Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-78575

Use wildcard databases in user role privileges (like collections)

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Minor - P4 Minor - P4
    • None
    • Affects Version/s: 4.4.7
    • Component/s: None
    • None
    • Environment:
      rhel 7-8
    • ALL

      SERVER-48632{}

      db.createRole(
         {
           role: "manageCustomDatabases",
           privileges: [
             { resource: { db: "custom*", collection: "custom.*" }, actions: [ "find", "update", "insert", "remove" ] }
           ],
           ...
         }
      )
      

      It would be great to be able to use wildcard databases when creating privileges for user roles.
      both for the creation of new databases and the management of the existing.

      We needs to be able to create roles that enable multitenant architecture.
      For exemple, in order to create dynamicaly databases per tenant and per microservices.

      We have for exemple 2 microservices: microservice1 et microservice2
      and 2 tenant: tenant 1 and tenant 2.
      And we want to create RoleMicroservice1 and RoleMicroservice2

      db.createRole(
         {
           role: "RoleMicroservice1",
           privileges: [
             { resource: { db: "*-microservice1", collection: ".*" }, actions: [ "find", "update", "insert", "remove" ] }
           ],
           ...
         }
      )
      

      This would make it easier for administrators to manage permissions for all databases but enables our developers to create dynamicaly databases without impact on other microservices databases.

            Assignee:
            Unassigned Unassigned
            Reporter:
            tpoujol@softwaymedical.fr Teddy poujol
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: