quoting http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html ''' If you define any database readers on a database anonymous reads are disabled, but anonymous writes (of regular documents, not design documents) are still enabled. '''
is this really the case? i cannot write anonymously to my user-owned databases. i have server admin but no validation docs. (couchdb 1.2) ciao svilen On Fri, 16 Nov 2012 14:40:07 +0100 Dave Cottlehuber <[email protected]> wrote: > On 16 November 2012 12:21, Lucas Toulouse > <[email protected]> wrote: > > Hello, > > I'm a Lucas, I have few questions on the configuration of Couchdb > > Users. > > > > I try to create a Couch with an user = a DB > > And configure user rights according to that. (ie An user can only > > write and read his own Db) > > Hi Lucas, > > Welcome! > > CouchDB security is at the DB level, so you are on the right track. > > For each user: > - create normal user account > - create the DB > - open the security object & add that user's name into the members > name field > > Once you've created a server admin (i.e. not running in admin party > mode) > > From terminal you'd have something like: > > COUCH=http://admin:passwd@localhost:5984 > # create the user > curl -HContent-Type:application/json \ > -vXPUT $COUCH/_users/org.couchdb.user:me \ > --data-binary '{"_id": "org.couchdb.user:me","name": "me","roles": > [],"type": "user","password": "pwd"}' > > # create the DB > curl -vX PUT $COUCH/me > > # update the security object > curl -vX PUT $COUCH/me/_security \ > -Hcontent-type:application/json \ > --data-binary > '{"admins":{"names":[],"roles":[]},"members":{"names":["me"],"roles":[]}}' > > You may want to put a validation doc in place to control writes at a > per-doc level as well. > > http://wiki.apache.org/couchdb/Security_Features_Overview and > http://guide.couchdb.org/draft/security.html and > http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html > are good references. > > A+ > Dave
