.html pwd app mon shel create style sms spl

數據庫操作權限

readAnyDatabase    任何數據庫的只讀權限
userAdminAnyDatabase    任何數據庫的讀寫權限
userAdminAnyDatabase    任何數據庫用戶的管理權限
dbAdminAnyDatabase    任何數據庫的管理權限

啟動客戶端:

cd /usr/local/mongodb/
./mongo

查看一下用戶表有沒有數據

db.system.users.find()

查看用戶

> show users
> 
> 

MongoDB創建數據庫管理員用戶

# 切換至admin數據庫。
# 也可以使用db = db.getSiblingDB(admin)代替use admin。
use admin
 
# 創建管理員用戶,並指定其權限。
db.createUser({
  user : root,
  pwd : 123456,
  roles : [
    clusterAdmin,
    dbAdminAnyDatabase,
    userAdminAnyDatabase,
    readWriteAnyDatabase
  ]
})

輸出

> db.createUser({
...   user : root,
...   pwd : 123456,
...   roles : [
...     clusterAdmin,
...     dbAdminAnyDatabase,
...     userAdminAnyDatabase,
...     readWriteAnyDatabase
...   ]
... })
Successfully added user: {
    "user" : "root",
    "roles" : [
        "clusterAdmin",
        "dbAdminAnyDatabase",
        "userAdminAnyDatabase",
        "readWriteAnyDatabase"
    ]
}

重啟MongoDB服務並加上--auth參數

./mongod --dbpath=/usr/local/mongodb/data --logpath=/usr/local/mongodb/logs --logappend  --port=27017 --fork --auth

查看用戶,會報錯

> use admin
switched to db admin
> show users
2019-02-15T15:20:52.250+0800 E QUERY    [js] Error: command usersInfo requires authentication :
[email protected]/mongo/shell/utils.js:25:13
[email protected]/mongo/shell/db.js:1763:1
[email protected]/mongo/shell/utils.js:859:9
[email protected]/mongo/shell/utils.js:766:15
@(shellhelp2):1:1

此時需要認證

> db.auth(root,123456)
1
> 

查看用戶,就可以看到了

> show users
{
    "_id" : "admin.root",
    "user" : "root",
    "db" : "admin",
    "roles" : [
        {
            "role" : "clusterAdmin",
            "db" : "admin"
        },
        {
            "role" : "dbAdminAnyDatabase",
            "db" : "admin"
        },
        {
            "role" : "userAdminAnyDatabase",
            "db" : "admin"
        },
        {
            "role" : "readWriteAnyDatabase",
            "db" : "admin"
        }
    ],
    "mechanisms" : [
        "SCRAM-SHA-1",
        "SCRAM-SHA-256"
    ]
}
> 

建立普通帳號

用戶user

db.createUser(
{user:user,
 pwd:123456, 
 roles:[
   {role:readWrite, db:userdb}
]
})

輸出

> db.createUser(
... {user:user,
...  pwd:123456, 
...  roles:[
...    {role:readWrite, db:userdb}
... ]
... })
Successfully added user: {
    "user" : "user",
    "roles" : [
        {
            "role" : "readWrite",
            "db" : "userdb"
        }
    ]
}
> 

查看用戶

> show users
{
    "_id" : "admin.root",
    "user" : "root",
    "db" : "admin",
    "roles" : [
        {
            "role" : "clusterAdmin",
            "db" : "admin"
        },
        {
            "role" : "dbAdminAnyDatabase",
            "db" : "admin"
        },
        {
            "role" : "userAdminAnyDatabase",
            "db" : "admin"
        },
        {
            "role" : "readWriteAnyDatabase",
            "db" : "admin"
        }
    ],
    "mechanisms" : [
        "SCRAM-SHA-1",
        "SCRAM-SHA-256"
    ]
}
{
    "_id" : "admin.user",
    "user" : "user",
    "db" : "admin",
    "roles" : [
        {
            "role" : "readWrite",
            "db" : "userdb"
        }
    ],
    "mechanisms" : [
        "SCRAM-SHA-1",
        "SCRAM-SHA-256"
    ]
}
> 

用戶user1

db.createUser(
{user:user1,
 pwd:123456, 
 roles:[
   {role:root, db:userdb}
]
})


接下來,為指定數據庫創建一般用戶角色,用於程序讀取、修改數據庫。

假如現有blog數據庫,要為其創建用戶名為admin、密碼為123456,擁有CRUD(增查改刪)權限,指令如下:

# 切換至blog數據庫。
use blog
 
# 創建admin用戶。
db.createUser({
  user : admin,
  pwd : 123456,
  roles : [readWrite]
})

參考:

https://blog.csdn.net/Hu_wen/article/details/76690508

https://www.cnblogs.com/sea-stream/p/10369334.html

Mongodb 創建管理員帳號與普通帳號