I am working on a database for investigation purposes. I want to make some of that information public but other pieces of information are highly confidential.
I want to create a user and grant access only to the public information inside a document of a collection. For example in my collection "people", i want to show the name but not the phone number:
{
"_id" : ObjectId("5910e7abce41fe759ebb1720"),
"name" : "name",
"phone" : "999999999"
}
How can i achieve this? I only found how to grant User-Defined Roles by collection.
db.createRole(
{
role: "myClusterwideAdmin",
privileges: [
{ resource: { cluster: true }, actions: [ "addShard" ] },
{ resource: { db: "config", collection: "" }, actions: [ "find", "update", "insert", "remove" ] },
{ resource: { db: "users", collection: "usersCollection" }, actions: [ "update", "insert", "remove" ] },
{ resource: { db: "", collection: "" }, actions: [ "find" ] }
],
roles: [
{ role: "read", db: "admin" }
]
},
{ w: "majority" , wtimeout: 5000 }
)
Should i create a "public information" collection or is there a better way?
Best Answer
No, you cannot grant rights for document... But you can do views what shows only that public information.