本篇文章为大家展示了如何创建mongodb用户与角色使用，内容简明扼要并且容易理解，绝对能使你眼前一亮，通过这篇文章的详细介绍希望你能有所收获。

一.mongodb内部角色

1.数据库用户角色

read --读取数据库对像的权限

readWrite --读取和修改数据库对像权限

2.数据库管理角色

dbAdmin --执行管理任务角色

dbOwner --数据库所有者,可以对数据库所有操作

userAdmin --当前数据库上创建,修改角色和用户功能

3.集群管理角色

clusterAdmin --集群管理员

clusterManager --管理集群和监控

clusterMonitor --监控集群和只读访问

hostManager --监控和管理服务器功能

4.备份恢复角色

backup --备份数据最小权限

restore --恢复权限

5.所有数据库角色

readAnyDatabase --只读所有数据库角色

readWriteAnyDatabase --读写所有数据库

userAdminAnyDatabase --除local之外的所有数据库相同的用户管理操作访问权限

dbAdminAnyDatabase --除local之外的所有数据库相同的权限

6.超级用户角色

root --提供所有资源readWriteAnyDatabase,dbAdminAnyDatabase,userAdminAnyDatabase,clusterAdmin,restore,backup

7.内部角色

__system --提供对数据库中的任何对象执行任何操作的权限

二.自定义角色

1.自定义角色格式

{role:"<name>",privileges:[{resource:{<resource>},actions:["<action>",...]},...],roles:[{role:"<role>",db:"<database>"}|"<role>",...],authenticationRestrictions:[{clientSource:["<IP>"|"<CIDRrange>",...],serverAddress:["<IP>"|"<CIDRrange>",...]},...]}

2.自定义角色(对config库所有表可以增删改查,对users库usersCollection表更新,插入,删除,对所有数据库有查找权限)

>useadminswitchedtodbadmin>db.createRole({role:"wuhan123",--角色名privileges:[{resource:{db:"config",collection:""},actions:["find","update","insert","remove"]},{resource:{db:"users",collection:"usersCollection"},actions:["update","insert","remove"]},{resource:{db:"",collection:""},actions:["find"]}],roles:[{role:"read",db:"admin"}]})>

3.列出角色和删除角色

>db.getRole("wuhan123")--显示单个角色信息(wuhan123是角色名){"role":"wuhan123","db":"admin","isBuiltin":false,"roles":[{"role":"read","db":"admin"}],"inheritedRoles":[{"role":"read","db":"admin"}]}>db.getRoles()--显示当前库所有角色[{"role":"wuhan123","db":"admin","isBuiltin":false,"roles":[{"role":"read","db":"admin"}],"inheritedRoles":[{"role":"read","db":"admin"}]}]>db.dropRole("wuhan123");--删除角色true>db.dropAllRoles();--删除所有角色NumberLong(1)>

三.创建用户并使用角色

1.创建用户格式

{user:"<name>",pwd:"<cleartextpassword>",customData:{<anyinformation>},roles:[{role:"<role>",db:"<database>"}|"<role>",...],authenticationRestrictions:[{clientSource:["<IP>"|"<CIDRrange>",...]serverAddress:["<IP>"|"<CIDRrange>",...]},...],mechanisms:["<SCRAM-SHA-1|SCRAM-SHA-256>",...],passwordDigestor:"<server|client>"}

2.创建用户使用角色

>usetong--进入数据库switchedtodbtong>db.createUser(...{...user:"u_tong",--指定用户名...pwd:"system123",--指定密码...roles:["readWrite","dbAdmin"]--使用数据库中的角色...}...)Successfullyaddeduser:{"user":"u_tong","roles":["readWrite","dbAdmin"]}>

2.创建用户指定来源IP和目标IP

>usetongswitchedtodbtong>db.createUser({user:"u1_tong",--用户名pwd:"system123",--密码roles:[{role:"readWrite",db:"tong"}],--角色authenticationRestrictions:[{clientSource:["192.168.1.10"],--客户端IPserverAddress:["192.168.1.20"]--服务端IP}]})>

3.查看用户和删除用户

>db.getUsers();--查看当前数据库所有用户[{"_id":"tong.u1_tong","user":"u1_tong","db":"tong","roles":[{"role":"readWrite","db":"tong"}],"mechanisms":["SCRAM-SHA-1","SCRAM-SHA-256"]},{"_id":"tong.u_tong","user":"u_tong","db":"tong","roles":[{"role":"readWrite","db":"tong"},{"role":"dbAdmin","db":"tong"}],"mechanisms":["SCRAM-SHA-1","SCRAM-SHA-256"]}]>db.getUser("u_tong");--查看指定用户{"_id":"tong.u_tong","user":"u_tong","db":"tong","roles":[{"role":"readWrite","db":"tong"},{"role":"dbAdmin","db":"tong"}],"mechanisms":["SCRAM-SHA-1","SCRAM-SHA-256"]}>db.dropUser("u_tong");--删除单个用户true>db.dropAllUsers();--删除当前库所有用户NumberLong(1)>

4.将角色授权给用户

>db.grantRolesToUser("u_tong",["readWrite",{role:"read",db:"tong"}],>)

上述内容就是如何创建mongodb用户与角色使用，你们学到知识或技能了吗？如果还想学到更多技能或者丰富自己的知识储备，欢迎关注亿速云行业资讯频道。