[SERVER-72836] Create $$USER_ROLES system variable for aggregations Created: 13/Jan/23  Updated: 29/Oct/23  Resolved: 01/Mar/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.0.0-rc0

Type: Task Priority: Major - P3
Reporter: Varun Ravichandran Assignee: Militsa Sotirova
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
is documented by DOCS-15930 Investigate changes in SERVER-72836: ... Closed
Backwards Compatibility: Fully Compatible
Sprint: QO 2023-02-20, Security 2023-01-23, QO 2023-03-06
Participants:

 Description   

This ticket encapsulates the work necessary to create a new $$USER_ROLES variable that will be available for find queries and aggregation pipelines. It will be populated at query execution time with the roles of the user executing the query.

On sharded clusters, a query may be executed on a shard by another server node on behalf of the end client. In those cases, $$USER_ROLES will be populated with the roles of the end client's user that the server node is impersonating.



 Comments   
Comment by Githook User [ 01/Mar/23 ]

Author:

{'name': 'Militsa Sotirova', 'email': 'militsa.sotirova@mongodb.com', 'username': 'militsasotirova'}

Message: SERVER-72836 Adding USER_ROLES variable and tests
Branch: master
https://github.com/mongodb/mongo/commit/1322159a597ab966087605ecd0c67e0f55f30340

Generated at Thu Feb 08 06:22:56 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.