I have a requirement to apply some rules to the collection used for searching and also to the returned docs based on userid and/or role of the caller in mongo db.
I see mongodb provides support to create one or more users internally and use them to fine-grained access policies for resource access.
Normally, roles and userid are created externally in active directory or ldap and we use only one userid when connecting to mongodb from a web app on behalf of all clients.
My query is , Is there a way to map these external userids and roles to internal userid and what is the mechanism to pass the caller/security context info when executing a command/query in mongodb.
答案 0 :(得分:0)
您是否在Mongo DB中结帐了 $ redact 运算符。也许,这可以帮助您的要求。 的 https://docs.mongodb.com/manual/reference/operator/aggregation/redact/