How to restrict access to the database of the website in the Flask?

I'm quite beginner in DB and don't understand how it all works. I wish someone explained this moment.
There is a website written with Flask. The site is a common wall where any user can post his / her message. But the message appears on the wall only after the approval of the administrator. To change or delete records, users should not have rights (even their own) - only admin.
So. In the MongoDB database created by user "Admin" with full rights. It is through him the Flask is connected to the database (via prescribed app.config user and password).
The question is, do I need to create a separate "user" of the database for regular users of the site? To limit them the opportunity to add something in DB directly, or edit any record? If Yes, then how to switch Flask app to another user? Or you can restrict the functionality a regular user of the inner mechanisms of the site and not the database?
April 7th 20 at 15:33
1 answer
April 7th 20 at 15:35
if I understand correctly, the only required user is admin with full rights.
why you connect every "instance" of the application to the database through the admin, it is not clear, it is fundamentally not the right solution for your project.
use flask-admin for moderation ads.

Find more questions by tags FlaskMongoDB