1

Using mongosh in mongo compass, I've created a user for my database:

use test_db
db.createUser({user:'some_user', pwd: 'some_pass', roles:[]})

Now, when I try to assign root role to it, I get could not find role: root@test_db

db.grantRolesToUser(    "some_user",
    [
      { role: "root", db: "test_db" }
    ])

Isn't root role a built-in role? Why cannot I assign it? Currently, when I try to run an aggregate for instance, I get MongoServerError: not authorized on test to execute command { aggregate: .... That's why I want to assign the root role to get rid of this.

Web Jigooli
  • 49
  • 1
  • 6

1 Answers1

3

Role root is defined in admin database. In database test_db this role does not exist - unless you created it manually.

Note:

Except for roles created in the admin database, a role can only include privileges that apply to its database and can only inherit from other roles in its database.

A role created in the admin database can include privileges that apply to the admin database, other databases or to the cluster resource, and can inherit from roles in other databases as well as the admin database.

Actually, I don't know any reason to create user in other database than admin.

Wernfried Domscheit
  • 54,457
  • 9
  • 76
  • 110
  • So, I tried removing the user from my test_db and keeping it in admin database with a root role. But the problem is I cannot connect to test_db with that user created in admin db. I use mongoose client with the following connection string: "mongodb://some_user:some_pass@localhost:27017/test_db" and authentication fails with test_db – Web Jigooli Oct 31 '21 at 07:53
  • See https://stackoverflow.com/questions/63754742/authentication-failure-while-trying-to-save-to-mongodb/63755470#63755470 – Wernfried Domscheit Oct 31 '21 at 10:37