Hiding Fields in MongoDB: Views + Custom Roles
source link: https://www.tuicool.com/articles/Mf6Vrai
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
A time ago we wrote about how personalized roles may help you to give specific permissions when it is needed. This time we want to discuss how a custom role, combined with a MongoDB View, can hide sensitive information from the client.
Hiding Fields in MongoDB
Suppose you have a collection that needs to be shared with a different team, but this team should not be able to see some fields – in our case, to make it easy: the salary field.
Views in MongoDB can hide sensitive information and change the data visualization as needed – It was discussedhere. For this example, we will use the collection employee with some data, with a user that has permission. Let’s insert some objects in the percona database
use percona
db.employees.insert({ "_id" : ObjectId("5ce5e609444cde8078f337f2"), "name" : "Adamo Tonete",
"salary" : { "year" : 1, "bonus" : 1 } })
db.employees.insert({ "_id" : ObjectId("5ce5e616444cde8078f337f3"), "name" : "Vinicius Grippa",
"salary" : { "year" : 1, "bonus" : 1 } })
db.employees.insert({ "_id" : ObjectId("5ce5e627444cde8078f337f4"), "name" : "Marcos Albe",
"salary" : { "year" : 1, "bonus" : 1 } })
db.employees.insert({ "_id" : ObjectId("5ce5e63f444cde8078f337f5"), "name" : "Vinodh Krishnaswamy",
"salary" : { "year" : 1, "bonus" : 1 } })
db.employees.insert({ "_id" : ObjectId("5ce5e655444cde8078f337f6"), "name" : "Aayushi Mangal",
"salary" : { "year" : 1, "bonus" : 1 } })
Then let’s create a view for this collection:
db.createView('employees_name', 'employees',
[{ $project: { _id: 1, name : 1 } } ]
)
If we type show dbs ; we will be able to see both collections, so, a read-only user still able to read the employees collection.
In order to secure the employees’ collection, we are creating a custom role that one has permission to see the employees_names collection and nothing else. In that way the fields salary will never exist to the user:
use admin
db.createRole(
{
role: "view_views",
privileges: [
{ resource: { db: "percona", collection: "system.views" }, actions: [ "find" ] },
{ resource: { db: "percona", collection: "employees_name" }, actions: [ "find","collStats"]}
],
roles: [
{ role: "read", db: "admin" }
]
}
)
Then we will create a user that only has permission to read data from the view (belongs to the role “view_views”);
db.createUser({user : 'intern', pwd : '123', roles : ["view_views"]})
Now the user can only see the collection employees_name in the percona database and nothing else.
Running the query as the user intern:
> show dbs
admin 0.000GB
percona 0.000GB
> use percona
switched to db percona
> db.employees_name.find()
{ "_id" : ObjectId("5ce5e609444cde8078f337f2"), "name" : "Adamo Tonete" }
{ "_id" : ObjectId("5ce5e616444cde8078f337f3"), "name" : "Vinicius Grippa" }
{ "_id" : ObjectId("5ce5e627444cde8078f337f4"), "name" : "Marcos Albe" }
{ "_id" : ObjectId("5ce5e63f444cde8078f337f5"), "name" : "Vinodh Krishnaswamy" }
{ "_id" : ObjectId("5ce5e655444cde8078f337f6"), "name" : "Aayushi Mangal" }
There are several ways to do that. For instance, if you were using an application it would do the same thing, but the purpose of this blog is to demonstrate how a combination of two technologies can help in hiding fields in MongoDB
I hope you liked the blog, feel free to reach out me on @ AdamoTonete or @ percona for questions.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK