Can't execute `db.find` command with query args
tvytlx opened this issue · comments
Can't execute db.find
command with query args, but the native mongo-cli didn't have this issue. Is this a bug?
mydb:PRIMARY> db.mycollection.find({'key': 'val'})
Error: profile command failed: {
"ok": 0,
"errmsg": "not authorized on MYDATABASE to execute command { profile: -1.0 }",
"code": 13,
"codeName": "Unauthorized"
}
# this user's role
db.getRoles({'showPrivileges':1})
[
{
"role": "CrawlerRole",
"db": "admin",
"isBuiltin": false,
"roles": [ ],
"inheritedRoles": [ ],
"privileges": [
{
"resource": {
"db": "",
"collection": ""
},
"actions": [
"find",
"insert",
"listIndexes",
"update"
]
}
],
"inheritedPrivileges": [
{
"resource": {
"db": "",
"collection": ""
},
"actions": [
"find",
"insert",
"listIndexes",
"update"
]
}
]
}
]
# my mongo version
MongoDB shell version v3.4.0
MongoDB server version: 3.4.0
Mongo-Hacker 0.0.14
Thanks for writing in @tvytlx. That might happen because mongo-hacker runs an implicit explain (which requires some extra permissions):
Can you try granting "enableProfiler" on your user or disabling "index_paranoia" in mongo-hacker's config?
I'm not db admin; index_paranoia
's default value is false
.. 😢
Just wanted to make sure you saw that there were some changes to roles in 3.4:
https://docs.mongodb.com/manual/release-notes/3.4-compatibility/#user-roles-changes