Hawkin
/
arangodb
mirror of https://gitee.com/bigwinds/arangodb
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

add grant & revoke database

This commit is contained in:
Frank Celler 2016-06-22 13:39:41 +02:00
parent edd22df7fc
commit c67dd89256
5 changed files with 197 additions and 238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

232
Documentation/Books/Manual/Administration/Configuration/Authentication.mdpp
View File

@ -1,232 +0,0 @@
!CHAPTER Authentication and Authorization
!SUBSECTION Authentication and Authorization
ArangoDB only provides a very simple authentication interface and no
authorization. We plan to add authorization features in later releases, which
will allow the administrator to restrict access to collections and queries to
certain users, given them either read or write access.
Currently, you can only secure the access to ArangoDB in an all-or-nothing
fashion. The collection *_users* contains all users and a salted SHA256 hash
of their passwords. A user can be active or inactive. A typical document of this
collection is
@startDocuBlockInline USER_01_authFetch
@EXAMPLE_ARANGOSH_OUTPUT{USER_01_authFetch}
db._users.toArray()
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_01_authFetch
!SUBSECTION Command-Line Options for the Authentication and Authorization
<!-- arangod/RestServer/ArangoServer.h -->
@startDocuBlock server_authentication
<!-- arangod/RestServer/ArangoServer.h -->
@startDocuBlock serverAuthenticateSystemOnly
!SECTION Introduction to User Management
ArangoDB provides basic functionality to add, modify and remove database users
programmatically. The following functionality is provided by the *users* module
and can be used from inside arangosh and arangod.
Users can also be managed from within the web interface while logged in to the
*_system* database.
!SUBSECTION Save
`users.save(user, passwd, active, extra, changePassword)`
This will create a new ArangoDB user. The username must be specified in
*user* and must not be empty.
The password must be given as a string, too, but can be left empty if required.
If you pass the special value *ARANGODB_DEFAULT_ROOT_PASSWORD*, the password
will be set the value stored in the environment variable
`ARANGODB_DEFAULT_ROOT_PASSWORD`. This can be used to pass an instance variable
into ArangoDB. For example, the instance identifier from Amazon.
If the *active* attribute is not specified, it defaults to *true*. The
*extra* attribute can be used to save custom data with the user.
If the *changePassword* attribute is not specified, it defaults to *false*.
The *changePassword* attribute can be used to indicate that the user must
change has password before logging in.
This method will fail if either the username or the passwords are not specified
or given in a wrong format, or there already exists a user with the specified
name.
The new user account can only be used after the server is either restarted or
the server authentication cache is [reloaded](#reload).
**Note**: this function will not work from within the web interface
*Examples*
@startDocuBlockInline USER_02_saveUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_02_saveUser}
require("@arangodb/users").save("my-user", "my-secret-password");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_02_saveUser
!SUBSECTION Reload
`users.reload()`
Reloads the user authentication data on the server
All user authentication data is loaded by the server once on startup only and is
cached after that. When users get added or deleted, a cache flush is required,
and this can be performed by called this method.
*Examples*
@startDocuBlockInline USER_03_reloadUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_03_reloadUser}
require("@arangodb/users").reload();
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_03_reloadUser
**Note**: this function will not work from within the web interface
!SUBSECTION Document
`users.document(user)`
Fetches an existing ArangoDB user from the database.
The username must be specified in *user*.
This method will fail if the user cannot be found in the database.
*Examples*
@startDocuBlockInline USER_04_documentUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_04_documentUser}
require("@arangodb/users").document("my-user");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_04_documentUser
**Note**: this function will not work from within the web interface
!SUBSECTION Replace
`users.replace(user, passwd, active, extra, changePassword)`
This will look up an existing ArangoDB user and replace its user data.
The username must be specified in *user*, and a user with the specified name
must already exist in the database.
The password must be given as a string, too, but can be left empty if required.
If the *active* attribute is not specified, it defaults to *true*. The
*extra* attribute can be used to save custom data with the user.
If the *changePassword* attribute is not specified, it defaults to *false*.
The *changePassword* attribute can be used to indicate that the user must
change has password before logging in.
This method will fail if either the username or the passwords are not specified
or given in a wrong format, or if the specified user cannot be found in the
database.
**Note**: this function will not work from within the web interface
*Examples*
@startDocuBlockInline USER_03_replaceUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_03_replaceUser}
require("@arangodb/users").replace("my-user", "my-changed-password");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_03_replaceUser
!SUBSECTION Update
`users.update(user, passwd, active, extra, changePassword)`
This will update an existing ArangoDB user with a new password and other data.
The username must be specified in *user* and the user must already exist in
the database.
The password must be given as a string, too, but can be left empty if required.
If the *active* attribute is not specified, the current value saved for the
user will not be changed. The same is true for the *extra* and the
*changePassword* attribute.
This method will fail if either the username or the passwords are not specified
or given in a wrong format, or if the specified user cannot be found in the
database.
**Note**: this function will not work from within the web interface
*Examples*
@startDocuBlockInline USER_04_updateUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_04_updateUser}
require("@arangodb/users").update("my-user", "my-secret-password");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_04_updateUser
!SUBSECTION isValid
`users.isValid(user, password)`
Checks whether the given combination of username and password is valid. The
function will return a boolean value if the combination of username and password
is valid.
Each call to this function is penalized by the server sleeping a random
amount of time.
*Examples*
@startDocuBlockInline USER_05_isValidUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_05_isValidUser}
require("@arangodb/users").isValid("my-user", "my-secret-password");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_05_isValidUser
**Note**: this function will not work from within the web interface
!SUBSECTION all()
`users.all()`
Fetches all existing ArangoDB users from the database.
*Examples*
@startDocuBlockInline USER_06_AllUsers
@EXAMPLE_ARANGOSH_OUTPUT{USER_06_AllUsers}
require("@arangodb/users").all();
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_06_AllUsers
!SUBSECTION Remove
`users.remove(user)`
Removes an existing ArangoDB user from the database.
The username must be specified in *User* and the specified user must exist in
the database.
This method will fail if the user cannot be found in the database.
**Note**: this function will not work from within the web interface
*Examples*
@startDocuBlockInline USER_07_removeUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_07_removeUser}
require("@arangodb/users").remove("my-user");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_07_removeUser

