Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-41765

Should have a "scope-admin" role in Cheshire Cat

    XMLWordPrintable

Details

    • 1

    Description

      We should add support for a "scope admin" role in CC.

      Details:

      • should be able to list collections in the scope
      • should be able to create/delete collections in the scope

      In addition the privilege to list collections in a scope should be granted to some other existing scope-level roles such as query_manage_index.

      Attachments

        Issue Links

          For Gerrit Dashboard: MB-41765
          # Subject Branch Project Status CR V

          Activity

            dfinlay Dave Finlay created issue -
            dfinlay Dave Finlay made changes -
            Field Original Value New Value
            Remote Link This issue links to "PRD (Web Link)" [ 20741 ]
            dfinlay Dave Finlay made changes -
            Assignee Dave Finlay [ dfinlay ] Abhijeeth Nuthan [ abhijeeth.nuthan ]
            dfinlay Dave Finlay made changes -
            Labels Cheshire-Cat-Committed
            Abhijeeth.Nuthan Abhijeeth Nuthan made changes -
            Resolution Fixed [ 1 ]
            Status Open [ 1 ] Resolved [ 5 ]
            Abhijeeth.Nuthan Abhijeeth Nuthan made changes -
            Link This issue blocks MB-42422 [ MB-42422 ]

            Build couchbase-server-7.0.0-3587 contains ns_server commit 3f66f94 with commit message:
            MB-41765: User should be able to view/manage collections

            build-team Couchbase Build Team added a comment - Build couchbase-server-7.0.0-3587 contains ns_server commit 3f66f94 with commit message: MB-41765 : User should be able to view/manage collections

            Build couchbase-server-7.0.0-3587 contains ns_server commit 33198a4 with commit message:
            MB-41765: Add list collection permissions to additional roles

            build-team Couchbase Build Team added a comment - Build couchbase-server-7.0.0-3587 contains ns_server commit 33198a4 with commit message: MB-41765 : Add list collection permissions to additional roles

            Build couchbase-server-7.0.0-3587 contains ns_server commit f1e5566 with commit message:
            MB-41765: User with scope_admin roles should be able

            build-team Couchbase Build Team added a comment - Build couchbase-server-7.0.0-3587 contains ns_server commit f1e5566 with commit message: MB-41765 : User with scope_admin roles should be able

            Build couchbase-server-7.0.0-3587 contains ns_server commit f08e7f8 with commit message:
            MB-41765: Change permissions for managing collection per scope

            build-team Couchbase Build Team added a comment - Build couchbase-server-7.0.0-3587 contains ns_server commit f08e7f8 with commit message: MB-41765 : Change permissions for managing collection per scope

            Build couchbase-server-7.0.0-3587 contains ns_server commit 34d0aaf with commit message:
            MB-41765: Introduce scope_admin role

            build-team Couchbase Build Team added a comment - Build couchbase-server-7.0.0-3587 contains ns_server commit 34d0aaf with commit message: MB-41765 : Introduce scope_admin role

            Validated using 7.0.0-4607. Created user with "Manage_collections in scope" permission.

            1. Able to list collections in the bucket
            2. Created and dropped the collections under targeted scope
            3. Creating collection under unauthorized scope resulted in `HTTP/1.1 403 Forbidden` error
            ashwin.govindarajulu Ashwin Govindarajulu added a comment - Validated using 7.0.0-4607 . Created user with "Manage_collections in scope" permission. Able to list collections in the bucket Created and dropped the collections under targeted scope Creating collection under unauthorized scope resulted in ` HTTP/1.1 403 Forbidden ` error
            ashwin.govindarajulu Ashwin Govindarajulu made changes -
            Assignee Abhijeeth Nuthan [ abhijeeth.nuthan ] Ashwin Govindarajulu [ ashwin.govindarajulu ]
            Status Resolved [ 5 ] Closed [ 6 ]
            lynn.straus Lynn Straus made changes -
            Fix Version/s 7.0.0 [ 17233 ]
            lynn.straus Lynn Straus made changes -
            Fix Version/s Cheshire-Cat [ 15915 ]

            People

              ashwin.govindarajulu Ashwin Govindarajulu
              dfinlay Dave Finlay
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty