Role Management Methods
The role management commands are used to manage the role of the users. The following are the methods that are used for different purposes.
#1. db.createRole(role, writeConcern)
The createRole method is used to assign a role under the database. Using this method, we can specify privileges for the role by explicitly listing the privileges. You may also perform it by getting the role to inherit privileges from some different roles or both. The role always applies to the database on which we are running the method.
The JTPAdmin role on the admin database will be created using the cerate role method:
#2. db.dropRole(rolename, writeConcern)
The drop role method is used to remove the specified user-defined role from the database on which we are running the method.
The following example deletes the readsubject role from the tutorial database:
The drop all role method is used to remove all the specified user-defined roles from the database on which we are running the method.
The following example uses a write concern of majority and drops all the user-defined roles from the tutorials database.
#4. db.getRole(rolename, args)
In MongoDB, a role inherits the instance of some other role. This method is used to get the parent roles from which this role inherits privileges. Also, all the role's privileges can be returned using this method.
When we run the db.getRole() method from the database that contains both the user-defined roles and built-in roles, then the specified command can retrieve the information.
For the role, Admin defined on the tutorials database return role inheritance information and privileges.
Returns information for all the roles in the database on which the command runs. We can use this method with or without an argument. If we run this method without an argument, the method returns the inheritance information for the user-defined roles of the database.
The following query will return the documents for all the existing roles on the tutorials database and also includes role privilege and built-in role:
#6. db.updateRole(<rolename>, <update>, <writeConcern>)
The update role method is used to update a user-defined role. To update a user-defined role, it must run on the specified role's database. When we update a field, it will completely replace the old field's values.
In the case, we need to add or remove roles/privileges without replacing each value, we have to use one or more of the listed methods:
The example below will replace the privileges and the roles for the librarian role that exists in the tutorial database. The method runs on the database that contains librarian:
Shell Output and example: