MongoDb shell simple find(): Why not authorized?

Question

How is this even possible? What am I missing?...

Non-sense query denial

Edit 1: Ignore the db.posts.find vs. db.post.find typo above. I re-auth'd and tried the latter and get exact same denial.

Am I dumb or do MongoDb permissions make no sense at all? Ok don't answer that first part ;-)

Thanks a lot for any advice, I'm stuck on this one.

Sylvain Leroux · Accepted Answer · 2015-05-06T15:19:59.437

0

You grant only roles to the db admin. Not on d6games-site.

Try using:

db.grantRolesToUser(
  "webuser",
  [
    { role: "readWrite", db: "d6games-site" } ,
  ]
)

and very probably:

db.revokeRolesFromUser(
    "webuser",
    [
      { role: "readWrite", db: "admin" }
    ]
)

edited May 06 '15 at 15:19

answered May 06 '15 at 15:14

Sylvain Leroux

Ok I think this finally gets me sorted out... The trick is, in Mongo shell, *always* do "use admin" before creating and/or granting/revoking *permissions to any user in **any db***. In the JSON "db" attrib, specify the actual db you want to give this user permission in. @Sylvain: Do I understand it now? :-) – Locohost May 06 '15 at 17:26
@Locohost Correct. You need the [userAdmin](http://docs.mongodb.org/manual/reference/built-in-roles/#userAdmin) role to grant/revoke permissions. To check the current user's permission, you may use `db.runCommand({connectionStatus : 1})` – Sylvain Leroux May 06 '15 at 20:41

score 0 · Answer 2 · edited May 06 '15 at 15:44

0

The problem is that your table is 'post' and in query you use 'posts'. Try db.post.find()

edited May 06 '15 at 15:44

styvane

answered May 06 '15 at 15:42

andy

No I saw that typo immediately and retried using db.post. See the Edit 1 in OP. Thank you though. I appreciate the reply. – Locohost May 06 '15 at 17:09

2 Answers2