196
Documentation/Books/Manual/Administration/ManagingUsers.mdpp
View File

@ -29,9 +29,205 @@ arangosh> users.grantDatabase("admin@testapp", "testdb");
This grants the user access to the database *testdb*. `revokeDatabase`
will revoke the right.
!SUBSECTION Save
`users.save(user, passwd, active, extra)`
This will create a new ArangoDB user. The username must be specified in
*user* and must not be empty.
The password must be given as a string, too, but can be left empty if required.
If you pass the special value *ARANGODB_DEFAULT_ROOT_PASSWORD*, the password
will be set the value stored in the environment variable
`ARANGODB_DEFAULT_ROOT_PASSWORD`. This can be used to pass an instance variable
into ArangoDB. For example, the instance identifier from Amazon.
If the *active* attribute is not specified, it defaults to *true*. The
*extra* attribute can be used to save custom data with the user.
This method will fail if either the username or the passwords are not specified
or given in a wrong format, or there already exists a user with the specified
name.
**Note**: the user will not have permission to access any database. You need to
grant the access rights for one or more databases using
[grantDatabase](#grant-database).
*Examples*
@startDocuBlockInline USER_02_saveUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_02_saveUser}
require("@arangodb/users").save("my-user", "my-secret-password");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_02_saveUser
!SUBSECTION Grant Database
`users.grantDatabase(user, database)`
This grants read/write access to the *database* for the *user*.
If a user has access rights to the *_system* database, he is considered superuser.
!SUBSECTION Revoke Database
`users.revokeDatabase(user, database)`
This revokes read/write access to the *database* for the *user*.
!SUBSECTION Replace
`users.replace(user, passwd, active, extra)`
This will look up an existing ArangoDB user and replace its user data.
The username must be specified in *user*, and a user with the specified name
must already exist in the database.
The password must be given as a string, too, but can be left empty if required.
If the *active* attribute is not specified, it defaults to *true*. The
*extra* attribute can be used to save custom data with the user.
This method will fail if either the username or the passwords are not specified
or given in a wrong format, or if the specified user cannot be found in the
database.
**Note**: this function will not work from within the web interface
*Examples*
@startDocuBlockInline USER_03_replaceUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_03_replaceUser}
require("@arangodb/users").replace("my-user", "my-changed-password");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_03_replaceUser
!SUBSECTION Update
`users.update(user, passwd, active, extra)`
This will update an existing ArangoDB user with a new password and other data.
The username must be specified in *user* and the user must already exist in
the database.
The password must be given as a string, too, but can be left empty if required.
If the *active* attribute is not specified, the current value saved for the
user will not be changed. The same is true for the *extra* attribute.
This method will fail if either the username or the passwords are not specified
or given in a wrong format, or if the specified user cannot be found in the
database.
*Examples*
@startDocuBlockInline USER_04_updateUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_04_updateUser}
require("@arangodb/users").update("my-user", "my-secret-password");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_04_updateUser
!SUBSECTION isValid
`users.isValid(user, password)`
Checks whether the given combination of username and password is valid. The
function will return a boolean value if the combination of username and password
is valid.
Each call to this function is penalized by the server sleeping a random
amount of time.
*Examples*
