/ Database Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Grant Right to Use $Eval on MongoDB 3.2

DZone's Guide to

Grant Right to Use $Eval on MongoDB 3.2

How do you enable a user to execute the $eval command in MongoDB? You might not think this is an issue, but you might also be surprised. Read on to find out more.

by
Ricci Gian Maria
·
May. 26, 16 · Database Zone
Free Resource

Comment (1)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Learn how to create flexible schemas in a relational database using SQL for JSON.

One of the side effects of enabling authorization on MongoDB is that, even if you create a user with “root” right, this account is not able to execute the $eval command. The symptom is, when you try to execute $eval you get this error:

mongodb Command '$eval' failed: not authorized on jarvis-framework-saga-test to execute command

This happens because $eval is somewhat deprecated, and it should not be used. Since it is a dangerous command, a user should have access to all action on all resources, and you need to create a role that has anyAction on anyResource.

If you really need to use $eval, you should create a role. Just connect to the admin database and create a new role with the command.

db.createRole( 
{ 
role: "executeEval", 
privileges: [ { 
resource: { anyResource: true }, 
actions: [ "anyAction" ] } ], 
roles: []
 } )

Now that you have this new role, just add it to all the users that need to use $eval. As an example, if you have a single admin user in the admin database, just run this against the admin DB.

db.grantRolesToUser("admin", [ { role: "executeFunctions", db: "admin" } ])

And now, the admin user can execute $eval against all databases.

Create flexible schemas using dynamic columns for semi-structured data. Learn how.

Like This Article? Read More From DZone

Creating User Access Control in MongoDB
Spring Security 4: JDBC Authentication and Authorization in MySQL
What Is a Hellban?

Free DZone Refcard

Getting Started With Redis
DOWNLOAD
Topics:
mongodb ,database ,authorization ,users ,permissions

Comment (1)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of Ricci Gian Maria, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Database Partner Resources

Five NoSQL Myths Dispelled by c-treeACE
Shift LEFT: Explore how – and why – application and database development can make the most of DevOps
Switch from relational to NoSQL for faster, more flexible web, mobile, and IoT apps
Learn to achieve data integrity and flexibility by combining structured and semi-structured data with MariaDB and JSON.
Couchbase outperformed MongoDB by 7x on reads, 5x on writes, and 3x on queries
Learn how to achieve Continuous Delivery for Databases in this 110 page E-book
MySQL vs. MariaDB: Guide to Open Source Database Selection
Explore the top 10 use cases for NoSQL – Real-world examples from leading companies
NoSQL Performance with Full Read/Write Access to SQL
White paper: Flexible data modeling using dynamic columns, includes sample data and queries.
Don’t let the database be a bottleneck: Solving Database Deployment Problems with Database DevOps

Database Partner Resources

Five NoSQL Myths Dispelled by c-treeACE
Shift LEFT: Explore how – and why – application and database development can make the most of DevOps
Switch from relational to NoSQL for faster, more flexible web, mobile, and IoT apps
Learn to achieve data integrity and flexibility by combining structured and semi-structured data with MariaDB and JSON.
THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone