how i can use users and rols in mongodb?

Asked Nov 13 '22 at 12:19

Active Nov 13 '22 at 12:19

Viewed 17 times

when i create role and set that role into my users ,the user can be use all roles even the role i didn't give it

i create the role

use dev201
db.createRole(
   {
     role: "roleread",
     privileges: [
       { resource: { db: "dev201", collection: "movies" }, actions: ["find"] },
     ],
     roles: [
       { role: "read", db: "dev201" }
     ]
   }
)

and i set the role to a new user

db.createUser(
{   user: "gst",
    pwd: "123456",

    roles:[{role: "roleread" , db:"dev201"}]})

db.auth('gst','123456')

i give him only read and he can inset,update,delete

asked Nov 13 '22 at 12:19

NOURDDINE BENYAHYA

I guess you created users and/or roles in different databases and now you mix them up. Or you did not enable authorization on your MonoDB. Users and roles should be created only in `admin` database (not `dev201` as you did), I don't know any reason why they should be created anywhere else. See also https://stackoverflow.com/questions/48253839/what-is-the-admin-database-in-mongodb/67159335#67159335 – Wernfried Domscheit Nov 13 '22 at 13:01
Did you start your database in a mode that enforces auth? – user20042973 Nov 13 '22 at 13:56

how i can use users and rols in mongodb?

0 Answers0