On Thu, Jul 14, 2011 at 16:10, Alex Aitken <[email protected]> wrote: > Initially sent this to dev but perhaps this is the more appropriate list... > > ---------- Forwarded message ---------- > From: Alex Aitken <[email protected]> > Date: Thu, Jul 14, 2011 at 4:19 PM > Subject: Implementing Authorization control for Self-Enrollers in a > pure Couchapp > To: [email protected] > > > What's the best way using CouchDB's built-in > authentication/authorization to set up self-enrollers as user type = > reader? I understand there's a db/_security object, but not how to > edit it/use it/update it... And if admins are the only ones capable > editing roles, how does a self-enrolled user get these assigned? > Thanks for thoughts, > Alex Aitken >
You can edit the _security object by clicking on "Security..." at the top of the futon page for a database. You should also be able to GET/PUT /database/_security. The rules for updating roles and who can change what about user documents are actually just implemented as a validate_doc_update function in the _users database. Check out /_users/_design/auth. You could special case "readers" for self-enrollment in your deployment.
