> On 28 Jul 2015, at 03:05, jumbo jim <[email protected]> wrote: > > A comment regarding the anonymous creation feature for "_users" > database.... - while anonymous users are unable to get a list of all > _users, they are able to see "Number of documents" (users). Can this be > disabled?
good call, however, this is not possible at the moment. > > On Tue, Jul 28, 2015 at 10:45 AM, jumbo jim <[email protected]> wrote: > >> Couchdb has a nice feature that allows anonymous users to write to the >> _users database. This allows new users to sign up. A logged in user (ie >> valid session) has the ability to update/change their password as they have >> update privileges to their *own* _user document. >> >> I envisage a scenario when I need to reset the password for a user as they >> have forgotten it. >> >> Is it possible to have a privileged user (but not admin) user that is >> permitted to make changes to other _user documents? (password changes)... >> but, at the same time still permitting anonymous creation of new documents? only admins can edit other user’s _users docs. Best Jan -- >> >> >> >> -- Professional Support for Apache CouchDB: http://www.neighbourhood.ie/couchdb-support/
