Force strict equivalence in mongo role checks

Author: abnegate

src/Database/Adapter/Mongo.php

@@ -2026,7 +2026,7 @@ public function find(Document $collection, array $queries = [], ?int $limit = 25
         // permissions
         if ($this->authorization->getStatus()) {
             $roles = \implode('|', $this->authorization->getRoles());
-            $filters['_permissions']['$in'] = [new Regex("{$forPermission}\\(\".*(?:{$roles}).*\"\\)", 'i')];
+            $filters['_permissions']['$in'] = [new Regex("{$forPermission}\\(\"(?:{$roles})\"\\)", 'i')];
         }
 
         $options = [];
@@ -2287,7 +2287,7 @@ public function count(Document $collection, array $queries = [], ?int $max = nul
         // Add permissions filter if authorization is enabled
         if ($this->authorization->getStatus()) {
             $roles = \implode('|', $this->authorization->getRoles());
-            $filters['_permissions']['$in'] = [new Regex("read\\(\".*(?:{$roles}).*\"\\)", 'i')];
+            $filters['_permissions']['$in'] = [new Regex("read\\(\"(?:{$roles})\"\\)", 'i')];
         }
 
         /**
@@ -2377,7 +2377,7 @@ public function sum(Document $collection, string $attribute, array $queries = []
         // permissions
         if ($this->authorization->getStatus()) { // skip if authorization is disabled
             $roles = \implode('|', $this->authorization->getRoles());
-            $filters['_permissions']['$in'] = [new Regex("read\\(\".*(?:{$roles}).*\"\\)", 'i')];
+            $filters['_permissions']['$in'] = [new Regex("read\\(\"(?:{$roles})\"\\)", 'i')];
         }
 
         // using aggregation to get sum an attribute as described in