我们如何管理一个数据库可以做什么,例如,如果我想允许用户连接我的数据库并允许他们创建新文档但不更新它们,有没有办法做到这一点?
答案 0 :(得分:2)
您必须创建一个允许插入但不更新的用户定义角色,然后将该用户分配给它。请参阅以下链接作为参考 A User-Defined Role Specifies Privileges
{
_id: "myApp.appUser",
role: "appUser",
db: "myApp",
privileges: [
{ resource: { db: "myApp" , collection: "" },
actions: [ "find", "createCollection", "dbStats", "collStats" ] },
{ resource: { db: "myApp", collection: "logs" },
actions: [ "insert" ] },
{ resource: { db: "myApp", collection: "data" },
actions: [ "insert", "update", "remove", "compact" ] },
{ resource: { db: "myApp", collection: "system.js" },
actions: [ "find" ] },
],
roles: []
}