0
0
MongoDBquery~20 mins

Custom role creation in MongoDB - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
MongoDB Role Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
query_result
intermediate
2:00remaining
Output of creating a custom role with specific privileges
You create a custom role in MongoDB with the following command:

db.getSiblingDB('admin').runCommand({
  createRole: "readWriteReports",
  privileges: [
    {
      resource: { db: "reports", collection: "monthly" },
      actions: ["find", "insert"]
    }
  ],
  roles: []
})

What will be the effect of this role when assigned to a user?
AThe user can only read documents in the 'monthly' collection of the 'reports' database.
BThe user can read and insert documents only in the 'monthly' collection of the 'reports' database.
CThe user can perform any action on the 'monthly' collection in all databases.
DThe user can read and insert documents in all collections of the 'reports' database.
Attempts:
2 left
💡 Hint
Look carefully at the resource specification and the actions allowed.
📝 Syntax
intermediate
2:00remaining
Identify the syntax error in this custom role creation command
Which option contains a syntax error when creating a custom role in MongoDB?
MongoDB
db.getSiblingDB('admin').runCommand({
  createRole: "dataAnalyst",
  privileges: [
    {
      resource: { db: "analytics", collection: "" },
      actions: ["find", "update"]
    }
  ],
  roles: []
})
AThe roles array must contain at least one role; empty array is invalid.
BThe createRole field must be an object, not a string.
CThe actions array must include 'insert' to be valid.
DThe collection field is an empty string, which is invalid syntax.
Attempts:
2 left
💡 Hint
Check the resource field values carefully.
🧠 Conceptual
advanced
2:00remaining
Understanding role inheritance in custom roles
You create a custom role 'manager' that inherits from the built-in 'readWrite' role on the 'sales' database. What privileges does the 'manager' role have?
AAll privileges on all databases because 'readWrite' is a global role.
BOnly the additional privileges defined in 'manager', ignoring 'readWrite'.
CAll read and write privileges on the 'sales' database plus any additional privileges defined in 'manager'.
DNo privileges until explicitly granted to the 'manager' role.
Attempts:
2 left
💡 Hint
Think about how role inheritance works in MongoDB.
🔧 Debug
advanced
2:00remaining
Why does this custom role creation command fail?
Consider this command:

db.getSiblingDB('admin').runCommand({
  createRole: "auditor",
  privileges: [
    {
      resource: { db: "", collection: "logs" },
      actions: ["find"]
    }
  ],
  roles: []
})

Why does this command fail?
AThe database field is an empty string, which is invalid.
BThe collection name 'logs' is reserved and cannot be used.
CThe actions array must include 'insert' to be valid.
DThe roles array cannot be empty.
Attempts:
2 left
💡 Hint
Check the resource fields for correctness.
optimization
expert
2:00remaining
Optimizing custom role privileges for minimal access
You want to create a custom role that allows a user to only update documents in the 'inventory' collection of the 'store' database, but no other actions or collections. Which command achieves this with the least privileges?
ACreate a role with privileges on resource {db: 'store', collection: 'inventory'} and actions ['update'].
BCreate a role with privileges on resource {db: 'store', collection: '*'} and actions ['update'].
CCreate a role with privileges on resource {db: 'store', collection: 'inventory'} and actions ['update', 'find'].
DCreate a role with privileges on resource {db: '*', collection: 'inventory'} and actions ['update'].
Attempts:
2 left
💡 Hint
Minimize both the resource scope and actions allowed.