[SERVER-33827] Support for read-only fields Created: 12/Mar/18 Updated: 06/Dec/22 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | Security, Write Ops |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | NOVALUE Mitar | Assignee: | Backlog - Query Optimization |
| Resolution: | Unresolved | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Assigned Teams: |
Query Optimization
|
| Participants: |
| Description |
|
It would be great if we could have some fields be write-once only. So that we could make sure our application logic is never changing them (like timestamps, or entries for audit log). Currently there is some support for validation, but it just checks that schema matches, not what changes are being made. |
| Comments |
| Comment by NOVALUE Mitar [ 17/Mar/18 ] |
|
The latter. So we would like to have fields which once written nobody can change (or at least, nobody with regular write permissions). Then our app would have regular write permissions. We would like this to be assured at the database level so that we have a single point of failure. This would then help us making sure audit documents are not tampered with at the lowest possible level. |
| Comment by Kelsey Schubert [ 16/Mar/18 ] |
|
Hi mitar, Would you please clarify what your use case? For example, are you describing a use case where only one app can write some of the fields and another app can only read the document and write some of the fields, or do you require that some can be written by any app, but only once? Thanks, |