incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From svilen ...@svilendobrev.com>
Subject Re: Separation between User and DB. (Config 1.2.0)
Date Fri, 16 Nov 2012 15:35:56 GMT
quoting http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html
'''
If you define any database readers on a database anonymous reads are
disabled, but anonymous writes (of regular documents, not design
documents) are still enabled. 
'''

is this really the case? i cannot write anonymously to my
user-owned databases. i have server admin but no validation docs. 
(couchdb 1.2)

ciao
svilen

On Fri, 16 Nov 2012 14:40:07 +0100 Dave Cottlehuber <dch@jsonified.com>
wrote:

> On 16 November 2012 12:21, Lucas Toulouse
> <lucas.toulouse@cozycloud.cc> wrote:
> > Hello,
> > I'm a Lucas, I have few questions on the configuration of Couchdb
> > Users.
> >
> > I try to create a Couch with an user = a DB
> > And configure user rights according to that. (ie An user can only
> > write and read his own Db)
> 
> Hi Lucas,
> 
> Welcome!
> 
> CouchDB security is at the DB level, so you are on the right track.
> 
> For each user:
> - create normal user account
> - create the DB
> - open the security object & add that user's name into the members
> name field
> 
> Once you've created a server admin (i.e. not running in admin party
> mode)
> 
> From terminal you'd have something like:
> 
> COUCH=http://admin:passwd@localhost:5984
> # create the user
> curl -HContent-Type:application/json \
>   -vXPUT $COUCH/_users/org.couchdb.user:me \
>   --data-binary '{"_id": "org.couchdb.user:me","name": "me","roles":
> [],"type": "user","password": "pwd"}'
> 
> # create the DB
> curl -vX PUT $COUCH/me
> 
> # update the security object
> curl -vX PUT $COUCH/me/_security  \
>    -Hcontent-type:application/json \
>     --data-binary
> '{"admins":{"names":[],"roles":[]},"members":{"names":["me"],"roles":[]}}'
> 
> You may want to put a validation doc in place to control writes at a
> per-doc level as well.
> 
> http://wiki.apache.org/couchdb/Security_Features_Overview and
> http://guide.couchdb.org/draft/security.html and
> http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html
> are good references.
> 
> A+
> Dave

Mime
View raw message