incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randall Leeds <randall.le...@gmail.com>
Subject Re: Implementing Authorization control for Self-Enrollers in a pure Couchapp
Date Tue, 19 Jul 2011 00:12:54 GMT
On Thu, Jul 14, 2011 at 16:10, Alex Aitken <aaitken@alexaitken.net> wrote:
> Initially sent this to dev but perhaps this is the more appropriate list...
>
> ---------- Forwarded message ----------
> From: Alex Aitken <aaitken@alexaitken.net>
> Date: Thu, Jul 14, 2011 at 4:19 PM
> Subject: Implementing Authorization control for Self-Enrollers in a
> pure Couchapp
> To: dev@couchdb.apache.org
>
>
> What's the best way using CouchDB's built-in
> authentication/authorization to set up self-enrollers as user type =
> reader? I understand there's a db/_security object, but not how to
> edit it/use it/update it... And if admins are the only ones capable
> editing roles, how does a self-enrolled user get these assigned?
> Thanks for thoughts,
> Alex Aitken
>

You can edit the _security object by clicking on "Security..." at the
top of the futon page for a database. You should also be able to
GET/PUT /database/_security.

The rules for updating roles and who can change what about user
documents are actually just implemented as a validate_doc_update
function in the _users database.
Check out /_users/_design/auth. You could special case "readers" for
self-enrollment in your deployment.

Mime
View raw message