couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kxe...@apache.org
Subject [2/9] git commit: updated refs/heads/1781-reorganize-and-improve-docs to f2a0c93
Date Fri, 09 Aug 2013 08:57:14 GMT
Update config with version markers and users_db_public option.


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/d8d08056
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/d8d08056
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/d8d08056

Branch: refs/heads/1781-reorganize-and-improve-docs
Commit: d8d080561cd5c0c84371f7473ccf13a3c0315f7b
Parents: 28e23fd
Author: Alexander Shorin <kxepal@apache.org>
Authored: Fri Aug 9 00:13:08 2013 +0400
Committer: Alexander Shorin <kxepal@apache.org>
Committed: Fri Aug 9 00:13:08 2013 +0400

----------------------------------------------------------------------
 share/doc/src/config/auth.rst | 31 ++++++++++++++++++++++++-------
 1 file changed, 24 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/d8d08056/share/doc/src/config/auth.rst
----------------------------------------------------------------------
diff --git a/share/doc/src/config/auth.rst b/share/doc/src/config/auth.rst
index 6e3b59e..16c2012 100644
--- a/share/doc/src/config/auth.rst
+++ b/share/doc/src/config/auth.rst
@@ -184,13 +184,7 @@ required for `Proxy Auth`::
 ``public_fields`` :: User documents public fields
 -------------------------------------------------
 
-.. warning::
-
-   Due to :issue:`1838` issue, setting `public fields` allows list all documents
-   in the :ref:`_users <config/couch_httpd_auth/authentication_db>` database,
-   no matter does their documents contains public fields or not. If your system
-   uses email-based user login, enabling this feature may be fatal from security
-   point.
+.. versionadded:: 1.4
 
 Comma-separated list of field names that will be available to view for any user
 document in :ref:`authentication_db <config/couch_httpd_auth/authentication_db>`
@@ -201,6 +195,14 @@ If unset or not specified, authenticated users may retrieve only their
own docs.
   [couch_httpd_auth]
   public_fields = first_name, last_name, contacts, url
 
+.. note::
+   Using the ``public_fields`` whitelist for user document properties requires
+   setting the :ref:`users_db_public <config/couch_httpd_auth/users_db_public>`
+   option to ``true`` (the latter option has no other purpose)::
+
+     [couch_httpd_auth]
+     users_db_public = true
+
 
 .. _config/couch_httpd_auth/require_valid_user:
 
@@ -236,6 +238,21 @@ Number of seconds since the last request before session will be expired::
   timeout = 600
 
 
+
+.. _config/couch_httpd_auth/users_db_public:
+
+``users_db_public`` :: Publish users info
+-----------------------------------------
+
+.. versionadded:: 1.4
+
+Allow all users to view user documents. By default, only admins may browse
+all users documents while users may browse only their own document::
+
+  [couch_httpd_auth]
+  users_db_public = false
+
+
 .. _config/couch_httpd_auth/x_auth_roles:
 
 ``x_auth_roles`` :: Proxy Auth roles header


Mime
View raw message