This article is written based on the lower windows MongoDB 4.0, it is understood MongoDB permissions set in a future version 3.0 there is a change.
1. Create a superuser
After installing, open a command line, enter mongodb installation directory, execute mongod start in the bin directory, this mode does not require security authentication mode,
After starting, the use of visualization tools, such as: Robo 3T open shell window
First create a user grant permissions, such as user root privileges:
the User : Username
pwd : password
db : Specifies that the user's database, admin for access control database, if there is no need to create a
roles : the role of the specified user, can be an empty array to the new user role empty set; roles in the field, can specify the built-in and user-defined roles roles. role in the role can be selected:
Built-In Roles (built-in roles):
1. Database user roles: Read, readWrite;
2. database administration roles: dbadmin, dbowner, useradmin;
3. Cluster management role: clusterAdmin, ClusterManager, clusterMonitor, hostManager;
4. Role backup and recovery : Backup, Restore;
5. all database roles: readAnyDatabase, readWriteAnyDatabase, userAdminAnyDatabase, dbAdminAnyDatabase
6. superuser roles: root
// there are several direct or indirect role provides system super user access (dbOwner, userAdmin, userAdminAnyDatabase)
7. internal roles: __ system
Role-specific features:
Read: allows the user to read the specified database
readWrite: allows the user to specify the database to read and write
dbAdmin: allows the user to perform the specified database management functions, such as indexing to create, delete, view statistics or access system.profile
useradmin: allows the user to system.users collection write, you can find specify the database to create, delete, and manage user
clusterAdmin: admin is only available in the database, giving users all the fragmentation and replication set administrative privileges correlation function.
readAnyDatabase: admin is only available in the database, giving all users read access to the database
readWriteAnyDatabase: only available in the database admin, read and write access gives the user all databases
userAdminAnyDatabase: admin is only available in the database, the user gives permission userAdmin all databases
dbAdminAnyDatabase : only available in the database admin, user permissions given dbAdmin all databases.
root: admin is only available in the database. Super accounts, super powers
2. Create all database user management
db.createUser({ user: "useradmin", pwd: "adminpassword", roles: [{ role: "userAdminAnyDatabase", db: "admin" }] })
3. Create a single database user
to sum up
[References]
https://blog.csdn.net/qq_32502511/article/details/80619277
https://blog.csdn.net/fofabu2/article/details/78983741
https://blog.csdn.net/u013466972/article/details/81288333
https://blog.csdn.net/xusheng__zhang/article/details/78472167
https://www.cnblogs.com/chenpingzhao/p/7913247.html