revokeRolesFromUser

~~On this page~~本页内容

~~Definition~~定义
~~Required Access~~所需访问权限
~~Example~~示例

Definition定义

revokeRolesFromUser

~~Removes a one or more roles from a user on the database where the roles exist.~~ 从存在角色的数据库上的用户中删除一个或多个角色。~~The revokeRolesFromUser command uses the following syntax:~~revokeRolesFromUser命令使用以下语法：

{ revokeRolesFromUser: "<user>",
  roles: [
    { role: "<role>", db: "<database>" } | "<role>",
    ...
  ],
  writeConcern: { <write concern> },
  comment: <any>
}

~~The command has the following fields:~~该命令包含以下字段：

~~Field~~字段	~~Type~~类型	~~Description~~描述
`revokeRolesFromUser`	string	~~The user to remove roles from.~~要从中删除角色的用户。
`roles`	array	~~The roles to remove from the user.~~要从用户中删除的角色。
`writeConcern`	document	~~Optional.~~ 可选。~~The level of write concern for the operation.~~ 操作的写入关注级别。~~See Write Concern Specification.~~请参阅写入关注规范。
`comment`	any	~~Optional.~~ 可选。~~A user-provided comment to attach to this command. Once set, this comment appears alongside records of this command in the following locations:~~用户提供了附加到此命令的注释。设置后，此注释将与此命令的记录一起显示在以下位置： ~~mongod log messages, in the `attr.command.cursor.comment` field.~~`mongod`日志消息，在`attr.command.cursor.comment`字段中。 ~~Database profiler output, in the `command.comment` field.~~数据库探查器输出，在`command.comment`字段中。 ~~`currentOp` output, in the `command.comment` field.~~`currentOp`输出，在`command.comment`字段中。 ~~A comment can be any valid BSON type(string, integer, object, array, etc).~~注释可以是任何有效的BSON类型（字符串、整数、对象、数组等）。 New in version 4.4.在版本4.4中新增。

~~In the roles field, you can specify both built-in roles and user-defined roles.~~在roles字段中，可以指定内置角色和用户定义角色。

~~To specify a role that exists in the same database where revokeRolesFromUser runs, you can either specify the role with the name of the role:~~要指定运行revokeRolesFromUser的同一数据库中存在的角色，可以使用角色名称指定角色：

"readWrite"

~~Or you can specify the role with a document, as in:~~也可以使用文档指定角色，如：

{ role: "<role>", db: "<database>" }

~~To specify a role that exists in a different database, specify the role with a document.~~若要指定存在于其他数据库中的角色，请使用文档指定该角色。

~~Required Access~~所需访问权限

~~You must have the revokeRole action on a database to revoke a role on that database.~~必须对数据库执行revokeRole操作才能撤销该数据库上的角色。

Example示例

~~The accountUser01 user in the products database has the following roles:~~products数据库中的accountUser01用户具有以下角色：

"roles" : [
    { "role" : "assetsReader",
      "db" : "assets"
    },
    { "role" : "read",
      "db" : "stock"
    },
    { "role" : "readWrite",
      "db" : "products"
    }
]

The following revokeRolesFromUser command removes the two of the user's roles: the read role on the stock database and the readWrite role on the products database, which is also the database on which the command runs:以下revokeRolesFromUser命令删除了用户的两个角色：stock数据库上的read角色和products数据库上的readWrite角色，这也是运行该命令的数据库：

use products
db.runCommand( { revokeRolesFromUser: "accountUser01",
                 roles: [
                          { role: "read", db: "stock" },
                          "readWrite"
                 ],
                 writeConcern: { w: "majority" }
             } )

~~The user accountUser01 in the products database now has only one remaining role:~~products数据库中的用户accountUser01现在只剩下一个角色：

"roles" : [
    { "role" : "assetsReader",
      "db" : "assets"
    }
]

← grantRolesToUser updateUser →