我想允许某些用户更新和插入,但不能删除。我已经创建了以下角色
db.createRole({
role: "readWriteNoDelete",
privileges: [{
resource: {
db: "permitmanager",
collection: ""
},
actions: ["insert", "update"]
}],
roles: [{
role: "read",
db: "permitmanager"
}]
})
我已将其分配给当前用户,并通过运行以下命令进行确认:
> db.runCommand({connectionStatus : 1})
{
"authInfo" : {
"authenticatedUsers" : [
{
"user" : "defaultuser",
"db" : "admin"
}
],
"authenticatedUserRoles" : [
{
"role" : "read",
"db" : "permitmanager"
},
{
"role" : "readWriteNoDelete",
"db" : "permitmanager"
}
]
},
"ok" : 1
}
但是,我仍然可以从permitmanager的集合中删除:
> db
permitmanager
> db.leads.remove({"estDollarAmount": 0})
WriteResult({ "nRemoved" : 1 })
我想念什么?我认为,如果没有按照他们的特权执行“删除”操作,他们将无法执行此操作
答案 0 :(得分:0)
结果是未在数据库上启用身份验证(将--auth添加到mongod启动命令中)