mongodb
副本集集群
mongo 常用命令
了解mongo
MongoDB增删改查基本操作
MongoDB日常运维之用户管理
本文档使用 MrDoc 发布
-
+
首页
MongoDB日常运维之用户管理
--- title: MongoDB日常运维之用户管理 date: 2019-07-06 22:17:30 permalink: /pages/2978.html categories: - 运维观止 - MongoDB tags: - MongoDB description: --- MongoDB 数据库默认是没有用户名及密码的,即无权限访问限制。为了方便数据库的管理和安全,需创建数据库用户。 ## 1,用户的权限 用户中权限的说明 | **权限** | **说明** | | ------------------------ | ------------------------------------------------------------ | | **Read** | 允许用户读取指定数据库 | | **readWrite** | 允许用户读写指定数据库 | | **dbAdmin** | 允许用户在指定数据库中执行管理函数,如索引创建、删除,查看统计或访问 system.profile | | **userAdmin** | 允许用户向 system.users 集合写入,可以找指定数据库里创建、删除和管理用户 | | **clusterAdmin** | 只在 admin 数据库中可用,赋予用户所有分片和复制集相关函数的管理权限。 | | **readAnyDatabase** | 只在 admin 数据库中可用,赋予用户所有数据库的读权限 | | **readWriteAnyDatabase** | 只在 admin 数据库中可用,赋予用户所有数据库的读写权限 | | **userAdminAnyDatabase** | 只在 admin 数据库中可用,赋予用户所有数据库的 userAdmin 权限 | | **dbAdminAnyDatabase** | 只在 admin 数据库中可用,赋予用户所有数据库的 dbAdmin 权限。 | | **root** | 只在 admin 数据库中可用。超级账号,超级权限 | 更多关于用户权限的说明参照:https://docs.mongodb.com/manual/core/security-built-in-roles/ **用户创建语法** ```sh { user: "<name>", pwd: "<cleartext password>", customData: { <any information> }, roles: [ { role: "<role>", db: "<database>" } | "<role>", ... ] } ``` **语法说明:** - user 字段:用户的名字; - pwd 字段:用户的密码; - cusomData 字段:为任意内容,例如可以为用户全名介绍; - roles 字段:指定用户的角色,可以用一个空数组给新用户设定空角色; - roles 字段:可以指定内置角色和用户定义的角色。 ## 2,创建管理员用户 到这里专门讲解用户管理了,因此配置当中开启用户认证,配置信息如下: ```sh [root@mongodb bin]$cat mongodb.conf #数据存储目录 dbpath=/usr/local/mongodb/data/db #日志文件目录 logpath=/usr/local/mongodb/logs/mongodb.log #后台运行 fork=true auth=true bind_ip=0.0.0.0 [root@mongodb bin]$systemctl restart mongod [root@mongodb bin]$systemctl status mongod ``` 进入管理数据库 ```sh [root@mongodb bin]$mongo MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("56712ce5-d30a-421f-b447-0eea5294aafb") } MongoDB server version: 4.0.10 > use admin ``` ### 1,创建管理用户,root 权限 ```sh > use admin switched to db admin > db.createUser({user: "root",pwd: "root",roles: [ { role: "root", db: "admin" } ]}) Successfully added user: { "user" : "root", "roles" : [ { "role" : "root", "db" : "admin" } ] } ``` **注意:** 创建管理员角色用户的时候,必须到 admin 下创建。 删除的时候也要到相应的库下操作。 验证用户是否能用 ```sh > db.auth("root","root") 1 # 返回 1 即为成功 ``` ### 2,查看创建的管理员用户 一个常见的报错: ```sh > show users 2019-07-03T14:33:49.060+0800 E QUERY [js] Error: command usersInfo requires authentication : _getErrorWithCode@src/mongo/shell/utils.js:25:13 DB.prototype.getUsers@src/mongo/shell/db.js:1763:1 shellHelper.show@src/mongo/shell/utils.js:859:9 shellHelper@src/mongo/shell/utils.js:766:15 @(shellhelp2):1:1 ``` 这种报错常常出现在没有授权的情况下,刚刚也只是创建了对应的用户名以及角色,但是还没有通过 root 用户进行登陆。 ```sh > db.auth("root","root") 1 > show users { "_id" : "admin.root", "userId" : UUID("fa320150-781c-4a07-b427-c3a42f360133"), "user" : "root", "db" : "admin", "roles" : [ { "role" : "root", "db" : "admin" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ``` ### 3,登陆数据库 注意:用户在哪个数据库下创建的,最后加上什么库,这里自然选择 admin 库。 - 方法一:命令行中进行登陆 ```sh [root@mongodb bin]$mongo -uroot -proot admin MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("3f5eda3b-89da-4ef5-bcb2-022bc0517c11") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-03T15:39:36.265+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-03T15:39:36.265+0800 I CONTROL [initandlisten] > ``` - 方法二:在数据库中进行登陆验证: ```sh [root@mongodb bin]$ mongo MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("896ba84c-3127-4ac1-85a9-ca4f4da3e60c") } MongoDB server version: 4.0.10 > use admin switched to db admin > db.auth("root","root") 1 > show tables system.users system.version ``` - 正常登陆之后,再次查看用户: ```sh > show users { "_id" : "admin.root", "userId" : UUID("fa320150-781c-4a07-b427-c3a42f360133"), "user" : "root", "db" : "admin", "roles" : [ { "role" : "root", "db" : "admin" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ``` ### 4,忘记管理员密码怎么办 有时候可能会忘记管理员密码,需要对其进行重置,这个时候,有两种方式可以更新管理员密码。 如果连用户名都忘记了,那么我们首先需要更改 MongoDB 的配置,去掉用户名密码认证的功能,然后重启。 ```sh [root@mongodb bin]$cat mongodb.conf #数据存储目录 dbpath=/usr/local/mongodb/data/db #日志文件目录 logpath=/usr/local/mongodb/logs/mongodb.log #后台运行 fork=true auth=false bind_ip=0.0.0.0 [root@mongodb bin]$systemctl restart mongod [root@mongodb bin]$systemctl status mongod ``` 然后使用 mongo 命令进入到数据库,进行简单查询: ```sh [root@localhost bin]$mongo MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("3e0268c2-7e34-4a61-947d-f8e2368640f5") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T17:54:54.016+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T17:54:54.016+0800 I CONTROL [initandlisten] > use admin switched to db admin > show users { "_id" : "admin.root", "userId" : UUID("c8514da6-4484-4036-9c13-b5deeb449575"), "user" : "root", "db" : "admin", "roles" : [ { "role" : "root", #这里就可以判断角色为root的账号名字也是root "db" : "admin" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } > show tables #或者通过查询表来得知 system.users system.version > db.system.users.find() #查询user表 { "_id" : "admin.root", "userId" : UUID("c8514da6-4484-4036-9c13-b5deeb449575"), "user" : "root", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "SxO3kQwjFX8833lnQXQKbw==", "storedKey" : "1LQVQGW3ScF8WC0iCSMUJ5Iokpc=", "serverKey" : "t2PSzcZSE1KFzMXXK4BmxfPno9s=" }, "SCRAM-SHA-256" : { "iterationCount" : 15000, "salt" : "XDCd8GfHOtBiZnC6Eafx37aUV+2lO9EZbWl9rQ==", "storedKey" : "ZYHs6Umf0bVP8uofPGlcAl5uFzzQWovc4oczHjckmBs=", "serverKey" : "apVEilrpFXVAfBMMCwiIHl7H4bdnd6xm6KN88fXYJWo=" } }, "roles" : [ { "role" : "root", "db" : "admin" } ] } ``` 得知管理员用户的名称为 root 之后,就能够进行密码更新的操作了。 - 利用 ```sh db.changeUserPassword ``` 。 ```sh [root@localhost bin]$mongo MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("3e0268c2-7e34-4a61-947d-f8e2368640f5") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T17:54:54.016+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T17:54:54.016+0800 I CONTROL [initandlisten] > use admin switched to db admin > db.changeUserPassword('root','test1') ``` 然后重新开启用户认证,重启验证。 ```sh [root@mongodb bin]$cat mongodb.conf #数据存储目录 dbpath=/usr/local/mongodb/data/db #日志文件目录 logpath=/usr/local/mongodb/logs/mongodb.log #后台运行 fork=true auth=true bind_ip=0.0.0.0 [root@mongodb bin]$systemctl restart mongod [root@mongodb bin]$systemctl status mongod ``` 登陆一下。 ```sh [root@localhost bin]$mongo -uroot -ptest1 admin MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("7ebe8a49-a750-46b1-a59e-c95abc0d7401") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T18:06:24.623+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T18:06:24.623+0800 I CONTROL [initandlisten] > db admin > show users { "_id" : "admin.root", "userId" : UUID("c8514da6-4484-4036-9c13-b5deeb449575"), "user" : "root", "db" : "admin", "roles" : [ { "role" : "root", "db" : "admin" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ```  ## 3,按生产需求创建应用用户 因为目前用户规划都还比较简单,因此创建用户的时候,都是基于 admin 来进行。 ### 1,创建某库的读写用户 - 创建 test 用户,权限为读写 ```sh [root@mongodb bin]$mongo -uroot -proot admin #使用admin登陆 MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("3f5eda3b-89da-4ef5-bcb2-022bc0517c11") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-03T15:39:36.265+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-03T15:39:36.265+0800 I CONTROL [initandlisten] > use eryajf #一定要注意,给哪个库授权就要先切换到对应的库,不然这个用户将无法登陆 > db.createUser({user: "test",pwd: "test",roles: [ { role: "readWrite", db: "eryajf" } ]}) #创建读写用户 Successfully added user: { "user" : "test", "roles" : [ { "role" : "readWrite", "db" : "eryajf" } ] } > show users #查看用户 { "_id" : "eryajf.test", "userId" : UUID("3bd64373-13c5-4a47-95f9-92a2433c0bf4"), "user" : "test", "db" : "eryajf", "roles" : [ { "role" : "readWrite", "db" : "eryajf" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ``` **注意:**`给哪个库创建用户,授权用户,都要先use到对应的库,否则将不生效,删除用户也是。` - 测试用户权限 ```sh [root@localhost bin]$mongo -utest -ptest eryajf MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/eryajf?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("dd97a5e3-9226-4a04-8221-dec566edc1c3") } MongoDB server version: 4.0.10 > db.createCollection('d') { "ok" : 1 } > db.getCollectionNames() [ "a", "b", "c", "d" ] ``` ### 2,创建对某库的只读用户 - 在 eryajf 库创建只读用户 test ```sh [root@localhost bin]$mongo -uroot -proot admin MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("b1d0e8f4-6c13-4c27-abfa-b8035f983453") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] > use eryajf #切换到对应库 > db.createUser({user: "test1",pwd: "test1",roles: [ { role: "read", db: "eryajf" } ]}) #创建对应用户 Successfully added user: { "user" : "test1", "roles" : [ { "role" : "read", "db" : "eryajf" } ] } > show users #查看用户 { "_id" : "eryajf.test", "userId" : UUID("3bd64373-13c5-4a47-95f9-92a2433c0bf4"), "user" : "test", "db" : "eryajf", "roles" : [ { "role" : "readWrite", "db" : "eryajf" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } { "_id" : "eryajf.test1", "userId" : UUID("eb2e54b8-a036-40a8-b8d4-5c8f5548ad25"), "user" : "test1", "db" : "eryajf", "roles" : [ { "role" : "read", "db" : "eryajf" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ``` - 登录 test 用户,并测试是否只读 ```sh [root@localhost bin]$mongo -utest1 -ptest1 eryajf MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/eryajf?