incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Cottlehuber <...@jsonified.com>
Subject Re: Separation between User and DB. (Config 1.2.0)
Date Fri, 16 Nov 2012 18:15:43 GMT
On 16 November 2012 16:35, svilen <az@svilendobrev.com> wrote:
> quoting http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html
> '''
> If you define any database readers on a database anonymous reads are
> disabled, but anonymous writes (of regular documents, not design
> documents) are still enabled.
> '''


> is this really the case? i cannot write anonymously to my
> user-owned databases. i have server admin but no validation docs.
> (couchdb 1.2)

Svilen, you are correct -- looks like an error in the blog post.

Lucas, there's a bit more here
http://guide.couchdb.org/draft/security.html but the gist of it is
that there are groups (roles) defined in the _user db entries, and
these + the user names can be applied to a given DB in the admin or
members section. IIRC in 1.2.0 the name "readers" was swapped in for
"members" as being a member also gave write access, not just read.
Write access is typically controlled via validate_update_doc
functions.

A+
Dave

Mime
View raw message