MongoDB database user roles and permissions management details
- 2021-01-06 00:48:58
- OfStack
View the database
After logging in mongodb, switch to admin library, and view all databases after authentication. The operation is as follows:
[root@renwole.com ~]# mongo
MongoDB shell version v4.4.0
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("1ea1-4343-9523-167a101973a9") }
MongoDB server version: 4.4.0
> use admin
> db.auth("admin","InaM6Aip#2JBlWwY")
1
> show dbs
admin 0.000GB
config 0.000GB
local 0.000GBNote: 1 indicates successful authentication, 0 indicates failed authentication, no return is returned when checking the database after failed authentication.
Create the database and users
Create an renwoledb database and authorize renwole users to be dbOwner roles for the library. In addition, MongoDB database implementation registration system, when there is no content in the database, can not view the new database, the operation is as follows:
> use renwoledb
> db.createUser(
{
user:"renwole",
pwd:"renwolecom",
roles:[{role:"dbOwner",db:"renwoledb"}]
}
)At this point, you have completed the creation of library 1 account 1. If there is no permission to create user prompt, please log in with super administrator first and then switch to the corresponding database to create, as shown below:
MongoDB shell version v4.4.0
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("7be9-4c30-ad2e-2a5b58127ab7") }
MongoDB server version: 4.4.0
> use renwoledb
switched to db renwoledb
> db.createUser(
{
user:"renwole",
pwd:"renwolecom",
roles:[{role:"dbOwner",db:"renwoledb"}]
}
)
uncaught exception: Error: couldn't add user: command createUser requires authentication :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.createUser@src/mongo/shell/db.js:1343:11
@(shell):1:1
> use admin
switched to db admin
> db.auth("root","renwolecompassword")
1
> use renwoledb
switched to db renwoledb
> db.createUser(
{
user:"renwole",
pwd:"renwolecom",
roles:[{role:"dbOwner",db:"renwoledb"}]
}
)
Successfully added user: {
"user" : "renwole",
"roles" : [
{
"role" : "dbOwner",
"db" : "renwoledb"
}
]
}Add root user, have the entire MongoDB maximum privileges, it is recommended to de-authentication mode, first enter the admin library, then add root user privileges
> use admin
> db.createUser({user: "root",pwd: "renwolecom",roles: [ { role: "root", db: "admin" } ]})
Password change
To change the database password of an account, you need to enter the database, and then modify it after authentication. Otherwise, it will report an error. The operation is as follows:
> use renwoledb
> db.changeUserPassword("renwole", "renwolecompwdnew")
> db.auth("renwole","renwolecompwdnew")
1
Delete users and databases
Delete user (must switch to admin to delete a user role with the highest permissions)
> db.system.users.remove({user:"renwole"});
WriteResult({ "nRemoved" : 1 })
Delete all users (you must have super administrative rights to delete)
> db.system.users.remove({})
Delete database (must switch to the specified database and then delete again)
> use renwoledb
switched to db renwoledb
> db.dropDatabase()
{ "ok" : 1 }
>