MongoDB rules are a combination of a role, and the permissions assigned to that role. Roles define a set of users that will have the same read/write access to a document. Roles in Stitch can be defined with an apply-when rule.

This can be defined using the %% variable notation:

{
  "createdBy": "%%user.id"
}

Each role can have one or more permissions that define which fields they can read and/or write in a document.

MongoDB Stitch also offers four templates that have predefined roles and permissions around the most common use cases:

• Users can only read and write their own data.
• Users can read all data, but only write their own data.
• Users can only read all data.
• Users can read and write their own data. Users that belong to a sharing list can read that data.