Hi Jeff,
On 23/11/2010 5:10 PM, Jeff Gorder wrote:
I have a case where there is a main public database that serves my application
and then will need to have a private database for each user. I've gotten this
to work manually and automatically when logged in as a server admin.
I understand that there are server admins that have full control over the installation
and that they are managed by making entries into the .ini file and that there are
database admins as well. In the "Definitive Guide" it's made clear that only
admin users are allowed to create databases and design documents but it's not clear if
those are server admins, database admins, or both.
How do I create the database/design doc for a new user? It's not practical to
require someone who is a server admin to log on to Futon to do it. If a user is
a database admin in the main application database, does that give them
permission to create a new database?
Someone having database-level admin access only has it on that database,
even if it's the main application database. Only a server admin can
create a new database.
Some sort of privilege escalation is necessary, I guess. Maybe have a
server-side script that can be triggered by main-application database
admins, that has a stored set of server admin credentials and can create
the database for them.
The second question is how to access the database ACL. I have found that it's
stored at dbasename/_security but haven't found any documentation about an API
to it. Is there one?
See here: http://wiki.apache.org/couchdb/Complete_HTTP_API_Reference
I'm guessing it's just GET or PUT in its entirety.
[ Hmm - how are race conditions resolved on _security? :-) ]
Hope that helps,
-Patrick
