<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:06:46 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DOCS-13030] clusterMonitor role user is not able to fetch collections from db</title>
                <link>https://jira.mongodb.org/browse/DOCS-13030</link>
                <project id="10380" key="DOCS">Documentation</project>
                    <description>&lt;h2&gt;&lt;a name=&quot;Description&quot;&gt;&lt;/a&gt;Description&lt;/h2&gt;
&lt;p&gt;running with auth&#160;&lt;/p&gt;

&lt;p&gt;user role : clusterMonitor , db:admin&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;In mongoDB documentation , clusterMonitor user can read all the collection in all the db but&#160;&lt;/p&gt;

&lt;p&gt;in mongodb 3.6.3 , when I have tried to fetch the collections from the db it shows that authorisation error - user is not authorise to run the command -&#160;&lt;/p&gt;

&lt;p&gt;Command failed with error 13: &apos;not authorized on test to execute command { listCollections: 1, cursor: &lt;/p&gt;
{ batchSize: 0 }
&lt;p&gt;, $db: &quot;test&quot;, lsid: { id: UUID(&quot;71939577-10f4-41ca-b759-d170b6fca2b6&quot;) } }&apos; on server 10.10.30.12:27017. The full response is { &quot;ok&quot; : 0.0, &quot;errmsg&quot; : &quot;not authorized on test to execute command { listCollections: 1, cursor: &lt;/p&gt;
{ batchSize: 0 }
&lt;p&gt;, $db: \&quot;test\&quot;, lsid: { id: UUID(\&quot;71939577-10f4-41ca-b759-d170b6fca2b6\&quot;) } }&quot;, &quot;code&quot; : 13, &quot;codeName&quot; : &quot;Unauthorized&quot; }&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;h2&gt;&lt;a name=&quot;Scopeofchanges&quot;&gt;&lt;/a&gt;Scope of changes&lt;/h2&gt;

&lt;h2&gt;&lt;a name=&quot;ImpacttoOtherDocs&quot;&gt;&lt;/a&gt;Impact to Other Docs&lt;/h2&gt;

&lt;h2&gt;&lt;a name=&quot;MVP%28WorkandDate%29&quot;&gt;&lt;/a&gt;MVP (Work and Date)&lt;/h2&gt;

&lt;h2&gt;&lt;a name=&quot;Resources%28ScopeorDesignDocs%2CInvision%2Cetc.%29&quot;&gt;&lt;/a&gt;Resources (Scope or Design Docs, Invision, etc.)&lt;/h2&gt;
</description>
                <environment>MongoDB 3.6.3 . </environment>
        <key id="929133">DOCS-13030</key>
            <summary>clusterMonitor role user is not able to fetch collections from db</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="12300">Won&apos;t Do</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="rmahor06@gmail.com">rahul mahor</reporter>
                        <labels>
                            <label>docs-investigating</label>
                    </labels>
                <created>Mon, 16 Sep 2019 13:40:12 +0000</created>
                <updated>Mon, 30 Oct 2023 20:34:53 +0000</updated>
                                            <version>3.6.6</version>
                                    <fixVersion>Server_Docs_20231030</fixVersion>
                                    <component>Server</component>
                        <due></due>
                            <votes>0</votes>
                                    <watches>5</watches>
                                                                                                                <comments>
                            <comment id="4940430" author="edu.bot" created="Mon, 31 Oct 2022 16:05:16 +0000"  >&lt;p&gt;Hello! This ticket has been closed due to inactivity. If you believe this ticket is still important, please reopen it and leave a comment to explain why. Thank you!&lt;/p&gt;</comment>
                            <comment id="2423929" author="rmahor06@gmail.com" created="Wed, 18 Sep 2019 07:00:41 +0000"  >&lt;p&gt;Hi ,&#160;&lt;/p&gt;

&lt;p&gt;thanks for your response.&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;Command run on 3.6.3&lt;/p&gt;

