These set of permissions cover the permissions that are granted to various users that control access to the data stored within the database. The permission can limit access to datastore or collection level. It can also extend to preventing a user from accessing certain columns present within the collection.
The data permissions are applied in a hierarchical manner starting from the datastore down to individual columns. The permission hierarchy is:
Permission to any datastore and collection is restricted by default. The permission to columns within collections accessible to the user are granted by default. Permissions for datastores and collections can only be granted, while permission to columns have to work in a restrictive manner.
Data store permissions applied at all level of hierarchy comprise of
WRITE control. The
READ permission allows the user to fire select queries on the permitted data, which the
WRITE permission allows the users to run insert, update and delete operations on the permitted data.
-sql (select query only)