I'm new to mongodb , and i'm trying to understand and how to grant access to the users of my database ( i have a mongodb data base from mongoHQ sandbox 512 Mb free ).
after connecting to my mongodb from my mongo shell
i have a database named event and it contains 2 collections
- message
- provider
i created 2 users :
- messageUser
- providerUser
what i want is :
messageUser only can read message collection , and hasn't access to read,write on provider collection
providerUser only privileges to read,write on provider collection and read privilege on message collection
I found db.addUser() - Version 2.4.9 but i cannot define privileges on collections
example ( after successfully connected to mongodb from mongo shell ) :
use event
db.addUser( { user: "messageUser", pwd: "password", roles: ["read"] } )
but messageUser stil have access to read provider collection
but i found on the latest version 2.6.x db.addUser : [http://docs.mongodb.org/master/reference/method/db.addUser/#db.addUser] and db.createRole: [http://docs.mongodb.org/master/reference/method/db.createRole/#db.createRole] we can define more 'sophisticated privileges' for example : grant privileges messageUser to only find action on message collection's Privilege Action : [http://docs.mongodb.org/master/reference/privilege-actions/]
db.addUser({
user: 'messageUser',
pwd: 'password',
privileges: [{
resource: {collection: "messages" },
actions: [ "find"]
}],
roles: [ "read"]
});
also i find that we can define user privileges from adding users to the database named amin unfortunately MongoHQ service doesn't give permission to access on this database
please ask more information if needed or if there something not clearly explained it will be very useful if i get some useful responses very quickly
Thank you
Dinesh
