Hi Everyone!!
I have a specific requirement where I want to restrict a user to read the entire database except only a single collection. How can I proceed with this, does anyone have an idea about this?
Thanks!
It is not possible
Please check this link
While you might not be able to explicitly restrict 1 collection you might be able to explicitly give access to the other collections.
See https://www.mongodb.com/docs/manual/tutorial/manage-users-and-roles/ for more details.
In the link above the accepted answer describes this. I read it after I post this answer now I cant delete it.
db.createRole({
role: "read_only_users",
privileges: [
{
resource: {
db: "wins_auth",
collection: "users"
},
actions: ["find"]
}
],
roles: []
})
I assign this role to a user and it will not able to see the other collections other than the users.