On databases other than "admin", db.addUser("user", "password") will be equivalent to
db.addUser({user: "user", pwd: "password", roles: ["dbOwner"]})
. The dbOwner builtin database role will be the union of the "dbAdmin", "readWrite" and "userAdmin" roles.
On databases other than "admin", db.addUser("user", "password", true) will be equivalent to
db.addUser({user: "user", pwd: "password", roles: ["read"]})
. The read builtin database role will be the same as existed in MongoDB 2.4 and prior.
On the "admin" database, db.addUser("user", "password") will be equivalent to
db.addUser({user: "user", pwd: "password", roles: ["root"]})
. The root builtin admin role will have extensive access, as in MongoDB 2.4.
On the "admin" database, db.addUser("user", "password", true) will be equivalent to
db.addUser({user: "user", pwd: "password", roles: ["readAnyDatabase"]})
. The readAnyDatabase role will have read access to any database. This is a reduction in privilege compared to MongoDB 2.4, which may be remediated through the use of user-defined roles.
Any use of these 2- and 3-argument forms of db.addUser() will cause the shell to display a warning message to the user, and may cause the server to write a warning message to the startupWarnings log and perhaps the diagnostic log, indicating that this form is deprecated, and will be removed in a future release of MongoDB.
There will be no db.addUser("user", "password", [roles]) form of the addUser command in 2.6.
- is depended on by
-
DRIVERS-103 Manipulate user objects exclusively via commands
- Closed
- is duplicated by
-
SERVER-10593 Expose built-in roles that can be used with the deprecated addUser helper that just takes a readOnly bool
- Closed
- related to
-
SERVER-6246 Manipulate user objects exclusively via commands
- Closed