Skip to content

Releases: materialsproject/mongogrant

More helpful mgrant error messages

19 Jun 17:43
@dwinston dwinston
v0.3.0
2952f33
Compare
Choose a tag to compare
More helpful mgrant error messages Latest
Latest
  • Message specific to user not having been given access to a database yet
  • Message specific to user allowed to do things, but token has expired.
Assets 2
Loading

`mgrant` allow/deny subcommands for admins

26 Sep 19:49
@dwinston dwinston
v0.2.0
b902db8
Compare
Choose a tag to compare
`mgrant` allow/deny subcommands for admins

A mongogrant server admin can now add "ruler" users who can set allow/deny rules for users via the mgrant CLI. An admin sets a ruler document in the server.mgdb collection, e.g.

server.mgdb.rulers.replace_one(
    {"email": "starlord@lbl.gov"},
    {
        "email": "starlord@lbl.gov",
        "hosts": ["mongodb03.nersc.gov"],
        "dbs": ["mp_", "fw_"],
        "emails": ["@lbl.gov"],
        "which": ["allow"]
    },
    upsert=True)

Allows user starlord@lbl.gov to set allow rules for any user with an "@lbl.gov" email address on the Mongo host "mongodb03.nersc.gov" for any database name prefixed with "mp_" or "fw_". Any field in a ruler document can be set to "all" rather than an array.

Assets 2
Loading