<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 02:56:04 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-1105] access control per collection</title>
                <link>https://jira.mongodb.org/browse/SERVER-1105</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;I recently started using mongodb in depth and I was surprised to find that this does not have an access control per collection. from the security point of view this point is of great importance and is an impediment to migrate from sql to nosql in production. I really believe that this feature should be included as soon as possible or at least have a higher priority.&lt;/p&gt;

&lt;p&gt;thank you very much&lt;/p&gt;</description>
                <environment></environment>
        <key id="11936">SERVER-1105</key>
            <summary>access control per collection</summary>
                <type id="2" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14711&amp;avatarType=issuetype">New Feature</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="schwerin@mongodb.com">Andy Schwerin</assignee>
                                    <reporter username="derlok">derlok epsilon</reporter>
                        <labels>
                    </labels>
                <created>Sat, 8 May 2010 22:39:48 +0000</created>
                <updated>Fri, 30 Oct 2015 14:43:23 +0000</updated>
                            <resolved>Fri, 11 Oct 2013 15:14:23 +0000</resolved>
                                                    <fixVersion>2.5.3</fixVersion>
                                    <component>Security</component>
                                        <votes>61</votes>
                                    <watches>37</watches>
                                                                                                                <comments>
                            <comment id="439596" author="schwerin" created="Fri, 11 Oct 2013 15:14:23 +0000"  >&lt;p&gt;Documentation in conjunction with User Defined Roles (&lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-8580&quot; title=&quot;User defined roles&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-8580&quot;&gt;&lt;del&gt;SERVER-8580&lt;/del&gt;&lt;/a&gt;).&lt;/p&gt;</comment>
                            <comment id="432048" author="auto" created="Thu, 26 Sep 2013 20:55:12 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;andy10gen&apos;, u&apos;name&apos;: u&apos;Andy Schwerin&apos;, u&apos;email&apos;: u&apos;schwerin@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-1105&quot; title=&quot;access control per collection&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-1105&quot;&gt;&lt;del&gt;SERVER-1105&lt;/del&gt;&lt;/a&gt; Fix tool tests with auth.&lt;/p&gt;

&lt;p&gt;Once we&apos;ve created appropriate system roles for dump and restore, we can revisit&lt;br/&gt;
the choice in the test to assign the __system role to a restore user.  For now,&lt;br/&gt;
it&apos;s the only way to do a restore with auth.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/74c0439725e525689f04ad64a906a824ec8dd49c&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/74c0439725e525689f04ad64a906a824ec8dd49c&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="431948" author="auto" created="Thu, 26 Sep 2013 18:35:04 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;andy10gen&apos;, u&apos;name&apos;: u&apos;Andy Schwerin&apos;, u&apos;email&apos;: u&apos;schwerin@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-1105&quot; title=&quot;access control per collection&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-1105&quot;&gt;&lt;del&gt;SERVER-1105&lt;/del&gt;&lt;/a&gt; Update AuthorizationSession&apos;s logic for collection-level access control.&lt;/p&gt;

&lt;p&gt;Also requires changing the privileges of the built-in roles.  This patch takes the opportunity to remove the 2.2-style read-only roles in favor of the 2.4-style &quot;read&quot; and &quot;readAnyDatabase&quot; roles, and renames the 2.2-style read-write roles &quot;dbOwner&quot; and &quot;root&quot;.  The &quot;root&quot; name, at least, is subject to change prior to the next unstable release.&lt;/p&gt;

&lt;p&gt;Test harnesses are updated as needed to use the correct builtin roles.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/3bc344db791e74f378880fd4ccd2ea045ba238f9&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/3bc344db791e74f378880fd4ccd2ea045ba238f9&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="430009" author="auto" created="Mon, 23 Sep 2013 21:10:31 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;andy10gen&apos;, u&apos;name&apos;: u&apos;Andy Schwerin&apos;, u&apos;email&apos;: u&apos;schwerin@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-1105&quot; title=&quot;access control per collection&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-1105&quot;&gt;&lt;del&gt;SERVER-1105&lt;/del&gt;&lt;/a&gt; Fix logical error in authorization_session_test.cpp.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/e9e6effc6bdd4e1e64baff266fb93515367e9db7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/e9e6effc6bdd4e1e64baff266fb93515367e9db7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="429971" author="auto" created="Mon, 23 Sep 2013 20:20:38 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;andy10gen&apos;, u&apos;name&apos;: u&apos;Andy Schwerin&apos;, u&apos;email&apos;: u&apos;schwerin@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-1105&quot; title=&quot;access control per collection&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-1105&quot;&gt;&lt;del&gt;SERVER-1105&lt;/del&gt;&lt;/a&gt; Use ResourcePattern type when identifying the resource component of required privileges.&lt;/p&gt;

