I'm using mongoDB without any authentication now. just start mongod in one teminal and mongo in other. I want to set a group of users to a my database. Only that users should able to do the specified roles like write documents into collection, read from existing collections etc.. No other user can access that database.
here is what i done so far.
use admin
db.createUser(
{
user: "siteUserAdmin",
pwd: "password",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
use hospital
db.createUser( {
user: "hospitalUser",
pwd: "password",
roles: [ { role: "read", db: "hospital" } ]
}
)
But still i'm still able to write documents into hospital collection even though i assigned read permission only.
Can anyone explain me in details what should i do to solve my problem??
thankyou..