[SERVER-72836] Create $$USER_ROLES system variable for aggregations Created: 13/Jan/23 Updated: 29/Oct/23 Resolved: 01/Mar/23 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 7.0.0-rc0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Varun Ravichandran | Assignee: | Militsa Sotirova |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Sprint: | QO 2023-02-20, Security 2023-01-23, QO 2023-03-06 | ||||||||
| Participants: | |||||||||
| Description |
|
This ticket encapsulates the work necessary to create a new $$USER_ROLES variable that will be available for find queries and aggregation pipelines. It will be populated at query execution time with the roles of the user executing the query. On sharded clusters, a query may be executed on a shard by another server node on behalf of the end client. In those cases, $$USER_ROLES will be populated with the roles of the end client's user that the server node is impersonating. |
| Comments |
| Comment by Githook User [ 01/Mar/23 ] |
|
Author: {'name': 'Militsa Sotirova', 'email': 'militsa.sotirova@mongodb.com', 'username': 'militsasotirova'}Message: |