For users that connect to an authentication-enabled database that are authorized to only certain namespaces, the mongo shell should look up the namespaces the user is authorized to (for example by using the connectionStatus command command)
and then, if they exist, show those namespaces to the user in shell helpers like "show dbs" or "show collections".
I suspect the fact that this is not baked into the shell's DNA today is a holdover from the fact that the shell was originally built when mongodb did not use auth by default...
We should first investigate implementing showCollections properly in the server and backporting it all the way to 3.2. If this doesn't work, we should modify the shell helpers to appear to have the correct behavior.
- is depended on by
-
COMPASS-2245 As a user with limited permissions (read-only on a specific collection) I want to view which collections I have access to and specify the collection to access when providing my connection details
- Closed
-
DRIVERS-1393 Support authorizedCollections option for listCollections helpers
- Implementing
-
SERVER-40736 Test collection name autocompletion for users without listCollections privilege
- Closed
- is duplicated by
-
SERVER-25804 The listCollections command does not take the user's permissions into account
- Closed
- is related to
-
SERVER-35638 Shell auto-completion blocks when listCollection is waiting for locks
- Closed
-
SERVER-38867 "show collections" no longer lists system.* collections
- Closed
-
SERVER-36262 mongo shell: allow users to show dbs (on <4.0 versions of the server) without the listDatabases privilege
- Closed
- related to
-
COMPASS-3389 Confusing behavior when connecting with user that has database-level permissions to Atlas cluster where the database does not exist
- Closed
-
DRIVERS-1393 Support authorizedCollections option for listCollections helpers
- Implementing