DOCSP-24990 Removes old version callouts for Built-in Roles (#1781) (#1871)

kennethdyer · web-flow · commit e6634c22e0d0 · 2022-09-13T14:35:46.000-07:00
* DOCSP-24990 Removes old version callouts * DOCSP-24990 Removes old version callouts, deprecates YAML callouts * DOCSP-24990 Removes old version callouts, deprecates YAML callouts * DOCSP-24990 Removes old version callouts * DOCSP-24990 Fixes old typos * DOCSP-24990 Removes old version callouts * DOCSP-24990 Version cleanup for All-Database Roles * DOCSP-24990 Clears last version notice * DOCSP-24990 Clears LDAP
diff --git a/source/includes/extracts-4.2-changes.yaml b/source/includes/extracts-4.2-changes.yaml
@@ -741,12 +741,12 @@ content: |
 ref: 4.2-changes-libldap
 content: |
 
-   For MongoDB 4.2 (and 4.0.9) Enterprise binaries linked against
+   For MongoDB 4.2 Enterprise binaries linked against
    ``libldap`` (such as when running on RHEL), access to the
    ``libldap`` is synchronized, incurring some performance/latency
    costs.
 
-   For MongoDB 4.2 (and 4.0.9) Enterprise binaries linked against
+   For MongoDB 4.2 Enterprise binaries linked against
    ``libldap_r``, there is no change in behavior from earlier MongoDB
    versions.
 ---
diff --git a/source/includes/extracts-built-in-roles.yaml b/source/includes/extracts-built-in-roles.yaml
@@ -87,9 +87,8 @@ content: |
 ---
 ref: built-in-roles-restore
 content: |
-  .. versionchanged:: 3.6
 
-     Provides :authaction:`convertToCapped` on non-system collections.
+  Provides :authaction:`convertToCapped` on non-system collections.
  
   Provides the necessary privileges to restore data from backups *if* the data
   does not include :data:`system.profile <<database>.system.profile>` collection
@@ -99,7 +98,6 @@ content: |
 ---
 ref: built-in-roles-all-database-roles
 content: |
-  .. versionchanged:: 3.4
 
   The following roles are available on the ``admin`` database and provide
   privileges which apply to all databases except ``local`` and
@@ -111,13 +109,6 @@ content: |
   except ``local`` and ``config``. The role also provides the
   :authaction:`listDatabases` action on the cluster as a whole.
 ---
-ref: built-in-roles-readAnyDatabase-prior
-content: |
-  Prior to 3.4, :authrole:`readAnyDatabase` includes ``local`` and
-  ``config`` databases. To provide ``read`` privileges on the
-  ``local`` database, create a user in the ``admin`` database with
-  :authrole:`read` role in the ``local`` database.
----
 ref: built-in-roles-readWriteAnyDatabase
 content: |
   Provides the same privileges as :authrole:`readWrite` on
@@ -128,13 +119,6 @@ content: |
     whole
   - the :authaction:`compactStructuredEncryptionData` action 
 ---
-ref: built-in-roles-readWriteAnyDatabase-prior
-content: |
-  Prior to 3.4, :authrole:`readWriteAnyDatabase` includes ``local``
-  and ``config`` databases. To provide ``readWrite`` privileges on
-  the ``local`` database, create a user in the ``admin`` database
-  with :authrole:`readWrite` role in the ``local`` database.
----
 ref: built-in-roles-dbAdminAnyDatabase
 content: |
   Provides the same privileges as :authrole:`dbAdmin` on
diff --git a/source/includes/extracts-listDatabases-auth.yaml b/source/includes/extracts-listDatabases-auth.yaml
@@ -97,32 +97,4 @@ content: |
      - If the user does not have :authaction:`listDatabases` action on
        the cluster, :dbcommand:`listDatabases` command errors with
        insufficient permissions.
----
-ref: listDatabases-auth-4.0.0-4.0.4
-content: |
-   For MongoDB 4.0.0-4.0.4:
-      If the user does not have the :authaction:`listDatabases`
-      privilege action, users can run the :dbcommand:`listDatabases`
-      command to return a list of databases for which the user has the
-      :authaction:`find` action privilege.
----
-ref: listDatabases-auth-4.0.5
-content: |
-   For MongoDB 4.0.5:
-      If the user does not have the :authaction:`listDatabases`
-      privilege action, users can run the :dbcommand:`listDatabases`
-      command to return a list of databases for which the user has the
-      :authaction:`find` action privilege if the command is run with
-      ``authorizedDatabases`` option unspecified or set to ``true``.
----
-ref: listDatabases-auth-4.0.6
-content: |
-   For MongoDB 4.0.6+:
-      If the user does not have the :authaction:`listDatabases`
-      privilege action, users can run the :dbcommand:`listDatabases`
-      command to return a list of databases for which the user has
-      privileges (including databases for which the user has privileges
-      on specific collections) if the command is run with
-      ``authorizedDatabases`` option unspecified or set to ``true``.
-      
 ...
diff --git a/source/includes/fact-required-access-for-backup-profiling.rst b/source/includes/fact-required-access-for-backup-profiling.rst
@@ -1,7 +1,6 @@
-.. versionchanged:: 3.2.1
 
