s: | None |
| Fix Version/s: | 3.7.4 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Spencer Brody (Inactive) | Assignee: | Tess Avitabile (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Sprint: | Repl 2018-04-09, Repl 2018-04-23 | ||||||||
| Participants: | |||||||||
| Comments |
| Comment by Githook User [ 13/Apr/18 ] |
|
Author: {'email': 'tess.avitabile@mongodb.com', 'name': 'Tess Avitabile', 'username': 'tessavitabile'}Message: |
| Comment by Siyuan Zhou [ 30/Mar/18 ] |
|
|
| Comment by Spencer Brody (Inactive) [ 29/Mar/18 ] |
|
It's possible that they're no work to do on implementing the actual access control check, if there's already controls around which users can check out which sessions. If that's the case then this ticket would just be about adding test coverage |
| Comment by Siyuan Zhou [ 20/Mar/18 ] |
|
This work should enable the auth test for "commitTransaction" and "abortTransaction". They are temporarily disabled by marking "skipUnlessReplicaSet". We don't have any auth test cases, e.g. commands_builtin_roles.js running with a replica set. |
| Comment by Spencer Brody (Inactive) [ 06/Feb/18 ] |
|
I don't think there's any specific privilege that should be required to commit or abort transactions, rather a user should always (and only) be allowed to commit/abort transactions that they started. So to implement this check, I think we'll need to start tracking what user is associated with a given transaction, and have the access control check for the commands confirm that the session is authenticated as the same user as created the transaction (or is authenticated as the system user). |