User rights management mongodb most Raiders: users create, view, modify and delete, mongodb into the pit tour

Others 2020-02-09 13:58:13 views: null

1, into mongodb the shell:

mongo

2, the switching database

use admin

3, create a super administrator user admin

Specifies the user's role and database:
(Note that the user added at this time only for admin database, rather than the database you store business data)
when (knock multiple lines of code in cmd, hit carriage return line, and finally a semicolon end to end)

db.createUser(  
  { user: "admin",  
    customData:{description:"superuser"},
    pwd: "admin",  
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]  
  }  
)

user field for the new user's name;

pwd field, the user's password;

cusomData field, any content, such as full name of a user may be introduced;

roles field, specify the role of the user, you can use an empty array to the new user set the empty role. Roles in the field, you can specify the built-in roles and user-defined roles.
There are two super-user role, userAdmin or userAdminAnyDatabase (access to all databases to pay more than the former, just access it).
db is specified database name, admin management database.

Other databases can not log in with admin user in the database. NOTE: You can view the user's current database, even if the current database database admin, admin users can only view the database created.

4, not to create a super-user access restrictions

(Outside jump out of the Three Realms, not the five elements)

db.createUser(
    {
        user:"root",
        pwd:"pwd",
        roles:["root"]
    }
)

5, create a business database administrator user

(Only responsible for enlargement of one or several database search changed deleted)


> db.createUser({
    user:"user001",
    pwd:"123456",
    customData:{
        name:'jim',
        email:'[email protected]',
        age:18,
    },
    roles:[
        {role:"readWrite",db:"db001"},
        {role:"readWrite",db:"db002"},
        'read'// 对其他数据库有只读权限,对db001、db002是读写权限
    ]
})

1, the database user roles: read, readWrite;

2, database administration roles: dbAdmin, dbOwner, userAdmin;

3, cluster management roles: clusterAdmin, clusterManager, 4 clusterMonitor, hostManage;.

4, the role of backup and recovery: backup, restore;

5, all database roles: readAnyDatabase, readWriteAnyDatabase, userAdminAnyDatabase, dbAdminAnyDatabase

6, super user roles: root

7, internal roles: __ system

1, Read: allows the user to specify the database to read

2, readWrite: allows the user to specify the database to read and write

3, dbAdmin: allows users to perform management functions specified in the database, such as index creation, delete, view statistics or access system.profile

4, userAdmin: allowing a user to write to system.users, can be created in the specified database, delete and manage users

5, clusterAdmin: admin only available in the database, the user gives permission to manage all the parts and functions related to replication sets.

6, readAnyDatabase: admin is only available in the database, giving users read access to all databases

7, readWriteAnyDatabase: only available in the database admin, read and write access gives the user all databases

8, userAdminAnyDatabase: admin is only available in the database, the user gives permission to all databases userAdmin

9, dbAdminAnyDatabase: admin is only available in the database, the user gives permission dbAdmin all databases.

10, root: admin is only available in the database. Super accounts, super powers

6, see the creation of user

show users

or

db.system.users.find()

or

db.runCommand({usersInfo:"userName"})

7, change passwords

use admin
db.changeUserPassword("username", "xxx")

8, change passwords and user information

db.runCommand(
    {
        updateUser:"username",
        pwd:"xxx",
        customData:{title:"xxx"}
    }
)

9, delete user database

use admin
db.dropUser('user001')

10, create additional data administrator

// 登录管理员用户
use admin
db.auth('admin','admin')

// 切换至db001数据库
use db001

// ... 増查改删该数据库专有用户

Important step

Enable permission verification (TM other armed most of the day, the door has been open, we also complain about how towers have been destroyed)

mongo --auth

Or modify mongo.conf, add the last line

#启用权限访问
auth=true

11, restart mongodb

net stop mongodb;
net start mongodb;

1, and basic user management related operations should be run under admin database, first use admin;

2, if in a single database, and that database only for the current permission to operate;

3, db.addUser the old version of the operating, also can continue to use the current version, created out of the user is the super administrator with root role.

Agricultural real code
Published 125 original articles · won praise 8 · views 20000 +
Private letter concerns

Guess you like

Origin blog.csdn.net/ll837448792/article/details/103323676
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com