Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do you change MongoDB user permissions?

Tags:

mongodb

rbac

For instance, if I have this user:

> db.system.users.find() { "user" : "testAdmin", "pwd" : "[some hash]", "roles" : [ "clusterAdmin" ], "otherDBRoles" : { "TestDB" : [ "readWrite" ]  } }

And I want to give that user the dbAdmin permissions on the TestDB database, I can remove the user record then add it back with the new permissions:

> db.system.users.remove({"user":"testAdmin"}) > db.addUser( { user: "testAdmin",                   pwd: "[whatever]",                   roles: [ "clusterAdmin" ],                   otherDBRoles: { TestDB: [ "readWrite", "dbAdmin" ] } } )

But that seems hacky and error-prone.

And I can update the table record itself:

> db.system.users.update({"user":"testAdmin"}, {$set:{ otherDBRoles: { TestDB: [ "readWrite", "dbAdmin" ] }}})

But I'm not sure if that really creates the correct permissions - it looks fine but it may be subtly wrong.

Is there a better way to do this?

like image 276
Ed Norris Avatar asked May 13 '13 16:05

Ed Norris

People also ask

How do I give a user permission in MongoDB?

MongoDB: db.grantRolesToUser() method is used to grants an additional role and its privileges to a user. The name of the user to whom to grant roles. An array of additional roles to grant to the user. The level of write concern for the modification.

How do I change the role of a user in MongoDB?

Required AccessYou must have the grantRole action on a role's database to add a role to a user. To change another user's pwd or customData field, you must have the changePassword and changeCustomData actions respectively on that user's database.

How do I create a user and grant privileges in MongoDB?

A role in MongoDB grants privileges to perform some set of operations on a given resource. In MongoDB, users are created using createUser() method. This method creates a new user for the database, if the specified user is already present in the database then this method will return an error.

How do I restrict access to MongoDB?

To restrict MongoDB access by enabling authentication In the mongoconfiguration, set auth = true and restart the mongo service.

1 Answers

If you want to just update Role of User. You can do in the following way

db.updateUser( "userName",                {                   roles : [                            { role : "dbAdmin", db : "dbName"  },                            { role : "readWrite", db : "dbName"  }                          ]                 }              )

Note:- This will override only roles for that user.

like image 112
Vaibhav Avatar answered Sep 24 '22 01:09

Vaibhav
Sign in to Comment

Related questions

Find all documents within last n days
Mongodb concat int and string
JSON serializing Mongodb
MongoDB and PostgreSQL thoughts
A timeout occured after 30000ms selecting a server using CompositeServerSelector
How to remove one 'document' by 'ID' using the Official C# Driver for MongoDB?
Unique documents using multiple values in Mongoose Schema
Getting the highest value of a column in MongoDB
MongoDB dump from 3.2, restore with 3.4, error index safe = null
Add a new attribute to existing json object in node.js
Populate a mongoose model with a field that isn't an id
How to findAll in mongoosejs?
Import more than 1 json file using mongoimport
"invalid hexadecimal representation" for spring mongo data repository interface
PHP+MongoDB: Uncaught exception 'MongoCursorException' with message 'No such file or directory'
PHP / Mongo geoJSON Loop is not valid
Unit of work in mongodb and C#
Spring Data MongoDB: how to implement "entity relationships"?
MongoDB structure: single collection vs multiple smaller collections
C# MongoDB: How to correctly map a domain object?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!