revokePrivilegesFromRole( rolename, privileges, writeConcern )
Removes the specified privileges from the user-defined role on the database where the method runs. The
revokePrivilegesFromRolemethod has the following syntax:
revokePrivilegesFromRolemethod takes the following arguments:
Parameter Type Description
string The name of the user-defined role from which to revoke privileges.
array An array of privileges to remove from the role. See
privilegesfor more information on the format of the privileges.
document Optional. The level of write concern for the modification. The
writeConcerndocument takes the same fields as the
To revoke a privilege, the resource document pattern must match exactly the
resource field of that privilege. The
actions field can be a subset or match exactly.
For example, given the role
accountRole in the
products database with the following privilege that specifies the
products database as the resource:
You cannot revoke
update from just one collection in the
products database. The following operations result in no change to the role:
To revoke the
"find" and/or the
"update" action from the role
accountRole, you must match the resource document exactly. For example, the following operation revokes just the
"find" action from the existing privilege.
You must have the
revokeRole action on the database a privilege targets in order to revoke that privilege. If the privilege targets multiple databases or the
cluster resource, you must have the
revokeRole action on the