incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jochen Kempf <jochenke...@gmail.com>
Subject Re: Problems creating admin users
Date Fri, 18 Jun 2010 16:49:28 GMT
Ok, the _users table just shows non-admin users....I see.
So I guess the error is related to the use of a ssl cert and after creating
the admin_user no corresponding authentication data is passed, thus a not
authorized error is triggered.

2010/6/18 J Chris Anderson <jchris@gmail.com>

>
> On Jun 18, 2010, at 8:58 AM, Jochen Kempf wrote:
>
> > Hi,
> >
> > using couchdb 0.11.0 on Ubuntu 10.04 I get the following error message
> when
> > trying to add a new admin user vía Futon:
>
> That's not a very nice error message. Sorry about that.
>
> You can't create user docs in the user's db, with the role _admin.
>
> For admins, you need to edit the config, either local.ini or via Futon.
>
> >
> > Signup error: {gen_server,call, [couch_query_servers,
> > {get_proc,{doc,<<"_design/_auth">>, {1,
> > [<<4,216,98,51,179,37,75,181,165,61,207,113,3, 249,127,194>>]},
> > {[{<<"language">>,<<"javascript">>}, {<<"validate_doc_update">>,
> > <<"function(newDoc, oldDoc, userCtx) {\n if ((oldDoc || newDoc).type !=
> > 'user') {\n throw({forbidden : 'doc.type must be user'});\n } // we only
> > validate user docs for now\n if (newDoc._deleted === true) {\n // allow
> > deletes by admins and matching users \n // without checking the other
> > fields\n if ((userCtx.roles.indexOf('_admin') != -1) || (userCtx.name ==
> > oldDoc.name)) {\n return;\n } else {\n throw({forbidden : 'Only admins
> may
> > delete other user docs.'});\n }\n }\n if (!newDoc.name) {\n
> throw({forbidden
> > : 'doc.name is required'});\n }\n if (!(newDoc.roles && (typeof
> > newDoc.roles.length != 'undefined') )) {\n throw({forbidden : 'doc.roles
> > must be an array'});\n }\n if (newDoc._id !=
> > 'org.couchdb.user:'+newDoc.name) {\n throw({forbidden : 'Docid must be of
> > the form org.couchdb.user:name'});\n }\n if (oldDoc) { // validate all
> > updates\n if (oldDoc.name != newDoc.name) {\n throw({forbidden :
> 'Usernames
> > may not be changed.'});\n }\n }\n if (newDoc.password_sha &&
> !newDoc.salt)
> > {\n throw({forbidden : 'Users with password_sha must have a salt. See
> > /_utils/script/couch.js for example code.'});\n }\n if
> > (userCtx.roles.indexOf('_admin') == -1) { // not an admin\n if (oldDoc) {
> //
> > validate non-admin updates\n if (userCtx.name != newDoc.name) {\n
> > throw({forbidden : 'You may only update your own user document.'});\n }\n
> //
> > validate role updates\n var oldRoles = oldDoc.roles.sort();\n var
> newRoles =
> > newDoc.roles.sort();\n if (oldRoles.length != newRoles.length) {\n
> > throw({forbidden : 'Only _admin may edit roles'});\n }\n for (var i=0; i
> <
> > oldRoles.length; i++) {\n if (oldRoles[i] != newRoles[i]) {\n
> > throw({forbidden : 'Only _admin may edit roles'});\n }\n };\n } else if
> > (newDoc.roles.length > 0) {\n throw({forbidden : 'Only _admin may set
> > roles'});\n }\n }\n // no system roles in users db\n for (var i=0; i <
> > newDoc.roles.length; i++) {\n if (newDoc.roles[i][0] == '_') {\n
> > throw({forbidden : 'No system roles (starting with underscore) in users
> > db.'});\n }\n };\n // no system names as names\n if (newDoc.name[0] ==
> '_')
> > {\n throw({forbidden : 'Username may not start with underscore.'});\n }\n
> > }">>}]}, [],false,[]}, {<<"_design/_auth">>,
> > <<"1-04d86233b3254bb5a53dcf7103f97fc2">>}}]}
> >
> > However I can login vía Futon using the previously entered credentials
> but
> > there is no corresponding user file added to the "_users" table. It seems
> > that the "_auth" validation function prevents me from adding a new user
> to
> > the "_users" table.
> >
> > How can I fix this?
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message