couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Candler <B.Cand...@pobox.com>
Subject Re: [admins] and [users] in local.ini
Date Fri, 12 Feb 2010 10:48:57 GMT
On Fri, Feb 12, 2010 at 11:34:29AM +0100, Johannes Schmidt wrote:
> I have edited an admin user in local.ini's [admins] section and
> everything works fine. However I'd like to have my app. requesting
> with an *ordinary* user that is just able to create, read, and
> delete custom documents but that is _not_ able to create a new
> database or read config. documents etc. I have added a [users]
> section containing "myuser = mysecret" - but this has no effect. Is
> such a distinction between admins and users on HTTP auth. level
> possible?

What version are you running?

With recent code there is a _users database. You can configure the name of
this database in the .ini file if you want to call it something else.  Then
create your users by PUTting to this, or more easily through futon.

These users won't be able to create a new database (that's a server-level
admin function), and in trunk they cannot modify a design doc (that's a
database-level admin function).  However they can still read design docs. 
They can also read everything in the _users database, unless you block read
access to it explicitly.

HTH,

Brian.

Mime
View raw message