&lt;p&gt;This patch has two principal components.  First, it changes the interface to Privilege and&lt;br/&gt;
AuthorizationSession to use ResourcePattern in place of std::string for identifying resources.&lt;br/&gt;
Second, it examines all call sites of the authorization session interface in commands and&lt;br/&gt;
other code to ensure that the correct resource requirements are conveyed to the authorization_session.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/a7f7c028c4cdda1ab0939c6c7788bb39bd94cc5f&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/a7f7c028c4cdda1ab0939c6c7788bb39bd94cc5f&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="429300" author="auto" created="Fri, 20 Sep 2013 21:03:18 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;andy10gen&apos;, u&apos;name&apos;: u&apos;Andy Schwerin&apos;, u&apos;email&apos;: u&apos;schwerin@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-1105&quot; title=&quot;access control per collection&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-1105&quot;&gt;&lt;del&gt;SERVER-1105&lt;/del&gt;&lt;/a&gt; Introduce ResourcePattern type, for matching against resources in access control checks.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/508b3bbaf866eb3ac4eaa5e415da25a29ad0fc58&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/508b3bbaf866eb3ac4eaa5e415da25a29ad0fc58&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="429199" author="auto" created="Fri, 20 Sep 2013 18:33:55 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;andy10gen&apos;, u&apos;name&apos;: u&apos;Andy Schwerin&apos;, u&apos;email&apos;: u&apos;schwerin@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-1105&quot; title=&quot;access control per collection&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-1105&quot;&gt;&lt;del&gt;SERVER-1105&lt;/del&gt;&lt;/a&gt; Do not test role-&amp;gt;privilege mappings in authorization_manager_test.&lt;/p&gt;

&lt;p&gt;Also, beef up privilege_document_parser_test, instead of testing role parsing in&lt;br/&gt;
authorization_manager_test.&lt;/p&gt;

&lt;p&gt;The role-&amp;gt;privilege mapping belongs to the RoleGraph, and the authorization of actions&lt;br/&gt;
to the AuthorizationSession.  Actual parsing belongs in privilege_document_parser_test.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/13e8f783b5f1fa695514158e0a8fbd7ba9be48f6&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/13e8f783b5f1fa695514158e0a8fbd7ba9be48f6&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="388347" author="dan@10gen.com" created="Thu, 25 Jul 2013 03:44:43 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=justanyone&quot; class=&quot;user-hover&quot; rel=&quot;justanyone&quot;&gt;justanyone&lt;/a&gt;, as indicated by the fixVersion of 2.5.2, per-collection access control is also planned for the 2.6 release along with some other nice security enhancements like user-defined roles (&lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-8580&quot; title=&quot;User defined roles&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-8580&quot;&gt;&lt;del&gt;SERVER-8580&lt;/del&gt;&lt;/a&gt;).&lt;/p&gt;</comment>
                            <comment id="384681" author="noobcodeur" created="Fri, 19 Jul 2013 14:07:54 +0000"  >&lt;p&gt;Good to hear that Dan.&lt;br/&gt;
@Kevin : if you have field level perms, it means that you can have higher level perms quite easily as well I believe.&lt;/p&gt;</comment>
                            <comment id="384676" author="justanyone" created="Fri, 19 Jul 2013 13:59:58 +0000"  >&lt;p&gt;1.  Let&apos;s solve basic problems before moving on to advanced features like permissions per field.  &lt;/p&gt;

&lt;p&gt;2.  None/Read-only/Read-Write perms per database is a basic feature, methinks.&lt;/p&gt;

&lt;p&gt;3.  Per-Collection is next, that&apos;s table-level control, and it pretty basic as well.&lt;/p&gt;

