On 16 November 2012 16:35, svilen <[email protected]> wrote: > quoting http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html > ''' > If you define any database readers on a database anonymous reads are > disabled, but anonymous writes (of regular documents, not design > documents) are still enabled. > '''
> is this really the case? i cannot write anonymously to my > user-owned databases. i have server admin but no validation docs. > (couchdb 1.2) Svilen, you are correct -- looks like an error in the blog post. Lucas, there's a bit more here http://guide.couchdb.org/draft/security.html but the gist of it is that there are groups (roles) defined in the _user db entries, and these + the user names can be applied to a given DB in the admin or members section. IIRC in 1.2.0 the name "readers" was swapped in for "members" as being a member also gave write access, not just read. Write access is typically controlled via validate_update_doc functions. A+ Dave
