Details
Description
Use case is taken from MB-50451
Suppose a user has only Read permissions on a collection for KV operations.Any insert/Update/Remove would fail.But if this user has QUERY permissions i.e query_insert, query_update etc.Any KV ops after a query stmt will succeed.
transactions.run((ctx) -> {
|
// These KV operations will obey the user's KV RBAC permissions. |
ctx.insert(...);
|
ctx.get(...);
|
ctx.replace(...);
|
ctx.remove(...);
|
// Enter query-mode. |
ctx.query(...);
|
// These KV operations will be allowed regardless of the user's KV RBACs. |
ctx.insert(...);
|
ctx.get(...);
|
ctx.replace(...);
|
ctx.remove(...);
|
});
|
Attachments
Issue Links
- is parent task of
-
DOC-9831 Admonition in SDK txn pages
- Resolved
- links to
For Gerrit Dashboard: DOC-9642 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
172664,16 | Remove ThreadSafetyRBACTest since they are not valid anymore due to DOC-9848 and DOC-9642, | master | transactions-fit-performer | Status: MERGED | +2 | +1 |