This is to aid mixed-version operation during upgrade.
Now that we update mongods before mongoses, we can run into a problem where a user goes to authenticated to an old mongos, the mongos goes to load the privileges for that user from a new config server mongod, and then the mongos sees actions it doesn't recognize. This currently causes mongos to completely ignore any privileges with actions it doesn't recognize, which could leave the user logged in but missing many of the privileges they expect to see.
- is related to
-
SERVER-21561 Remove privilege redaction added for backwards compatility
- Closed
-
SERVER-21567 Add unit test for mongos ignoring unrecognized actions when parsing user privileges
- Closed
- related to
-
SERVER-21486 successful authentication does not give full privilege with 3.0 mongos and 3.2 mongod
- Closed
-
SERVER-29050 Create upgrade/downgrade mechanism for adding and removing ActionTypes
- Backlog