I'd recommend reading http://blog.couchbase.com/whats-new-in-couchdb-1-0-part-4-securityn-stufffor an overview of the couch security model
On Sun, Jul 10, 2011 at 11:30 PM, Marcello Nuccio <[email protected] > wrote: > 2011/7/11 Jonathan Geddes <[email protected]>: > >> Fortunately, users with write access are not admins. They may not > >> modify design documents. All of their changes are subject to design > >> documents' validate_doc_update() function. > > > > I would be *overjoyed* to hear that you are right and the documentation > at > > [0] is wrong: > >> database admins - Defined per database. They have all the privileges > > readers have plus the privileges: write (and edit) design documents, > > add/remove database admins and readers, set the database revisions limit > > > > (/somedb/_revs_limit API) and execute temporary views against the > database > > (/somedb/_temp_view API). They can not create a database and neither > delete > > a database. > > "Users with write access", are users authorized by the > validation_doc_update functions in the design documents of the > database: > > http://guide.couchdb.org/draft/security.html#validation > > Marcello >
