1, add a useradminanydatabase user, this is a user can manage all users, similar to the Super Admin bar
#打开mongo Shell
[root@localhost]# MONGO
#添加超级管理账号
> Use admin #进入admin表
> Db.createuser (
{ User
: "myadmin",
pwd: "Secret",
roles:[{role: "Root", DB: "Admin"}]
}
)
# to see if users have successfully created
>show Users
# Output indicates that the add succeeded
{
"_id": "Admin.myadmin",
"user": "MyAdmin",
"db": " Admin ",
" roles ": [
{
" role ":" Useradminanydatabase ",
" db ":" Admin "
}
]
}
>exit
What permissions does MongoDB have:
1. Database user role: Read, readWrite;
2. Database management roles: DbAdmin, Dbowner, Useradmin;
3. Cluster Management role: Clusteradmin, Clustermanager, Clustermonitor, Hostmanager;
4. Backup Restore role: backups, restore;
5. All database roles: Readanydatabase, Readwriteanydatabase, Useradminanydatabase, Dbadminanydatabase
6. Super User role: Root
//There are also several roles that indirectly or directly provide access to the system's Superuser (Dbowner, Useradmin, useradminanydatabase)
7. Internal role: __system
Read: Allow user to read the specified database
ReadWrite: Allows the user to read and write to the specified database
DbAdmin: Allows the user to perform administrative functions in the specified database, such as index creation, deletion, view statistics, or access System.profile
Useradmin: Allows the user to write to the System.users collection, can be found in the specified database to create, delete, and manage user
Clusteradmin: Only available in the Admin database, giving users all the Shard and replica set related functions of administrative rights.
Readanydatabase: Available only in the Admin database, giving users read access to all databases
Readwriteanydatabase: Only available in the Admin database, giving users read and write access to all databases
Useradminanydatabase: Available only in the admin database, giving the user useradmin permissions for all databases
Dbadminanydatabase: Available only in the admin database, Gives the user dbadmin permissions for all databases.
Root: Available only in the admin database. Super account, Super Privilege 2, verify user login
[root@localhost]# MONGO
# Note: Here to verify the user just created, you must first switch to the admin
Library >use admin
>show DBS
# here will be an error
2016-12-11t13:11:01.981+0800 E QUERY [thread1] error:listdatabases failed:{
"OK": 0,
"errmsg": "Not Authorized on Admin to execute command {listdatabases:1.0} ",
" code "::
_GETERRORWITHCODE@SRC/MONGO/S Hell/utils.js:23:13
mongo.prototype.getdbs@src/mongo/shell/mongo.js:53:1
shellhelper.show@src/mongo/ shell/utils.js:700:19
shellhelper@src/mongo/shell/utils.js:594:15
@ (SHELLHELP2): 1:1
# Authentication User
>db.auth (' MyAdmin ', ' secret ')
1 # output 1 means validation successful
#
>show DBS
# This time it will list all the databases
3. Create a database
Syntax:
the basic syntax for the use DATABASE statement is as follows:
Use database_name
Example:
If you want to create a database name, use the SQL statement as follows:
>use mydb
switched to DB mydb
to check the currently selected database using command DB
>db
MyDB
If you want to check the database list, use the command show DBS
>show DBS
Local 0.78125GB
test 0.23012GB
The database created by MyDB does not exist in the list. To display the database, you need to insert it into at least one file.
>db.movie.insert ({"Name": "AAA"})
>show dbs
local 0.78125GB
mydb 0.23012GB
Test 0.23012GB
4. Add an administrative user to a single database
# switch to the database where you want to add the user
>use mydb
>db.createuser ({
User: ' Test ',
pwd: ' test123 ',
roles: [{ Role: "ReadWrite", DB: "MyDB"}]
})
successfully added User: {
"user": "Test",
"roles": [
{
"Role": "ReadWrite",
"db": "MyDB"
}
]
}
#返回fuccessfully indicates success ~ ~ ~
View the user you just created
Show Users