Created a MongoDB user with readWrite access to a collection. But I don't want to give dropCollection access right to that user. How can I implement that.
Thanks.
You can define your custom role for your purpose.
You can also extend existing roles, by inheriting with the admin.system.roles.roles field of your custom role.
Here is an example custom role
{
role: "YourRole",
db: "YourDatabase",
privileges:
[
{
resource: {db: "YourDatabase", collection: "OneOfCollections"},
actions: ["find", "insert", "update", "remove", "createIndex" ...]
},
{
resource: {db: "YourDatabase", collection: "AnotherCollection"},
actions: ["find", "insert", "update", "remove", "createIndex" ...]
},
.
.
.
],
roles:
[
{ role: "RoleYouWantToInherit", db: "TheDatabaseRoleIsDefinedFor" },
...
]
}