Not authorized for query on

Phoenix Forum Questions / Help
, ,
1

I’m using a new version of mongodb lib in my project and when I try to execute a query (Mongo.find()) I get the error:
not authorized for query on mydb.mycollection 13. I’ve checked the user’s permissions and it seems ok:

root@5c32443b7a09:/# mongo -u root -p root
MongoDB shell version v4.2.1
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("7941b564-95e1-4f1f-b630-e08cea929a0b") }
MongoDB server version: 4.2.1

> use content_proxy
switched to db content_proxy
> show users
{
	"_id" : "content_proxy.cacete",
	"userId" : UUID("2a564c6c-3fc6-4185-9d76-6c6cc936f6c1"),
	"user" : "cacete",
	"db" : "content_proxy",
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "content_proxy"
		}
	],
	"mechanisms" : [
		"SCRAM-SHA-1",
		"SCRAM-SHA-256"
	]
}
>

I’ve researched in too many mongo foruns, I tried many solutions but still not works. Is there anyone with the same problem?

My elixir version is Elixir 1.9.4 (compiled with Erlang/OTP 22) my application libs versions are:

  • phoenix 1.4.11
  • db_connection: 2.1.1
  • mongodb: 0.5.1

My mongodb server 4.2.1 (docker version https://hub.docker.com/_/mongo)

At last, the mongodb log is bellow:

2019-12-03T20:49:58.404+0000 I  ACCESS   [conn59] Successfully authenticated as principal cacete on content_proxy from client 127.0.0.1:45974
2019-12-03T20:55:20.624+0000 I  QUERY    [conn58] assertion Unauthorized: not authorized for query on content_proxy.contents ns:content_proxy.contents query:{ $query: { typeOf: "Chapter" }, $orderby: { _id: 1 } }
2019-12-03T20:55:20.624+0000 I  QUERY    [conn58]  ntoskip:0 ntoreturn:101

Obs: Hi @Ankhers, could you please help me with this issue too?

2

To solve this problem you have to:
1 - create a specific user in mongodb
connect into mongodb using mongo shell client with root password (mongo -u root -p root) Ex.:

root@7e1ef7680116:/# mongo -u root -p root
MongoDB shell version v4.0.13
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("f554061b-bc27-4b7e-87a7-82768f021cd9") }
MongoDB server version: 4.0.13
>

After connect, enter into database (use mydb) and create an user (db.createUser({user: 'myuser',pwd: 'mypassword',roles: [ { role: 'readWrite', db: 'mydb' } ]})) Ex.:

> use mydb
> db.createUser({user: 'myuser',pwd: 'mypassword',roles: [ { role: 'readWrite', db: 'mydb' } ]})
Successfully added user: {
	"user" : "myuser",
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "mydb"
		}
	]
}

2 - change mongodb configuration on elixir project
You have to connect into mongodb using url sintax with authSource params (mongodb://myuser:mypassword@mongodbhost:27017/mydb?authSource=mydb) Ex.:

defmodule ContentProxy.Application do
  @moduledoc false

  use Application
  import Supervisor.Spec

  def start(_type, _args) do
    children = [
      ContentProxyWeb.Endpoint,
      worker(Mongo, [[name: :mongo, url: "mongodb://myuser:mypassword@mongodbhost:27017/mydb?authSource=mydb", pool_size: 10]])
    ]

    {:ok, _} = Logger.add_backend(Sentry.LoggerBackend)

    opts = [strategy: :one_for_one, name: ContentProxy.Supervisor]
    Supervisor.start_link(children, opts)
  end

  def config_change(changed, _new, removed) do
    ContentProxyWeb.Endpoint.config_change(changed, removed)
    :ok
  end
end

I’ve tried the sintax worker(Mongo, [[name: :mongo, database: "mydb", seeds: ["myuser:mypassword@mongodb:27017"], pool_size: 10]]) but it didn’t work.

3

It looks like you have figured it out yourself, but you can also just use the :auth_source key instead of switching to the URL format.

1 Like
4

thank you so much! :smiley: :smiley: