0

I'm new for mongodb.

i'm trying to understand how user privileges work on mongodb i have a mongodb data base ( from mongoHQ sandbox 512 Mb free ).

and also i create a database and it contains some collections here how it looks like

here is my database events and its collections (messages,*provider*)

events

- messages
- provider

what i want is : i have 3 users with 3 different privileges on events database's different collections

here are 3 users with their privileges

providerUser : readonly access on provider collection and don't have access events database's other collections (and have no access on other data bases also )

eventreadUser : readonly access on message collection on events data base and don't have access to other collections on events database (and have no access on other data bases also )

eventreadWriteUser :only have read,write access on message collection on events data base and don't have access to other collections on events database (and have no access on other data bases also )

so i created a javascript that add these users to events database

addUsers.js

var conn = new Mongo('hostname:port');
       var db = conn.getDB("events");
       // For authentification on DB
       db.auth('username', 'password');

   function addCurlUserAndroidUser() {
    var providerUser = {
    user: 'providerUser',
    pwd: 'providerUserPassword',
    privileges: [{ 
                resource: {collection: "provider" },
                actions: [ "find"]
            }],
     roles: [ "read"]
     };


    var eventreadUser = {
    user: 'eventreadUser',
    pwd: 'eventreadUserPassword',
    privileges: [{ 
                resource: { collection: "messages" },
                actions: [ "find"]
            }],
     roles: [ "read"]
     };

var eventreadWriteUser = {
    user: 'eventreadWriteUser',
    pwd: 'eventreadWriteUserPassword',
    privileges: [{ 
                resource: { collection: "messages" },
                actions: [ "find", "insert","remove","update"]
            }],
     roles: [ "readWrite"]
     };


    db.addUser(eventreadUser);
    db.addUser(providerUser);
        db.addUser(eventreadWriteUser);
      }

after i execute this javascript by following command line : 

mongo hostname:port/events  addUsers.js

the problem is providerUser have access to read messages collection and eventreadUser , eventreadWriteUser can also have access to read provider collection

please ask more information if needed or if there something not clearly explained it will be very useful if i get some useful responses very quickly

Thank you
Dinesh

Community
  • 1
  • 1
Dinesh Ramanathan
  • 21
  • 4
  • 1
    What version of mongoDB are you using? According to the docs page that is only supported since 2.5.3 (http://docs.mongodb.org/master/reference/roles-collection/) which is a development release. – joao Mar 30 '14 at 09:43
  • the command `db.version()` by mongo shell gives 2.4.9 – Dinesh Ramanathan Mar 30 '14 at 16:50
  • You have your answer then. User privileges before 2.5.3 are on a db scale. – joao Mar 30 '14 at 18:44
  • Thank you joao ( i found a function `db.createRole()` but the same issue with the version (`db.createRole` for 2.6 and later version ) – Dinesh Ramanathan Mar 30 '14 at 20:08

0 Answers0