Superuser and DB Admin Permissions in Mongodb

1.) Superuser roles:

root:  Provides access to the operations and all the resources of the readWriteAnyDatabase, dbAdminAnyDatabase, userAdminAnyDatabase, clusterAdmin, restore, and backup combined.

Syntax:

db.createUser(

  {

    user: "mongo-root",

    pwd: "passw0rd",

    roles: [ { role: "root", db: "admin" } ]

  }

)

2.) userAdminAnyDatabase: Provides the same access to user administration operations as userAdmin on all databases except local and config.

db.createUser(

  {

    user: "mongo-admin",

    pwd: "passw0rd",

    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]

  }

)

db.updateUser( "mongo-admin",

  { roles : [ 

    { role : "userAdmin", db : "admin"  },

    { role : "backup", db : "admin"  },

    { role : "root", db : "admin"  }

  ] } )

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

What if you want to add role to existing user

use movie
db.grantRolesToUser(
   "movie-admin",
   [ "readWrite" , { role: "role_name", db: "movie" } ],
   { w: "majority" , wtimeout: 4000 }
)

NOTE: Backup and restore roles are only available for admin database. not for user database.