incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From J Chris Anderson <jch...@gmail.com>
Subject Re: Problems creating admin users
Date Fri, 18 Jun 2010 16:15:10 GMT

On Jun 18, 2010, at 8:58 AM, Jochen Kempf wrote:

> Hi,
> 
> using couchdb 0.11.0 on Ubuntu 10.04 I get the following error message when
> trying to add a new admin user vía Futon:

That's not a very nice error message. Sorry about that.

You can't create user docs in the user's db, with the role _admin.

For admins, you need to edit the config, either local.ini or via Futon.

> 
> Signup error: {gen_server,call, [couch_query_servers,
> {get_proc,{doc,<<"_design/_auth">>, {1,
> [<<4,216,98,51,179,37,75,181,165,61,207,113,3, 249,127,194>>]},
> {[{<<"language">>,<<"javascript">>}, {<<"validate_doc_update">>,
> <<"function(newDoc, oldDoc, userCtx) {\n if ((oldDoc || newDoc).type !=
> 'user') {\n throw({forbidden : 'doc.type must be user'});\n } // we only
> validate user docs for now\n if (newDoc._deleted === true) {\n // allow
> deletes by admins and matching users \n // without checking the other
> fields\n if ((userCtx.roles.indexOf('_admin') != -1) || (userCtx.name ==
> oldDoc.name)) {\n return;\n } else {\n throw({forbidden : 'Only admins may
> delete other user docs.'});\n }\n }\n if (!newDoc.name) {\n throw({forbidden
> : 'doc.name is required'});\n }\n if (!(newDoc.roles && (typeof
> newDoc.roles.length != 'undefined') )) {\n throw({forbidden : 'doc.roles
> must be an array'});\n }\n if (newDoc._id !=
> 'org.couchdb.user:'+newDoc.name) {\n throw({forbidden : 'Docid must be of
> the form org.couchdb.user:name'});\n }\n if (oldDoc) { // validate all
> updates\n if (oldDoc.name != newDoc.name) {\n throw({forbidden : 'Usernames
> may not be changed.'});\n }\n }\n if (newDoc.password_sha && !newDoc.salt)
> {\n throw({forbidden : 'Users with password_sha must have a salt. See
> /_utils/script/couch.js for example code.'});\n }\n if
> (userCtx.roles.indexOf('_admin') == -1) { // not an admin\n if (oldDoc) { //
> validate non-admin updates\n if (userCtx.name != newDoc.name) {\n
> throw({forbidden : 'You may only update your own user document.'});\n }\n //
> validate role updates\n var oldRoles = oldDoc.roles.sort();\n var newRoles =
> newDoc.roles.sort();\n if (oldRoles.length != newRoles.length) {\n
> throw({forbidden : 'Only _admin may edit roles'});\n }\n for (var i=0; i <
> oldRoles.length; i++) {\n if (oldRoles[i] != newRoles[i]) {\n
> throw({forbidden : 'Only _admin may edit roles'});\n }\n };\n } else if
> (newDoc.roles.length > 0) {\n throw({forbidden : 'Only _admin may set
> roles'});\n }\n }\n // no system roles in users db\n for (var i=0; i <
> newDoc.roles.length; i++) {\n if (newDoc.roles[i][0] == '_') {\n
> throw({forbidden : 'No system roles (starting with underscore) in users
> db.'});\n }\n };\n // no system names as names\n if (newDoc.name[0] == '_')
> {\n throw({forbidden : 'Username may not start with underscore.'});\n }\n
> }">>}]}, [],false,[]}, {<<"_design/_auth">>,
> <<"1-04d86233b3254bb5a53dcf7103f97fc2">>}}]}
> 
> However I can login vía Futon using the previously entered credentials but
> there is no corresponding user file added to the "_users" table. It seems
> that the "_auth" validation function prevents me from adding a new user to
> the "_users" table.
> 
> How can I fix this?


Mime
View raw message