/ Database Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Grant Right to Use $Eval on MongoDB 3.2

DZone's Guide to

Grant Right to Use $Eval on MongoDB 3.2

How do you enable a user to execute the $eval command in MongoDB? You might not think this is an issue, but you might also be surprised. Read on to find out more.

by
·
May. 26, 16 · Database Zone ·
Free Resource

Comment (1)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Download the Altoros NoSQL Performance Benchmark 2018. Compare top NoSQL solutions – Couchbase Server v5.5, MongoDB v3.6, and DataStax Enterprise v6 (Cassandra).

One of the side effects of enabling authorization on MongoDB is that, even if you create a user with “root” right, this account is not able to execute the $eval command. The symptom is, when you try to execute $eval you get this error:

mongodb Command '$eval' failed: not authorized on jarvis-framework-saga-test to execute command

This happens because $eval is somewhat deprecated, and it should not be used. Since it is a dangerous command, a user should have access to all action on all resources, and you need to create a role that has anyAction on anyResource.

If you really need to use $eval, you should create a role. Just connect to the admin database and create a new role with the command.

db.createRole( 
{ 
role: "executeEval", 
privileges: [ { 
resource: { anyResource: true }, 
actions: [ "anyAction" ] } ], 
roles: []
 } )

Now that you have this new role, just add it to all the users that need to use $eval. As an example, if you have a single admin user in the admin database, just run this against the admin DB.

db.grantRolesToUser("admin", [ { role: "executeFunctions", db: "admin" } ])

And now, the admin user can execute $eval against all databases.

Download the whitepaper, Moving From Relational to NoSQL: How to Get Started. We’ll take you step by step through your first NoSQL project.

Like This Article? Read More From DZone

Creating User Access Control in MongoDB
Spring Security 4: JDBC Authentication and Authorization in MySQL
What Is a Hellban?

Free DZone Refcard

Database Monitoring
DOWNLOAD
Topics:
mongodb ,database ,authorization ,users ,permissions

Comment (1)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

Database Partner Resources

Dependance upon proprietary databases has changed. Compare the enterprise features of MariaDB TX, Oracle, Microsoft and IBM.
Redis Enterprise as a Database for Microservices
2019 State of Database DevOps Report: latest insights on DevOps adoption rates among SQL Server Professionals
Getting Started with Spark and Redis
Download Free: New Compliant Database DevOps Whitepaper from Redgate
Try the must-have graph OLAP database for those demanding the fastest graph analytics and data management solutions
Example schemas and queries for hybrid data models based on relational + JSON
Moving From Relational to NoSQL: A Step-by-Step Guide for Your First NoSQL Project
Shift LEFT issue #4: Explores the new world of compliant Database DevOps and how to protect against data breaches without deployment bottlenecks
Improve Database Performance by Migrating to RavenDB 4.0 [Webinar]
Beginners Guide to Redis
Your Guide to Understanding Graph Databases

Database Partner Resources

Dependance upon proprietary databases has changed. Compare the enterprise features of MariaDB TX, Oracle, Microsoft and IBM.
Redis Enterprise as a Database for Microservices
2019 State of Database DevOps Report: latest insights on DevOps adoption rates among SQL Server Professionals
Getting Started with Spark and Redis

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone