Mongodb user permission read only issue

Question

I have an issue with permissions in Mongodb

> use test
switched to db test
> db.createUser(
...   {
...     user: "tester",
...     pwd: "123456",
...     roles: [ { role: "readWrite", db: "test" },
...              { role: "read", db: "TestHPO" } ]
...   }
... );
Successfully added user: {
        "user" : "tester",
        "roles" : [
                {
                        "role" : "readWrite",
                        "db" : "test"
                },
                {
                        "role" : "read",
                        "db" : "TestHPO"
                }
        ]
}
> db.auth("tester", "123456" )
1
> use TestHPO
switched to db TestHPO
> db.createCollection("mycollection");
{ "ok" : 1 }

The test user has only read permission on TestHPO databases but can create and drop the collection in the above example.

This should be read-only which means just find, where is the issue with my code?

See my answer for another post. stackoverflow.com/questions/37372684/… — Saleem
– Saleem, Commented Feb 12, 2018 at 9:57

Alex Blex · Accepted Answer · 2018-02-12 09:45:14Z

1

You are not using access control.

From https://docs.mongodb.com/manual/tutorial/enable-authentication/#re-start-the-mongodb-instance-with-access-control:

Re-start the mongod instance with the --auth command line option or, if using a configuration file, the security.authorization setting.

answered Feb 12, 2018 at 9:45

Alex Blex

37.3k7 gold badges53 silver badges86 bronze badges

Sign up to request clarification or add additional context in comments.

Comments

Spz Sot · Accepted Answer · 2018-02-12 09:53:06Z

0

Following Add Users - tutorial

Or

Another way.You should switch to database TestHPO and createUser again.

answered Feb 12, 2018 at 9:53

Spz Sot

33 bronze badges

Comments

mputha · Accepted Answer · 2019-05-31 14:31:12Z

0

Update/create config file for mongo db with below auth properties: security: authorization: enabled setParameter: authenticationMechanisms: MONGODB-CR

Restart the mongodb with --auth & --config: mongod --auth --config C:\data\conf\mongod.conf

If the username or password contains a colon (:) or an at-sign (@) then it must be urlencoded otherwise throws exception.

answered May 31, 2019 at 14:31

mputha

4055 silver badges7 bronze badges

Collectives™ on Stack Overflow

Mongodb user permission read only issue

3 Answers 3

Comments

Comments

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

3 Answers 3

Comments

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related