-
Type: Improvement
-
Resolution: Done
-
Priority: Minor - P4
-
None
-
Affects Version/s: None
-
Component/s: Security
-
Labels:None
In 2.5.2, it looks like someone with a userAdmin role can no longer directly manipulate documents in the system.users collection as I'm told we added helper functions for user management. However, the error given to a user manipulating the collection directly should be clearer.
I authenticated myself with role userAdmin and I do:
> db.system.users.insert({user: "test", pwd: "test"}) not authorized for insert on admin.system.users
It should say something like: "Cannot manipulate the system.users collection directly - use helper method"