readAnyDatabase角色4.0版本后不再支持local和config库的读权限。
若想获得local和config的读权限?
解决:在usr下单独添加config和local库的read角色。
db.updateUser("dddddd",{roles:[ {role:"read",db:"local"},{role:"readAnyDatabase",db:"admin"} ]})
参考文档:
https://docs.mongodb.com/manual/reference/built-in-roles/#dbAdmin
https://docs.mongodb.com/manual/reference/command/updateUser/
使用pymongo示例:
from pymongo import MongoClient class RdsMongoClient(MongoClient): ALMOST_SYNC_INTERVAL = 10 # seconds @classmethod def new(cls, ip, port, user=None, pwd=None, set_name=None, w='majority', **kwargs): conn_url = get_mongo_conn_url(ip, port, user, pwd, set_name) return cls(conn_url, maxIdleTimeMS=3000, socketTimeoutMS=60000, connectTimeoutMS=3000, serverSelectionTimeoutMS=30000, waitQueueTimeoutMS=3000, waitQueueMultiple=3000, w=w, **kwargs)
cli = RdsMongoClient.new( "localhost", 3042, user='user', pwd='password') # db.updateUser("dddddd",{roles:[ {role:"read",db:"local"},{role:"readAnyDatabase",db:"admin"} ]}) roles = [ {"role": "readAnyDatabase", "db": "admin"}, {"role": "read", "db": "local"}, {"role": "read", "db": "config"} ] cli.create_super_user('dddd', '123456aA', roles=roles)