w3resource

MongoDB: db.revokeRolesFromUser() method

db.revokeRolesFromUser()

The db.revokeRolesFromUser() method is used to remove a one or more roles from a user on the current database.

Syntax:

db.revokeRolesFromUser( "<username>", [ <roles> ], { <writeConcern> } )

Parameters:

Name Description Required /
Optional
Type
user The name of the user from whom to revoke roles. Required string
roles The roles to remove from the user. Required array
writeConcern The level of write concern for the modification. The writeConcern document takes the same fields as the getLastError command. Optional document

In the roles field, you can specify both built-in roles and user-defined role.

To specify a role that exists in the same database where db.revokeRolesFromUser() runs, you can either specify the role with the name of the role:

"readWrite"

Or you can specify the role with a document, as in:

{ role: "<role>", db: "<database>" }

To specify a role that exists in a different database, specify the role with a document.

Example: MongoDB: db.revokeRolesFromUser() method

The mynewuser user in the test database has the following roles:

db.getUser("mynewuser");

      "_id" : "test.mynewuser",
      "user" : "mynewuser",
      "db" : "test",
      "roles" : [
              {
                      "role" : "read",
                      "db" : "orders"
              },
              {
                      "role" : "readWrite",
                      "db" : "test"
              },
              {
                      "role" : "dbAdmin",
                      "db" : "test"
              }
      ]

The following db.revokeRolesFromUser() method removes two of the user’s roles: the read role on the orders database and the readWrite role on the test database, which is also the database on which the method runs:

use test
db.revokeRolesFromUser( "mynewuser",
                        [ { role: "read", db: "orders" }, "readWrite" ],
                        { w: "majority" }
                      );

The user mynewuser user in the test database now has only one remaining role:

db.getUser("mynewuser");

      "_id" : "test.mynewuser",
      "user" : "mynewuser",
      "db" : "test",
      "roles" : [
              {
                      "role" : "dbAdmin",
                      "db" : "test"
              }
      ]

Retrieve the restaurants data from here

Required Access

You must have the revokeRole action on a database to revoke a role on that database.

Previous: db.grantRolesToUser() method
Next: db.getUser() method



Inviting useful, relevant, well-written and unique guest posts