Hi Max, I am thinking about doing something similar with openWhisk. You can create a "users-to-delete" database only some users can write usernames to. On change to this database an openWhisk Action can delete the usernames specified in this "users-to-delete" database with full admin rights and remove the usernames on success.
Just my 2 cents. - Martin On Fri, Jan 13, 2017 at 3:15 PM, max <[email protected]> wrote: > Hi, > I need to allow some users to delete other users without being a CouchDB > Administrator. To do that I updated _users/_design/_auth to change the > '_admin' check to: > if ((userCtx.roles.indexOf('_admin') !== -1) || > (userCtx.roles.indexOf('manager') !== -1 && > userCtx.roles.indexOf(oldDoc.databases[0]) !== -1) || > (userCtx.name == oldDoc.name)) { > return; > } else { > throw ({ > forbidden: 'Only admins may delete other user docs.' > }); > } > It works but sometimes CouchDB reset this _design/_auth document. I've read > in doc this design doc cannot be modified but I couldn't find another way > to achieve this. > Is there a way to prevent CouchDB to do that ? Or another way to do what > I'm trying to do ? > I'm using CouchDB 1.4. > > Thanks. > > Max. >
