<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 07:47:22 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DOCS-4176] moveChunk privilege applies to db/collection resource, not cluster</title>
                <link>https://jira.mongodb.org/browse/DOCS-4176</link>
                <project id="10380" key="DOCS">Documentation</project>
                    <description>&lt;p&gt;This page: &lt;a href=&quot;http://docs.mongodb.org/manual/reference/privilege-actions/#authr.moveChunk&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://docs.mongodb.org/manual/reference/privilege-actions/#authr.moveChunk&lt;/a&gt;&lt;br/&gt;
The &lt;tt&gt;moveChunk&lt;/tt&gt; privilege should be applied to the &lt;tt&gt;db&lt;/tt&gt; and &lt;tt&gt;collection&lt;/tt&gt; resources not &lt;tt&gt;cluster&lt;/tt&gt; resource.&lt;/p&gt;</description>
                <environment></environment>
        <key id="163458">DOCS-4176</key>
            <summary>moveChunk privilege applies to db/collection resource, not cluster</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="michael.paik">Michael Paik</assignee>
                                    <reporter username="andrew.ryder@mongodb.com">Andrew Ryder</reporter>
                        <labels>
                    </labels>
                <created>Tue, 14 Oct 2014 06:21:21 +0000</created>
                <updated>Mon, 16 Mar 2015 23:54:19 +0000</updated>
                            <resolved>Wed, 15 Oct 2014 16:13:11 +0000</resolved>
                                                    <fixVersion>v1.3.12</fixVersion>
                                    <component>manual</component>
                        <due></due>
                            <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="741804" author="xgen-internal-githook" created="Wed, 15 Oct 2014 16:06:50 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;mpaik&apos;, u&apos;name&apos;: u&apos;Michael Paik&apos;, u&apos;email&apos;: u&apos;michael.paik@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-4176&quot; title=&quot;moveChunk privilege applies to db/collection resource, not cluster&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-4176&quot;&gt;&lt;del&gt;DOCS-4176&lt;/del&gt;&lt;/a&gt; - fix moveChunk description&lt;/p&gt;

&lt;p&gt;Signed-off-by: Sam Kleinman &amp;lt;samk@10gen.com&amp;gt;&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/43b9e4756d80bab021f4b037c920fe76d0d85658&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/43b9e4756d80bab021f4b037c920fe76d0d85658&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="741780" author="spencer" created="Wed, 15 Oct 2014 15:48:10 +0000"  >&lt;p&gt;That is correct.  I do not believe the spreadsheet is being updated anymore, though perhaps someone else has been doing it.&lt;/p&gt;</comment>
                            <comment id="741778" author="andreas.nilsson@10gen.com" created="Wed, 15 Oct 2014 15:47:40 +0000"  >&lt;p&gt;The spreadsheet is not authoritative (the code is) but they should be in sync. &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=michael.paik&quot; class=&quot;user-hover&quot; rel=&quot;michael.paik&quot;&gt;michael.paik&lt;/a&gt; I added u as an editor. I made this particular change but feel free to edit any other issues identified.&lt;/p&gt;</comment>
                            <comment id="741769" author="michael.paik" created="Wed, 15 Oct 2014 15:43:37 +0000"  >&lt;p&gt;So just to be clear, moveChunk privilege is &lt;b&gt;not&lt;/b&gt; applied to the cluster resource, but to the collection or database resource, depending on whether the movePrimary or moveChunk operation is being called. If so, I&apos;ll make the relevant changes, but someone will need to update that Google spreadsheet (assuming it&apos;s even maintained).&lt;/p&gt;</comment>
                            <comment id="741750" author="spencer" created="Wed, 15 Oct 2014 15:33:25 +0000"  >&lt;p&gt;This was by design.  We can discuss whether we still agree with that design and if we want to change it, but the idea was that the moveChunk action is responsible for all ways one can move data within the cluster.&lt;/p&gt;</comment>
                            <comment id="741720" author="andreas.nilsson@10gen.com" created="Wed, 15 Oct 2014 15:10:09 +0000"  >&lt;p&gt;So here is how it works today:&lt;/p&gt;

&lt;p&gt;The movePrimary command requires moveChunk on the database&lt;br/&gt;
The moveChunk command requires moveChunk on the collection (or database)&lt;/p&gt;

