[
https://issues.apache.org/jira/browse/COUCHDB-3170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16076075#comment-16076075
]
Lebruman commented on COUCHDB-3170:
-----------------------------------
Hello,
Yes I have an admin user on the ini file, but I want than my users be able to
fetch and replicate other users informations.
Some of them can create new user (with a defined role) and some other can only
read informations about users.
Definitivelly, I can't have hard coded admin in the ini file.
In my case, if permissions are ignored in the _users database, I can't get it
to work.
> Permissions are ignored in "_users" database.
> ---------------------------------------------
>
> Key: COUCHDB-3170
> URL: https://issues.apache.org/jira/browse/COUCHDB-3170
> Project: CouchDB
> Issue Type: Bug
> Affects Versions: 2.0.0
> Reporter: Pavel V
>
> To reproduce (in Fauxton):
> 1. Create a user in "_users" database with role "app-admin".
> 2. Change permissions for "_users" DB to add "app-admin" role to admins and
> members.
> 3. Check "/_users/_security". Response should be similar to:
> {"admins":{"names":[],"roles":["app-admin"]},"members":{"names":[],"roles":["app-admin"]},"ok":true}
> 4. Login as the user with the "app-admin" role.
> 5. Open "_users", you get 401 response and Fauxton shows message "An Error
> occurred: You are not a server admin.". 401 response contains following JSON:
> {error: "unauthorized", reason: "You are not a server admin."}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
