[SERVER-7881] Re-enable jstests/sharding/authCommands2.js Created: 07/Dec/12  Updated: 11/Jul/16  Resolved: 10/Dec/12

Status: Closed
Project: Core Server
Component/s: Security, Sharding
Affects Version/s: None
Fix Version/s: 2.3.2

Type: Task Priority: Major - P3
Reporter: Spencer Brody (Inactive) Assignee: Spencer Brody (Inactive)
Resolution: Done Votes: 0
Labels: buildbot
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Participants:

 Description   

I temporarily disabled authCommands2.js to get BB passing.

The reason that it's failing is because in our existing auth system there are read-only admin commands (and read-only admin users), but in the new auth system the "admin" commands are commands that are granted by the serverAdmin and clusterAdmin roles. Those roles have no distinction between read-only and read-write, so we only grant serverAdmin and clusterAdmin to read-write admin users from old-style privilege documents.

We probably need to split the serverAdmin and clusterAdmin roles into read-only and read-write groupings internally (we don't need to surface that division to users of new-style privilege documents) to correctly support old-style privilege documents in a backwards compatible way. Once we've done that we should turn authCommands2.js back on.



 Comments   
Comment by auto [ 10/Dec/12 ]

Author:

{u'date': u'2012-12-10T18:29:16Z', u'email': u'spencer@10gen.com', u'name': u'Spencer T Brody'}

Message: SERVER-7881 SERVER-7572 SERVER-7122 Preserve backwards compatibility with old-style users for some commands
Branch: master
https://github.com/mongodb/mongo/commit/ace61a12c09b18f820067f0d451e20fe985dd0fa

Comment by auto [ 07/Dec/12 ]

Author:

{u'date': u'2012-12-07T22:59:19Z', u'email': u'spencer@10gen.com', u'name': u'Spencer T Brody'}

Message: SERVER-7881 SERVER-7572 Temporarily disable jstests/sharding/authCommands2.js
Branch: master
https://github.com/mongodb/mongo/commit/cf417d7fde4fb5d2b71ce8b71e075427ba005b1e

Generated at Thu Feb 08 03:15:50 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.