Regarding the database creation question, that's what I was afraid of. I wonder why that design decision was taken? It's commonly stated that couch can handle thousands of databases, no problem, but without the ability to create them automatically as the application requires seems like a real problem, doesn't it?
I like your idea of creating a server side component with the appropriate credentials as a fallback. Thanks for the info. On Nov 23, 2010, at 7:20 AM, Patrick Barnes wrote: > Hi Jeff, > > On 23/11/2010 5:10 PM, Jeff Gorder wrote: >> I have a case where there is a main public database that serves my >> application and then will need to have a private database for each user. >> I've gotten this to work manually and automatically when logged in as a >> server admin. >> >> I understand that there are server admins that have full control over the >> installation and that they are managed by making entries into the .ini file >> and that there are database admins as well. In the "Definitive Guide" it's >> made clear that only admin users are allowed to create databases and design >> documents but it's not clear if those are server admins, database admins, or >> both. >> >> How do I create the database/design doc for a new user? It's not practical >> to require someone who is a server admin to log on to Futon to do it. If a >> user is a database admin in the main application database, does that give >> them permission to create a new database? > > Someone having database-level admin access only has it on that database, even > if it's the main application database. Only a server admin can create a new > database. > > Some sort of privilege escalation is necessary, I guess. Maybe have a > server-side script that can be triggered by main-application database admins, > that has a stored set of server admin credentials and can create the database > for them. > >> The second question is how to access the database ACL. I have found that >> it's stored at dbasename/_security but haven't found any documentation about >> an API to it. Is there one? > > See here: http://wiki.apache.org/couchdb/Complete_HTTP_API_Reference > > I'm guessing it's just GET or PUT in its entirety. > [ Hmm - how are race conditions resolved on _security? :-) ] > > > Hope that helps, > -Patrick
