Robomongo: No database shown for Atlas user only has permissions on specific databases
For MongoDB Atlas user, when the database user only has readWrite permission on specific databases, after connecting to the cluster, no database shown in Robomongo. And Show log gives:
Error while trying to show global log: not authorized on admin to execute command { getLog: "global" }
I assume I am using an application mongodb user that only has readWrite permission on a database. To mitigate this issue, I add an extra permission to this user, and the usable permission combination in MongoDB Atlas is as below:
- clusterMonitor@admin
- readWrite@
I guess it works because getLog works?
Anyway, is it possible to add a connection option that allows database user only has read/readWrite permission to use Robomongo?
drewfle
All 9 comments
Hi @drewfle , thanks for reporting the problem.
We have reproduced the issue and it seems like a real problem which might require code change. We will investigate.
simsekgokhan
on 15 Jun 2017
+1 to fix this asap please
markwclancy
on 9 Nov 2017
I can confirm this issue as well. My setup is:
- admin user that has all rights
- production user with read/write on specific database
- databases hosted at MongoDB Atlas 3.6
When I logon to the cluster using Robo 3T as production user I see the replica set and the system folder, but no databases at all. When I logon using Robo 3T as the admin user I see the replica set, system folder and three databases (one of which the production user has r/w rights on).
When I use MongoDB Compass Community with the same credentials for the production user I get to see (and use) the database on which this user has r/w rights.
The setup I am using:
Connection - Type : replica set
Connection - Name : arbitrary name
Connection - Members : URL to all three members
Connection - Set name : name of the rs
Auth - Perform Auth : yes
Auth - Database : admin
Auth - User & Pass : credentials
Auth - Mech : SCRAM-SHA-1
SSH : no
SSL : yes, self signed, no PEM or advanced
Advanced : Default db empty (also tried putting name of db in there, does not make a difference)
arnoldligtvoet
on 26 Jan 2018
Hello, I just faced this issue this morning and was wondering if there's any progress on it at all? We have a real use case where a mongo user needs to just see one database using Robo3T, and at this point in time it does not seem possible without also giving clusterMonitor role to the user, which is less than ideal.
Thanks.
EitherZeroOrOne
on 14 Nov 2018
馃憤
siennamw
on 1 Feb 2019
Any fix for this? Workaround provided works but need a permanent solution for Robo3T. It works fine on Studio3T though.
vijayanettem
on 12 Feb 2019
Root cause of the problem seems to be coming from MongoDB command listDatabases. This command can be run only by admin and not by authenticated users which is causing our problem in this ticket.
The fix seems to be in MongoDB version r4.1.8 which was released 21 hours ago.
At this moment, the new Robo 1.3 has already been upgraded from MongoDB 3.4 to 4.0.5, soon to be released.
To fix this problem, we will need to upgrade MongoDB drivers at least to 4.1.8 in the next Robo releases.
Details:
https://jira.mongodb.org/browse/SERVER-6898
Message: SERVER-6898 Enable listDatabases for all users
Branch: master
https://github.com/mongodb/mongo/commit/a34fa65325dafc01857a4525d0d8b2f26b485965
simsekgokhan
on 13 Feb 2019
And as a workaround this seems to be working:
Create a new database with the name of existing db to which the user is authenticated.
Original comment: https://github.com/Studio3T/robomongo/issues/389#issuecomment-353207113
simsekgokhan
on 14 Feb 2019
Hi all, we have added a related feature in v1.4.
I hope it will help you -> https://blog.robomongo.org/robo-3t-1-4/#a2
simsekgokhan
on 29 Dec 2020
Related issues
equero
路
3Comments
lborg019
路
4Comments
andidev
路
3Comments
matgenois
路
4Comments
Imperial7
路
4Comments
Most helpful comment
+1 to fix this asap please