Continuing the discussion from Ticket: Principle of Least Privilege problem:
I’m experiencing the same issue as this user from 1.5 year ago.
Here’s what I did to create the user:
- Go to cloud.mongodb.com
- Under “Security” on the left, select “Database Access”
- Click the green button labeled “+ Add New Database User” on the right
- Enter the given username and password and grant specific privileges: readWrite@mflix.sample_mflix
However, while I can pass the test, the server program is no longer able to load images. I see the following error:
GET / 304 12.037 ms - - GET /static/css/main.d2c98b4b.chunk.css 304 8.789 ms - - GET /static/js/1.908cc23a.chunk.js 304 8.728 ms - - GET /static/js/main.02d67aeb.chunk.js 304 8.909 ms - - GET /static/media/mongoleaf.0ebc1843.png 200 8.774 ms - 52399 Unable to convert cursor to array or problem counting documents, MongoError: user is not allowed to do action [find] on [sample_mflix.movies]
As detailed above, I specifically granted read and write privileges to this user on this collection, so why is this happening? This was never answered. I think it would be helpful to know in case this happens in a real world application.