On 16 November 2012 12:21, Lucas Toulouse <[email protected]> wrote: > Hello, > I'm a Lucas, I have few questions on the configuration of Couchdb Users. > > I try to create a Couch with an user = a DB > And configure user rights according to that. (ie An user can only write and > read his own Db)
Hi Lucas, Welcome! CouchDB security is at the DB level, so you are on the right track. For each user: - create normal user account - create the DB - open the security object & add that user's name into the members name field Once you've created a server admin (i.e. not running in admin party mode) >From terminal you'd have something like: COUCH=http://admin:passwd@localhost:5984 # create the user curl -HContent-Type:application/json \ -vXPUT $COUCH/_users/org.couchdb.user:me \ --data-binary '{"_id": "org.couchdb.user:me","name": "me","roles": [],"type": "user","password": "pwd"}' # create the DB curl -vX PUT $COUCH/me # update the security object curl -vX PUT $COUCH/me/_security \ -Hcontent-type:application/json \ --data-binary '{"admins":{"names":[],"roles":[]},"members":{"names":["me"],"roles":[]}}' You may want to put a validation doc in place to control writes at a per-doc level as well. http://wiki.apache.org/couchdb/Security_Features_Overview and http://guide.couchdb.org/draft/security.html and http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html are good references. A+ Dave
