Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11522

grantRolesToRole says it's granting read@admin when not requested to

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.5.4
    • Affects Version/s: None
    • Component/s: None
    • ALL

      I'm trying to add one role to role75אω, and that one role is
      role76ऊ@roledb72א. But when I look at the audit log, I see that it also has
      evidently been granted read@admin.

      Here's some of my code:

              self.roles = [ {"role": self.other_role, "db": n['db2']}]
              utili.printf(u"Now I wish to grantRolesToRole, giving {0.role} the roles {0.roles}", self)
              database.command("grantRolesToRole", value=self.role, grantedRoles = self.roles)
              self.keys = ["role", "db", "roles"]
              rolling = u", ".join([u"{0}@{1}".format(x['role'], x['db']) for x in self.roles])
              utili.printf(u"rolling = {0}", rolling)
      

      And here's the related output:

      Now I wish to grantRolesToRole, giving role75אω the roles [{'db': u'roledb72\u05d0', 'role': u'role76\u090a'}]
      rolling = role76ऊ@roledb72א
      

      And here's the audit log:

      2013-11-01T11:25:15.220-0400 admin@admin 127.0.0.1:44074/127.0.0.1:27017 Created role role75אω@roledb72א with the roles: read@admin and the privileges, { resource: { db: "roledb72א", collection: "thrip" }, actions: [ "createUser", "dropUser" ] }.
      2013-11-01T11:25:15.222-0400 admin@admin 127.0.0.1:44074/127.0.0.1:27017 Created role role76ऊ@roledb72א with the roles and the privileges.
      2013-11-01T11:25:15.224-0400 admin@admin 127.0.0.1:44074/127.0.0.1:27017 Granted to role role75אω@roledb72א the roles: read@admin, role76ऊ@roledb72א.
      

            Assignee:
            spencer@mongodb.com Spencer Brody (Inactive)
            Reporter:
            bard.bloom@10gen.com bard.bloom@10gen.com
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: