Thursday, November 17, 2016

MongoDB - Create custom role examples




MongoDB Enterprise TO_BE_SECURED:PRIMARY> use admin
MongoDB Enterprise TO_BE_SECURED:PRIMARY> db.createRole({role:'ROLE1', privileges:[{resource:{ db: "HR", collection: "" },actions:[ "find","dropUser"]},{resource:{ db: "HR", collection: "employees" },actions:["update", "insert", "remove"]}],roles: [{ role: "userAdmin", db: "HR" }]},{w:"majority",wtimeout:5000 })

MongoDB Enterprise TO_BE_SECURED:PRIMARY> db.createRole({role:'ROLE2', privileges:[{resource:{ db: "HR", collection: "" },actions:["update", "insert", "remove"]}],roles: [{ role: "dbOwner", db: "HR" }]},{w:"majority",wtimeout:5000 })

MongoDB Enterprise TO_BE_SECURED:PRIMARY> db.createRole({role:'ROLE3', privileges:[{resource:{ db: "HR", collection: "employees" },actions:[ "find","update"]}],roles: []},{w:"majority",wtimeout:5000 })

MongoDB Enterprise TO_BE_SECURED:PRIMARY> db = db.getSisterDB('admin');
MongoDB Enterprise TO_BE_SECURED:PRIMARY> var roles = db.getRoles({showPrivileges: true});
MongoDB Enterprise TO_BE_SECURED:PRIMARY> var sortedRoles = roles.map((role) => {return {role: role.role,inheritedRoles: role.inheritedRoles,privileges: role.privileges};}).sort((a, b) => (a.role > b.role));
MongoDB Enterprise TO_BE_SECURED:PRIMARY> print(JSON.stringify(sortedRoles));