[SERVER-39161] User management commands should ensure the created user is usable Created: 23/Jan/19  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Admin
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Joe Caswell Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: File bigusertest.js    
Issue Links:
Related
Assigned Teams:
Server Security
Participants:
Case:

 Description   

If the role graph produced by usersInfo with the showPrivileges option exceeds the BSON document size limit, an exception is thrown.

Since usersInfo is used in the authentication process, this prevents the user from authenticating.

Currently the user and role management commands do not validate that the modifications made actually result is usable users. The worst case scenario is a userAdmin could lock themselves out.

There should be some manner of warning or error when this occurs.


Generated at Thu Feb 08 04:51:13 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.