MongoDB教程
MongoDB运算符
MongoDB命令
MongoDB数据库
MongoDB Shell
MongoDB云和工具

MongoDB 管理命令

角色管理命令用于定义指定用户的角色。

MongoDB createRole命令

createRole命令分配一个角色并指定其优点。分配的角色适用于我们在其上运行命令的数据库。如果角色已经存在于数据库中,该命令将返回重复的角色错误。
语法:
{ createRole: "<new role>",
  privileges: [
    { resource: { <resource> }, actions: [ "<action>", ... ] },
    ...
  ],
  roles: [
    { role: "<role>", db: "<database>" } | "<role>",
    ...
  ],
  authenticationRestrictions: [
    {
      clientSource: ["<IP>" | "<CIDR range>", ...],
      serverAddress: ["<IP>" | "<CIDR range>", ...]
    },
    ...
  ],
  writeConcern: <write concern document>
}
命令字段:
字段 类型 说明
createRole string createRole字段包含新角色的名称。
privileges array 它包含授予角色的特权。如果您不想指定任何角色,请将其留空。
roles array 它包含用于将角色分配给用户的角色数组。
authentication
Restrictions
array "身份验证限制"字段限制服务器强制执行角色。
writeConcern document 这是应用于此操作的写关注级别。
示例:
createRole命令在管理数据库上创建lidihuoAdmin角色
 db.adminCommand({ createRole: "lidihuoAdmin",
  privileges: [
    { resource: { cluster: true }, actions: [ "addShard" ] },
    { resource: { db: "config", collection: "" }, actions: [ "find", "update", "insert", "remove" ] },
    { resource: { db: "users", collection: "usersCollection" }, actions: [ "update", "insert", "remove" ] },
    { resource: { db: "", collection: "" }, actions: [ "find" ] }
  ],
  roles: [
    { role: "read", db: "admin" }
  ],
  writeConcern: { w: "majority" , wtimeout: 5000 }
})

MongoDB dropRole命令

MongoDB dropRole命令删除角色由用户在运行命令的数据库中定义。
语法:
{
  dropRole: "<role>",
  writeConcern: { <write concern> }
}
Example:
this example remove the readPrice role from the products database.
use products
db.runCommand(
   {
     dropRole: "readPrices",
     writeConcern: { w: "majority" }
   }
)

MongoDB updateRole

update命令更新用户定义的角色。该命令必须在角色的数据库上运行。此命令可以完全替换以前的字段值。
语法:
{
  updateRole: "<role>",
  privileges:
      [
        { resource: { <resource> }, actions: [ "<action>", ... ] },
        ...
      ],
  roles:
      [
        { role: "<role>", db: "<database>" } | "<role>",
        ...
      ],
  authenticationRestrictions:
      [
        {
          clientSource: ["<IP>" | "<CIDR range>", ...],
          serverAddress: ["<IP>", ...]
        },
        ...
      ]
  writeConcern: <write concern document>
}
示例:
db.adminCommand(
   {
     updateRole: "myClusterwideAdmin",
     privileges:
         [
           {
             resource: { db: "", collection: "" },
             actions: [ "find" , "update", "insert", "remove" ]
           }
         ],
     roles:
         [
           { role: "dbAdminAnyDatabase", db: "admin" }
         ],
     writeConcern: { w: "majority" }
   }
)
上面的示例更新了管理数​​据库上的myClusterwideAdmin角色。

MongoDB grantPrivilagesToRole命令

这是一个非常重要的命令,用于添加一些内容。
语法:
{
  grantPrivilegesToRole: "<role>",
  privileges: [
      {
        resource: { <resource> }, actions: [ "<action>", ... ]
      },
      ...
  ],
  writeConcern: { <write concern> }
}
示例:
use products
db.runCommand(
   {
     grantPrivilegesToRole: "service",
     privileges: [
         {
           resource: { db: "products", collection: "" }, actions: [ "find" ]
         },
         {
           resource: { db: "products", collection: "system.js" }, actions: [ "find" ]
         }
     ],
     writeConcern: { w: "majority" , wtimeout: 5000 }
   }
)
上面的示例将两个特权授予产品数据库中存在的服务角色。

昵称: 邮箱:
Copyright © 2022 立地货 All Rights Reserved.
备案号:京ICP备14037608号-4