mongodb-security
Version:
Portable business logic of MongoDB security model
427 lines (426 loc) • 6.78 kB
JSON
{
"_id" : "admin.user",
"user" : "user",
"db" : "admin",
"roles" : [
{
"role" : "dbAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "readWriteAnyDatabase",
"db" : "admin"
},
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "clusterAdmin",
"db" : "admin"
}
],
"inheritedRoles" : [
{
"role" : "clusterAdmin",
"db" : "admin"
},
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "readWriteAnyDatabase",
"db" : "admin"
},
{
"role" : "dbAdminAnyDatabase",
"db" : "admin"
}
],
"inheritedPrivileges" : [
{
"resource" : {
"cluster" : true
},
"actions" : [
"addShard",
"appendOplogNote",
"applicationMessage",
"authSchemaUpgrade",
"cleanupOrphaned",
"connPoolStats",
"connPoolSync",
"cpuProfiler",
"diagLogging",
"flushRouterConfig",
"fsync",
"getCmdLineOpts",
"getLog",
"getParameter",
"getShardMap",
"hostInfo",
"inprog",
"invalidateUserCache",
"killop",
"listDatabases",
"listShards",
"logRotate",
"netstat",
"removeShard",
"replSetConfigure",
"replSetGetConfig",
"replSetGetStatus",
"replSetStateChange",
"resync",
"serverStatus",
"setParameter",
"shardingState",
"shutdown",
"top",
"touch",
"unlock"
]
},
{
"resource" : {
"db" : "",
"collection" : ""
},
"actions" : [
"bypassDocumentValidation",
"changeCustomData",
"changePassword",
"collMod",
"collStats",
"compact",
"convertToCapped",
"createCollection",
"createIndex",
"createRole",
"createUser",
"dbHash",
"dbStats",
"dropCollection",
"dropDatabase",
"dropIndex",
"dropRole",
"dropUser",
"emptycapped",
"enableProfiler",
"enableSharding",
"find",
"getShardVersion",
"grantRole",
"indexStats",
"insert",
"killCursors",
"listCollections",
"listIndexes",
"moveChunk",
"planCacheIndexFilter",
"planCacheRead",
"planCacheWrite",
"reIndex",
"remove",
"renameCollectionSameDB",
"repairDatabase",
"revokeRole",
"splitChunk",
"splitVector",
"storageDetails",
"update",
"validate",
"viewRole",
"viewUser"
]
},
{
"resource" : {
"db" : "",
"collection" : "system.indexes"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "",
"collection" : "system.namespaces"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "",
"collection" : "system.profile"
},
"actions" : [
"collStats",
"convertToCapped",
"createCollection",
"dbHash",
"dbStats",
"dropCollection",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "",
"collection" : "system.js"
},
"actions" : [
"collStats",
"convertToCapped",
"createCollection",
"createIndex",
"dbHash",
"dbStats",
"dropCollection",
"dropIndex",
"emptycapped",
"find",
"insert",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead",
"remove",
"renameCollectionSameDB",
"update"
]
},
{
"resource" : {
"db" : "",
"collection" : "system.users"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "admin",
"collection" : "system.users"
},
"actions" : [
"collStats",
"createIndex",
"dbHash",
"dbStats",
"dropIndex",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "admin",
"collection" : "system.roles"
},
"actions" : [
"collStats",
"createIndex",
"dbHash",
"dbStats",
"dropIndex",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "admin",
"collection" : "system.version"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "admin",
"collection" : "system.new_users"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "admin",
"collection" : "system.backup_users"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "config",
"collection" : ""
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"anyResource" : true
},
"actions" : [
"listCollections"
]
},
{
"resource" : {
"db" : "config",
"collection" : "system.indexes"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "config",
"collection" : "system.js"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "config",
"collection" : "system.namespaces"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "local",
"collection" : "system.replset"
},
"actions" : [
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "config",
"collection" : "settings"
},
"actions" : [
"insert",
"remove",
"update"
]
},
{
"resource" : {
"db" : "config",
"collection" : "tags"
},
"actions" : [
"insert",
"remove",
"update"
]
}
]
}