db.getRoles()
Nesta página
Definição
db.getRoles()
Returns information for all the roles in the database on which the command runs. The method can be run with or without an argument.
If run without an argument,
db.getRoles()
returns inheritance information for the database's user-defined roles.To return more information, pass the
db.getRoles()
a document with the following fields:CampoTipoDescriçãorolesInfo
inteiro
Set this field to
1
to retrieve all user-defined roles.showAuthenticationRestrictions
booleano
Optional. Set this field to
true
to include authentication restrictions in the output. Authentication restrictions indicate the IP addresses that users with this role can connect to and from.By default, this field is
false
, meaning that thedb.getRoles()
output does not include authentication restrictions.showBuiltinRoles
booleano
Optional. Set this field to true to display built-in roles as well as user-defined roles.
showPrivileges
booleano
Optional. Set this field to
true
to show role privileges, including both privileges inherited from other roles and privileges defined directly. By default, the command returns only the roles from which this role inherits privileges and does not return specific privileges.db.getRoles()
encapsula o comandorolesInfo
.
Compatibilidade
Esse método está disponível em implantações hospedadas nos seguintes ambientes:
Importante
Este comando não é suportado em clusters MongoDB Atlas . Para obter informações sobre o suporte do Atlas para todos os comandos, consulte Comandos não suportados.
MongoDB Enterprise: a versão autogerenciada e baseada em assinatura do MongoDB
MongoDB Community: uma versão com código disponível, de uso gratuito e autogerenciada do MongoDB
Acesso necessário
To view a role's information, you must be either explicitly granted the
role or must have the viewRole
ação on the role's database.
Exemplos
The examples in this section show how to use db.getRoles
to:
Show Role Privileges and Built-In Roles
The following operation returns all the roles on the products
database, including role privileges and built-in roles:
use products db.getRoles( { rolesInfo: 1, showPrivileges: true, showBuiltinRoles: true } )
Example output (shortened for readability):
{ roles: [ { role: 'dbOwner', db: 'products', isBuiltin: true, roles: [], inheritedRoles: [], privileges: [ { resource: { db: 'products', collection: '' }, actions: [ 'analyze', 'bypassDocumentValidation', 'changeCustomData', ... ] }, { resource: { db: 'products', collection: 'system.profile' }, actions: [ 'changeStream', 'collStats', 'convertToCapped', ... ] } ], inheritedPrivileges: [ { resource: { db: 'products', collection: '' }, actions: [ 'analyze', 'bypassDocumentValidation', 'changeCustomData', ... ] } ] }, ... ] }
Show Authentication Restrictions
The following operation returns role inheritance information and
authentication restrictions for all user-defined roles on the product
database:
use products db.getRoles( { rolesInfo: 1, showAuthenticationRestrictions: true } )
Saída de exemplo:
{ roles: [ { _id: 'products.associate', role: 'associate', db: 'products', roles: [ { role: 'readWrite', db: 'products' } ], authenticationRestrictions: [ [ { clientSource: [ '198.51.100.0' ] } ] ], isBuiltin: false, inheritedRoles: [ { role: 'readWrite', db: 'products' } ], inheritedAuthenticationRestrictions: [ [ { clientSource: [ '198.51.100.0' ] } ] ] } ], ok: 1 }