1. 首页
  2. 数据库
  3. MongoDB Built-in Roles

MongoDB Built-in Roles

Stephanie -
MongoDB Built-in Roles
Built-in Roles角色分类具体角色Database User Rolesread,read-write(every database have)Database Administration Roles¶dbAdmin, dbOwner , userAdmin (every database have)Cluster Administration RolesclusterAdmin,clusterManager,hostManager (admin database have)Backup and Restoration Rolesbackup,restore (admin database hava)All-Database RolesThe following roles are available on the admin database and provide privileges which apply to all databases except local and config: readAnyDatabase,readWriteAnyDatabase,userAdminAnyDatabase,dbAdminAnyDatabase (admin database have)Superuser Roles:root (Several roles provide either indirect or direct system-wide superuser access) (admin database have)Internal Role__system¶ (system have)

根据上面的这张表尝试理解下面语句的含义

A role can inherit privileges from other roles in its database. A role created on the admin database can inherit privileges from roles in any database.

A role can inherit privileges from other roles in its database: 一个角色 能够继承 创建角色时所在数据库的权限; 根据上图发现: read,readWrite,abAdmin,dbOwner,userAdmin...... 这些角色是每个数据库都有的.而像 clusterAdmin,clusterManager,backup, readAnyDatabase,readWriteAnyDatabase ....等角色 都是 admin这个数据库所独有的,在其他数据库中没有; 所以我们说当一个角色在 所在的库中被创建时 就继承了该库所具有的角色

A role created on the admin database can inherit privileges from roles in any database: 因为every databave :也包含 admin这个数据库;也就是说 像 read,read-write,dbAdmin,dbOwner,userAdmin.....等等这些角色 也在 admin数据库中

MongoDB provides the built-in database user and database administration roles on every database. MongoDB provides all other built-in roles only on the admin database.

database user roles 和 database administration roles 这两类 built-in 是每个数据库都有,但是 所有的其他 buildt-in roles 基本都分配到 admin数据库中, 当创建角色的时候需要当前数据库有没有对应的 roles 可以被继承

A role can include one or more existing roles in its definition, in which case the role inherits all the privileges of the included roles.
这句是说:一个角色在定义的时候可以包含其他的角色,那么从这个角度出发我们认为 我们定义的这个角色就继承了它定义时所包含的角色的权限(一种组合的方式)

super roles
The following roles provide the ability to assign any user any privilege on any database, which means that users with one of these roles can assign themselves any privilege on any database:

dbOwner role, when scoped to the admin database
userAdmin role, when scoped to the admin database
userAdminAnyDatabase role

The root role provides full privileges on all resources

//当在admin中定义的用户拥有dbOwner角色时;这个用户可以 assign any user any privilege on any database
//当在admin中定义的用户拥有userAdmin角色时;这个用户可以 assign any user any privilege on any database
//当用户拥有userAdminAnyDatabase角色时;这个用户可以 assign any user any privilege on any database
//root用户更是无敌了

If there is a problem, please contact me in time. Thank you.

Ref

https://docs.mongodb.com/manu...

特别申明:本文内容来源网络,版权归原作者所有,如有侵权请立即与我们联系(cy198701067573@163.com),我们将及时处理。
上一篇: MongoDB认证开启免费活动,还有大礼包可以领!
下一篇: MongoDB 5.0 新特性速览

Tags 标签

mongodb后端javamongodjavascript

扩展阅读

CSGO电竞API数据接口【West S2战队数据】分享使用演示
2020-09-03 07:18:05 []
小小的分页引发的加班血案
2020-09-03 12:02:35 []
你也许还不懂静态方法和实例方法
2020-09-03 11:39:33 []
从每秒6000写请求谈起
2020-09-11 11:06:20 []
提高招采和供应链效率,制造型企业应该这么做!
2020-09-13 22:13:33 []
从用户输入手机验证码开始
2020-09-13 20:16:19 []
分享——接口测试apipost使用教程
2020-09-14 07:28:09 []

加个好友,技术交流

1628738909466805.jpg

码农天地

首页 HTML/CSS WEB服务器 PHP Linux 数据库 异常报错 插件工具 美文欣赏 站长直荐
友情链接:码农天地爱厂家深圳钻石回收麦思会议

Copyright © 2019-2024| 沪ICP备19030844号-2 | SiteMap