You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am new to CouchDB, and would like to get some pointers on understanding how member permission works.
Specifically, I am trying to setup a CouchDB service to share data among a user community. My desired user access look like this
anonymous users (without authentication) can read all docs under all databases in read-only mode, including listing data such as accessing /_all_dbs, /{db}/_all_docs, but not system settings such as _users, _security etc
for each database, I would like to assign at least one admin account to write/update the database as the maintainer of each database; they can also create design docs for their own assigned database; however, their write permission is only limited to the assigned database, not others;
database maintainers can not add new user or modify global settings
database maintainers can not add new databases
server admin can add user, add new database, and do everything database maintainer can do
if couchdb must require authenticated account to read/list docs, then I may create an anonymous:anomyous account and set this account to be reading/listing data only.
in the default.ini, I have
default_security = admin_only
and
admin_only_all_dbs = false
so, anonymous users can now browse /_all_dbs, however, they can not access /_all_docs. I tried adding an admin account (testuser). With this account, I can read/put/modify docs, but this user can add new databases and modify other databases.
I am wondering if anyone can guiding me on how to setup my accounts so that the above scheme can be achieved?
the server I am testing has CouchDB 3.3.2 running on Ubuntu 18.04.
TL;DR:
how to make an account (say testuser) to only have write permission to a single database (say testdb)
how to make an account (say anonymous) with only read-only permission to docs or listing docs, nothing else
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Dear CouchDB developers,
I am new to CouchDB, and would like to get some pointers on understanding how member permission works.
Specifically, I am trying to setup a CouchDB service to share data among a user community. My desired user access look like this
/_all_dbs,/{db}/_all_docs, but not system settings such as_users,_securityetcif couchdb must require authenticated account to read/list docs, then I may create an
anonymous:anomyousaccount and set this account to be reading/listing data only.in the
default.ini, I haveand
so, anonymous users can now browse
/_all_dbs, however, they can not access/_all_docs. I tried adding an admin account (testuser). With this account, I can read/put/modify docs, but this user can add new databases and modify other databases.I am wondering if anyone can guiding me on how to setup my accounts so that the above scheme can be achieved?
the server I am testing has CouchDB 3.3.2 running on Ubuntu 18.04.
TL;DR:
testuser) to only have write permission to a single database (saytestdb)anonymous) with only read-only permission to docs or listing docs, nothing elseBeta Was this translation helpful? Give feedback.
All reactions