Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 36047 invoked from network); 17 Sep 2010 01:34:41 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 17 Sep 2010 01:34:41 -0000 Received: (qmail 14817 invoked by uid 500); 17 Sep 2010 01:34:40 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 14715 invoked by uid 500); 17 Sep 2010 01:34:40 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 14704 invoked by uid 99); 17 Sep 2010 01:34:39 -0000 Received: from Unknown (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Sep 2010 01:34:39 +0000 X-ASF-Spam-Status: No, hits=2.2 required=10.0 tests=FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of tjgillies@gmail.com designates 74.125.83.52 as permitted sender) Received: from [74.125.83.52] (HELO mail-gw0-f52.google.com) (74.125.83.52) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Sep 2010 01:34:18 +0000 Received: by gwj20 with SMTP id 20so1025207gwj.11 for ; Thu, 16 Sep 2010 18:33:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type; bh=WZz6NUtHzFSw+4BPxGEhPNSq5hiI4mPmsadzzKaNz7I=; b=vRFUCot9UKKDY1yIbNPLL81+gf8KUL/I/O4lrkoQOgxUjClPhQDbzRBRyO2879cU5k thNTSGEY5bmZ2TVimwu6XVYPfDa3NoffYWPq+6dPXrg1GoHNkBuccVENC722dBFGD54G vps9pJ8VG7VN2ssafF3KVdwimIqNqaAdtX6JM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=fVP1Spb8VpIDa5VxOee4vEwTMzaaK5L9YqZwpp6tDz7eKgfM4acCPufRXkPBQLQuW0 XEAkzoEo1hnS1lwNXuUdzEpsP+uamQTZWc1G1IUaBCFWt+uS68cSLnZTSJLEXhzIWwV9 1ZHhEnceorwkiK41rVS2yI/4c2OF/r5080Rmo= MIME-Version: 1.0 Received: by 10.90.96.17 with SMTP id t17mr2905929agb.37.1284687237129; Thu, 16 Sep 2010 18:33:57 -0700 (PDT) Sender: tjgillies@gmail.com Received: by 10.90.235.8 with HTTP; Thu, 16 Sep 2010 18:33:56 -0700 (PDT) In-Reply-To: References: Date: Thu, 16 Sep 2010 18:33:56 -0700 X-Google-Sender-Auth: 8LtKuBkxi-Nodr40HNwlaP18_Fc Message-ID: Subject: Re: Read Only Permissions for a database From: Tyler Gillies To: user@couchdb.apache.org Content-Type: multipart/alternative; boundary=0016361e88cc6ac50604906a8e30 X-Virus-Checked: Checked by ClamAV on apache.org --0016361e88cc6ac50604906a8e30 Content-Type: text/plain; charset=UTF-8 also cloudant has some user-friendly db access control On Thu, Sep 16, 2010 at 4:09 PM, Zachary Zolton wrote: > The easiest way I know to do this is by putting up a design doc, with > a validate_doc_update function like the following: > > function(newDoc, oldDoc, userCtx) { > if (userCtx.roles.length == 0 || userCtx.roles.indexOf('_admin') == -1) { > throw({ forbidden: 'You must be an admin in to save data' }); > } > } > > > Cheers, > > Zach > > On Thu, Sep 16, 2010 at 6:05 PM, Michael wrote: > > I think this is a really stupid question, but I really can't figure it > out. > > > > I have a database, which I want to be readable by everyone, > > but changeable by only admin. I look at the security of the database in > > futon and see admins and readers. Now I put someone into the readers or > > leave it blank and that person can still update and create documents. > > > > How do I create a database and make it read-only for the public? Ideally > I > > would like what is the currently behavior for 'readers' for my > applications > > and then only I have admin rights. Is this possible? > > > > Thanks in advance, > > > > Michael > > > -- http://www.readwriteweb.com/about#tyler Ask me anything ! --0016361e88cc6ac50604906a8e30--