[jira] [Commented] (COUCHDB-2990) admins not honored in _security

Sebastian Rothbucher (JIRA) Mon, 18 Apr 2016 13:40:38 -0700

    [ 
https://issues.apache.org/jira/browse/COUCHDB-2990?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15246494#comment-15246494
 ]


Sebastian Rothbucher commented on COUCHDB-2990:
-----------------------------------------------

could be a timing issue. reader_acl suffers, too (waiting 1s after _security 
changes helps), ditto replication. This needs some more investigation 
unfortunately

> admins not honored in _security
> -------------------------------
>
>                 Key: COUCHDB-2990
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2990
>             Project: CouchDB
>          Issue Type: Bug
>          Components: BigCouch
>            Reporter: Sebastian Rothbucher
>            Priority: Minor
>
> Setting a user as admin (by name) and invoking a command (giving credentials 
> via Basic Auth) comes back saying the user is no DB admin. 
> Certainly minor thing for 2.1+ but 2 keep in mind; steps 2 reproduce:
> {noformat}
> # curl -X GET 'http://localhost:15984/play/_security'
> {"_rev":"2-dfe4d0fbab9b154d2100a95cefa66a92","admins":{"names":["jerry"]}}
> # curl -X PUT 'http://localhost:15984/play/'
> # curl -X PUT 'http://localhost:15984/play/_security' -d '{"admins": 
> {"names": ["jerry"]}}'
> # curl -X PUT 'http://localhost:15984/play/test' -d '{}' -u jerry:mouseee
> {"error":"unauthorized","reason":"Name or password is incorrect."}
> # curl -X PUT 'http://localhost:15984/play/test' -d '{}' -u jerry:mouse
> {"ok":true,"id":"test","rev":"1-967a00dff5e02add41819138abb3284d"}
> # curl -X PUT 'http://localhost:15984/play/_design/test' -d '{}' -u 
> jerry:mouse
> {"error":"forbidden","reason":"You are not a db or server admin."}
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (COUCHDB-2990) admins not honored in _security

Reply via email to