向用户app_admin授予readWrite权限,如下所示:
db.createUser({"user":"app_admin", "pwd":"itnihao", "roles": [{"role": "readWrite", "db":"app1"},{"role": "readWrite", "db":"app2"},{"role": "readWrite", "db":"app3"}]})
问题是用户app_admin如何在没有app1权限的情况下发现可见数据库app2,app3,listDatabases?
我发现mongod GUI工具studio 3T,Mongodb Compass可以做到这一点。
答案 0 :(得分:0)
在tcpdump studio 3T之后,找到usersInfo可以执行此操作。
> db.runCommand({"usersInfo": {"user": "app_admin", "db": "admin"}})
{
"users" : [
{
"_id" : "admin.app_admin",
"user" : "app_admin",
"db" : "admin",
"roles" : [
{
"role" : "readWrite",
"db" : "app4"
},
{
"role" : "readWrite",
"db" : "app1"
},
{
"role" : "readWrite",
"db" : "app2"
},
{
"role" : "readWrite",
"db" : "app3"
}
]
}
],
"ok" : 1
}