Assignment MongoDB
Assignment MongoDB
Syntax:
db.createUser(user, writeConcern)
Parameters:
1. user: It contains authentication and access information about the user to create. It is a
document.
“read”
Or you can specify a document that contains the role and db fields. It is generally used when
the role is specified in a different database.
2. writeConcern: It is an optional parameter. It manages the level of Write Concern for the
creation operation. It takes the same field as the getLastError Command takes.
Notes:
In MongoDB, the first created user in the database must be the admin user. The admin
user has the privileges to maintain all the users. Also, you are not allowed to create
users in the local database.
db.createUser() Sends Password And All Other Data to The MongoDB Instance
Without Any Encryption. To Encrypt the Password During Transmission, Use
TLS/SSL In order To Encrypt It.
Example:
In this example, we are going to create an administrative user in the admin database and gives
the user readWrite access to the config database which lets the user change certain settings
for sharded clusters.
db.createUser(
{
user: "hello_admin",
pwd: "hello123",
roles:
[
{ role:"readWrite",db:"config"},
"clusterAdmin"
] } );
So to create an administrative user first we use the admin database. In this database, we create
an admin user using the createUser() method. In this method, we set the user name is
“hello_admin”, password is “hello123” and the roles of the admin user are readWrite, config,
clusterAdmin.
How to create a normal user without any roles?
In MongoDB, we can create a user without any roles by specifying an empty array[] in the
role field in createUser() method.
Syntax:
Example:
Here, we are working on the “example” database and created a user named “geeks” without
roles.
How to create a user with some specifying roles?
In MongoDB, we can create a user with some specified roles using the createUser() method.
In this method, we can specify the roles that the user will do after creating. Let us discuss this
concept with the help of an example:
Example:
In this example, we are going to create a user with some specified roles.
db.createUser(
...{
...user: "new_one_role",
...pwd: with_roles",
...roles:["readWrite", "dbAdmin"]
...}
...);
Here, we create a user whose name is “new_one_role”, password is “with_roles” and the
specified roles are:
readWrite Role: This role provides all the privileges of the read role plus the ability to
modify data on all non-system collections.
dbAdmin Role: This role gives the ability to the user to perform administrative tasks
such as schema-related tasks, indexing. It does not grant privileges for the User and
Role Management.
db.createUser(
{
user: "robert",
pwd: "hellojose",
roles:[{role: "userAdmin" , db:"example"}]})
Here, we create a user whose user name is “Robert”, password is “hellojose”, and we assign a
role for the user which in this case needs to be a database administrator so it is assigned to the
“userAdmin” role. This role will allow the user to have administrative privileges only to the
database specified in the db option, i.e., “example”.
clientSource: If the value of this field is present, so when a user is authenticating the
server verifies the client IP by checking the IP address in the given list or CIDR range
in the list. If the client IP present in the list then the server authenticate the client or if
not then server will not authenticate the user.
serverAddress: It is a list of IP addresses or CIDR ranges to which the client can
connect. If the value of this field is present in the list, then the server verify the client
connection and if the connection was established via unrecognized IP address, then
the server does not authenticate the user.
Example:
Here we create a user named “restrict” in the admin database. So this user may only
authenticate if connecting from IP address 192.168.65.10 to this server address IP address
198.157.56.0.
Syntax:
db.dropUser(“Username”)
Example:
db.dropUser("robert")