假设业务的数据库名称为:apple,那么一般需要给业务提供一个读写角色和一个只读角色:
###################################
创建只读角色:
use admin; db.createRole( { role: "apple_r", privileges: [ { resource: { db: "apple", collection: "" }, actions: [ "find", "listCollections","listIndexes"] } ], roles: [] } ); ##################################
创建读写角色:
use admin; db.createRole( { role: "apple_rw", privileges: [ { resource: { db: "apple", collection: "" }, actions: [ "find", "listCollections","listIndexes","insert","remove","update"] } ], roles: [] } );
##############################
创建只读账号:
use admin; db.createUser({user:"apple_r", pwd:"123456", roles:[{role:"apple_r",db:"admin"}]}); ###############################
创建读写账号: use admin; db.createUser({user:"apple_rw", pwd:"123456", roles:[{role:"apple_rw",db:"admin"}]});