(create-role db-name command-map & args)
Roles like users belong to a database,admin database is better to be used to know where all info is Requires = createRole/grantRole actions. Built in role 'userAdmin' can do those actions setAuthenticationRestriction action
Roles like users belong to a database,admin database is better to be used to know where all info is Requires = createRole/grantRole actions. Built in role 'userAdmin' can do those actions setAuthenticationRestriction action
(drop-all-roles-from-database db-name & args)
Removes all roles from the argument db(users that belong to the database) Requires = dropRole action
Removes all roles from the argument db(users that belong to the database) Requires = dropRole action
(drop-role db-name rolename & args)
Requires = dropRole action
Requires = dropRole action
(invalidate-user-cache db-name & args)
Flushes user information from in-memory cache, including removal of each user’s credentials and roles. This allows you to purge the cache at any given moment, regardless of the interval set in the userCacheInvalidationIntervalSecs parameter Requires = invalidateUserCache action on the cluster resource in order to use this command
Flushes user information from in-memory cache, including removal of each user’s credentials and roles. This allows you to purge the cache at any given moment, regardless of the interval set in the userCacheInvalidationIntervalSecs parameter Requires = invalidateUserCache action on the cluster resource in order to use this command
(revoke-privileges-from-role db-name rolename privileges & args)
The resource must be an exact much. Actions can be subsets
The resource must be an exact much. Actions can be subsets
(revoke-role-from-role db-name rolename privileges & args)
Both built-in roles and user-defined roles Requires = revokeRole action
Both built-in roles and user-defined roles Requires = revokeRole action
(roles-info db-name command-map & args)
Command { rolesInfo: <see below> showPrivileges: <Boolean> showBuiltinRoles: <Boolean> }
rolesInfo { rolesInfo: 1, showBuiltinRoles: true } all from the db run command { rolesInfo: { role: <rolename>, db: <database> } } { rolesInfo: [ 'roleName' { role : <name>, db: <db> } ...] } many Requires = viewRole action to see a role you dont have (but each user is allowed to see their personal roles info)
Command { rolesInfo: <see below> showPrivileges: <Boolean> showBuiltinRoles: <Boolean> } rolesInfo { rolesInfo: 1, showBuiltinRoles: true } all from the db run command { rolesInfo: { role: <rolename>, db: <database> } } { rolesInfo: [ 'roleName' { role : <name>, db: <db> } ...] } many Requires = viewRole action to see a role you dont have (but each user is allowed to see their personal roles info)
(update-role db-name command-map & args)
Requires = revokeRole action on all databases in order to update a role grantRole action on the database of each role in the roles array to update the array grantRole action on the database of each privilege in the privileges array to update the array If a privilege’s resource spans databases, you must have grantRole on the admin database. A privilege spans databases if the privilege is any of the following a collection in all database all collections and all databas the cluster resource setAuthenticationRestriction action on the database of the target role if change :authenticationRestrictions
A top level field that is present in the update command => completly replace the old one its like invoke first and grant after For not fully replace use grant/revoke commands
Requires = revokeRole action on all databases in order to update a role grantRole action on the database of each role in the roles array to update the array grantRole action on the database of each privilege in the privileges array to update the array If a privilege’s resource spans databases, you must have grantRole on the admin database. A privilege spans databases if the privilege is any of the following a collection in all database all collections and all databas the cluster resource setAuthenticationRestriction action on the database of the target role if change :authenticationRestrictions A top level field that is present in the update command => completly replace the old one its like invoke first and grant after For not fully replace use grant/revoke commands
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close