Fourth, MongoDB's permission mechanism and backup and restore

Article Directory

Authority mechanism

account number

db.createUser({
	"user":"账号",
	"pwd":"密码",
	"roles":[{
		role:"角色",
		db:"所属数据库"
	}],
})
// 角色种类
超级用户角色:root
数据库用户角色:read、readWrite
数据库管理角色:dbAdmin、userAdmin
集群管理角色:clusterAdmin、clusterMonitor、hostManager
备份恢复角色:backup、restore
所有数据库角色:readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabse、dbAdminAnyDatabase
//角色说明
root:只在admin数据库中可用,超级账号,超级权限
read:允许用户读取指定数据库
readWrite:允许用户读写指定数据库
dbAdmin:允许用户在指定数据库中执行管理函数,如创建索引、删除、查看统计或访问system.profile
dbAdminAnyDatabase: 只在admin数据库中可用,赋予用户所有数据库的dbAdmin权限

Steps

a, add super administrator

db.createUser({
	"user":"root",
	"pwd":"root",
	"roles":[{
		role:"root",
		db:"admin"
	}],
})
Insert picture description here

b. Exit the uninstall service

Pay attention to run the command under the administrator identitymongod --remove
Insert picture description here

c. Install the MongoDB service that requires authentication and start the service

binExecute the following command under the path. At

Insert picture description here


this time, open a new black window to input mongo, and then check the database, you will find that you can't see the database

Insert picture description here

d. Login with super administrator account

mongo ip地址:端口 /数据库名 -u 账号 -p 密码
mongo 127.0.0.1:27017/admin -u root -p root

Insert picture description here


You can see the database at this time

Create a test user

Below we stucreate a user with only read permissions and a user with read and write permissions adminunder the database . All users created will be system userstored under the database


use stu //进入到stu数据库下
//read用户
db.createUser({
	"user":"read",
	"pwd":"read",
	"roles":[{
		role:"read",
		db:"stu"
	}],
})
//readAndWrite用户
db.createUser({
	"user":"readAndWrite",
	"pwd":"readAndWrite",
	"roles":[{
		role:"readWrite",
		db:"stu"
	}],
})
Insert picture description here


You can see that the readuser has only read permission, but no write permission.
Let's try the readAndWriteuser.

Insert picture description here


We can see that the readAndWriteuser successfully inserted a piece of data.

data backup

Syntax: mongodump -h -port -u -p -d -o
-h: hostserver IP address (usually do not write, default native)
-port: port (usually do not write, default 27017)
-u: userAccount
-p: pwdPassword
-d: databasedatabase (do not write to export all database)
-o: openbackup to the specified directory

Insert picture description here


If this error is reported, it is because MongoDB4.4many methods are not integrated in the bindirectory after the version . Go to the official address to download the installation package, and bincopy the files you need in the directory after decompression to the original bindirectory.

Insert picture description here


Execute the above command again

Insert picture description here


Insert picture description here


. All the databases are backed up here.
You can specify the database name through the database user to back up the specified database. (Note that the super administrator account is not used here)

Data restoration

Syntax: mongorestore -h -port -u -p -d --drop 备份数据目录
-h: hostserver IP address (usually do not write, default native)
-port: port (usually do not write, default 27017)
-u: userAccount
-p: pwdPassword
-d: databasedatabase (do not write it to restore all database)
--drop: delete and then import, do not write it covered

First studelete the database for us

Insert picture description here


and then restore the data.

Insert picture description here


After logging in, check the database again, and you will find that the studatabase has been restored.

Insert picture description here