[
https://issues.apache.org/jira/browse/COUCHDB-2244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14091891#comment-14091891
]
Robert Kowalski commented on COUCHDB-2244:
------------------------------------------
Access to the replication view is just allowed for admins:
{{roles: ["_admin"]}}
Almost the same for all-docs:
{{
"database/:database/_all_docs(:extra)": {
route: "allDocs",
roles: ["_reader","_writer","_admin"]
},
"database/:database/_design/:ddoc/_view/:view": {
route: "viewFn",
roles: ['_admin']
},
"database/:database/_design/:ddoc/_lists/:fn": {
route: "tempFn",
roles: ['_admin']
},
"database/:database/_design/:ddoc/_filters/:fn": {
route: "tempFn",
roles: ['_admin']
},
"database/:database/_design/:ddoc/_show/:fn": {
route: "tempFn",
roles: ['_admin']
},
"database/:database/_design/:ddoc/metadata": {
route: "designDocMetadata",
roles: ['_admin']
},
}}
> Fauxton auth is broken for fixed Admin Party
> --------------------------------------------
>
> Key: COUCHDB-2244
> URL: https://issues.apache.org/jira/browse/COUCHDB-2244
> Project: CouchDB
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Fauxton
> Reporter: Alexander Shorin
>
> 1. Fix the Admin Party
> 2. Logout
> 3. Login as regular user (optional)
> You'll probably see the same effect as for COUCHDB-2243, but in
> addition you'll not be able to change your password, create replication,
> access to databases where even if you're explicitly defined as admin or
> member.
> Fauxton @ 2abdb2c
--
This message was sent by Atlassian JIRA
(v6.2#6252)
