db.getRole()

~~On this page~~本页内容

~~Definition~~释义
~~Required Access~~所需访问权限
~~Examples~~示例
~~Show Role Inheritance Information~~显示角色继承信息
~~Show Role Privileges~~显示角色权限
~~Show Authentication Restrictions~~显示身份验证限制

Definition释义

db.getRole(rolename, args)

~~Returns the roles from which this role inherits privileges.~~ 返回此角色从中继承权限的角色。~~Optionally, the method can also return all the role's privileges.~~可选地，该方法还可以返回角色的所有权限。

~~Run db.getRole() from the database that contains the role.~~ 从包含角色的数据库中运行db.getRole()。~~The command can retrieve information for both user-defined roles and built-in roles.~~该命令可以检索用户定义角色和内置角色的信息。

~~The db.getRole() method accepts the following parameters:~~db.getRole()方法接受以下参数：

~~Parameter~~参数	~~Type~~类型	~~Description~~描述
`rolename`	string	~~The name of the role.~~角色的名称。
`args`	document	~~Optional. A document specifying additional arguments.~~可选的。指定附加参数的文档。

~~The args document supports the following optional fields:~~args文档支持以下可选字段：

~~Field~~字段	~~Type~~类型	~~Description~~描述
`showAuthenticationRestrictions`	boolean	~~Optional.~~可选的。~~Set this field to `true` to include authentication restrictions in the output.~~ 将此字段设置为`true`可在输出中包含身份验证限制。~~Authentication restrictions indicate the IP addresses that users with this role can connect to and from.~~身份验证限制指示具有此角色的用户可以连接到的IP地址和可以从中连接的IP地址。 ~~By default, this field is `false`, meaning that the `db.getRole()` output does not include authentication restrictions.~~ 默认情况下，此字段为`false`，这意味着`db.getRole()`输出不包括身份验证限制。
`showBuiltinRoles`	boolean	~~Optional.~~可选的。~~Set this field to `true` to include built-in roles in the output.~~ 将此字段设置为`true`可在输出中包含内置角色。~~By default, this field is set to `false`, and the output for `rolesInfo: 1` displays only user-defined roles.~~默认情况下，此字段设置为`false`，`rolesInfo:1`的输出仅显示用户定义的角色。
`showPrivileges`	boolean	~~Optional.~~可选的。~~Set this field to `true` to show role privileges, including both privileges inherited from other roles and privileges defined directly.~~ 将此字段设置为`true`可显示角色权限，包括从其他角色继承的权限和直接定义的权限。~~By default, the command returns only the roles from which this role inherits privileges and does not return specific privileges.~~默认情况下，该命令只返回此角色继承权限的角色，而不返回特定权限。

~~db.getRole() wraps the rolesInfo command.~~db.getRole()包装rolesInfo命令。

Required Access所需访问权限

~~To view a role's information, you must be either explicitly granted the role or must have the viewRole action on the role's database.~~若要查看角色的信息，必须明确授予您该角色，或者必须对角色的数据库执行viewRole 操作。

Examples实例

~~The examples in this section show how to use db.getRoles to:~~本节中的示例显示了如何使用db.getRoles执行以下操作：

~~Show Role Inheritance Information~~显示角色继承信息
~~Show Role Privileges~~显示角色权限
~~Show Authentication Restrictions~~显示身份验证限制

Show Role Inheritance Information显示角色继承信息

~~The following operation returns role inheritance information for the role associate defined on the products database:~~以下操作返回在products数据库上定义的角色associate的角色继承信息：

use products
db.getRole( "associate" )

~~Example output:~~示例输出：

{
  _id: 'products.associate',
  role: 'associate',
  db: 'products',
  roles: [ { role: 'readWrite', db: 'products' } ],
  inheritedRoles: [ { role: 'readWrite', db: 'products' } ],
  isBuiltin: false
}

Show Role Privileges显示角色权限

~~The following operation returns role inheritance information and privileges for the role associate defined on the products database:~~以下操作返回在products数据库上定义的角色associate的角色继承信息和权限：

use products
db.getRole( "associate", { showPrivileges: true } )

~~Example output:~~输出示例：

{
  _id: 'products.associate',
  role: 'associate',
  db: 'products',
  privileges: [
    {
      resource: { db: 'products', collection: '' },
      actions: [ 'bypassDocumentValidation' ]
    }
  ],
  roles: [ { role: 'readWrite', db: 'products' } ],
  inheritedRoles: [ { role: 'readWrite', db: 'products' } ],
  inheritedPrivileges: [
    {
      resource: { db: 'products', collection: '' },
      actions: [ 'bypassDocumentValidation' ]
    },
    {
      resource: { db: 'products', collection: '' },
      actions: [
        'changeStream',
        'collStats',
        'compactStructuredEncryptionData',
        'convertToCapped',
        'createCollection',
        'createIndex',
        'dbHash',
        'dbStats',
        'dropCollection',
        'dropIndex',
        'find',
        'insert',
        'killCursors',
        'listCollections',
        'listIndexes',
        'planCacheRead',
        'remove',
        'renameCollectionSameDB',
        'update'
      ]
    }
  ],
  isBuiltin: false
}

Show Authentication Restrictions显示身份验证限制

~~The following operation returns role inheritance information and authentication restrictions for the role associate defined on the products database:~~以下操作返回在products数据库上定义的角色associate的角色继承信息和身份验证限制：

use products
db.getRole( "associate", { showAuthenticationRestrictions: true } )

~~Example output:~~输出示例：

{
  _id: 'products.associate',
  role: 'associate',
  db: 'products',
  roles: [ { role: 'readWrite', db: 'products' } ],
  authenticationRestrictions: [
    [ { clientSource: [ '198.51.100.0' ] } ]
  ],
  inheritedRoles: [ { role: 'readWrite', db: 'products' } ],
  inheritedAuthenticationRestrictions: [
    [ { clientSource: [ '198.51.100.0' ] } ]
  ],
  isBuiltin: false
}

← db.dropAllRoles() db.getRoles() →