<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 03:44:44 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-17513] Ability to define a global role that can be used in database context</title>
                <link>https://jira.mongodb.org/browse/SERVER-17513</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;The user should be able to define / create a global role that can be used in context of the users database. This would provide ability to create a globally shared role similar to built-in roles like readWrite, userAdmin etc.&lt;/p&gt;

&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;createRole &quot;myReadWrite&quot; (say under admin database) that specifies fine grained resource privileges without the database name (db = &quot;&quot;).&lt;/li&gt;
	&lt;li&gt;Ability to grant &quot;myReadWrite&quot; to a user under &quot;testA&quot; database, such that the myReadWrite privileges apply to the user in the context of the &quot;testA&quot; database only.&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;This would be analogous to how role management is done in most of the systems that provide this kind of control.&lt;/p&gt;</description>
                <environment></environment>
        <key id="188263">SERVER-17513</key>
            <summary>Ability to define a global role that can be used in database context</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="1" iconUrl="https://jira.mongodb.org/images/icons/statuses/open.png" description="">Open</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="backlog-server-security">Backlog - Security Team</assignee>
                                    <reporter username="anil.kumar">Anil Kumar</reporter>
                        <labels>
                    </labels>
                <created>Mon, 9 Mar 2015 15:36:32 +0000</created>
                <updated>Tue, 6 Dec 2022 04:55:02 +0000</updated>
                                                            <fixVersion>features we&amp;#39;re not sure of</fixVersion>
                                    <component>Security</component>
                                        <votes>2</votes>
                                    <watches>13</watches>
                                                                                                                <comments>
                            <comment id="2035587" author="tharf@allstate.com" created="Fri, 19 Oct 2018 00:36:36 +0000"  >&lt;p&gt;is this option still being considered? We have a lot of MongoDB environments and continue to grow. The User Access management functionality is not very scale-able. Please consider a user defined global role solution.&lt;/p&gt;</comment>
                            <comment id="1984096" author="fonger" created="Thu, 23 Aug 2018 18:03:44 +0000"  >&lt;p&gt;@Matt Lord, yes. I&apos;m relying on multi-tenant oriented design. However, I have to create the same role in each database.&lt;/p&gt;

&lt;p&gt;This role can perform read/write in the database only for existing collections.&lt;br/&gt;
 That is, this role can&apos;t create or drop an existing collection, but createIndex/dropIndex/find/insert/update/delete/aggregate operations on existing collections in this database are allowed.&lt;/p&gt;

&lt;p&gt;In conclusion, I want to define a global role like readWrite without create/dropCollection&lt;/p&gt;

&lt;p&gt;Do you know any workaround for this? Thanks for your reply!&lt;/p&gt;

&lt;p&gt;Q: I&apos;m new to JIRA, how can I use @mention correctly?&lt;/p&gt;</comment>
                            <comment id="1984089" author="matt.lord" created="Thu, 23 Aug 2018 17:51:32 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=fonger&quot; class=&quot;user-hover&quot; rel=&quot;fonger&quot;&gt;fonger&lt;/a&gt;, do you rely on the multi-tenant oriented design we have today where each database namespace is treated as an isolated context? Or would you be OK with a single shared global authentication context, where every role is global?&lt;/p&gt;

&lt;p&gt;Thank you for the input and feedback!&#160;&lt;/p&gt;</comment>
                            <comment id="1979681" author="fonger" created="Sun, 19 Aug 2018 12:41:01 +0000"  >&lt;p&gt;definitely need this feature.&lt;/p&gt;

&lt;p&gt;It&apos;s frustrating to create the same role in each database.&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;I want to define custom global role like &apos;readWrite&apos; works.&lt;/p&gt;</comment>
                            <comment id="860906" author="andreas.nilsson@10gen.com" created="Mon, 23 Mar 2015 15:25:56 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=aleksej.tr&quot; class=&quot;user-hover&quot; rel=&quot;aleksej.tr&quot;&gt;aleksej.tr&lt;/a&gt; I understand the request better now. We are currently gathering input for possible revisions to the access control system so this feedback is useful.&lt;/p&gt;

&lt;p&gt;Thank you,&lt;br/&gt;
Andreas&lt;/p&gt;</comment>
                            <comment id="851193" author="aleksej.trofimov@barclays.com" created="Fri, 13 Mar 2015 07:34:20 +0000"  >&lt;p&gt;Hi Andreas,&lt;br/&gt;
em.. no it would not be a role  template, but rather Role which could be assigned to any database in future without role modification. Since right now if you want to have user defined role &quot;SomeRole&quot;, you have 2 ways:&lt;br/&gt;
1) Define role in admin, with &quot;hardcoded&quot; definition of databases where privilege goes;&lt;br/&gt;
2) Define role in particular database;&lt;br/&gt;
And there is no way hot to define role &quot;SomeRole&quot; and then somewhere in the future you could assign it to &quot;newDatabase&quot; without role or database schema modification.&lt;/p&gt;</comment>
                            <comment id="850690" author="andreas.nilsson@10gen.com" created="Thu, 12 Mar 2015 19:25:38 +0000"  >&lt;p&gt;If I understand this correctly it would be more of a role template that could be used to create other roles. It&apos;s an interesting suggestion, we will keep it in the planning loop going forward.&lt;/p&gt;</comment>
                            <comment id="847322" author="aleksej.trofimov@barclays.com" created="Tue, 10 Mar 2015 07:43:45 +0000"  >&lt;p&gt;The feature described as we wanted it to be =) Thanks!&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>8.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_12751" key="com.atlassian.jira.plugin.system.customfieldtypes:multiselect">
                        <customfieldname>Assigned Teams</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="25129"><![CDATA[Server Security]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[500A000000UaY3DIAV, 500A000000cFoooIAC]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 10 Mar 2015 07:43:45 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        5 years, 16 weeks, 6 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>alexander.golin@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            5 years, 16 weeks, 6 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>aleksej.trofimov@barclays.com</customfieldvalue>
            <customfieldvalue>andreas.nilsson</customfieldvalue>
            <customfieldvalue>anil.kumar</customfieldvalue>
            <customfieldvalue>backlog-server-security</customfieldvalue>
            <customfieldvalue>fonger</customfieldvalue>
            <customfieldvalue>matt.lord</customfieldvalue>
            <customfieldvalue>tharf@allstate.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrlb5b:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hr9jev:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hsg7lz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>