&lt;p&gt;4.  Field level seems pretty advanced to me.  Yes, Oracle has it (and probably all the majors - DB2, Sybase, Postgres, etc.).  But, see #1 above.&lt;/p&gt;

&lt;p&gt;Notes from the &apos;competition&apos; (Oracle docs):&lt;/p&gt;

&lt;p&gt;&quot;You can grant privileges to use the DELETE, INSERT, SELECT, and UPDATE DML operations on a table or view. Grant these privileges only to users and roles that need to query or manipulate data in a table.&lt;/p&gt;

&lt;p&gt;You can restrict INSERT and UPDATE privileges for a table to specific columns of the table. With selective INSERT, a privileged user can insert a row with values for the selected columns. All other columns receive NULL or the default value of the column. With selective UPDATE, a user can update only specific column values of a row. Selective INSERT and UPDATE privileges are used to restrict user access to sensitive data.&lt;/p&gt;

&lt;p&gt;For example, if you do not want data entry users to alter the salary column of the employees table, then selective INSERT or UPDATE privileges can be granted that exclude the salary column. Alternatively, a view that excludes the salary column could satisfy this need for additional security.&quot;&lt;/p&gt;</comment>
                            <comment id="383949" author="dan@10gen.com" created="Thu, 18 Jul 2013 13:24:50 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=noobcodeur&quot; class=&quot;user-hover&quot; rel=&quot;noobcodeur&quot;&gt;noobcodeur&lt;/a&gt;, we are planning on adding a feature to the aggregation framework in 2.6 (&lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-8582&quot; title=&quot;Extend document expression language in aggregation to support advanced document filtering.&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-8582&quot;&gt;&lt;del&gt;SERVER-8582&lt;/del&gt;&lt;/a&gt;) which will allow some field-level access control functionality when querying the database.&lt;/p&gt;</comment>
                            <comment id="383867" author="noobcodeur" created="Thu, 18 Jul 2013 09:08:41 +0000"  >&lt;p&gt;Yes, for writes... but it&apos;s not flexible enough.. in a general fashion I might want to send only the readable fields from the dB object as JSON response without much intricacies for instance. read access restrictions at the field level would facilitate that without much hassle. And I think it would be faster if implemented as an option for instance than if done at the application level.&lt;/p&gt;</comment>
                            <comment id="382888" author="artem" created="Wed, 17 Jul 2013 05:38:19 +0000"  >&lt;p&gt;@Tahir I think you can do that at application level. You can check field by $exists operator. If not exists then write, otherwise don&apos;t&lt;/p&gt;</comment>
                            <comment id="382503" author="noobcodeur" created="Tue, 16 Jul 2013 21:07:03 +0000"  >&lt;p&gt;@Artem yes that is what I was thinking about.&lt;/p&gt;</comment>
                            <comment id="382316" author="artem" created="Tue, 16 Jul 2013 17:46:19 +0000"  >&lt;p&gt;@Tahir maybe you want read-only field? I mean to be possible write once.&lt;/p&gt;</comment>
                            <comment id="381964" author="noobcodeur" created="Tue, 16 Jul 2013 08:57:46 +0000"  >&lt;p&gt;I don&apos;t. And I meant it as an option. Just like you would not index every field. Someone might want to restrict access to a particular field. But honestly I don&apos;t know what it would imply in terms of performance. Do you ?&lt;/p&gt;</comment>
                            <comment id="381931" author="nodex" created="Tue, 16 Jul 2013 07:42:39 +0000"  >&lt;p&gt;@Tahir: Field level is the MOST idiotic idea ever, do you know how much performance the DB would lose to achieve that?&lt;/p&gt;</comment>
                            <comment id="381575" author="noobcodeur" created="Mon, 15 Jul 2013 20:10:50 +0000"  >&lt;p&gt;Why restrict to collection level ? I would like to be even more granular, field level.&lt;/p&gt;</comment>
                            <comment id="239507" author="derlok" created="Mon, 14 Jan 2013 17:55:42 +0000"  >&lt;p&gt;Esto es vergonzoso. 3 a&#241;os y un pedido de seguridad importante sigue sin tener respuesta. Esta claro que esta soluci&#243;n no esta preparada para ambiente productivos serios.&lt;/p&gt;