@startDocuBlockInline USER_05_isValidUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_05_isValidUser}
require("@arangodb/users").isValid("my-user", "my-secret-password");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_05_isValidUser
!SUBSECTION Remove
`users.remove(user)`
Removes an existing ArangoDB user from the database.
The username must be specified in *User* and the specified user must exist in
the database.
This method will fail if the user cannot be found in the database.
*Examples*
@startDocuBlockInline USER_07_removeUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_07_removeUser}
require("@arangodb/users").remove("my-user");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_07_removeUser
!SUBSECTION Document
`users.document(user)`
Fetches an existing ArangoDB user from the database.
The username must be specified in *user*.
This method will fail if the user cannot be found in the database.
*Examples*
@startDocuBlockInline USER_04_documentUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_04_documentUser}
require("@arangodb/users").document("my-user");
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_04_documentUser
!SUBSECTION all()
`users.all()`
Fetches all existing ArangoDB users from the database.
*Examples*
@startDocuBlockInline USER_06_AllUsers
@EXAMPLE_ARANGOSH_OUTPUT{USER_06_AllUsers}
require("@arangodb/users").all();
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_06_AllUsers
!SUBSECTION Reload
`users.reload()`
Reloads the user authentication data on the server
All user authentication data is loaded by the server once on startup only and is
cached after that. When users get added or deleted, a cache flush is done
automatically, and this can be performed by called this method.
*Examples*
@startDocuBlockInline USER_03_reloadUser
@EXAMPLE_ARANGOSH_OUTPUT{USER_03_reloadUser}
require("@arangodb/users").reload();
@END_EXAMPLE_ARANGOSH_OUTPUT
@endDocuBlock USER_03_reloadUser
!SECTION Comparison to ArangoDB 2
ArangoDB 2 contained separate users per database. It was not possible
to give an user access to two or more databases. This proved
impractical. Therefore we switch to a more common user model in
ArangoDB 3.
!SUBSECTION Command-Line Options for the Authentication and Authorization
<!-- arangod/RestServer/ArangoServer.h -->
@startDocuBlock server_authentication
<!-- arangod/RestServer/ArangoServer.h -->
@startDocuBlock serverAuthenticateSystemOnly

3
Documentation/Books/Manual/SUMMARY.md
View File

@ -120,6 +120,7 @@
* [Arangoimp](Administration/Arangoimp.md)
* [Arangodump](Administration/Arangodump.md)
* [Arangorestore](Administration/Arangorestore.md)
* [Managing Users](Administration/ManagingUsers.md)
* [Server Configuration](Administration/Configuration/README.md)
* [Arangod options](Administration/Configuration/Arangod.md)
* [Write-ahead log options](Administration/Configuration/Wal.md)
@ -127,8 +128,6 @@
* [Cluster options](Administration/Configuration/Cluster.md)
* [Logging options](Administration/Configuration/Logging.md)
* [Communication options](Administration/Configuration/Communication.md)
* [Authentication](Administration/Configuration/Authentication.md)
* [Managing Users](Administration/ManagingUsers.md)
* [Durability](Administration/Durability.md)
* [Replication](Administration/Replication/README.md)
* [Asynchronous Replication](Administration/Replication/Asynchronous/README.md)

2
Documentation/DocuBlocks/serverAuthenticateSystemOnly.md
View File

@ -1,6 +1,4 @@
@startDocuBlock serverAuthenticateSystemOnly
@brief whether or not only requests to internal URLs need authentication
`--server.authentication-system-only boolean`
Controls whether incoming requests need authentication only if they are

2
Documentation/DocuBlocks/server_authentication.md
View File

@ -1,6 +1,4 @@
@startDocuBlock server_authentication
@brief disable authentication for ALL client requests
`--server.authentication`
Setting this option to *false* will turn off authentication on the server side