I’d also like to add that I’m a bit perplexed with MongoDB’s roles system overall, as it seems like it is not adequate for most situations.
For example, if I wanted to do something as simple as only allow a user to edit their own profile document within a Profiles collection while making all other profiles read-only for them, this doesn’t appear possible to do, since users can only be granted read or write permission across an entire collection, not individual documents.
Is there something I am just misunderstanding?