1. Start mongod with --auth
2. There are two scripts a setup.js that needs to be run only once. And a repro.js script that can be run many times.
//////////////
Setup.js
////////////////////
function createTestRoleAndUser(db, roleName, privs) {
const admin = db.getSiblingDB("admin");
assert.commandWorked(admin.runCommand(
{createRole: roleName, roles: [], privileges: privs}
));
const userName = "user|" + roleName;
assert.commandWorked(
db.runCommand({createUser: userName, pwd: "pwd", roles: [
{role: roleName, db: "admin"}
]}));
}
const dbName = "list_collections_own_collections";
const admin = db.getSiblingDB("admin");
assert.commandWorked(admin.runCommand(
{createUser: "root", pwd: "root", roles: ["root"]}
));
assert(admin.auth("root", "root"));
const db2 = db.getSiblingDB(dbName);
createTestRoleAndUser(db2, "roleWithExactNamespacePrivilegesBuckets", [
{resource:
{db: dbName, collection: "foo"}
, actions: ["find"]},
]);
// Create the collection and view used by the tests.
assert.commandWorked(db2.dropDatabase());
assert.commandWorked(db2.createCollection("foo", {timeseries: {timeField: "date"}}));
///////////////////
Repro.js
//////////////
const userName = "user|roleWithExactNamespacePrivilegesBuckets";
const dbName = "list_collections_own_collections";
const db2 = db.getSiblingDB(dbName);
const admin = db.getSiblingDB("admin");
assert(db2.auth(userName, "pwd"));
let res = db2.runCommand(
{listCollections: 1, nameOnly: true, authorizedCollections: true}
);
assert.commandWorked(res);
print(tojson(res));
// Bug is that res is empty, it should have the foo collection.