MongoDB provides role-based access control. A user is granted one or more roles that determine the user’s access or privileges to MongoDB resources and the actions that a user can perform.
Syntax:-
> db.createUser( { user: "userName", pwd: "userPassword", roles:[{role: "roleName" , db:"DBName"} ] })
Note:- roles are read and readWrite
read:- User can access only for read the data from the database.
readWrite:- User can access for read and modify the database.
Example:- If user can access only read the database.
> db.createUser( { user: "userName", pwd: "userPassword", roles:[{role: "read" , db:"DBName"} ] })
Example:- If user can access read and modify the database.
> db.createUser( { user: "userName", pwd: "userPassword", roles:[{role: "readWrite" , db:"DBName"} ] })
Note:- A user can have different role for differnt database like
> db.createUser( { user: "userName", pwd: "userPassword", roles:[{role: "readWrite" , db:"DBName1"}, {role: "read" , db:"DBName2"} ] })