couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benoit Chesneau <bchesn...@gmail.com>
Subject Re: deleting /_users documents
Date Wed, 17 Apr 2013 11:59:15 GMT
By design only admins can delete and create users documents.

BenoƮt
On Apr 17, 2013 1:56 PM, "svilen" <az@svilendobrev.com> wrote:

> Robert Newson <rnewson@apache.org> wrote:
> > This is the system security stuff. You can only see (and therefore
> > update/delete) your own user document, unless you're an administrator.
>
> i know that. The point is, it is user's own document.
> and authentication is provided.
> get/update works. delete does not.
>
> svilen
>
> > On 17 April 2013 12:29, svilen <az@svilendobrev.com> wrote:
> > > g'day
> > > i'm on couchdb 1.2.0.
> > > trying to delete /_users/someid?rev=.. .. and it yields 404.
> > >
> > > the user needs authentication.
> > > so plain get fails:
> > > $ curl -X GET
> > > http://srv:5984/_users/org.couchdb.user%3AUSR
> > >
> > > {"error":"not_found","reason":"missing"}
> > >
> > > ok, add the USR:PSW auth:
> > > $ curl -X GET
> > > http://USR:PSW@srv
> :5984/_users/org.couchdb.user%3AUSR?rev=3-4b9b6c0f9733f27e6e8e6996544e9610
> > >
> > > {"_id":"org.couchdb.user:USR",
> > > "_rev":"3-4b9b6c0f9733f27e6e8e6996544e9610",
> > > "name":"USR","roles":[],"type":"user",
> > > "password_sha":"a5325f1b518b874197c072341875794d6b10ba35"
> > > }
> > >
> > > so get works.
> > >
> > > now delete the above:
> > >
> > > $ curl -vX DELETE
> > > http://USR:PSW@server
> :5984/_users/org.couchdb.user%3AUSR?rev=3-4b9b6c0f9733f27e6e8e6996544e9610
> > > * Connected to h (192.168.100.100) port 5984 (#0)
> > > * Server auth using Basic with user 'USR'
> > >> DELETE
> /_users/org.couchdb.user%3AUSR?rev=3-4b9b6c0f9733f27e6e8e6996544e9610
> > >> HTTP/1.1 Authorization: Basic
> > >> MTUwY2I5ZWUtYTMxNC00MmMyLWE2ODQtZWMzMTNhOTVlNmY3Onc= User-Agent:
> > >> curl/7.29.0 Host: h:5984
> > >> Accept: */*
> > >>
> > > < HTTP/1.1 404 Object Not Found
> > > < Server: CouchDB/1.2.0 (Erlang OTP/R15B01)
> > > < Date: Wed, 17 Apr 2013 11:14:51 GMT
> > > < Content-Type: text/plain; charset=utf-8
> > > < Content-Length: 41
> > > < Cache-Control: must-revalidate
> > > <
> > > {"error":"not_found","reason":"missing"}
> > >
> > > --------
> > > other databases are deleting things fine.
> > > any idea? is that some special treatment for /_users or what?
> > >
> > > ciao
> > > svilen
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message