&lt;p&gt;The clusterManager role gives moveChunk on the database and hence includes both commands above by default.&lt;/p&gt;

&lt;p&gt;I can&apos;t really tell if this is expected/desired, I will ask &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=spencer&quot; class=&quot;user-hover&quot; rel=&quot;spencer&quot;&gt;spencer&lt;/a&gt; to weigh in on that.&lt;/p&gt;</comment>
                            <comment id="741282" author="andrew.ryder@10gen.com" created="Wed, 15 Oct 2014 00:41:26 +0000"  >&lt;p&gt;Linda has noted that &lt;tt&gt;movePrimary&lt;/tt&gt; has no corresponding action, the command is ganged to the &lt;tt&gt;moveChunk&lt;/tt&gt; action. Thus, items 2 &amp;amp; 3 above are incorrect but should instead be read as a single item, thusly:&lt;/p&gt;

&lt;p&gt;&lt;tt&gt;clusterManager&lt;/tt&gt; does &lt;b&gt;not&lt;/b&gt; need to cover &lt;tt&gt;movePrimary&lt;/tt&gt; (because it isn&apos;t an action), but the definition of the &lt;tt&gt;moveChunk&lt;/tt&gt; action should specify that it applies to both &lt;tt&gt;moveChunk&lt;/tt&gt; and &lt;tt&gt;movePrimary&lt;/tt&gt; commands.&lt;/p&gt;</comment>
                            <comment id="741271" author="andrew.ryder@10gen.com" created="Wed, 15 Oct 2014 00:06:47 +0000"  >&lt;p&gt;Ok, testing here confirms that the resource required is &lt;tt&gt;db&lt;/tt&gt; and &lt;tt&gt;collection&lt;/tt&gt; for both &lt;tt&gt;movePrimary&lt;/tt&gt; and &lt;tt&gt;moveChunk&lt;/tt&gt;. So the documentation seems at least to be incorrect on &lt;tt&gt;moveChunk&lt;/tt&gt; and omits &lt;tt&gt;movePrimary&lt;/tt&gt; entirely. The google doc appears to be the source of the mistake.&lt;/p&gt;

&lt;p&gt;I think there are three documentation actions needed:&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;Modify the &lt;a href=&quot;http://docs.mongodb.org/manual/reference/privilege-actions/#authr.moveChunk&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&lt;tt&gt;moveChunk&lt;/tt&gt;&lt;/a&gt; reference to indicate it requires resource &lt;tt&gt;db&lt;/tt&gt; / &lt;tt&gt;collection&lt;/tt&gt; (&lt;b&gt;not&lt;/b&gt; &lt;tt&gt;cluster&lt;/tt&gt;).&lt;/li&gt;
	&lt;li&gt;Add to the &lt;a href=&quot;http://docs.mongodb.org/manual/reference/built-in-roles/#clusterManager&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&lt;tt&gt;clusterManager&lt;/tt&gt;&lt;/a&gt; built-in role that it grants &lt;tt&gt;movePrimary&lt;/tt&gt; access as well.&lt;/li&gt;
	&lt;li&gt;Add a privilege action that indicates &lt;tt&gt;movePrimary&lt;/tt&gt; and &lt;tt&gt;moveChunk&lt;/tt&gt; are the same privilege. Granting one, grants both.&lt;/li&gt;
&lt;/ol&gt;


&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=spencer&quot; class=&quot;user-hover&quot; rel=&quot;spencer&quot;&gt;spencer&lt;/a&gt; (most recent editor) and/or &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=andreas.nilsson%4010gen.com&quot; class=&quot;user-hover&quot; rel=&quot;andreas.nilsson@10gen.com&quot;&gt;andreas.nilsson@10gen.com&lt;/a&gt; (document owner) please check my outrageous claims above.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                                        </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>8.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 14 Oct 2014 14:51:43 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        9 years, 18 weeks ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>jess.mokrzecki@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            9 years, 18 weeks ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>andreas.nilsson</customfieldvalue>
            <customfieldvalue>andrew.ryder@mongodb.com</customfieldvalue>
            <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>michael.paik</customfieldvalue>
            <customfieldvalue>spencer@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrqr67:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hs31jr:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>142540</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hryqef:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>