File tree Expand file tree Collapse file tree 1 file changed +33
-0
lines changed Expand file tree Collapse file tree 1 file changed +33
-0
lines changed Original file line number Diff line number Diff line change 1+ import { UserConfig } from "../config.js" ;
2+ import { DatabaseUserRole } from "./openapi.js" ;
3+
4+ /**
5+ * Get the default role name for the database user based on the Atlas Admin API
6+ * https://www.mongodb.com/docs/atlas/mongodb-users-roles-and-privileges/
7+ */
8+ export function getDefaultRoleFromConfig ( config : UserConfig ) : DatabaseUserRole {
9+ if ( config . readOnly ) {
10+ return {
11+ roleName : "readAnyDatabase" ,
12+ databaseName : "admin" ,
13+ } ;
14+ }
15+
16+ // If all write tools are enabled, use readWriteAnyDatabase
17+ if (
18+ ! config . disabledTools ?. includes ( "create" ) &&
19+ ! config . disabledTools ?. includes ( "update" ) &&
20+ ! config . disabledTools ?. includes ( "delete" ) &&
21+ ! config . disabledTools ?. includes ( "metadata" )
22+ ) {
23+ return {
24+ roleName : "readWriteAnyDatabase" ,
25+ databaseName : "admin" ,
26+ } ;
27+ }
28+
29+ return {
30+ roleName : "readAnyDatabase" ,
31+ databaseName : "admin" ,
32+ } ;
33+ }
You can’t perform that action at this time.
0 commit comments