<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 03:20:00 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-9301] Mongo 2.4 User Privilege Roles unclear</title>
                <link>https://jira.mongodb.org/browse/SERVER-9301</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Hi,&lt;br/&gt;
What role is needed to show list of databases, or this is a bug?&lt;/p&gt;

&lt;p&gt;I granted the following roles&lt;/p&gt;

&lt;p&gt;{&lt;br/&gt;
	&quot;user&quot; : &quot;wfm_admin&quot;,&lt;br/&gt;
	&quot;pwd&quot; : &quot;28c345aae0e0c346e7f2e4a2f77d96&quot;,&lt;br/&gt;
	&quot;roles&quot; : [&lt;br/&gt;
		&quot;readAnyDatabase&quot;,&lt;br/&gt;
		&quot;userAdminAnyDatabase&quot;,&lt;br/&gt;
		&quot;dbAdminAnyDatabase&quot;&lt;br/&gt;
	],&lt;br/&gt;
	&quot;_id&quot; : ObjectId(&quot;51644586994702cc60d084b2&quot;)&lt;br/&gt;
}&lt;/p&gt;

&lt;p&gt;But when connect as this user get the error&lt;/p&gt;

&lt;p&gt;&amp;gt; show dbs&lt;br/&gt;
Tue Apr  9 09:46:11.399 JavaScript execution failed: listDatabases failed:&lt;/p&gt;
{ &quot;ok&quot; : 0, &quot;errmsg&quot; : &quot;unauthorized&quot; }
&lt;p&gt; at src/mongo/shell/mongo.js:L46&lt;/p&gt;

&lt;p&gt;Thanks,&lt;br/&gt;
Edouard&lt;/p&gt;</description>
                <environment>Linux</environment>
        <key id="71243">SERVER-9301</key>
            <summary>Mongo 2.4 User Privilege Roles unclear</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="spencer@mongodb.com">Spencer Brody</assignee>
                                    <reporter username="eperov">Edouard Perov</reporter>
                        <labels>
                    </labels>
                <created>Tue, 9 Apr 2013 16:55:33 +0000</created>
                <updated>Wed, 10 Dec 2014 23:11:15 +0000</updated>
                            <resolved>Tue, 9 Apr 2013 17:13:07 +0000</resolved>
                                    <version>2.4.1</version>
                                                    <component>Admin</component>
                                        <votes>0</votes>
                                    <watches>5</watches>
                                                                                                                <comments>
                            <comment id="310682" author="eperov" created="Wed, 10 Apr 2013 23:00:01 +0000"  >&lt;p&gt;Please ignore, I found it out it is dbAdminAnyDatabase&lt;/p&gt;</comment>
                            <comment id="310678" author="eperov" created="Wed, 10 Apr 2013 22:49:29 +0000"  >&lt;p&gt;Hi,&lt;br/&gt;
What privilege is needed to see Profile in another database.&lt;br/&gt;
I am using the user originally created in &quot;admin&quot; database &lt;/p&gt;
{ &quot;_id&quot; : ObjectId(&quot;5164b462e325f6f8e8aeacea&quot;), &quot;user&quot; : &quot;wfm_admin&quot;, &quot;pwd&quot; : &quot;28c2c203aae0e0c134e7f2e4a2f77d96&quot;, &quot;roles&quot; : [ &quot;readAnyDatabase&quot;, &quot;userAdminAnyDatabase&quot;, &quot;clusterAdmin&quot;, &quot;dbAdmin&quot; ] }

&lt;p&gt;but it gets an error when connects to another database&lt;br/&gt;
wfm:PRIMARY&amp;gt; use wfm&lt;/p&gt;

&lt;p&gt;wfm:PRIMARY&amp;gt; show profile&lt;br/&gt;
Wed Apr 10 22:44:47.280 JavaScript execution failed: count failed: &lt;/p&gt;
{ &quot;ok&quot; : 0, &quot;errmsg&quot; : &quot;unauthorized&quot; }
&lt;p&gt; at src/mongo/shell/query.js:L180&lt;/p&gt;

&lt;p&gt;Thanks,&lt;br/&gt;
Edouard&lt;/p&gt;</comment>
                            <comment id="309532" author="spencer" created="Tue, 9 Apr 2013 17:42:39 +0000"  >&lt;p&gt;You&apos;re right, that message is a bit misleading.  I have filed this pull request against our documentation to clarify the function of the clusterAdmin roles: &lt;a href=&quot;https://github.com/mongodb/docs/pull/833&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/pull/833&lt;/a&gt;.  Hopefully that clears things up, thank you for the suggestion!&lt;/p&gt;</comment>
                            <comment id="309516" author="eperov" created="Tue, 9 Apr 2013 17:23:21 +0000"  >&lt;p&gt;Thanks you very much, it works.&lt;br/&gt;
Would you please clarify this somehow and list commands that require specific roles.&lt;br/&gt;
For example, the clusterAdmin role description does not say it anywhere,&lt;br/&gt;
the documentation says:&lt;br/&gt;
&quot;clusterAdmin grants access to several administration options replica set and sharded cluster administrative functions.&quot;&lt;br/&gt;
But, I tried this on a single instance server - No Replica, No Shards, so did not even think that the role might required.&lt;br/&gt;
I spent a couple of hours granting many combinations of roles, but except the one is needed.&lt;br/&gt;
Thanks,&lt;br/&gt;
Edouard&lt;/p&gt;</comment>
                            <comment id="309504" author="spencer" created="Tue, 9 Apr 2013 17:12:42 +0000"  >&lt;p&gt;The listDatabases command requires the &quot;clusterAdmin&quot; role.  You can see a full list of the roles supported in 2.4, as well as all the operations that are granted to each role, here: &lt;a href=&quot;http://docs.mongodb.org/manual/reference/user-privileges/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://docs.mongodb.org/manual/reference/user-privileges/&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 9 Apr 2013 17:12:42 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        10 years, 45 weeks ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>ramon.fernandez@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            10 years, 45 weeks ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10000" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Old_Backport</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10000"><![CDATA[No]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10032" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Operating System</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10026"><![CDATA[ALL]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>eperov</customfieldvalue>
            <customfieldvalue>spencer@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrmxm7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrn6jj:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>49001</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10750" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Steps To Reproduce</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>&lt;p&gt;Provided&lt;/p&gt;</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|ht034f:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>