MongoDB之角色与权限及创建用户与授权操作详解
MongoDB之角色与权限及创建用户与授权操作详解
文章目录
- MongoDB之角色与权限及创建用户与授权操作详解
- 1. 角色与权限
- 1. 角色分类
- 2. 权限说明
- 2. MongDB创建用户及删除用户
- 1. 创建用户
- 2. 查看用户信息
- 3. 修改用户密码
- 3. db.runCommand创建用户与授权
- 1. 创建用户
- 2. 更改用户权限
1. 角色与权限
1. 角色分类
角色分类 角色分类中的具体角色 数据库用户角色 read、readWrite 数据库管理角色 dbAdmin、dbOwner、userAdmin 集群管理角色 clusterAdmin、clusterManager、clusterMonitor、hostManage 数据库备份、恢复角色 backup、restore 所有数据库角色 readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabase、dbAdminAnyDatabase 超级用户角色 root 内部角色 __system 2. 权限说明
权限 说明 read 允许用户读取指定数据库 readWrite 允许用户读写指定数据库 dbAdmin 允许用户在指定数据库中执行管理函数,如索引创建、删除、查看统计或访问system.profile userAdmin 允许用户向system.users集合写入,可以在指定数据库中创建、删除和管理用户 clusterAdmin 必须在admin数据库中定义,赋予用户所有分片和复制集相关函数的管理权限 readAnyDatabase 必须在admin数据库中定义,赋予用户所有数据库的读权限 readWriteAnyDatabase 必须在admin数据库中定义,赋予用户所有数据库的读写权限 userAdminAnyDatabase 必须在admin数据库中定义,赋予用户所有数据库的userAdmin权限 dbAdminAnyDatabase 必须在admin数据库中定义,赋予用户所有数据库的dbAdmin权限 root 必须在admin数据库中定义,超级账号,超级权限 2. MongDB创建用户及删除用户
1. 创建用户
use admin db.createUser({ "user":"用户名", "pwd":"密码", "roles":[ # 角色可配多个 {role:"角色",db:"所属数据库"} ], # 用户信息,可选 coustomData:{ name:"jinshengyuan", email:"xxx@xx.com" } }) # 创建一个不受访问限制的用户, db.createUser({ user:"wei", pwd:"wei", roles:["root"] })
2. 查看用户信息
use admin show users db.system.users.find() db.system.users.pretty() db.runCommand({userInfo:"用户名"})
3. 修改用户密码
use amdin db.changeUserPassword("用户名","新密码") # 修改用户密码及用户信息 db.runCommand({updateUser:"用户名",pwd:"新密码",customData:{age:22}})
3. db.runCommand创建用户与授权
可通过db.runCommand命令行来创建/修改用户与授予相关权限的操作
(图片来源网络,侵删)1. 创建用户
use admin db.runCommand({ "createUser" : "yuan", "pwd" : "yuan", "customData" : { }, "roles" : [ { "role" : "__queryableBackup", "db" : "admin" }, { "role" : "__system", "db" : "admin" }, { "role" : "backup", "db" : "admin" }, { "role" : "clusterAdmin", "db" : "admin" }, { "role" : "clusterManager", "db" : "admin" }, { "role" : "clusterMonitor", "db" : "admin" }, { "role" : "dbAdmin", "db" : "admin" }, { "role" : "dbAdminAnyDatabase", "db" : "admin" }, { "role" : "dbOwner", "db" : "admin" }, { "role" : "enableSharding", "db" : "admin" }, { "role" : "hostManager", "db" : "admin" }, { "role" : "read", "db" : "admin" }, { "role" : "readAnyDatabase", "db" : "admin" }, { "role" : "readWrite", "db" : "admin" }, { "role" : "readWriteAnyDatabase", "db" : "admin" }, { "role" : "restore", "db" : "admin" }, { "role" : "root", "db" : "admin" }, { "role" : "userAdmin", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" } ] });
2. 更改用户权限
use admin db.runCommand({ "updateUser" : "yuan", "customData" : { }, "roles" : [ { "role" : "readWrite", "db" : "yuan" }, { "role" : "__queryableBackup", "db" : "admin" }, { "role" : "__system", "db" : "admin" }, { "role" : "backup", "db" : "admin" }, { "role" : "clusterAdmin", "db" : "admin" }, { "role" : "clusterManager", "db" : "admin" }, { "role" : "clusterMonitor", "db" : "admin" }, { "role" : "dbAdmin", "db" : "admin" }, { "role" : "dbAdminAnyDatabase", "db" : "admin" }, { "role" : "dbOwner", "db" : "admin" }, { "role" : "enableSharding", "db" : "admin" }, { "role" : "hostManager", "db" : "admin" }, { "role" : "read", "db" : "admin" }, { "role" : "readAnyDatabase", "db" : "admin" }, { "role" : "readWrite", "db" : "admin" }, { "role" : "readWriteAnyDatabase", "db" : "admin" }, { "role" : "restore", "db" : "admin" }, { "role" : "root", "db" : "admin" }, { "role" : "userAdmin", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" } ] });
(图片来源网络,侵删)(图片来源网络,侵删)
文章版权声明:除非注明,否则均为主机测评原创文章,转载或复制请以超链接形式并注明出处。
还没有评论,来说两句吧...