Built-in Roles:
read
readWrite
dbAdmin
userAdin
clusterAdmin
readAnyDatabase
readWriteAnyDatabase
dbAdminAnyDatabase
userAdminAnyDatabase
User prompt changing:
prompt = function() {
user = db.runCommand({connectionStatus:1}).authInfo.authenticatedUsers[0]
host = db.getMongo().toString().split(" ")[2]
curDB = db.getName()
if (user) {
uname = user.user
}
else {
uname = "local"
}
return uname + "@" + host + ":" + curDB + "> "
}
Creating roles:
db.createRole({ role: "appReadRole", privileges: [ { resource: { db: "test", collection: "" }, actions:
[ "find" ] } ], roles: [] })
Listing all the roles:
db.getRoles(
{
rolesInfo: 1,
showPrivileges:false,
showBuiltinRoles: false
}
)
Creating user with roles:
var a={user:"mani", pwd:"mani", roles:[{role:"read",db:"test"}]}
db
db.createUser(a)
db.createUser({ user: "finance", pwd: "password", roles: [ { role: "appReadRole", db: "test" } ] })
mongo Mani-PC:27002/test -u finance -p password
Changing password:
db.changeUserPassword("finance", "welcome123")
Current user details:
db.runCommand({connectionStatus : 1})
use admin
db.system.users.find().pretty()
db.system.users.remove({user:"userA"})
db.grantRolesToUser(
"report",
[{ "role" : "readWriteAnyDatabase", "db" : "admin" }]
)
db.revokeRolesFromUser(
"report",
[{ "role" : "readWriteAnyDatabase", "db" : "admin" }]
)
db.getUser("report")
use products
db.grantPrivilegesToRole(
"inventoryCntrl01",
[
{
resource: { db: "products", collection: "" },
actions: [ "insert" ]
},
{
resource: { db: "products", collection: "system.js" },
actions: [ "find" ]
}
],
{ w: "majority" }
)
===============================================================
Edit .mongorc.js in your home directory for changing the prompt:
function prompt() {
var username = "anon";
var user = db.runCommand({connectionStatus : 1}).authInfo.authenticatedUsers[0];
var host = db.getMongo().toString().split(" ")[2];
var current_db = db.getName();
if (!!user) {
username = user.user;
}
return username + "@" + host + ":" + current_db + "> ";
}
==============================================================
read
readWrite
dbAdmin
userAdin
clusterAdmin
readAnyDatabase
readWriteAnyDatabase
dbAdminAnyDatabase
userAdminAnyDatabase
User prompt changing:
prompt = function() {
user = db.runCommand({connectionStatus:1}).authInfo.authenticatedUsers[0]
host = db.getMongo().toString().split(" ")[2]
curDB = db.getName()
if (user) {
uname = user.user
}
else {
uname = "local"
}
return uname + "@" + host + ":" + curDB + "> "
}
Creating roles:
db.createRole({ role: "appReadRole", privileges: [ { resource: { db: "test", collection: "" }, actions:
[ "find" ] } ], roles: [] })
Listing all the roles:
db.getRoles(
{
rolesInfo: 1,
showPrivileges:false,
showBuiltinRoles: false
}
)
Creating user with roles:
var a={user:"mani", pwd:"mani", roles:[{role:"read",db:"test"}]}
db
db.createUser(a)
db.createUser({ user: "finance", pwd: "password", roles: [ { role: "appReadRole", db: "test" } ] })
mongo Mani-PC:27002/test -u finance -p password
Changing password:
db.changeUserPassword("finance", "welcome123")
Current user details:
db.runCommand({connectionStatus : 1})
use admin
db.system.users.find().pretty()
db.system.users.remove({user:"userA"})
db.grantRolesToUser(
"report",
[{ "role" : "readWriteAnyDatabase", "db" : "admin" }]
)
db.revokeRolesFromUser(
"report",
[{ "role" : "readWriteAnyDatabase", "db" : "admin" }]
)
db.getUser("report")
use products
db.grantPrivilegesToRole(
"inventoryCntrl01",
[
{
resource: { db: "products", collection: "" },
actions: [ "insert" ]
},
{
resource: { db: "products", collection: "system.js" },
actions: [ "find" ]
}
],
{ w: "majority" }
)
===============================================================
Edit .mongorc.js in your home directory for changing the prompt:
function prompt() {
var username = "anon";
var user = db.runCommand({connectionStatus : 1}).authInfo.authenticatedUsers[0];
var host = db.getMongo().toString().split(" ")[2];
var current_db = db.getName();
if (!!user) {
username = user.user;
}
return username + "@" + host + ":" + current_db + "> ";
}
==============================================================
No comments:
Post a Comment