Ami*_*ule 2 mongodb mongodb-query mongobee
我最近4.2.0从4.0.2. 在以前的版本中,用户可以访问 system.indexes 但升级后,用户无法访问 system.indexes 集合。用户已具有 readWrite 角色。另外,我尝试给 dbAdmin,但仍然没有运气。
为 mongo 启用调试日志后,它向我显示not authorized for query on testdb.system.indexes src/mongo/db/commands/find_cmd.cpp 170.
有人遇到过这个问题吗?
下面是输出
{
"role" : "read",
"db" : "testdb",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ],
"privileges" : [
{
"resource" : {
"db" : "testdb",
"collection" : ""
},
"actions" : [
"changeStream",
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "testdb",
"collection" : "system.js"
},
"actions" : [
"changeStream",
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
}
],
"inheritedPrivileges" : [
{
"resource" : {
"db" : "testdb",
"collection" : ""
},
"actions" : [
"changeStream",
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
},
{
"resource" : {
"db" : "testdb",
"collection" : "system.js"
},
"actions" : [
"changeStream",
"collStats",
"dbHash",
"dbStats",
"find",
"killCursors",
"listCollections",
"listIndexes",
"planCacheRead"
]
}
]
}
我可以通过为 system.indexes 集合创建一个新角色并将这个角色附加到用户来解决这个问题。
db.createRole({role : "readWriteSystem", privileges: [{resource: { db: "testdb", collection: "system.indexes" }, actions: [ "changeStream", "collStats", "convertToCapped", "createCollection", "createIndex", "dbHash", "dbStats", "dropCollection", "dropIndex", "emptycapped", "find", "insert", "killCursors", "listCollections", "listIndexes", "planCacheRead", "remove", "renameCollectionSameDB", "update" ]}], roles:[]})
db.grantRolesToUser('testuser', ['readWriteSystem'])
奇怪的是,当您通过替换 binaries升级 mongo 时会发生此问题。
我尝试安装一个新的实例,安装了 4.2 mongo,然后将数据复制到它,它工作正常。但由于某些技术原因,我无法在生产中做到这一点。
亲爱的 Mongo 团队,
我尝试使用https://docs.mongodb.com/manual/tutorial/upgrade-revision/#upgrade-replace-binaries升级 mongo ,但遇到了上述问题。我认为文档缺少与system.indexes访问相关更改相关的一些细节
| 归档时间: |
|
| 查看次数: |
1784 次 |
| 最近记录: |