Create user
Grammar:
Db.createuser (
{
User:<name_string>, #字符串
Pwd:<password_strin>, #字符串
Roles:[{role:<role_name>,db:<db_name>}] #数组
}
)
To create a user:
> db.createUser(... {... user:"root",... pwd:"admin",... roles:[{role:"root",db:"admin"}]... }... )
User authentication:
> db.auth("root","admin")1
View Users:
Delete User
Db.dropuser (<user_name>) #删除某个用户, accepting string parameter
Db.dropallusers () #删除当前库的所有用户
查询所有用户> db.getUsers()[ { "_id" : "admin.root", "user" : "root", "db" : "admin", "roles" : [ { "role" : "root", "db" : "admin" } ] }, { "_id" : "admin.sysadmin", "user" : "sysadmin", "db" : "admin", "roles" : [ { "role" : "root", "db" : "admin" } ] }, { "_id" : "admin.test", "user" : "test", "db" : "admin", "roles" : [ { "role" : "root", "db" : "admin" } ] }]
删除test用户> db.dropUser("test")true
确认test用户是否存在> db.getUser("test")null
删除所有用户> db.dropAllUsers()2
Modify User Password
To modify the user password, require the user to have ChangePassword or Changeownpassword permissions, there are two ways to modify the user password:
Db.changeuserpassword (<user_name>,<new_password>)
Db.updateuser (<user_name>,{update_object})
Db.changeuserpassword () Example:
[email protected]$ db.auth("root","admin")1
[email protected]$ db.changeUserPassword("root","123456")
[email protected]$ db.auth("root","admin")Error: Authentication failed.0
[email protected]$ db.auth("root","123456")1
[email protected]$ show dbsadmin 0.000GBlocal 0.000GBtest 0.000GBtest1 0.000GB
You can see that after modifying the root user's password, the original password verification failed, but the current session can still perform operations normally, new session will need to use the modified password to verify
Db.updateuser () Example:
[email protected]$ db.auth("root","123456")1
[email protected]$ db.updateUser("root",{pwd:"admin123"})
[email protected]$ db.auth("root","admin123")1
[email protected]$ db.auth("root","123456")Error: Authentication failed.0
Modify user Rights (roles):
Modifying a user role is also accomplished using the Db.updateuser () function.
Let's start by creating a test user readtest, which only has read access to the test library:
Db.createuser (
{
User: "Readtest",
PWD: "123456",
Roles:[{role: "read", DB: "Test"}]
}
)
[email protected]$ db.auth("readtest","123456")1
[email protected]$ use testswitched to db test
[email protected]$ show tablesgoodsusers
[email protected]$ db.goods.find(){ "_id" : ObjectId("5a7c5b7e83dba596ccad3ac0"), "sn" : "fhbowhnlerio12o47", "category" : "food" }
[email protected]$ db.goods.insert({"sn":"04t68gjsoe076","category" : "beauty"})WriteResult({ "writeError" : { "code" : 13, "errmsg" : "not authorized on test to execute command { insert: \"goods\", documents: [ { _id: ObjectId(‘5a8ef5aa3cdd503ad3903fcc‘), sn: \"04t68gjsoe076\", category: \"beauty\" } ], ordered: true }" }})
You can see that this user can perform the read operation, the write operation is not authorized, now we extend its permission through Db.updateuser (), remember that it has read and write permissions.
[email protected]$ db.updateUser("readtest",{"roles":[{role:"readWrite",db:"test"}]})
[email protected]$ db.auth("readtest","123456")1
[email protected]$ use testswitched to db test
[email protected]$ db.goods.insert({"sn":"04t68gjsoe076","category" : "beauty"})WriteResult({ "nInserted" : 1 })
As you can see, when we change the role of the Readtest user from read to ReadWrite, it has write access to the test library. by Db.updateuser () we can zoom in and out of user rights
MongoDB User Management