About the writeConcern parameter: Before I speak of the commands I will leave here a description of the writeConcern object, which is optional parameter for all commands below. It indicates how the database will behave / confirm during the execution of the command. There are three possible attributes within it:
-
w - How many instances do you want to confirm the operation. The majority option asks most voter nodes to confirm the operation. More information here .
-
j - Asks that the nodes have written the data in journal . More information here .
-
wtimeout - Specify a limit, in milliseconds, to wait for confirmation. More information here .
Create user and give basic access to a database: Considering basic permissions such as ability to write and read, creating user joao in> would look like this:
use teste
db.createUser(
{
user: "joao",
pwd: "abc123",
roles: [ { role: "readWrite", db: "teste" } ]
}
,
{
w: "majority"
,wtimeout: 5000
}
)
You can create the user in any bank, this does not limit that he has permissions only in that bank. You can, for example, create two users with the same name on different banks, with different permissions. At the time of access he must decide against which bank he is authenticating.
Update permissions: There are two commands to modify permissions:
- Add user administration permission on test user joao I created earlier:
db.grantRolesToUser( "joao", [ "userAdminAnyDatabase" ], {w: "majority", wtimeout: 5000})
- Remove user administration permission from joao :
db.revokeRolesFromUser( "joao", [ "userAdminAnyDatabase" ], {w: "majority", wtimeout: 5000}) .
There are pre-defined roles, which are listed here .
Delete a user: You can use the db.dropUser(usuario, writeConcern) command. The first parameter is the user login, the second is the object that I explained at the beginning of the response. Here is an example to exclude the joao user from the test :
use teste
db.dropUser("joao", {w: "majority", wtimeout: 5000})
