1, add a useradminanydatabase user, this is a user can manage all users, similar to the Super Admin bar
#打开mongo Shell
#添加超级管理账号
> Use admin #进入admin表
> Db.createuser (
... {
... User: "MyAdmin",
... pwd: "Redhat",
... roles:[{role: "Root", DB: "admin"}]
... }
... )
Successfully added User: {
"User": "MyAdmin",
"Roles": [
{
"Role": "Root",
"DB": "admin"
}
]
}
# See if the user is created successfully
> Show Users
{
"_id": "Admin.myadmin",
"User": "MyAdmin",
"DB": "admin",
"Roles": [
{
"Role": "Root",
"DB": "admin"
}
],
"Mechanisms": [
"Scram-sha-1",
"Scram-sha-256"
]
}
>
Enable validation
In/mongo.conf
Restart MONGO
1 |
> sudo service mongod restart |
What permissions does MongoDB have:
1. Database user role: Read, readWrite; 2. Database management roles: DbAdmin, Dbowner, useradmin; 3. Cluster Management roles: Clusteradmin, Clustermanager, Clustermonitor, hostmanager;4. Backup recovery role: backups, restore;5. All database roles: Readanydatabase, Readwriteanydatabase, Useradminanydatabase, DbAdminAnyDatabase6. Superuser role: root//There are several roles here that indirectly or directly provide access to the system's Superuser (Dbowner, Useradmin, Useradminanydatabase) 7. Internal role: __system
READ: Allows the user to read the specified database
ReadWrite: Allows the user to read and write to the specified database
DbAdmin: Allows the user to perform administrative functions in the specified database, such as index creation, deletion, viewing statistics, or accessing System.profile
Useradmin: Allows the user to write to the System.users collection to create, delete, and manage users in the specified database
Clusteradmin: Available only in the admin database, giving the user administrative privileges on all shards and replica set related functions.
Readanydatabase: Only available in the Admin database, giving users read access to all databases
Readwriteanydatabase: Only available in the Admin database, giving users read and write access to all databases
Useradminanydatabase: Only available in the Admin database, giving the user useradmin permissions for all databases
Dbadminanydatabase: Only available in the Admin database, giving the user dbadmin permissions for all databases.
Root: Available only in the admin database. Super account, Super privilege
2. Verify User Login
Note: Here to verify the user you just created, you must first switch to the admin library
>use admin> Show users2018-07-24t14:16:54.507+0800 E QUERY [JS] Error:not authorized on admin to execute command {usersinfo:1.0, $db: "Admin"}: [Email protected]/mongo/shell/utils.js:25:13[email protected]/mongo/shell/db.js : 1757:1[email protected]/mongo/shell/utils.js:848:9[email protected]/mongo/shell/utils.js:755:15@ (SHELLHELP2) : 1:1
# Verify User >db.auth (' myadmin ', ' Redhat ') 1 # output 1 means verification succeeds # >show dbs> show Dbsadmin 0.000GBconfig 0.000GBlocal 0.000GBmydb 0.000gb>
3. Create a Database
Syntax:
The basic syntax for the use DATABASE statement is as follows:
Use database_name
Example:
If you want to create a database name, use the SQL statement as follows:
>use mydbswitched to DB mydb
To check the currently selected database using command db
>dbmydb
If you want to check the database list, use the command show DBS
> Show DBS
Admin 0.000GB
Config 0.000GB
Local 0.000GB
The database created by MyDB does not exist in the list. To display the database, you need to insert it into at least one file.
> Db.mydb.insert ({"Name": "User1"})
Writeresult ({"ninserted": 1})
> Show DBS
Admin 0.000GB
Config 0.000GB
Local 0.000GB
MyDB 0.000GB
>
4. Add an administrative user to a single database
# switch to the database where you want to add the user
> Db.createuser ({
... User: ' Cara ',
... pwd: ' Redhat ',
... roles:[{role: "ReadWrite", DB: "MyDB"}]
... })
Successfully added User: {
"User": "Cara",
"Roles": [
{
"Role": "ReadWrite",
"DB": "MyDB"
}
]
}
#返回fuccessfully is successful ~~~# view the user that you just created
> Show Users
{
"_id": "Mydb.cara",
"User": "Cara",
"DB": "MyDB",
"Roles": [
{
"Role": "ReadWrite",
"DB": "MyDB"
}
],
"Mechanisms": [
"Scram-sha-1",
"Scram-sha-256"
]
}
MongoDB Create users and libraries