mongodb用户权限管理(二)
数据库 分配用户权限
mongodb
有了建立语法,和参数说明,接下来开始实践.数据库
注意,还有一点,帐号是跟着数据库绑定的,在那个库里受权,就在那个库里验证(auth)
不然会失败code
建立 帐号管理受权权限 的帐号
> db.createUser(
... {
... user: 'admin',
... pwd: '123456',
... roles: [{role: 'userAdminAnyDatabase', db: 'admin'}]
... }
... )
Successfully added user: {
"user" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
而后退出数据库it
> use admin switched to db admin > db.shutdownServer()
从新启动mongodb,记得在配置文件mongod.conf里加上 auth = true配置
./bin/mongod -f conf/mongod.conf
./bin/mongo 127.0.0.1:12345
> show dbs # 没有验证,没有权限,会出错
"errmsg" : "not authorized on admin to execute command
> use admin
> db.auth('admin', '123456')
1
# 返回 1 表示受权成功,0表示失败
> show dbs #已经受权,能够查看了
建立 读、读写权限的帐户
> use book
switched to db book
> db.createUser(
... {
... user: 'zhangsan',
... pwd: 'zhangsan',
... roles: [{role: 'read', db: 'book'}]
... }
... )
Successfully added user: {
"user" : "zhangsan",
"roles" : [
{
"role" : "read",
"db" : "book"
}
]
}
> db.createUser(
... {
... user: 'lisi',
... pwd: 'lisi',
... roles: [{role: 'readWrite', db: 'book'}]
... }
... )
Successfully added user: {
"user" : "lisi",
"roles" : [
{
"role" : "readWrite",
"db" : "book"
}
]
}
> show users
{
"_id" : "book.lisi",
"user" : "lisi",
"db" : "book",
"roles" : [
{
"role" : "readWrite",
"db" : "book"
}
]
}
{
"_id" : "book.zhangsan",
"user" : "zhangsan",
"db" : "book",
"roles" : [
{
"role" : "read",
"db" : "book"
}
]
}
而后验证用户权限是否正确权限
> db.book.insert({book: '小人书'}) # 没验证,会出错
WriteResult({
"writeError" : {
"code" : 13,
"errmsg" : "not authorized on book to execute command { insert: \"book\", docum
ents: [ { _id: ObjectId('5959b56edcc047dfe5c9b336'), book: \"小人书\" } ], ordered: true }"
}
})
> db.auth('lisi', 'lisi')
1
> db.book.insert({book: '小人书'})
WriteResult({ "nInserted" : 1 })
> db.auth('zhangsan', 'zhangsan') # 用户切到 zhangsan
1
> db.book.find() # 能够查看
{ "_id" : ObjectId("5959b59fdcc047dfe5c9b337"), "book" : "小人书" }
> db.book.insert({book: '择天记'}) # 没有write权限,会失败
WriteResult({
"writeError" : {
"code" : 13,
"errmsg" : "not authorized on book to execute command { insert: \"book\", docum
ents: [ { _id: ObjectId('5959b650dcc047dfe5c9b338'), book: \"择天记\" } ], ordered: true }"
}
})
建立 root 超级权限帐号
这个超级权限包括 受权 和 操控数据库集合数据,比较简单,只须要把role设置成 root语法
> use admin
switched to db admin
> db.auth('admin', '123456')
1
> db.createUser(
... {
... user: 'dongsheng',
... pwd: '123456',
... roles: [{role: 'root', db: 'admin'}]
... }
... )
Successfully added user: {
"user" : "dongsheng",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
]
}
> db.auth('dongsheng', '123456')
1
> use book
switched to db book
> db.book.insert({book: '笑傲江湖'})
WriteResult({ "nInserted" : 1 })
> db.book.find()
{ "_id" : ObjectId("5959b59fdcc047dfe5c9b337"), "book" : "小人书" }
{ "_id" : ObjectId("5959b7abdcc047dfe5c9b339"), "book" : "笑傲江湖" }
相关文章
- 1. MongoDB用户权限管理
- 2. MongoDB 用户权限管理
- 3. mongodb用户权限管理
- 4. mongodb权限管理二
- 5. MongoDB权限管理二
- 6. MongoDB(二)-----MongoDB的用户与权限管理
- 7. mongodb 3.2 用户权限管理配置
- 8. Mongodb 用户权限管理及配置
- 9. mongodb用户权限管理配置
- 10. MongoDB 用户权限管理手册
- 更多相关文章...
- • MySQL删除用户权限(REVOKE) - MySQL教程
- • MySQL用户授权(GRANT) - MySQL教程
- • Java Agent入门实战(三)-JVM Attach原理与使用
- • Docker 清理命令
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
欢迎关注本站公众号,获取更多信息
相关文章