mongodb roles
system.roles集合删不掉
当你自定义了特权(角色):
db.createRole({role: "dropSystemViewsAnyDatabase",privileges: [{actions: [ "dropCollection" ],resource: { db: "", collection: "system.roles" }}],roles: []}
)
// admin库下自动生成system.roles集合:
{"_id" : "admin.dropSystemViewsAnyDatabase","role" : "dropSystemViewsAnyDatabase","db" : "admin","privileges" : [ {"resource" : {"db" : "","collection" : "system.roles"},"actions" : [ "dropCollection"]}],"roles" : []
}// 然后期望配置该权限能删除system.roles集合,但是并没有用,不得而知
{"_id" : "admin.admin","userId" : UUID("198fe62e-8f36-421e-877e-4d73ca1a1fe4"),"user" : "admin","db" : "admin","credentials" : {"SCRAM-SHA-1" : {"iterationCount" : 10000,"salt" : "rmYnVC/Kc8U8jHJ8Xoa0AA==","storedKey" : "s2s+seXTlu5e/Et3RBMRjcT+1sc=","serverKey" : "qwEGx4vyIn6UHWXiPwDYVSAb9QA="},"SCRAM-SHA-256" : {"iterationCount" : 15000,"salt" : "UEJ8pbH7IU7HFyhjjQCn31h2OY5GjZ6SXONgjw==","storedKey" : "z6otQQpA4/SU5N6VJfuD3mm68kBH0z+5aKIexmgXaP4=","serverKey" : "MdeLFLQOh7gM93WrNioub9UjLSc8SREDQZskfT7wiYQ="}},"roles" : [ {"role" : "root", // 该权限可以读写除了system.*之外的所有"db" : "admin"}, {"role" : "__system", // 该权限可以读写system.*"db" : "admin"}, {"role" : "dropSystemViewsAnyDatabase",// 配置了自定义的权限,但是并没有用,不得而知"db" : "admin"}]
}ps:就算取消了登录授权依然删不掉system.role,有哪个同学晓得啊???
