[SERVER-9514] System-defined roles Created: 30/Apr/13 Updated: 02/Aug/18 Resolved: 30/Oct/13 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | 2.5.4 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Andy Schwerin | Assignee: | Spencer Brody (Inactive) |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||||||||||
| Participants: | |||||||||||||||||||||||||||||||||
| Description |
|
In the context of supporting user-defined roles ( System defined roles will automatically be created for each database, and it will not be possible to rename, replace, update, modify or delete them. They should be useful for basic single- and multi-tenant scenarios. |
| Comments |
| Comment by Githook User [ 14/Nov/13 ] |
|
Author: {u'username': u'andy10gen', u'name': u'Andy Schwerin', u'email': u'schwerin@10gen.com'}Message: |
| Comment by Githook User [ 14/Nov/13 ] |
|
Author: {u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@10gen.com'}Message: |
| Comment by auto [ 30/Oct/13 ] |
|
Author: {u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@10gen.com'}Message: |
| Comment by auto [ 28/Oct/13 ] |
|
Author: {u'username': u'stbrody', u'name': u'Spencer T Brody', u'email': u'spencer@10gen.com'}Message: |
| Comment by Andreas Nilsson [ 27/Sep/13 ] |
|
Yes, right now it's a mess to do a proper dump/restore. You need to give all sorts of permissions to the user. A specialized role for this makes a lot of sense. Then that role might be disabled to other things than just running a dump/restore command if there is such a thing. |
| Comment by Andy Schwerin [ 13/Jun/13 ] |
|
I agree. This change should be server-only. |
| Comment by Andreas Nilsson [ 13/Jun/13 ] |
|
I do not believe this will require any driver changes, schwerin? |
| Comment by Ian Daniel [ 23/May/13 ] |
|
A user has suggested that we add an mms-agent or statistics-aggregator role. |