grantRolesToUser

~~On this page~~本页内容

~~Definition~~定义
~~Syntax~~语法
~~Command Fields~~命令字段
~~Required Access~~所需访问权限
~~Example~~实例

Definition定义

grantRolesToUser: ~~Grants additional roles to a user.~~将其他角色授予用户。

Tip

~~In mongosh, this command can also be run through the db.grantRolesToUser() helper method.~~在mongosh中，这个命令也可以通过db.grantRolesToUser()助手方法运行。

Helper methods are convenient for mongosh users, but they may not return the same level of information as database commands. In cases where the convenience is not needed or the additional return fields are required, use the database command.助手方法对mongosh用户来说很方便，但它们可能不会返回与数据库命令相同级别的信息。如果不需要方便，或者需要额外的返回字段，请使用数据库命令。

Syntax语法

~~The grantRolesToUser command uses the following syntax:~~grantRolesToUser命令使用以下语法：

db.runCommand(
   {
     grantRolesToUser: "<user>",
     roles: [ <roles> ],
     writeConcern: { <write concern> },
     comment: <any>
   }
)

Command Fields命令字段

~~The command takes the following fields:~~该命令包含以下字段：

~~Field~~字段	~~Type~~类型	~~Description~~描述
`grantRolesToUser`	string	~~The name of the user to give additional roles.~~要赋予其他角色的用户的名称。
`roles`	array	~~An array of additional roles to grant to the user.~~要授予用户的附加角色的数组。
`writeConcern`	document	~~Optional.~~可选的。~~The level of write concern for the operation. See Write Concern Specification.~~ 操作的写入关注级别。请参阅写入关注规范。
`comment`	any	~~Optional.~~可选的。 ~~A user-provided comment to attach to this command. Once set, this comment appears alongside records of this command in the following locations:~~ 要附加到此命令的用户提供的注释。设置后，此注释将与此命令的记录一起显示在以下位置： mongod log messages, in the `attr.command.cursor.comment` field. Database profiler output, in the `command.comment` field. `currentOp` output, in the `command.comment` field. A comment can be any valid BSON type (string, integer, object, array, etc). ~~New in version 4.4.~~ 4.4版新增。

~~In the roles field, you can specify both built-in roles and user-defined roles.~~在角色字段中，可以指定内置角色和用户定义的角色。

~~To specify a role that exists in the same database where grantRolesToUser runs, you can either specify the role with the name of the role:~~要指定grantRolesToUser运行的同一数据库中存在的角色，可以使用角色名称指定该角色：

"readWrite"

~~Or you can specify the role with a document, as in:~~或者，您可以使用文档指定角色，如中所示：

{ role: "<role>", db: "<database>" }

~~To specify a role that exists in a different database, specify the role with a document.~~若要指定其他数据库中存在的角色，请使用文档指定该角色。

Required Access所需访问权限

~~You must have the grantRole action on a database to grant a role on that database.~~必须对数据库具有grantRole操作才能在该数据库上授予角色。

Example实例

~~Given a user accountUser01 in the products database with the following roles:~~给定products数据库中具有以下角色的accountUser01：

"roles" : [
    { "role" : "assetsReader",
      "db" : "assets"
    }
]

~~The following grantRolesToUser operation gives accountUser01 the read role on the stock database and the readWrite role on the products database.~~下面的grantRolesToUser操作为accountUser01提供了stock数据库上的read角色和products数据库上的readWrite角色。

use products
db.runCommand( { grantRolesToUser: "accountUser01",
                 roles: [
                    { role: "read", db: "stock"},
                    "readWrite"
                 ],
                 writeConcern: { w: "majority" , wtimeout: 2000 }
             } )

~~The user accountUser01 in the products database now has the following roles:~~products数据库中的用户accountUser01现在具有以下角色：

"roles" : [
    { "role" : "assetsReader",
      "db" : "assets"
    },
    { "role" : "read",
      "db" : "stock"
    },
    { "role" : "readWrite",
      "db" : "products"
    }
]

← dropUser revokeRolesFromUser →