Concept Flow - Built-in roles (read, readWrite, dbAdmin)
Start: User needs permissions
Choose built-in role
read
Access granted based on role
End
User selects one built-in role to get specific database permissions: read, readWrite, or dbAdmin.
0
0
Built-in roles (read, readWrite, dbAdmin) in MongoDB - Step-by-Step Execution
Execution Sample
MongoDB
use mydb
db.createUser({
user: "alice",
roles: ["readWrite"]
})Creates user 'alice' with readWrite role on 'mydb' allowing read and write access.
Execution Table
| Step | Action | Role Assigned | Permissions Granted | Result |
|---|---|---|---|---|
| 1 | Switch to database 'mydb' | N/A | N/A | Context set to 'mydb' |
| 2 | Create user 'alice' with role 'readWrite' | readWrite | Read and write data on 'mydb' | User 'alice' created |
| 3 | User 'alice' tries to read data | readWrite | Allowed | Read operation successful |
| 4 | User 'alice' tries to write data | readWrite | Allowed | Write operation successful |
| 5 | User 'alice' tries to perform admin task | readWrite | Denied | Operation failed: insufficient privileges |
| 6 | End | N/A | N/A | User permissions enforced based on role |
💡 User permissions are enforced according to the assigned built-in role.
Variable Tracker
| Variable | Start | After Step 2 | After Step 3 | After Step 4 | Final |
|---|---|---|---|---|---|
| user | undefined | alice (readWrite) | alice (readWrite) | alice (readWrite) | alice (readWrite) |
| permissions | none | read and write | read allowed | read and write allowed | read and write allowed |
Key Moments - 2 Insights
Why can't 'alice' perform admin tasks with the readWrite role?
Because the readWrite role only grants read and write data permissions, not administrative privileges. See execution_table row 5 where admin tasks are denied.
What happens if you assign the 'read' role instead of 'readWrite'?
The user can only read data but cannot write. This is shown by the difference in permissions granted in execution_table rows 3 and 4.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what permissions does 'alice' have after step 2?
💡 Hint
Check the 'Permissions Granted' column at step 2 in the execution_table.
At which step does 'alice' fail to perform an operation due to insufficient privileges?
💡 Hint
Look for 'Operation failed' in the 'Result' column of the execution_table.
If 'alice' was assigned the 'dbAdmin' role, which permission would change?
💡 Hint
Refer to the concept_flow where dbAdmin role allows managing database structure.
Concept Snapshot
Built-in roles in MongoDB control user permissions. read: can only read data. readWrite: can read and write data. dbAdmin: can manage database structure. Assign roles when creating users to control access. Permissions are enforced automatically by MongoDB.
Full Transcript
This visual execution shows how MongoDB built-in roles work. First, you switch to the target database. Then you create a user and assign a built-in role like readWrite. This role lets the user read and write data but not perform admin tasks. The execution table traces each step: creating the user, reading data, writing data, and trying an admin task. The user can do read and write but fails admin operations. Variables track the user and permissions over time. Key moments clarify why roles limit actions and what changes if roles differ. The quiz tests understanding by asking about permissions at specific steps and role effects. The snapshot summarizes the roles and their permissions simply.