[SERVER-69715] Enable currentOp to be run with security token Created: 15/Sep/22 Updated: 29/Oct/23 Resolved: 26/Oct/22 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 6.2.0-rc0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Janna Golden | Assignee: | Janna Golden |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Backwards Compatibility: | Fully Compatible |
| Sprint: | Server Serverless 2022-10-17, Server Serverless 2022-10-31 |
| Participants: |
| Description |
|
Tenants should be able to run the currentOp command. To allow this, override allowedWithSecurityToken on the mongod currentOp command to return true. Then, we'll need to be sure we allow a currentOp to be scoped to the correct tenant, so we'll need to actually name the DatabaseName parameter on the command's run function, and then construct the agg reqeust with it. We'll also want to change the serialization of the"ns" field in the output so that we only include the tenantId as a prefix if the project's feature flag is not enabled - use the NamespaceStringUtils::serialize() function instead. We can add a test to both native_tenant_data_isolation_basic_dollar_tenant.js and native_tenant_data_isolation_basic_security_token.js |
| Comments |
| Comment by Githook User [ 26/Oct/22 ] |
|
Author: {'name': 'jannaerin', 'email': 'golden.janna@gmail.com', 'username': 'jannaerin'}Message: |