Uploaded image for project: 'MongoDB Database Tools'
  1. MongoDB Database Tools
  2. TOOLS-722

User access & Roles creation

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major - P3 Major - P3
    • None
    • None
    • None
    • None

    Description

      I want to create a user with particular "find" access only on a collection & tried below process.

      Process 1:

      Use admin ..............................Success
      db.createRole(
      {
      role: "DeveloperRole",
      privileges: [
      { resource:

      { db: "mydb", collection: "coll1" }

      , actions: [ "find"] }
      ],
      roles: []
      }
      )
      .........................success
      db.createUser(
      {
      user: "perfDeveloper",
      pwd: "mongo123",
      roles: [

      { role: "DeveloperRole", db: "mydb" }

      ]
      }
      )
      ......error No role named DeveloperRole@mydb

      Process 2:

      Use admin ..............................Success
      Use mydb ..............................Success

      db.createRole(
      {
      role: "DeveloperRole",
      privileges: [
      { resource:

      { db: "mydb", collection: "coll1" }

      , actions: [ "find"] }
      ],
      roles: []
      }
      )
      .........................success
      db.createUser(
      {
      user: "perfDeveloper",
      pwd: "mongo123",
      roles: [

      { role: "DeveloperRole", db: "mydb" }

      ]
      }
      )
      ......success

      But now user perfDeveloper is able to insert or remove data also, which I didn't provide access for.

      Attachments

        Activity

          People

            Unassigned Unassigned
            avikkumar avik biswas
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: