-
Type: Improvement
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Replication, Security
-
Minor Change
-
Platforms 2016-09-19, Platforms 2016-10-10
-
(copied to CRM)
Currently, applyOps requires that the authenticated user has the ability to perform any operation on the system. However, applying an individual op may not require such extensive privileges. If the authenticated user has the ability to perform some operations, like inserting documents to a particular collection, they should be able to perform the same actions use applyOps.
- duplicates
-
SERVER-19191 "restore" role does not have applyOps permissions on servers using a keyFile
- Closed
- is related to
-
SERVER-19768 Failed applyOps command does not create an oplog entry even with some successful writes
- Closed
- related to
-
SERVER-53674 Do not run applyOps commands in the fuzzer
- Closed
-
SERVER-36263 Bypassing operation validation in applyOps should require special privilege
- Closed