Open heidsoft opened 3 years ago
package com.mongo.demo; import com.mongodb.BasicDBObject; import com.mongodb.MongoClientSettings; import com.mongodb.ServerAddress; import com.mongodb.client.MongoClient; import com.mongodb.client.MongoClients; import com.mongodb.client.MongoDatabase; import java.util.*; /** * @author jake.liu * @date 2020-12-01 */ public class MonoDemo { public static void main(String[] args) { MongoClient mongoClient = MongoClients.create( MongoClientSettings.builder() .applyToClusterSettings(builder -> builder.hosts(Arrays.asList(new ServerAddress("192.168.21.128", 27017)))) .build()); System.out.println("test mongo 角色 创建与更新"); /* BasicDBObject createUserCmd = new BasicDBObject("createUser", "Yeshua") // (3) .append("pwd", "mypassword") .append("roles", Collections.singletonList( new BasicDBObject( "role", "readWrite").append("db", "test") )); db.runCommand(createUserCmd); // (5) System.out.println("test......end"); */ /* db.updateRole( "myChangeStream", { privileges: [ { resource: { cluster: true }, actions: [ "addShard" ] }, { resource: { db: "config", collection: "" }, actions: [ "find", "update", "insert", "remove" ] }, { resource: { db: "users", collection: "usersCollection" }, actions: [ "update", "insert", "remove" ] }, { resource: { db: "", collection: "" }, actions: [ "find","changeStream","update" ] } ], roles: [ { role: "read", db: "admin" } ] }, { w: "majority" , wtimeout: 5000 } ) * */ // 更新角色权限信息 MongoDatabase db = mongoClient.getDatabase("admin"); List<String> actions = new ArrayList<>(); actions.add("changeStream"); actions.add("find"); actions.add("insert"); BasicDBObject updateRole = new BasicDBObject("updateRole", "myChangeStream") .append("privileges", Collections.singletonList( new BasicDBObject("resource", new BasicDBObject("db", "").append("collection", "")) .append("actions",actions) )); db.runCommand(updateRole); System.out.println("test...updateRole...end"); //创建自定义角色 BasicDBObject createRole = new BasicDBObject("createRole", "myBase_Role") .append("privileges", Collections.singletonList( new BasicDBObject("resource", new BasicDBObject("db", "").append("collection", "")) .append("actions",actions) )).append("roles",Collections.singletonList(new BasicDBObject("role","read").append("db","admin"))); db.runCommand(createRole); System.out.println("test..createRole....end"); /* 查询显示角色,包含系统内置操作 db.getRole( "myChangeStream", { showPrivileges: true } ) { "role" : "myChangeStream", "db" : "admin", "isBuiltin" : false, "roles" : [ { "role" : "read", "db" : "admin" } ], "inheritedRoles" : [ { "role" : "read", "db" : "admin" } ], "privileges" : [ { "resource" : { "db" : "", "collection" : "" }, "actions" : [ "changeStream", "find", "insert" ] } ], "inheritedPrivileges" : [ { "resource" : { "db" : "", "collection" : "" }, "actions" : [ "changeStream", "find", "insert" ] }, { "resource" : { "db" : "admin", "collection" : "" }, "actions" : [ "changeStream", "collStats", "dbHash", "dbStats", "find", "killCursors", "listCollections", "listIndexes", "planCacheRead" ] }, { "resource" : { "db" : "admin", "collection" : "system.js" }, "actions" : [ "changeStream", "collStats", "dbHash", "dbStats", "find", "killCursors", "listCollections", "listIndexes", "planCacheRead" ] } ] } */ } }
"roles" : [ { "role" : "assetsReader", "db" : "assets" } ] use admin db.createUser( { user: "user_admin", pwd: "admin", roles: [{ role: "userAdminAnyDatabase", db: "admin" }] } ) db.createRole( { role: "myChangeStream", privileges: [ { resource: { cluster: true }, actions: [ "addShard" ] }, { resource: { db: "config", collection: "" }, actions: [ "find", "update", "insert", "remove" ] }, { resource: { db: "users", collection: "usersCollection" }, actions: [ "update", "insert", "remove" ] }, { resource: { db: "", collection: "" }, actions: [ "find","changeStream" ] } ], roles: [ { role: "read", db: "admin" } ] }, { w: "majority" , wtimeout: 5000 } ) db.updateRole( "myChangeStream", { privileges: [ { resource: { cluster: true }, actions: [ "addShard" ] }, { resource: { db: "config", collection: "" }, actions: [ "find", "update", "insert", "remove" ] }, { resource: { db: "users", collection: "usersCollection" }, actions: [ "update", "insert", "remove" ] }, { resource: { db: "", collection: "" }, actions: [ "find","changeStream","update" ] } ], roles: [ { role: "read", db: "admin" } ] }, { w: "majority" , wtimeout: 5000 } ) db.grantRolesToUser( "Yeshua", [ "readWrite" , { role: "changeStream", db: "test" } ], { w: "majority" , wtimeout: 4000 } ) changeStream > db.getRole( "myChangeStream", { showPrivileges: true } ) { "role" : "myChangeStream", "db" : "admin", "isBuiltin" : false, "roles" : [ { "role" : "read", "db" : "admin" } ], "inheritedRoles" : [ { "role" : "read", "db" : "admin" } ], "privileges" : [ { "resource" : { "db" : "", "collection" : "" }, "actions" : [ "changeStream", "find", "insert" ] } ], "inheritedPrivileges" : [ { "resource" : { "db" : "", "collection" : "" }, "actions" : [ "changeStream", "find", "insert" ] }, { "resource" : { "db" : "admin", "collection" : "" }, "actions" : [ "changeStream", "collStats", "dbHash", "dbStats", "find", "killCursors", "listCollections", "listIndexes", "planCacheRead" ] }, { "resource" : { "db" : "admin", "collection" : "system.js" }, "actions" : [ "changeStream", "collStats", "dbHash", "dbStats", "find", "killCursors", "listCollections", "listIndexes", "planCacheRead" ] } ] } >
db.updateRole view-a-role-s-privileges query-and-write-actions 用户权限管理 java-mongodb-authentication-example java-mongodb getting-started-with-mongodb-and-java-part-i mongo-java-driver-4.1
db.updateRole view-a-role-s-privileges query-and-write-actions 用户权限管理 java-mongodb-authentication-example java-mongodb getting-started-with-mongodb-and-java-part-i mongo-java-driver-4.1