incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Higham <mar...@ocastalabs.com>
Subject Re: Creating databases on demand
Date Tue, 23 Nov 2010 09:25:40 GMT
You can write an external process that performs all the steps necessary to
'register' a new user. This can create the new private database if the
necessary admin credentials are available. The new database can be created
in a number of ways;  by cloning an existing template database, by invoking
couchapp from the command line or in the case where the private database has
no _design docs,  simply by creating it with a PUT. Cloning and creating are
available through the standard Couch API

Alternatively if the registration process creates a profile record in a
database you can invoke the creation of a private database through a process
monitoring the _changes API of the profile database.

Martin

On 23 November 2010 08:12, Jeff Gorder <jeffgorder@gmail.com> wrote:

> Regarding the database creation question, that's what I was afraid of. I
> wonder why that design decision was taken? It's commonly stated that couch
> can handle thousands of databases, no problem, but without the ability to
> create them automatically as the application requires seems like a real
> problem, doesn't it?
>
> I like your idea of creating a server side component with the appropriate
> credentials as a fallback.
>
> Thanks for the info.
>
>
> On Nov 23, 2010, at 7:20 AM, Patrick Barnes wrote:
>
> > Hi Jeff,
> >
> > On 23/11/2010 5:10 PM, Jeff Gorder wrote:
> >> I have a case where there is a main public database that serves my
> application and then will need to have a private database for each user.
> I've gotten this to work manually and automatically when logged in as a
> server admin.
> >>
> >> I understand that there are server admins that have full control over
> the installation and that they are managed by making entries into the .ini
> file and that there are database admins as well. In the "Definitive Guide"
> it's made clear that only admin users are allowed to create databases and
> design documents but it's not clear if those are server admins, database
> admins, or both.
> >>
> >> How do I create the database/design doc for a new user? It's not
> practical to require someone who is a server admin to log on to Futon to do
> it. If a user is a database admin in the main application database, does
> that give them permission to create a new database?
> >
> > Someone having database-level admin access only has it on that database,
> even if it's the main application database. Only a server admin can create a
> new database.
> >
> > Some sort of privilege escalation is necessary, I guess. Maybe have a
> server-side script that can be triggered by main-application database
> admins, that has a stored set of server admin credentials and can create the
> database for them.
> >
> >> The second question is how to access the database ACL. I have found that
> it's stored at dbasename/_security but haven't found any documentation about
> an API to it. Is there one?
> >
> > See here: http://wiki.apache.org/couchdb/Complete_HTTP_API_Reference
> >
> > I'm guessing it's just GET or PUT in its entirety.
> > [ Hmm - how are race conditions resolved on _security? :-) ]
> >
> >
> > Hope that helps,
> > -Patrick
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message