couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcello Nuccio <marcello.nuc...@gmail.com>
Subject Re: no 'writers' section in _security killing me
Date Mon, 11 Jul 2011 06:30:44 GMT
2011/7/11 Jonathan Geddes <geddes.jonathan@gmail.com>:
>> Fortunately, users with write access are not admins. They may not
>> modify design documents. All of their changes are subject to design
>> documents' validate_doc_update() function.
>
> I would be *overjoyed* to hear that you are right and the documentation at
> [0] is wrong:
>> database admins - Defined per database. They have all the privileges
> readers have plus the privileges: write (and edit) design documents,
> add/remove database admins and readers, set the database revisions limit >
> (/somedb/_revs_limit API) and execute temporary views against the database
> (/somedb/_temp_view API). They can not create a database and neither delete
> a database.

"Users with write access", are users authorized by the
validation_doc_update functions in the design documents of the
database:

http://guide.couchdb.org/draft/security.html#validation

Marcello

Mime
View raw message