incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From svilen ...@svilendobrev.com>
Subject Re: deleting /_users documents
Date Wed, 17 Apr 2013 11:55:45 GMT
Robert Newson <rnewson@apache.org> wrote:
> This is the system security stuff. You can only see (and therefore
> update/delete) your own user document, unless you're an administrator.

i know that. The point is, it is user's own document. 
and authentication is provided.
get/update works. delete does not. 

svilen
 
> On 17 April 2013 12:29, svilen <az@svilendobrev.com> wrote:
> > g'day
> > i'm on couchdb 1.2.0.
> > trying to delete /_users/someid?rev=.. .. and it yields 404.
> >
> > the user needs authentication.
> > so plain get fails:
> > $ curl -X GET
> > http://srv:5984/_users/org.couchdb.user%3AUSR
> >
> > {"error":"not_found","reason":"missing"}
> >
> > ok, add the USR:PSW auth:
> > $ curl -X GET
> > http://USR:PSW@srv:5984/_users/org.couchdb.user%3AUSR?rev=3-4b9b6c0f9733f27e6e8e6996544e9610
> >
> > {"_id":"org.couchdb.user:USR",
> > "_rev":"3-4b9b6c0f9733f27e6e8e6996544e9610",
> > "name":"USR","roles":[],"type":"user",
> > "password_sha":"a5325f1b518b874197c072341875794d6b10ba35"
> > }
> >
> > so get works.
> >
> > now delete the above:
> >
> > $ curl -vX DELETE
> > http://USR:PSW@server:5984/_users/org.couchdb.user%3AUSR?rev=3-4b9b6c0f9733f27e6e8e6996544e9610
> > * Connected to h (192.168.100.100) port 5984 (#0)
> > * Server auth using Basic with user 'USR'
> >> DELETE /_users/org.couchdb.user%3AUSR?rev=3-4b9b6c0f9733f27e6e8e6996544e9610
> >> HTTP/1.1 Authorization: Basic
> >> MTUwY2I5ZWUtYTMxNC00MmMyLWE2ODQtZWMzMTNhOTVlNmY3Onc= User-Agent:
> >> curl/7.29.0 Host: h:5984
> >> Accept: */*
> >>
> > < HTTP/1.1 404 Object Not Found
> > < Server: CouchDB/1.2.0 (Erlang OTP/R15B01)
> > < Date: Wed, 17 Apr 2013 11:14:51 GMT
> > < Content-Type: text/plain; charset=utf-8
> > < Content-Length: 41
> > < Cache-Control: must-revalidate
> > <
> > {"error":"not_found","reason":"missing"}
> >
> > --------
> > other databases are deleting things fine.
> > any idea? is that some special treatment for /_users or what?
> >
> > ciao
> > svilen

Mime
View raw message