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("cca6f744-47e6-4bcb-8682-8c1af7080108") } MongoDB server version: 4.0.10 > db.getCollectionNames() #可以正常查询 [ "a", "b", "c", "d" ] > db.createCollection('e') #创建报错 { "ok" : 0, "errmsg" : "not authorized on eryajf to execute command { create: \"e\", lsid: { id: UUID(\"cca6f744-47e6-4bcb-8682-8c1af7080108\") }, $db: \"eryajf\" }", "code" : 13, "codeName" : "Unauthorized" } > ``` ### 3,创建对多库不同权限的用户 - 创建对 test 为读写权限,对 eryajf 库为只读权限的用户 ```sh [root@localhost bin]$mongo -uroot -proot admin MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("c5e35008-0a1e-4513-9394-947e49f67f81") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] > use test #切换到test库 switched to db test > db.createUser({user: "app",pwd: "app",roles: [ { role: "readWrite", db: "test" },{ role: "read", db: "eryajf" }]}) #创建用户 Successfully added user: { "user" : "app", "roles" : [ { "role" : "readWrite", "db" : "test" }, { "role" : "read", "db" : "eryajf" } ] } > show users #查看用户 { "_id" : "test.app", "userId" : UUID("e25d6c21-190a-44e4-8868-868a474fcf12"), "user" : "app", "db" : "test", "roles" : [ { "role" : "readWrite", "db" : "test" }, { "role" : "read", "db" : "eryajf" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ``` 注意,这个时候创建的用户,是基于 test 库创建的,那么后续登陆等操作,也都需要跟上 test 库,而不能够跟上 eryajf 的库。如果跟上 eryajf 的库,将会报如下错误: ```sh [root@localhost bin]$mongo -uapp -papp eryajf MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/eryajf?gssapiServiceName=mongodb 2019-07-04T00:54:54.617+0800 E QUERY [js] Error: Authentication failed. : connect@src/mongo/shell/mongo.js:344:17 @(connect):2:6 exception: connect failed ``` - 查看并测试用户 ```sh [root@localhost bin]$mongo -uapp -papp test MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/test?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("8cef0c4a-3f3d-4802-8926-79aea22db826") } MongoDB server version: 4.0.10 > db.createCollection('a') { "ok" : 1 } > db.getCollectionNames() [ "a" ] > use eryajf switched to db eryajf > db.getCollectionNames() [ "a", "b", "c", "d" ] ``` ### 4,更改用户权限 其实更改权限无非就是更改用户的角色,因为在 MongoDB 中,角色决定了不同用户的不同权限。 - 先查看一下当前用户的角色。 ```sh [root@localhost bin]$mongo -uroot -ptest1 admin MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("dbda85c8-7a90-4143-a31c-7a8ea58b80cc") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T18:06:24.623+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T18:06:24.623+0800 I CONTROL [initandlisten] > use eryajf switched to db eryajf > show users { "_id" : "eryajf.test", "userId" : UUID("3bd64373-13c5-4a47-95f9-92a2433c0bf4"), "user" : "test", "db" : "eryajf", "roles" : [ { "role" : "readWrite", #可以看到test用户是readWrite的角色 "db" : "eryajf" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } { "_id" : "eryajf.test1", "userId" : UUID("eb2e54b8-a036-40a8-b8d4-5c8f5548ad25"), "user" : "test1", "db" : "eryajf", "roles" : [ { "role" : "read", #可以看到test1用户是read的角色 "db" : "eryajf" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ``` - 更改用户角色 ```sh [root@localhost bin]$mongo -uroot -ptest1 admin MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("dbda85c8-7a90-4143-a31c-7a8ea58b80cc") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T18:06:24.623+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T18:06:24.623+0800 I CONTROL [initandlisten] > use eryajf switched to db eryajf > db.updateUser("test",{roles:[{role:"dbAdmin",db:"eryajf"}]}) > show