&lt;p&gt;&lt;b&gt;show collections&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;2019-09-18T12:27:13.630+0530 E QUERY&#160; &#160; &lt;span class=&quot;error&quot;&gt;&amp;#91;thread1&amp;#93;&lt;/span&gt; &lt;b&gt;&lt;ins&gt;&lt;font color=&quot;#0747a6&quot;&gt;Error: listCollections failed: { &quot;ok&quot; : 0, &quot;errmsg&quot; : &quot;not authorized on test to execute command { listCollections: 1.0&lt;/font&gt;&lt;/ins&gt;&lt;/b&gt;, filter: {}, lsid: { id: UUID(\&quot;107efc5d-3d56-4944-b284-e3c678f40893\&quot;) }, $db: \&quot;test\&quot; }&quot;, &quot;code&quot; : 13, &quot;codeName&quot; : &quot;Unauthorized&quot;} :_getErrorWithCode@src/mongo/shell/utils.js:25:13DB.prototype._getCollectionInfosCommand@src/mongo/shell/db.js:941:1DB.prototype.getCollectionInfos@src/mongo/shell/db.js:953:19DB.prototype.getCollectionNames@src/mongo/shell/db.js:964:16shellHelper.show@src/mongo/shell/utils.js:853:9shellHelper@src/mongo/shell/utils.js:750:15@(shellhelp2):1:1&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;User :&#160;&lt;/p&gt;

&lt;p&gt;{{ &quot;_id&quot; : &quot;test.user_cluster&quot;, &quot;user&quot; : &quot;user_cluster&quot;, &quot;db&quot; : &quot;test&quot;, &quot;roles&quot; : [ &lt;/p&gt;
{ &quot;role&quot; : &quot;clusterMonitor&quot;, &quot;db&quot; : &quot;admin&quot; }
&lt;p&gt; ]}&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;With same user , same command run on 4.2 : there is no problem and all collections , I am able to fetch.&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;</comment>
                            <comment id="2421402" author="ravind.kumar" created="Mon, 16 Sep 2019 14:30:49 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=rmahor06%40gmail.com&quot; class=&quot;user-hover&quot; rel=&quot;rmahor06@gmail.com&quot;&gt;rmahor06@gmail.com&lt;/a&gt; copying in your feedback from another ticket:&lt;/p&gt;
&lt;blockquote&gt;&lt;p&gt;in mongodb, clusterMonitor role has the access to find all the collections in all the databases. &lt;br/&gt;
 but when I installed mongodb 3.6.3 , I am getting unauthorise error .&lt;br/&gt;
 User with the same role in mongodb 4.0.2 is able to find all the collection in db.&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;I think the behavior you are seeing is likely due to changes introduced in &lt;a href=&quot;https://docs.mongodb.com/manual/reference/command/listCollections/#required-access&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;MongoDB 4.0&lt;/a&gt; that allow &lt;tt&gt;listCollections&lt;/tt&gt; to work if specified with certain options. The &lt;a href=&quot;https://docs.mongodb.com/manual/release-notes/4.0/#id20&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;release notes&lt;/a&gt; also reference this, though its not really straightforward to parse.&lt;/p&gt;

&lt;p&gt;Can you verify the exact command you are specifying in 4.0/3.6, as well as whether the user you are authenticating as has any additional roles or privileges attached to it? &lt;/p&gt;

&lt;p&gt;If this is a case of the 4.0 behavior not being clear, I think we can make some tweaks to better call out the new behavior. If there&apos;s something else going on, however, I would strongly recommend starting with our &lt;a href=&quot;https://groups.google.com/forum/#!forum/mongodb-user&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Community Support Forum&lt;/a&gt;. Potential documentation updates would depend on the outcome of discussions on that forum.&lt;/p&gt;

&lt;p&gt;As a general note, the &lt;a href=&quot;https://docs.mongodb.com/manual/reference/built-in-roles/#clusterMonitor&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&lt;tt&gt;clusterMonitor&lt;/tt&gt;&lt;/a&gt; role states that it provides read-only access to monitoring tools. That does not necessarily mean read-access to all databases, collections, and documents. Looking at the privilege list, it specifically lists databases, and can list collections for certain system or local collections. If you need explicit all-database access, please use one of the &lt;a href=&quot;https://docs.mongodb.com/manual/reference/built-in-roles/#all-database-roles&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;built-in all-database roles&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Mon, 16 Sep 2019 14:30:49 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        1 year, 14 weeks, 2 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>DOCSP-1769</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>false</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>emet.ozar@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            1 year, 14 weeks, 2 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>edu.bot</customfieldvalue>
            <customfieldvalue>rmahor06@gmail.com</customfieldvalue>
            <customfieldvalue>ravind.kumar</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hvqm3j:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hvf9mf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hvq8cv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>