couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From J Chris Anderson <jch...@gmail.com>
Subject Re: Restricting ability to create new user account
Date Mon, 12 Apr 2010 21:31:51 GMT

On Apr 12, 2010, at 12:04 PM, Zachary Zolton wrote:

> Hi,
> 
> I would like the to configure a CouchDB server to allow only admins to
> create user accounts.
> 
> Should I modify the validate_doc_update function in the _users
> database's "_design/_auth" document?
> 

Yes, you could do that. It should be fine. However, if you delete the users db, it will be
recreated with the default validation function. (I guess this is obvious, but worth stating.)

As an alternative, you could require that users have a particular role, eg: "approved" before
they have access to the db(s) in question. Then anyone can create an account but only admins
can give them the "approved" role.

> 
> Cheers,
> 
> Zach


Mime
View raw message