users { "_id" : "eryajf.test", "userId" : UUID("3bd64373-13c5-4a47-95f9-92a2433c0bf4"), "user" : "test", "db" : "eryajf", "roles" : [ { "role" : "dbAdmin", #可以看到权限已经更新 "db" : "eryajf" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } { "_id" : "eryajf.test1", "userId" : UUID("eb2e54b8-a036-40a8-b8d4-5c8f5548ad25"), "user" : "test1", "db" : "eryajf", "roles" : [ { "role" : "read", "db" : "eryajf" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ``` ### 5,删除用户 - 删除 app 用户:先登录到 admin 数据库 ```sh [root@localhost bin]$mongo -uroot -proot admin MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("6edeba63-e2bf-477c-a098-965767d105b6") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] > ``` - 进入 test 库删除 app 用户 ```sh > use test switched to db test > show users { "_id" : "test.app", "userId" : UUID("e25d6c21-190a-44e4-8868-868a474fcf12"), "user" : "app", "db" : "test", "roles" : [ { "role" : "readWrite", "db" : "test" }, { "role" : "read", "db" : "eryajf" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } > db.dropUser("app") true > show users ``` 到这里,基本上能够体会到,MongoDB 当中那些关于角色用户权限规则的定义与配置了,MongoDB 自身已经定义好了许多个角色,这些角色针对全局,而在创建用户的时候,用户,角色,库这三个概念又是分离的,因此要多多体会,去理解三者的关系。 ### 6,其他授权 - 创建 app 数据库的管理员:先登录到 admin 数据库 ```sh [root@localhost bin]$mongo -uroot -proot admin MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("572862cc-456d-4f5f-98ea-e65054411de6") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] > use app switched to db app > db.createUser({user: "admin",pwd: "admin",roles: [ { role: "dbAdmin", db: "app" } ]}) Successfully added user: { "user" : "admin", "roles" : [ { "role" : "dbAdmin", "db" : "app" } ] } > show users { "_id" : "app.admin", "userId" : UUID("01e196c8-2119-488b-9d11-b969db266aea"), "user" : "admin", "db" : "app", "roles" : [ { "role" : "dbAdmin", "db" : "app" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ``` - 创建 app 数据库读写权限的用户并具有 clusterAdmin 权限,要当心,这个用户的权限可是相当大的。 ```sh [root@localhost bin]$mongo -uroot -proot admin MongoDB shell version v4.0.10 connecting to: mongodb://127.0.0.1:27017/admin?gssapiServiceName=mongodb Implicit session: session { "id" : UUID("572862cc-456d-4f5f-98ea-e65054411de6") } MongoDB server version: 4.0.10 Server has startup warnings: 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2019-07-04T00:16:54.097+0800 I CONTROL [initandlisten] > use app switched to db app > db.createUser({user: "super-app",pwd: "super-app",roles: [ { role: "readWrite", db: "app" },{ role: "clusterAdmin", db: "admin" }]}) Successfully added user: { "user" : "super-app", "roles" : [ { "role" : "readWrite", "db" : "app" }, { "role" : "clusterAdmin", "db" : "admin" } ] } > show users { "_id" : "app.super-app", "userId" : UUID("7533af91-3063-4460-8cb5-f77061eb5680"), "user" : "super-app", "db" : "app", "roles" : [ { "role" : "readWrite", "db" : "app" }, { "role" : "clusterAdmin", "db" : "admin" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } ``` ## 4,官方文档 如果想要更加深入钻研用户权限问题,可以参考官方文档:https://docs.mongodb.com/manual/reference/method/js-user-management/
admin
2024年4月7日 22:12
转发文档
收藏文档
上一篇
下一篇
手机扫码
复制链接
手机扫一扫转发分享
复制链接
Markdown文件
分享
链接
类型
密码
更新密码