-   The :authrole:`backup` role provides additional privileges to back
-   up the :data:`system.profile <<database>.system.profile>`
-   collection that exists when running with :ref:`database profiling
-   <database-profiling>`. Previously, users required
-   ``read`` access on this collection.
+The :authrole:`backup` role provides additional privileges to back
+up the :data:`system.profile <<database>.system.profile>`
+collection that exists when running with :ref:`database profiling
+<database-profiling>`. 
+
diff --git a/source/includes/listDatabases-auth.rst b/source/includes/listDatabases-auth.rst
@@ -0,0 +1,8 @@
+
+If the user does not have the :authaction:`listDatabases`
+privilege action, users can run the :dbcommand:`listDatabases`
+command to return a list of databases for which the user has
+privileges (including databases for which the user has privileges
+on specific collections) if the command is run with
+``authorizedDatabases`` option unspecified or set to ``true``.
+   
diff --git a/source/reference/built-in-roles.txt b/source/reference/built-in-roles.txt
@@ -58,13 +58,8 @@ Every database includes the following client roles:
    - :authaction:`killCursors`
    - :authaction:`listIndexes`
    - :authaction:`listCollections`
-
-
-   .. include:: /includes/extracts/listDatabases-auth-4.0.6.rst
-
-   .. include:: /includes/extracts/listDatabases-auth-4.0.5.rst
-
-   .. include:: /includes/extracts/listDatabases-auth-4.0.0-4.0.4.rst
+   
+   .. include:: /includes/listDatabases-auth
 
 .. authrole:: readWrite
 
@@ -227,8 +222,6 @@ Cluster Administration Roles
 
 .. authrole:: clusterManager
 
-   .. versionchanged:: 3.4
-
    .. include:: /includes/extracts/built-in-roles-clusterManager.rst
 
    .. list-table::
@@ -249,7 +242,7 @@ Cluster Administration Roles
              - :authaction:`cleanupOrphaned`
              - :authaction:`flushRouterConfig`
              - :authaction:`getDefaultRWConcern` (New in version 4.4)
-             - :authaction:`listSessions` (New in version 3.6)
+             - :authaction:`listSessions`
              - :authaction:`listShards`
              - :authaction:`removeShard`
              - :authaction:`replSetConfigure`
@@ -266,7 +259,7 @@ Cluster Administration Roles
         - .. hlist::
              :columns: 1
              
