couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <rnew...@apache.org>
Subject Re: deleting /_users documents
Date Wed, 17 Apr 2013 11:57:44 GMT
Ah, sorry. No idea then.

On 17 April 2013 12:55, svilen <az@svilendobrev.com> wrote:
> Robert Newson <rnewson@apache.org> wrote:
>> This is the system security stuff. You can only see (and therefore
>> update/delete) your own user document, unless you're an administrator.
>
> i know that. The point is, it is user's own document.
> and authentication is provided.
> get/update works. delete does not.
>
> svilen
>
>> On 17 April 2013 12:29, svilen <az@svilendobrev.com> wrote:
>> > g'day
>> > i'm on couchdb 1.2.0.
>> > trying to delete /_users/someid?rev=.. .. and it yields 404.
>> >
>> > the user needs authentication.
>> > so plain get fails:
>> > $ curl -X GET
>> > http://srv:5984/_users/org.couchdb.user%3AUSR
>> >
>> > {"error":"not_found","reason":"missing"}
>> >
>> > ok, add the USR:PSW auth:
>> > $ curl -X GET
>> > http://USR:PSW@srv:5984/_users/org.couchdb.user%3AUSR?rev=3-4b9b6c0f9733f27e6e8e6996544e9610
>> >
>> > {"_id":"org.couchdb.user:USR",
>> > "_rev":"3-4b9b6c0f9733f27e6e8e6996544e9610",
>> > "name":"USR","roles":[],"type":"user",
>> > "password_sha":"a5325f1b518b874197c072341875794d6b10ba35"
>> > }
>> >
>> > so get works.
>> >
>> > now delete the above:
>> >
>> > $ curl -vX DELETE
>> > http://USR:PSW@server:5984/_users/org.couchdb.user%3AUSR?rev=3-4b9b6c0f9733f27e6e8e6996544e9610
>> > * Connected to h (192.168.100.100) port 5984 (#0)
>> > * Server auth using Basic with user 'USR'
>> >> DELETE /_users/org.couchdb.user%3AUSR?rev=3-4b9b6c0f9733f27e6e8e6996544e9610
>> >> HTTP/1.1 Authorization: Basic
>> >> MTUwY2I5ZWUtYTMxNC00MmMyLWE2ODQtZWMzMTNhOTVlNmY3Onc= User-Agent:
>> >> curl/7.29.0 Host: h:5984
>> >> Accept: */*
>> >>
>> > < HTTP/1.1 404 Object Not Found
>> > < Server: CouchDB/1.2.0 (Erlang OTP/R15B01)
>> > < Date: Wed, 17 Apr 2013 11:14:51 GMT
>> > < Content-Type: text/plain; charset=utf-8
>> > < Content-Length: 41
>> > < Cache-Control: must-revalidate
>> > <
>> > {"error":"not_found","reason":"missing"}
>> >
>> > --------
>> > other databases are deleting things fine.
>> > any idea? is that some special treatment for /_users or what?
>> >
>> > ciao
>> > svilen

Mime
View raw message