&lt;p&gt;gracias por nada.&lt;/p&gt;</comment>
                            <comment id="217485" author="1badninja" created="Mon, 17 Dec 2012 18:33:09 +0000"  >&lt;p&gt;Sounds like database-level access control is not granular enough.  I&apos;m in the same boat.  +1  &lt;/p&gt;

&lt;p&gt;Also, prioritizing on # of votes is not a good metric to use to drive your release cycles.  &lt;/p&gt;

&lt;p&gt;Instead, you should talk about it internally and see if it makes sense as a business strategy.  If the answer is no, then that&apos;s fine - just tell us that and we&apos;ll look at other solutions.  However, relying on a magical number to be hit before starting a discussion doesn&apos;t take in account the number of people who want the feature and didn&apos;t vote (for whatever reason - maybe they don&apos;t want to create a login, etc.), and the other way around - it may falsely represent a large number of requests if someone is determined to create a bunch of different logins and masquerade as different users to get what they want.&lt;/p&gt;

&lt;p&gt;Thx.&lt;/p&gt;</comment>
                            <comment id="143250" author="epic720" created="Mon, 16 Jul 2012 15:37:32 +0000"  >&lt;p&gt;Jumping in on the conversation here:&lt;/p&gt;

&lt;p&gt;I have started a project that hinges on micro level security for users and really need options with Mongo in order to implement it. Being able to set security on stored javascript, collections, and fields would allow me to move my project further with Mongo. Until then, I can&apos;t use it like I need to.&lt;/p&gt;</comment>
                            <comment id="123889" author="sking" created="Tue, 29 May 2012 15:24:56 +0000"  >&lt;p&gt;I have a startup which focuses on secure messaging from within social networks in which I added the per collection role base access control. But I haven&apos;t had the time to have it reviewed and check back to the source, I hope to find some time to give it back that next month. &lt;/p&gt;</comment>
                            <comment id="123723" author="derlok" created="Tue, 29 May 2012 01:41:26 +0000"  >&lt;p&gt;C&apos;mon guys, when are you going to consider this request?&lt;/p&gt;</comment>
                            <comment id="92166" author="davidhoyt" created="Sat, 25 Feb 2012 00:11:23 +0000"  >&lt;p&gt;+1 to what everyone else has said.&lt;/p&gt;</comment>
                            <comment id="87087" author="eliot" created="Thu, 9 Feb 2012 21:58:46 +0000"  >&lt;p&gt;read vs read/write per database exists today.&lt;br/&gt;
this is ticket is specifically for per collection&lt;/p&gt;</comment>
                            <comment id="87045" author="jrista" created="Thu, 9 Feb 2012 20:04:25 +0000"  >&lt;p&gt;My team has recently started using MongoDB. The issue of security did not enter our minds until we started to run our projects through QA, who wanted direct query access to validate data. I think its essential to security and reliability of data that ACL&apos;s be added per-database and per-collection, with the ability to restrict access to read-only, read/write, read/write/delete, etc. A fine grain of control will greatly expand the viability of MondoDB in the enterprise.&lt;/p&gt;</comment>
                            <comment id="79349" author="acm" created="Thu, 12 Jan 2012 16:13:30 +0000"  >&lt;p&gt;My team as well would like per-database / per-collection level ACLs. We have separate project teams that handle sensitive data, and we would like to be able to ensure that different teams cannot view or delete each others data on a shared mongodb installation. Creating multiple independent mongodb installations is not realistic.&lt;/p&gt;

</comment>
                            <comment id="75631" author="visualq" created="Fri, 23 Dec 2011 10:38:24 +0000"  >&lt;p&gt;As a webdevelopment company we developed a CMS which has MongoDB as it&apos;s main DB. Now serving a lot of website it&apos;s unfeasible to use the same username and password to authenticate with the db.&lt;/p&gt;

&lt;p&gt;I really hope this feature passes.&lt;/p&gt;</comment>
                            <comment id="64184" author="jit" created="Wed, 2 Nov 2011 13:50:55 +0000"  >&lt;p&gt;Kindly implement this feature as soon as you can because its very important for security-critical use cases. Since a model based on one db per user will unnecessarily waste space in preallocation..&lt;/p&gt;

