Aaron, You could probably get it done with the built-in validation functions. There are some missing pieces (like non-admin roles) but even without those you can enforce anonymous users to be read-only.
Chris On Tue, Sep 8, 2009 at 11:51 AM, Aaron Quint<[email protected]> wrote: > Thanks, Jason! Thats great news. Let me know if theres a git branch to > follow or if you need any help testing. > --AQ > > Aaron Quint > http://www.quirkey.com > > > > On Tue, Sep 8, 2009 at 1:30 PM, Jason Davies<[email protected]> wrote: >> Hi Aaron, >> >> I'm working on this as we speak, in particular being able to set particular >> roles on a per-db basis. As part of this I will be adding a way to set the >> default (anonymous user) role e.g. if you want read-only access for >> non-logged-in users. >> >> I will let you know on this thread when I have something ready for testing. >> >> Cheers, >> -- >> Jason Davies >> >> www.jasondavies.com >> >> On 8 Sep 2009, at 18:09, Aaron Quint wrote: >> >>> I've been working on a fun couchapp type full javascript app built on >>> CouchDB that I hope to unveil at jQuery Conf this weekend. >>> The biggest piece left is getting some kind of >>> authentication/authorization in place so that I can actually put it on >>> a server for other people to use/play with. I've been using/testing >>> with 0.10 locally and since the wiki doesnt have much up to date info, >>> I've found the best resource to be the JS tests. >>> >>> So questions: >>> - If I'm not logged in as a specific user /_session returns >>> {"ok":true,"name":null,"roles":["_admin"]} >>> Which means that as a guest I have admin privileges. If I set >>> require_valid_user = true, though I have to be logged in to view any >>> document. Is there any way to change the roles of the default user? >>> Ideally if I wasnt logged in as a specific user I could only have read >>> access so I could still view documents and see a page where I could >>> log in. >>> - If I'm logged in as read only I still have access to the users >>> database - is there anyway to prevent this? >>> >>> I totally understand that the auth stuff is early days but any help >>> would be appreciated. I would love to be able to run this app and >>> couchdb on :80. >>> Thanks! >>> --AQ >>> >>> Aaron Quint >>> http://www.quirkey.com >> >> > -- Chris Anderson http://jchrisa.net http://couch.io
