w3resource

MongoDB: db.grantPrivilegesToRole() method

db.grantPrivilegesToRole()

The db.grantPrivilegesToRole() method is used to assign additional privileges to a user-defined role.

Syntax:

db.grantPrivilegesToRole(
    "< rolename >",
    [
        { resource: { <resource> }, actions: [ "<action>", ... ] },
        ...
    ],
    { < writeConcern > }
)

Parameters:

Name Description Required /
Optional
Type
rolename The name of the role to grant privileges to. Required String
privileges The privileges to add to the role. For the format of a privilege. Required array
writeConcern The level of write concern for the modification. The writeConcern document takes the same fields as the getLastError command. Optional document

The grantPrivilegesToRole() method can grant one or more privileges. Each <privilege>has the following syntax:

{ resource: { <resource> }, actions: [ "<action>", ... ] }

The db.grantPrivilegesToRole() method wraps the grantPrivilegesToRole command.

Example: MongoDB: db.grantPrivilegesToRole() method

The following db.grantPrivilegesToRole() operation grants two additional privileges to the myroll1, which exists on the admin database. The operation is run on that database:

use admin
db.grantPrivilegesToRole(
  "myroll1",
  [
    {
      resource: { db: "config", collection: "" },
      actions: [ "insert" ]
    },
    {
      resource: { db: "admin", collection: "system.js" },
      actions: [ "find" ]
    }
  ],
  { w: "majority" }
);

Output:

> db.getRole( "myroll1", { showPrivileges: true } );
{
        "role" : "myroll1",
        "db" : "admin",
        "isBuiltin" : false,
        "roles" : [
                {
                        "role" : "read",
                        "db" : "admin"
                }
        ],
        "inheritedRoles" : [
                {
                        "role" : "read",
                        "db" : "admin"
                }
        ],
        "privileges" : [
                {
                        "resource" : {
                                "db" : "config",
                                "collection" : " "
                        },
                        "actions" : [
                                "createCollection",
                                "createIndex",
                                "update"
                        ]
                },
                {
                        "resource" : {
                                "db" : "config",
                                "collection" : ""
                        },
                        "actions" : [
                                "insert"
                        ]
                },
                {
                        "resource" : {
                                "db" : "admin",
                                "collection" : "system.js"
                        },
                        "actions" : [
                                "find"
                        ]
                }
        ],
        "inheritedPrivileges" : [
                {
                        "resource" : {
                                "db" : "config",
                                "collection" : " "
                        },
                        "actions" : [
                                "createCollection",
                                "createIndex",
                                "update"
                        ]
                },
                {
                        "resource" : {
                                "db" : "config",
                                "collection" : ""
                        },
                        "actions" : [
                                "insert"
                        ]
                },
                {
                        "resource" : {
                                "db" : "admin",
                                "collection" : "system.js"
                        },
                        "actions" : [
                                "collStats",
                                "dbHash",
                                "dbStats",
                                "find",
                                "killCursors",
                                "planCacheRead"
                        ]
                },
                {
                        "resource" : {
                                "db" : "admin",
                                "collection" : ""
                        },
                        "actions" : [
                                "collStats",
                                "dbHash",
                                "dbStats",
                                "find",
                                "killCursors",
                                "planCacheRead"
                        ]
                },
                {
                        "resource" : {
                                "db" : "admin",
                                "collection" : "system.indexes"
                        },
                        "actions" : [
                                "collStats",
                                "dbHash",
                                "dbStats",
                                "find",
                                "killCursors",
                                "planCacheRead"
                        ]
                },
                {
                        "resource" : {
                                "db" : "admin",
                                "collection" : "system.namespaces"
                        },
                        "actions" : [
                                "collStats",
                                "dbHash",
                                "dbStats",
                                "find",
                                "killCursors",
                                "planCacheRead"
                        ]
                }
        ]
} 

Retrieve the restaurants data from here

Previous: db.dropAllRoles() method
Next: db.revokeRolesFromRole() method



Follow us on Facebook and Twitter for latest update.