[DOCS-7799] Comment on: "manual/core/collection-level-access-control.txt" Created: 03/May/16  Updated: 03/Nov/17  Resolved: 01/Jun/16

Status: Closed
Project: Documentation
Component/s: None
Affects Version/s: None
Fix Version/s: 01112017-cleanup

Type: Bug Priority: Major - P3
Reporter: Docs Collector User (Inactive) Assignee: Unassigned
Resolution: Done Votes: 0
Labels: collector-298ba4e7
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

OSX El Captain 10.11.4, MongoDB shell version: 3.2.5, Robomongo 0.9.0-RC7

Location: https://docs.mongodb.org/manual/core/collection-level-access-control/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.94 Safari/537.36
Referrer: https://www.google.com/
Screen Resolution: 1440 x 900


Participants:
Days since reply: 7 years, 37 weeks ago

 Description   

I am not able to implement collection level access control. Here are the steps and commands I have used:
1. created db authdb
2. Created collections in db - collection1, collection2, collection3, collection4, collection5.
3. db.createRole( {role:"collection1Read", privileges: [ { resource:

{db: "authdb", collection: "collection1"}

, actions: ["find"]}],roles:["read"]});
4. db.createUser({user: "user1Read", pwd: "user", roles: [

{role: "collection1Read", db: "authdb"}

]});
5. Now if I login as user1Read, I can all collections both by command line or through RoboMongo.
It doesn't work with the steps provided.



 Comments   
Comment by Kay Kim (Inactive) [ 01/Jun/16 ]

Emailed user - pointed out that the role he created inherited also from the read role for that database.

Generated at Thu Feb 08 07:55:02 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.