-             - :authaction:`clearJumboFlag` (New in 4.2.3 and 4.0.15)
+             - :authaction:`clearJumboFlag` (New in 4.2.3)
              - :authaction:`enableSharding`
              - :authaction:`refineCollectionShardKey` (New in 4.4)
              - :authaction:`moveChunk`
@@ -375,16 +368,14 @@ Cluster Administration Roles
 
 .. authrole:: clusterMonitor
 
-   .. versionchanged:: 3.4
-
    .. include:: /includes/extracts/built-in-roles-clusterMonitor.rst
 
    Permits the following actions on the cluster as a whole:
 
    .. hlist::
       :columns: 2
 
-      - :authaction:`checkFreeMonitoringStatus` (New in version 4.0)
+      - :authaction:`checkFreeMonitoringStatus`
       - :authaction:`connPoolStats`
       - :authaction:`getCmdLineOpts`
       - :authaction:`getDefaultRWConcern` (New in version 4.4)
@@ -394,13 +385,13 @@ Cluster Administration Roles
       - :authaction:`hostInfo`
       - :authaction:`inprog`
       - :authaction:`listDatabases`
-      - :authaction:`listSessions` (New in version 3.6)
+      - :authaction:`listSessions`
       - :authaction:`listShards`
       - :authaction:`netstat`
       - :authaction:`replSetGetConfig`
       - :authaction:`replSetGetStatus`
       - :authaction:`serverStatus`
-      - :authaction:`setFreeMonitoring` (New in version 4.0)
+      - :authaction:`setFreeMonitoring`
       - :authaction:`shardingState`
       - :authaction:`top`
 
@@ -410,7 +401,7 @@ Cluster Administration Roles
    - :authaction:`dbStats`
    - :authaction:`getShardVersion`
    - :authaction:`indexStats`
-   - :authaction:`useUUID` (New in version 3.6)
+   - :authaction:`useUUID`
 
    Permits the :authaction:`find` action on all :data:`system.profile
    <<database>.system.profile>` collections in the cluster.
@@ -538,8 +529,8 @@ Cluster Administration Roles
       - :authaction:`flushRouterConfig`
       - :authaction:`fsync`
       - :authaction:`invalidateUserCache`
-      - :authaction:`killAnyCursor` (New in version 4.0)
-      - :authaction:`killAnySession` (New in version 3.6)
+      - :authaction:`killAnyCursor`
+      - :authaction:`killAnySession`
       - :authaction:`killop`
       - :authaction:`logRotate`
       - :authaction:`oidReset`
@@ -603,11 +594,11 @@ Backup and Restoration Roles
      :data:`system.js <<database>.system.js>`, and
      :data:`system.profile <<database>.system.profile>`
 
-   - the :data:`admin.system.users` and :data:`admin.system.roles` collections
+   - The :data:`admin.system.users` and :data:`admin.system.roles` collections
 
-   - the :data:`config.settings` collection
+   - The :data:`config.settings` collection
 
-   - legacy ``system.users`` collections from versions of MongoDB prior to 2.6
+   - Legacy ``system.users`` collections from versions of MongoDB prior to 2.6
 
    .. todo: Also provides the :authaction:`find` action on:
              - system.new_users
@@ -738,21 +729,13 @@ All-Database Roles
 
    .. include:: /includes/extracts/built-in-roles-readAnyDatabase.rst
 
-   .. versionchanged:: 3.4
-
-      .. include:: /includes/extracts/built-in-roles-readAnyDatabase-prior.rst
-
-      .. include:: /includes/seealso-cluster-manager.rst
+   .. include:: /includes/seealso-cluster-manager.rst
 
 .. authrole:: readWriteAnyDatabase
 
    .. include:: /includes/extracts/built-in-roles-readWriteAnyDatabase.rst
 
-   .. versionchanged:: 3.4
-
-      .. include:: /includes/extracts/built-in-roles-readWriteAnyDatabase-prior.rst
-
-      .. include:: /includes/seealso-cluster-manager.rst
+   .. include:: /includes/seealso-cluster-manager.rst
 
 .. authrole:: userAdminAnyDatabase
 
@@ -765,7 +748,7 @@ All-Database Roles
    - :authaction:`invalidateUserCache`
    - :authaction:`listDatabases`
 
-   The role also provides the following privilege actions on the
+   The role provides the following privilege actions on the
    :data:`system.users <admin.system.users>` and
    :data:`system.roles <admin.system.roles>` collections on the
    ``admin`` database, and on legacy ``system.users`` collections from
@@ -777,14 +760,8 @@ All-Database Roles
    - :authaction:`find`
    - :authaction:`killCursors`
    - :authaction:`planCacheRead`
-
-   .. versionchanged:: 2.6.4
-      :authrole:`userAdminAnyDatabase` added the following privilege
-      actions on the :data:`admin.system.users` and
-      :data:`admin.system.roles` collections:
-
-      - :authaction:`createIndex`
-      - :authaction:`dropIndex`
+   - :authaction:`createIndex`
+   - :authaction:`dropIndex`
 
    The :authrole:`userAdminAnyDatabase` role does not restrict the privileges
    that a user can grant. As a result, :authrole:`userAdminAnyDatabase` users
@@ -793,22 +770,13 @@ All-Database Roles
    role does not explicitly authorize privileges beyond user administration.
    This role is effectively a MongoDB system :ref:`superuser <superuser>`.
 
-   .. versionchanged:: 3.4
-
-      :authrole:`userAdminAnyDatabase` no longer
-      applies to the ``local`` and ``config`` databases.
-
-      .. include:: /includes/seealso-cluster-manager.rst
+   .. include:: /includes/seealso-cluster-manager.rst
 
 .. authrole:: dbAdminAnyDatabase
 
    .. include:: /includes/extracts/built-in-roles-dbAdminAnyDatabase.rst
 
-   .. versionchanged:: 3.4
-
-      .. include:: /includes/extracts/built-in-roles-dbAdminAnyDatabase-prior.rst
-
-      .. include:: /includes/seealso-cluster-manager.rst
+   .. include:: /includes/seealso-cluster-manager.rst
 
    Starting in MongoDB 5.0, :authrole:`dbAdminAnyDatabase` includes the 
    :ref:`applyOps<internal-actions>` privilege action.
@@ -836,11 +804,6 @@ The following role provides full privileges on all resources:
 
    .. include:: /includes/extracts/built-in-roles-root.rst
 
-   .. versionchanged:: 3.4
-
-      The :authrole:`root` role includes privileges from the
-      :authrole:`backup` and :authrole:`restore` roles.
-
    .. versionchanged:: 6.0
 
       The :authrole:`root` role includes :authaction:`find` and
diff --git a/source/reference/privilege-actions.txt b/source/reference/privilege-actions.txt
@@ -60,11 +60,7 @@ Query and Write Actions
    and :dbcommand:`renameCollection` commands and the
    :method:`db.collection.renameCollection()` helper method.
 
-   .. include:: /includes/extracts/listDatabases-auth-4.0.6.rst
-
-   .. include:: /includes/extracts/listDatabases-auth-4.0.5.rst
-
-   .. include:: /includes/extracts/listDatabases-auth-4.0.0-4.0.4.rst
+   .. include:: /includes/listDatabases-auth
 
    Apply this action to database or collection resources.
 
@@ -806,11 +802,7 @@ Diagnostic Actions
    User can perform the :dbcommand:`listDatabases` command. Apply this
    action to the ``cluster`` resource.
 
-   .. include:: /includes/extracts/listDatabases-auth-4.0.6.rst
-
-   .. include:: /includes/extracts/listDatabases-auth-4.0.5.rst
-
-   .. include:: /includes/extracts/listDatabases-auth-4.0.0-4.0.4.rst
+   .. include:: /includes/listDatabases-auth
 
 .. authaction:: listCollections
 
