數據庫操做權限html
readAnyDatabase 任何數據庫的只讀權限 userAdminAnyDatabase 任何數據庫的讀寫權限 userAdminAnyDatabase 任何數據庫用戶的管理權限 dbAdminAnyDatabase 任何數據庫的管理權限
啓動客戶端:mongodb
cd /usr/local/mongodb/ ./mongo
查看一下用戶表有沒有數據shell
db.system.users.find()
查看用戶數據庫
> show users >
>
MongoDB建立數據庫管理員用戶app
# 切換至admin數據庫。 # 也能夠使用db = db.getSiblingDB('admin')代替use admin。 use admin # 建立管理員用戶,並指定其權限。 db.createUser({ user : 'root', pwd : '123456', roles : [ 'clusterAdmin', 'dbAdminAnyDatabase', 'userAdminAnyDatabase', 'readWriteAnyDatabase' ] })
輸出ui
> db.createUser({ ... user : 'root', ... pwd : '123456', ... roles : [ ... 'clusterAdmin', ... 'dbAdminAnyDatabase', ... 'userAdminAnyDatabase', ... 'readWriteAnyDatabase' ... ] ... }) Successfully added user: { "user" : "root", "roles" : [ "clusterAdmin", "dbAdminAnyDatabase", "userAdminAnyDatabase", "readWriteAnyDatabase" ] }
重啓MongoDB服務並加上--auth參數spa
./mongod --dbpath=/usr/local/mongodb/data --logpath=/usr/local/mongodb/logs --logappend --port=27017 --fork --auth
查看用戶,會報錯.net
> use admin switched to db admin > show users 2019-02-15T15:20:52.250+0800 E QUERY [js] Error: command usersInfo requires authentication : _getErrorWithCode@src/mongo/shell/utils.js:25:13 DB.prototype.getUsers@src/mongo/shell/db.js:1763:1 shellHelper.show@src/mongo/shell/utils.js:859:9 shellHelper@src/mongo/shell/utils.js:766:15 @(shellhelp2):1:1
此時須要認證prototype
> db.auth('root','123456') 1 >
查看用戶,就能夠看到了code
> show users { "_id" : "admin.root", "user" : "root", "db" : "admin", "roles" : [ { "role" : "clusterAdmin", "db" : "admin" }, { "role" : "dbAdminAnyDatabase", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" }, { "role" : "readWriteAnyDatabase", "db" : "admin" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } >
創建普通賬號
用戶user
db.createUser( {user:'user', pwd:'123456', roles:[ {role:'readWrite', db:'userdb'} ] })
輸出
> db.createUser( ... {user:'user', ... pwd:'123456', ... roles:[ ... {role:'readWrite', db:'userdb'} ... ] ... }) Successfully added user: { "user" : "user", "roles" : [ { "role" : "readWrite", "db" : "userdb" } ] } >
查看用戶
> show users { "_id" : "admin.root", "user" : "root", "db" : "admin", "roles" : [ { "role" : "clusterAdmin", "db" : "admin" }, { "role" : "dbAdminAnyDatabase", "db" : "admin" }, { "role" : "userAdminAnyDatabase", "db" : "admin" }, { "role" : "readWriteAnyDatabase", "db" : "admin" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } { "_id" : "admin.user", "user" : "user", "db" : "admin", "roles" : [ { "role" : "readWrite", "db" : "userdb" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } >
用戶user1
db.createUser( {user:'user1', pwd:'123456', roles:[ {role:'root', db:'userdb'} ] })
接下來,爲指定數據庫建立通常用戶角色,用於程序讀取、修改數據庫。
假如現有blog數據庫,要爲其建立用戶名爲admin、密碼爲123456,擁有CRUD(增查改刪)權限,指令以下:
# 切換至blog數據庫。 use blog # 建立admin用戶。 db.createUser({ user : 'admin', pwd : '123456', roles : ['readWrite'] })
參考:
https://blog.csdn.net/Hu_wen/article/details/76690508
https://www.cnblogs.com/sea-stream/p/10369334.html