0

What is MongoDB's Role-Based Access Control?

I am fairly new to MongoDB. I was going through the mongoDB documentation of its Role-Based Access Control feature.

I am a bit confused.

Is this the same as adding a roles array in a user schema(as in the example below)?

const mongoose = require('mongoose');

const UserSchema = new mongoose.Schema({
  username: type: String,
  email: type: String,
  roles: ['admin'],
})

Or is it adding permissions to users who can access and manipulate the DB directly without the use of apis?

YulePale
  • 6,688
  • 16
  • 46
  • 95
  • 1
    When you connect your Mongoose code to MongoDB, you will have given it a username and password (in addition to the server URL). What that user can do (which databases can be accessed for example) can be configured using roles. – Thilo Oct 21 '19 at 10:30

1 Answers1

1

Well your question is not straight forward.... The essence of the role is to allow users perform some certain operations on the database For example Given the example above an a user registered with an admin may be granted permission to delete other users, add, edit and so on.

yousouf9
  • 91
  • 2