All,
I am having similar using $redact example. I am trying to use $redact to do cell level security. Please let me know downside of using this feature to implement cell level security. Any help is greatly appreciated.
Here is example of document I tried to do
{
"_id" : 1,
"year" : 2013,
"columns" : [
{
"name" : "abc tag ",
"tags" : [
"PJ",
"MM"
]
},
{
"ssn" : "12345666a",
"tags" : [
"KKLT"
]
},
{
"placeofbirth" : "virginia",
"tags" : [
"FS"
]
}
]
}
{
"_id" : 2,
"year" : 2013,
"columns" : [
{
"name" : "abc tag single",
"tags" : "PJ"
},
{
"ssn" : "12345666a",
"tags" : "KKLT"
},
{
"placeofbirth" : "virginia",
"tags" : "FS"
}
]
}
i want user to the field depending on the tags. I try to run the following query.
var userAccess = [ "KKLT", "FS" ];
db.book2.aggregate(
[
{ $match: { year: 2013 } },
{ $redact: {
$cond: {
if: { $gt: [ { $size: { $setIntersection: [ "$tags", userAccess ] } }, 0 ] },
then: "$$DESCEND",
else: "$$PRUNE"
}
}
}
]
);
Uncaught exception: Error: command failed: {
"ok" : 0,
"errmsg" : "The argument to $size must be an array, but was of type: null",
"code" : 17124,
"codeName" : "Location17124"
} : aggregate failed :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
doassert@src/mongo/shell/assert.js:18:14
_assertCommandWorked@src/mongo/shell/assert.js:583:17
assert.commandWorked@src/mongo/shell/assert.js:673:16
DB.prototype._runAggregate@src/mongo/shell/db.js:266:5
DBCollection.prototype.aggregate@src/mongo/shell/collection.js:1012:12
DBCollection.prototype.aggregate@:1:355
@(shell):1:1