On this page本页内容
usersInfo
Returns information about one or more users.返回有关一个或多个用户的信息。
The usersInfo command has the following form:usersInfo命令的格式如下:
{
usersInfo: <various>,
showCredentials: <Boolean>,
showCustomData: <Boolean>,
showPrivileges: <Boolean>,
showAuthenticationRestrictions: <Boolean>,
filter: <document>,
comment: <any>
}
The command has the following fields:该命令包含以下字段:
usersInfo | various |
|
showCredentials | boolean |
|
showCustomData | boolean |
|
showPrivileges | boolean |
|
showAuthenticationRestrictions | boolean |
|
filter | document |
|
comment | any |
A comment can be any valid BSON type(string, integer, object, array, etc).
|
usersInfo: <various>{ usersInfo: <various> }
The argument to usersInfo has multiple forms depending on the requested information:usersInfo的参数有多种形式,具体取决于请求的信息:
| Argument | Returns |
|---|---|
{ usersInfo: 1 } |
|
{ usersInfo: <username> } |
|
{ usersInfo: { user: <name>, db: <db> } } | |
{ usersInfo: [ { user: <name>, db: <db> }, ... ] }{ usersInfo: [ <username1>, ... ] } | |
{ forAllDBs: true } |
|
Users can always view their own information.用户可以随时查看自己的信息。
To view another user's information, the user running the command must have privileges that include the 要查看其他用户的信息,运行该命令的用户必须具有包括其他用户数据库上的viewUser action on the other user's database.viewUser操作在内的权限。
The following information can be returned by the 根据指定的选项,usersInfo depending on the options specified:usersInfo可以返回以下信息:
{
"users" : [
{
"_id" : "<db>.<username>",
"userId" : <UUID>,
// Starting in MongoDB 4.0.9
"user" : "<username>",
"db" : "<db>",
"mechanisms" : [ ... ], // Starting in MongoDB 4.0
"customData" : <document>,
"roles" : [ ... ],
"credentials": { ... }, // only if showCredentials: true
"inheritedRoles" : [ ... ], // only if showPrivileges: true or showAuthenticationRestrictions: true
"inheritedPrivileges" : [ ... ], // only if showPrivileges: true or showAuthenticationRestrictions: true
"inheritedAuthenticationRestrictions" : [ ] // only if showPrivileges: true or showAuthenticationRestrictions: true
"authenticationRestrictions" : [ ... ] // only if showAuthenticationRestrictions: true
},
...
],
"ok" : 1
}
To see information and privileges, but not the credentials, for the user 要查看"Kari" defined in "home" database, run the following command:"home"数据库中定义的用户"Kari"的信息和权限,但不查看凭据,请运行以下命令:
db.runCommand(
{
usersInfo: { user: "Kari", db: "home" },
showPrivileges: true
}
)
To view a user that exists in the current database, you can specify the user by name only. 要查看当前数据库中存在的用户,可以仅按名称指定该用户。For example, if you are in the 例如,如果您在home database and a user named "Kari" exists in the home database, you can run the following command:home数据库中,并且主数据库中存在名为"Kari"的用户,则可以运行以下命令:
db.getSiblingDB("home").runCommand( { usersInfo: "Kari", showPrivileges: true } )
To view info for several users, use an array, with or without the optional fields 要查看多个用户的信息,请使用一个数组,可以使用或不使用可选字段showPrivileges and showCredentials. showPrivileges和showCredentials。For example:例如:
db.runCommand( {
usersInfo: [ { user: "Kari", db: "home" }, { user: "Li", db: "myApp" } ],
showPrivileges: true
} )
To view all users on the database the command is run, use a command document that resembles the following:要查看命令运行时数据库上的所有用户,请使用类似于以下内容的命令文档:
db.runCommand( { usersInfo: 1 } )
When viewing all users, you can specify the 查看所有用户时,可以指定showCredentials option but not the showPrivileges or the showAuthenticationRestrictions options.showCredentials选项,但不能指定showPrivileges或showAuthenticationRestrictions选项。
New in version 4.0.在版本4.0中新增。 The usersInfo command can accept a filter document to return information for users that match the filter condition.usersInfo命令可以接受filter文档,以返回与筛选条件匹配的用户的信息。
To view all users in the current database who have the specified role, use a command document that resembles the following:要查看当前数据库中具有指定角色的所有用户,请使用类似于以下内容的命令文档:
db.runCommand( { usersInfo: 1, filter: { roles: { role: "root", db: "admin" } } } )
When viewing all users, you can specify the 查看所有用户时,可以指定showCredentials option but not the showPrivileges or the showAuthenticationRestrictions options.showCredentials选项,但不能指定showPrivileges或showAuthenticationRestrictions选项。
SCRAM-SHA-1 CredentialsSCRAM-SHA-1凭据的所有用户New in version 4.0.在版本4.0中新增。 The usersInfo command can accept a filter document to return information for users that match the filter condition.usersInfo命令可以接受filter文档,以返回与筛选条件匹配的用户的信息。
The following operation returns all users that have 以下操作将返回具有SCRAM-SHA-1 credentials. SCRAM-SHA-1凭据的所有用户。Specifically, the command returns all users across all databases and then uses the 具体来说,该命令返回所有数据库中的所有用户,然后使用$match stage to apply the specified filter to the users.$match阶段将指定的筛选器应用于用户。
db.runCommand( { usersInfo: { forAllDBs: true}, filter: { mechanisms: "SCRAM-SHA-1" } } )
When viewing all users, you can specify the 查看所有用户时,可以指定showCredentials option but not the showPrivileges or the showAuthenticationRestrictions options.showCredentials选项,但不能指定showPrivileges或showAuthenticationRestrictions选项。
New in version 5.2.在版本5.2中新增。To omit users' custom data from the 要从usersInfo output, set the showCustomData option to false.usersInfo输出中省略用户的自定义数据,请将showCustomData选项设置为false。
Use the 使用createUser command to create a user named accountAdmin01 on the products database:createUser命令在产品数据库上创建名为accountAdmin01的用户:
db.getSiblingDB("products").runCommand( { createUser: "accountAdmin01", pwd: passwordPrompt(), customData: { employeeId: 12345 }, roles: [ { role: 'readWrite', db: 'products' } ] } )
The user contains a 用户包含customData field of { employeeId: 12345 }.{ employeeId: 12345 }的customData字段。
To retrieve the user but omit the custom data from the output, run 要检索用户但忽略输出中的自定义数据,请运行usersInfo with showCustomData set to false:usersInfo并将showCustomData设置为false:
db.getSiblingDB("products").runCommand ( { usersInfo: "accountAdmin01", showCustomData: false } )
Example output:示例输出:
{
users: [
{
_id: 'products.accountAdmin01',
userId: UUID("0955afc1-303c-4683-a029-8e17dd5501f4"),
user: 'accountAdmin01',
db: 'products',
roles: [ { role: 'readWrite', db: 'products' } ],
mechanisms: [ 'SCRAM-SHA-1', 'SCRAM-SHA-256' ]
}
],
ok: 1
}