On Sun, Jan 3, 2010 at 5:28 AM, Benoit Chesneau <[email protected]> wrote: > On Fri, Jan 1, 2010 at 3:16 AM, Chris Anderson <[email protected]> wrote: >> On Thu, Dec 24, 2009 at 8:27 AM, Chris Anderson <[email protected]> wrote: >>> Devs, >>> >>> I'm attempting to make more sense of CouchDB's authentication system. >>> The current system is a proverbial ball of spaghetti. I'm still in the >>> investigation stage of my work, and I'm writing this to clarify my >>> thoughts and solicit feedback. >>> >> >> http://github.com/jchris/couchdb/tree/account >> >> Just a note to say that this branch is nearly done. I'd love some review. >> >> To use it, visit Futon and look in the lower-right corner. >> >> Before merging I still need to remove extra log statements, etc. >> >> Feedback welcome! >> >> Chris >> > > Just tested it, admin creation seem to work during the test I've done > at least admin user is created, for the rest I don't know, am not sure > yet what could be done with the changes, I need to have a closer look > in the code for it. There is a bug you mentioned in another mail with > tests, if we are loggged out, test fails and logically tests requiring > auth failed, to follow one of your proposal, I think we should add a > warning on top of tests saying that an admin user exists and tests > will fail; something like it.
I was thinking we could even add some code which loads the admin config into a cookie, and then clears admins. When the tests are done it can re-configure the admins. > > About the ui the font size may be a little too small and login line > should be imo on the top. More generally i'm a little frustrated, I > can create an admin, add more admins, but what about removing one ? > Also Having an interface allowing me to create more user and list them > would be really cool. Not much time right now, but I'll outline the UI flow. When there's an admin party, you can create an admin to fix it. If you are logged in as an admin, you can create more admins. If you are not logged in (but it's not admin-party) then you can click "Signup" to create a new user account with an empty roles list. If you click your username when you are logged in, it will show your user document. Admins can add roles to existing user documents. There isn't a UI for listing or editing users as I expect we'll just use Futon's database UI for that. Admins can delete admins via the Config UI (if you are trying to delete all admins to run tests make sure to delete yourself last). > > Anyway I really like having the possibility to create user from futon > thanks for that :) I will have a closer look on code in the next days. > Thanks for checking it out. There's not a whole lot of new code here, just a cleanup of what we've been building since about 0.9. I'll push it to an Apache branch with a detailed todo list as soon as I've had a chance to clean up the patch. Chris -- Chris Anderson http://jchrisa.net http://couch.io