&lt;p&gt;I&apos;m working on a system where the data stored by users shud not be accessible to developers and admins. currently using a single db with a single user, but to implement the security requirement we need a user-to-collection authentication framework... &lt;/p&gt;

&lt;p&gt;Thanks &lt;/p&gt;</comment>
                            <comment id="54808" author="kursion" created="Fri, 16 Sep 2011 18:26:40 +0000"  >&lt;p&gt;Yeah that would be nice. Imagine you have multiple websites on ONE server... you actually need to run multiple instance of Mongo to separate every architecture.&lt;/p&gt;

&lt;p&gt;Would be nice to have some &quot;folder&quot; where you put every db that are link to a website (with an access/permissions for it).&lt;/p&gt;

&lt;p&gt;MySQL does for example but it&apos;s not noSQL &lt;img class=&quot;emoticon&quot; src=&quot;https://jira.mongodb.org/images/icons/emoticons/sad.png&quot; height=&quot;16&quot; width=&quot;16&quot; align=&quot;absmiddle&quot; alt=&quot;&quot; border=&quot;0&quot;/&gt;&lt;/p&gt;</comment>
                            <comment id="31317" author="sentientmatter" created="Fri, 6 May 2011 01:38:27 +0000"  >&lt;p&gt;This feature would be extremely useful and I think it&apos;s a must have for many companies before they get behind Mongo. &lt;/p&gt;</comment>
                            <comment id="16140" author="makergooder" created="Mon, 26 Jul 2010 12:03:49 +0000"  >&lt;p&gt;Lack of highly granular access controls will limit adoption.  We were hoping to use MongoDB, but as a minimum would need multiple roles (e.g. public, authenticated user, system, logging, administrator) so we could partition access to the data based on what we know about the user.  These roles would then have different abilities to add, edit, delete data in various collections.&lt;/p&gt;</comment>
                            <comment id="15400" author="zippy1981" created="Mon, 5 Jul 2010 12:37:08 +0000"  >&lt;p&gt;@shimon,&lt;/p&gt;

&lt;p&gt;Your suggestions are good, but probably belong in a separate ticket.&lt;/p&gt;</comment>
                            <comment id="15398" author="shimondoodkin" created="Mon, 5 Jul 2010 12:08:34 +0000"  >&lt;p&gt;i want to give paritial access to the data in a table&lt;/p&gt;

&lt;p&gt;like let read only with a query of  owner_user=i_define_it_ statically_or_dynamically _on_logon_or_else&lt;br/&gt;
like add auto where restrictions to queries per user &lt;br/&gt;
defined by a javascript function&lt;/p&gt;

&lt;p&gt;or another model is to make a permissions function per user that will check every query and return ok or kind of like this.&lt;/p&gt;

&lt;p&gt;or define a structure of restrictions some of them static some of them dynamic-  function&lt;br/&gt;
like:&lt;/p&gt;

&lt;p&gt;settings={&lt;br/&gt;
 collections:&lt;br/&gt;
 {&lt;br/&gt;
  my_list:&lt;/p&gt;
{userid:[&apos;==&apos;,ObjectID(12341abcfda0000000000da2)]}
&lt;p&gt;,&lt;br/&gt;
  my_other_list:&lt;/p&gt;
{userid:[&apos;!=&apos;,ObjectID(12341abcfda0000000000da2)]}
&lt;p&gt;,&lt;br/&gt;
  my_third_list:{userid:[&apos;bool&apos;,function(collection,col,user,op,where)&lt;/p&gt;
{ if(where[&apos;userid&apos;]) return true else return false}
&lt;p&gt;]},&lt;br/&gt;
  my_4th_list:{function match(data)&lt;/p&gt;
{return data[&apos;col&apos;]?true:false;}
&lt;p&gt;:[&apos;onupdate&apos;,function(collection,col,user,op,where,data)&lt;/p&gt;
{ if(data[&apos;userid&apos;]==false) return false; else return true}
&lt;p&gt;]},&lt;br/&gt;
  my_4th_list:{&apos;&apos;:[&apos;onupdate&apos;,function(collection,col,user,op,where,data)&lt;/p&gt;
{ if(date[itemid]=db.collections.items.findOne(&apos;userid&apos;).exists) return true; else return false }
&lt;p&gt;]},&lt;br/&gt;
 }&lt;br/&gt;
 commands: { delete:true, update:function(user) &lt;/p&gt;
{return user.name.indexOf(&apos;admin&apos;)}
&lt;p&gt; }  }&lt;br/&gt;
}&lt;/p&gt;

