Hello everyone!
I have a problem and am not sure if I’m doing something wrong.
As I understand it, if I grant the privilege like so:
This should let the user see and modify documents in the testcollection collection in the test database.
However, using Compass, I can see that I’m in the test database but no Collection is shown:
If I grant readWrite for every Collection by leaving the Collection field empty, I can see and modify all Collections in the database as expected.
How can I grant access via Compass to only a certain Collection of a database?
Thanks for any help in advance!
Hi Magnus,
Collections in MongoDB are essentially a virtual construct until used for something: In other words, you’ve created a user that can now readWrite to collection testcollection: you will need to write a document to test.testcollection (something you should have permission to do) to actually start seeing it–the Compass UI does show the concept of creating a collection I believe which you should be able to do.
Andrew
Sorry, I should’ve mentioned that in advance:
There are several documents in testcollection, added at first through the atlas webinterface but later on also successfully with the user in question through the api. Accordingly the user does have write access to the collection and the privileges work correctly. (Also if I change the privilege to a different Collection for the user and try again through the api, I get an appropriate error from Atlas, so I’m definetely accessing via said user)
Still, I can’t see any Collection with the user in Compass, also when setting the privilege to a different non-empty Collection. Only when I grant readWrite for the whole database I can see all Collections, even empty ones, in Compass.
If it’s important: I simply copied the connection string from Cluster -> Connect -> Connect using MongoDB Compass and filled in the credentials. The end of the connection string also shows /test, so the correct database is addressed. The version of Compass is 1.21.2 and thereby above 1.12.
After adding the string to Compass, it added some things like “…Compass&retryWrites=true&ssl=true” which look to me like simply the default parameters.
I also verified multiple times that I don’t have a typo somewhere: The collection I see at Cluster -> Collections in the webinterface is definitely called test.testcollection and the MongoDB role for the user is stated to be “readWrite@test.testcollection”.
I agree with your observations
Tried creating a user from Atlas with access to a specific collection
It is not working.Cannot see any collections.Just displays the DBname
When you leave collection name field empty it works
I tried even custom role but even that does not work
May be Mongodb staff can help on how to give collection level access to a user from Atlas
Thank you for verifying that it doesn’t work for you too, now it’s less probably that it has something to do with my/our setup in general!
I’ll contact the support and see if they can help to solve my issue and report back when I found out something new.
I had a chat with a very accomodating support staff member, but sadly he had to inform me that the issue is a bug in the current version of Compass.
The 1.22beta2, which I had tried beforehand too, still has the bug as well.
The issue is tracked internally though and a fix should be released in the next versions!
1 Like
