主要摘自官方文档:请参考
https://docs.mongodb.com/manual/reference/built-in-roles/index.html
MongoDB provides the built-in database user and database administration roles on every database. MongoDB provides all other built-in roles only on the admin database.
database users roles:
read / readWrite /
database administration roles:
dbAdmin
dbOwner = readWrite + dbAdmin + userAdmin
userAdmin
Cluster Administration Roles
Backup and Restoration Roles
All-Database Roles
readAnyDatabase
readWriteAnyDatabase
userAdminAnyDatabase
dbAdminAnyDatabase
首先要开启验证功能:
mongod --auth
添加管理员:
use admin
db.createUser({user: "root", pwd: "abc123", roles: [ { role: "root", db: "admin" } ] })
接下来身份验证:
bash shell里面输入命令
mongo 10.0.1.31 -u root -p abc123 --authenticationDatabase "admin"
或者先直接mongo进入mongo shell后,
use admin
db.auth(“root”,"abc123”)
db.system.users.find()看所有用户
db.dropUser(“gpsadmin”)
3、添加其他用户
use gps
db.createUser({user:"gpsadmin",pwd:"123456",roles:[{role:"read",db:"test"},{role:"readWrite",db:"gps"}]})
db.getUser(“gpsadmin”)查看role
db.getRole( "read", { showPrivileges: true } )看权限
回收权限revoke:
db.revokeRolesFromUser("gpsadmin",[{role:"readWrite",db:"gps"}])
增加权限grant:
db.grantRolesToUser("gpsadmin",[{role:"read",db:"gps"}])