Details
-
Improvement
-
Resolution: Done
-
Minor - P4
-
None
-
None
-
None
Description
In 2.5.2, it looks like someone with a userAdmin role can no longer directly manipulate documents in the system.users collection as I'm told we added helper functions for user management. However, the error given to a user manipulating the collection directly should be clearer.
I authenticated myself with role userAdmin and I do:
> db.system.users.insert({user: "test", pwd: "test"})
|
not authorized for insert on admin.system.users
|
It should say something like: "Cannot manipulate the system.users collection directly - use helper method"