|
It seems that there is a permission issue on db.system.users.getIndexes() in 3.0. In 2.6, this seems to be working fine. Following are the steps that I used to replicate this issue:
- Install MongoDB 2.4 (Since users were stored in <database>.system.users collection in 2.4).
- Create user with readWrite and dbOwner role.
db.addUser( { user: "user", pwd: "user", roles: ["readWrite","dbOwner"] } )
|
ankit(mongod-2.4.14) test> db.system.users.find()
|
{
|
"_id": ObjectId("55fb9dc4ab757ec03e77562d"),
|
"user": "user",
|
"pwd": "fa26a506aa0f786a447bbd6d1caaa8b5",
|
"roles": [
|
"readWrite",
|
"dbOwner"
|
]
|
}
|
- Start MongoDB and execute following queries:
ankit:log-11213 ankit$ mongo
|
MongoDB shell version: 2.4.14
|
connecting to: test
|
Mongo-Hacker 0.0.8
|
> db.auth("user","user")
|
1
|
> show collections
|
system.indexes → 0.000MB / 0.004MB
|
system.users → NaNMB / NaNMB
|
> db.system.users.getIndexes()
|
[
|
{
|
"v": 1,
|
"name": "_id_",
|
"key": {
|
"_id": 1
|
},
|
"ns": "test.system.users"
|
},
|
{
|
"v": 1,
|
"name": "user_1_userSource_1",
|
"key": {
|
"user": 1,
|
"userSource": 1
|
},
|
"unique": true,
|
"ns": "test.system.users"
|
}
|
]
|
- Upgrade to 2.6 (Note that it requires authorization schema upgrade). Users will be copied to admin.system.users collection. But <database.system.users> collection still remains in the database in question.
- Connect via mongo client and execute following query:
connecting to: test
|
Mongo-Hacker 0.0.8
|
> db.auth("user","user")
|
1
|
> show collections
|
system.indexes → 0.000MB / 0.004MB
|
system.users → NaNMB / NaNMB
|
> db.system.users.getIndexes()
|
[
|
{
|
"v": 1,
|
"name": "_id_",
|
"key": {
|
"_id": 1
|
},
|
"ns": "test.system.users"
|
},
|
{
|
"v": 1,
|
"name": "user_1_userSource_1",
|
"key": {
|
"user": 1,
|
"userSource": 1
|
},
|
"unique": true,
|
"ns": "test.system.users"
|
}
|
]
|
- Upgrade to 3.0.5, connect via mongo and execute following command:
ankit:log-11213 ankit$ mongo
|
MongoDB shell version: 3.0.5
|
connecting to: test
|
> db.auth("user","user")
|
1
|
> db.system.users.getIndexes()
|
2015-09-18T11:01:15.116+0530 E QUERY Error: listIndexes failed: {
|
"ok": 0,
|
"errmsg": "not authorized on test to execute command { listIndexes: \"system.users\" }",
|
"code": 13
|
}
|
at Error (<anonymous>)
|
at DBCollection._getIndexesCommand (src/mongo/shell/collection.js:1019:15)
|
at DBCollection.getIndexes (src/mongo/shell/collection.js:1026:20)
|
at (shell):1:17 at src/mongo/shell/collection.js:1019
|
Notice the permission issue coming in 3.0.5 while it was working fine in 2.6.
|