Navigation

Managing MongoDB Rules

Overview

For every collection in your Stitch app, you can modify the rules on the collection to meet your specific application needs. For example, you can create multiple roles, each of which can have field-level permissions assigned. You can also create schema validations and filters. To learn more about Rules, see MongoDB Rules.

Note

When you create a new rule from a template, Stitch pre-populates all of the fields needed to implement the rule. To learn more about using templates, see Add MongoDB to Your Stitch App.

To modify rules, navigate to the list of rules by following these steps:

  1. In the left navigation pane, under the ATLAS CLUSTERS heading, click on the cluster you want to use.
  2. Select the collection you want to edit.

Manage Field-Specific Role Permissions

Role permission allow you to fine-tune access to data in a collection by mapping Roles to specific document fields. You can define read and write permissions for specific fields as well as default read and write rules for any unspecified fields.

Add Permissions

To create a new Permission, follow these steps:

  1. Click + Add Field.
  2. Enter the field name, and then click the green check mark ( check square icon ).
  3. In the newly-created row, use the Read and Write checkboxes to assign those permissions to each of your Roles.

For example, if you have a role named public_access, and you assign read-only permission to the name field, your settings will look like this:

../../_images/role_permissions_1.png

Delete Permissions

In the list of Role Permissions, you can delete an existing role permission by clicking the garbage can icon ( trash icon ) on the right side of the permission row, under the Actions heading.

Manage Roles

The Roles tab provides the tools to add, edit, delete, and rearrange the roles associated with a collection.

Add a Role

To create a new role, follow these steps to create one:

  1. Click the Roles tab.
  2. Click the NEW ROLE button. A new container is added to the list of Roles, with a default name of role x, where X is the number of roles.
  3. Click the container to expand it.
  4. Enter a new name for the role.
  5. In the Apply When code box, provide a JSON object that evaluates to true or false.
  6. If you want to assign document-level permissions for the role, do so, and then click the Save button at the top of the page. Document-level permissions allow a user to insert a new document into the collection or delete a document from the collection, as long as the document meets the Read/Write rules you specify.

Delete a Role

To delete a role, click the REMOVE ROLE button on the right side of the role’s container. The container border turns red, but will not be deleted until you click the SAVE button.

Rearrange Roles

Roles are displayed in the order in which they are evaluated (from left to right, and as indicated by the number next to the role’s name). To change the order in which Stitch evaluates roles, click on the right ( caret square right icon ) or left ( caret square left icon ) arrow button under the role’s name.

When you move a role, the roles shift position and the numbers of all roles change color to indicate a change has been made. The changes do not take effect, however, until you click the SAVE button:

../../_images/manage-roles-2.png

Add Schema Validation

Schema validation is used to ensure that the value, type, and format of specific fields in a document match expected values. It does this by comparing the fields in a document with the schema validation rules that you create.

In the Schema tab, you can provide the JSON validation that you want to use for any given collection.

For more information on creating validation rules, see MongoDB Schema Validation.

Manage Filters

Filters are applied prior to Stitch calling MongoDB, and can thus be used for both redaction of data and for performance improvements. Filters are applied to the query predicates.

To learn more about filters, see MongoDB Filters.

Create a Filter

To create a filter, switch to the Filters view, and the follow these steps:

  1. Click the New Filter button. A new container is added to the list of filters, with a default name of filter x, where X is the number of roles.
  2. Click the new container to expand it.
  3. Provide a name for the filter.
  4. Add the JSON logic that specifies when the filter should be applied.
  5. Add the filter query that will be appended to the MongoDB request.
  6. Click the SAVE button.

Delete a Filter

To delete a filter, click the REMOVE FILTER button on the right side of the filter’s container. The container border turns red, but will not be deleted until you click the SAVE button.