Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DOCSP-35902 Security considerations for roles and query filtering #663

Merged
merged 8 commits into from
Feb 2, 2024
Merged

DOCSP-35902 Security considerations for roles and query filtering #663

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
e2819dd
DOCSP-35902 Security considerations for RBAC
lindseymoore Jan 29, 2024
bb97188
add genre and meta
lindseymoore Jan 29, 2024
e7d1375
update TOC title
lindseymoore Jan 29, 2024
2f60b21
change page title back
lindseymoore Feb 2, 2024
ce43377
add note about audit
lindseymoore Feb 2, 2024
cd5ba87
correct genre value
lindseymoore Feb 2, 2024
d9d615e
fix spacing
lindseymoore Feb 2, 2024
687fbf9
spacing
lindseymoore Feb 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions source/rules/filters.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,13 @@
Filter Incoming Queries
=======================

.. meta::
:description: Learn how to filter a query to return only a subset of matching results.

.. facet::
:name: genre
:values: procedure

.. default-domain:: mongodb

.. contents:: On this page
Expand Down Expand Up @@ -307,3 +314,16 @@ from the App Services UI or by deploying configuration files with Realm CLI:
.. code-block:: bash

{+cli-bin+} push --remote="<Your App ID>"

.. note:: Security Consideration for App Services Filters

While :ref:`Role-based Permissions <roles>` and Filters can hide specific
documents and fields within a collection there is a potential that
data can be exposed if the system allows arbitrary
queries to access the collection. For example, queries or functions that
raise errors depending on the values stored in a collection (such
as division-by-zero errors) may reveal information about documents, even if
a role or filter prevents the querying user from viewing
documents directly. Users may also make inferences about the underlying data
in other ways (such as by measuring query execution time, which can be affected
by the data's distribution).
20 changes: 20 additions & 0 deletions source/rules/roles.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,13 @@ Role-based Permissions

.. default-domain:: mongodb

.. meta::
:description: Learn how to define data access permissions using Role-based Permissions in App Services.

.. facet::
:name: genre
:values: reference

.. contents:: On this page
:local:
:backlinks: none
Expand Down Expand Up @@ -511,3 +518,16 @@ deploying configuration files with {+cli+}:
.. code-block:: bash

{+cli-bin+} push

.. note:: Security Consideration for App Services Role-based Permissions

While Role-based Permissions and :ref:`Filters <filters>` can hide specific
documents and fields within a collection there is a potential that
data can be exposed if the system allows arbitrary
queries to access the collection. For example, queries or functions that
raise errors depending on the values stored in a collection (such
as division-by-zero errors) may reveal information about documents, even if
a role or filter prevents the querying user from viewing
documents directly. Users may also make inferences about the underlying data
in other ways (such as by measuring query execution time, which can be affected
by the data's distribution).
lindseymoore marked this conversation as resolved.
Show resolved Hide resolved
Loading