&lt;p&gt;or a function that returns this and generates this dynamically.&lt;/p&gt;</comment>
                            <comment id="14134" author="derlok" created="Sun, 9 May 2010 10:17:10 +0000"  >&lt;p&gt;The ideal would add this feature to the existing mongodb&apos;s authentication . Currently we can define authorized users and giving them rw or read-only permissions. In my opinion, if this same feature gives us a higher level of specification, if we could defined write access or read-only users permission per collection this would allow to set users roles access for the proper segregation of duties.&lt;/p&gt;

&lt;p&gt;&lt;span class=&quot;error&quot;&gt;&amp;#91;sorry for my english&amp;#93;&lt;/span&gt;&lt;/p&gt;</comment>
                            <comment id="14132" author="zippy1981" created="Sat, 8 May 2010 23:04:10 +0000"  >&lt;p&gt;A more robust security model for mongo would make it useful for direct querying.&lt;/p&gt;

&lt;p&gt;This should be carefully planned before implementing. A few things to think about:&lt;/p&gt;

&lt;p&gt;What about stored javascript? In SQL server, if you have permission to execute a stored proc, but not the tables it manipulates, the stored proc will run. In postgres this is not the case, unless you explicitly declare a &quot;sudo user&quot; for the stored proc to run as. &lt;/p&gt;

&lt;p&gt;Since stored javascript is stored in a system collection, then it might make sense to add document level permissions. &lt;/p&gt;</comment>
                            <comment id="14131" author="eliot" created="Sat, 8 May 2010 22:42:43 +0000"  >&lt;p&gt;This is the first request we&apos;ve gotten for this.&lt;br/&gt;
We&apos;ll prioritize up based on # of votes.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="65353">SERVER-8580</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is depended on by">
                                        <issuelink>
            <issuekey id="68057">SERVER-8942</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                        <issuelink>
            <issuekey id="63618">SERVER-8372</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="65355">SERVER-8582</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="11338">SERVER-648</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>37.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10038"><![CDATA[Fully Compatible]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Sat, 8 May 2010 22:42:43 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        10 years, 18 weeks, 5 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[<s><a href='https://jira.mongodb.org/browse/SERVER-8580'>SERVER-8580</a></s>]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>false</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>andreas.nilsson</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            10 years, 18 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10000" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Old_Backport</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10000"><![CDATA[No]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>nodex</customfieldvalue>
            <customfieldvalue>andrew.morrow@mongodb.com</customfieldvalue>
            <customfieldvalue>schwerin@mongodb.com</customfieldvalue>
            <customfieldvalue>artem</customfieldvalue>
            <customfieldvalue>auto</customfieldvalue>
            <customfieldvalue>1badninja</customfieldvalue>
            <customfieldvalue>makergooder</customfieldvalue>
            <customfieldvalue>dan@mongodb.com</customfieldvalue>
            <customfieldvalue>davidhoyt</customfieldvalue>
            <customfieldvalue>derlok</customfieldvalue>
            <customfieldvalue>eliot</customfieldvalue>
            <customfieldvalue>jrista</customfieldvalue>
            <customfieldvalue>zippy1981</customfieldvalue>
            <customfieldvalue>epic720</customfieldvalue>
            <customfieldvalue>justanyone</customfieldvalue>
            <customfieldvalue>kursion</customfieldvalue>
            <customfieldvalue>sentientmatter</customfieldvalue>
            <customfieldvalue>sking</customfieldvalue>
            <customfieldvalue>shimondoodkin</customfieldvalue>
            <customfieldvalue>jit</customfieldvalue>
            <customfieldvalue>noobcodeur</customfieldvalue>
            <customfieldvalue>visualq</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrpmkv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hric1j:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>20600</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrnlun:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>