Eiri, Chris,
Thank you both for the quick help.
Setting “admin" as "_users" database admin did the trick. I don’t know why it
didn’t occur to me to try that but it makes perfect sense now that you pointed
it out.
Kindest Regards,
Bill Stephenson
> On Nov 23, 2018, at 2:13 PM, Eiri <e...@eiri.ca> wrote:
>
> Hi Bill,
>
> A "_users" database is an (almost) ordinary Couch database and access to it
> controlled the same way as with any other database, by setting a valid
> "_security" object.
> Try to set your server's admin as "_users" database admin, i.e. update the
> security object in _users to {"admins": {"roles": ["_admin"]}, "members":
> {"roles": ["_admin"]}}
>
>
> Regards,
> Eric
>
>
>> On Nov 23, 2018, at 15:44, Bill Stephenson <b...@cherrypc.com.INVALID> wrote:
>>
>> I’ve been unaware that by default anyone can create a user in the _user file
>> and I have someone doing that on a CouchDB server I run.
>>
>> From what I’ve been able to learn about this so far I need to modify the
>> "_design/_auth” file to prevent this, but I’m reluctant to muck around with
>> that without knowing exactly how and where I need to edit that file.
>>
>> Any help would be much appreciated.
>>
>> --
>>
>> Bill Stephenson
>>
>>
>>
>>
>>
