[SERVER-7025] read only in 2.2 Created: 12/Sep/12  Updated: 15/Feb/13  Resolved: 13/Sep/12

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Question Priority: Minor - P4
Reporter: George Nikopoulos Assignee: Spencer Brody (Inactive)
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Windows 32


Participants:

 Description   

I tried testing the read only user on the new mongodb version and I can not not get read-only to work. I did this test on my PC, and not in our real production environment.Here is my test. Firt I started mongo, and create an admin user "george". Then I restarted mongod with the --auth option.
C:\mongoDB\mongodb-win32-i386-2.2.0\bin>mongo
MongoDB shell version: 2.2.0
connecting to: test
> use admin
switched to db admin
> db.auth("george","george")
1
> use ops
switched to db ops
> db.addUser("geo","geo",true)

{ "_id" : ObjectId("5050efac7e688079cf00fdbd"), "user" : "geo", "readOnly" : true, "pwd" : "54f4620002480121e1f23b0d293e0fe6" } > db.auth("geo","geo") 1 > db.ll.find() { "_id" : ObjectId("5050ef8f7e688079cf00fdbc"), "fname" : "George" } { "_id" : ObjectId("5050efe37e688079cf00fdbe"), "fname" : "George test read onl" } { "_id" : ObjectId("5050f1850305681475bd79d6"), "fname" : "George test read onl TWO" } { "_id" : ObjectId("5050fdefcd812110fa0466aa"), "fname" : "One" }

> db.ll.save(

{fname:"Two"}

)
> db.ll.find()

{ "_id" : ObjectId("5050ef8f7e688079cf00fdbc"), "fname" : "George" } { "_id" : ObjectId("5050efe37e688079cf00fdbe"), "fname" : "George test read onl" } { "_id" : ObjectId("5050f1850305681475bd79d6"), "fname" : "George test read onl TWO" } { "_id" : ObjectId("5050fdefcd812110fa0466aa"), "fname" : "One" } { "_id" : ObjectId("505101cd7b5e3666d16d154e"), "fname" : "Two" }

> exit
bye

It should not let me save the "Two" right?

Thanks



 Comments   
Comment by George Nikopoulos [ 12/Sep/12 ]

Got it. I guess the subsequent db.auths inherit the first db.auths. I tried your suggestion and it works. Thanks.

Comment by Spencer Brody (Inactive) [ 12/Sep/12 ]

In the test above you are still authenticated as the admin user when you create the "Two" document. You will need to logout() of the admin DB first to be denied write access.

Generated at Thu Feb 08 03:13:25 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.