You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@couchdb.apache.org by Jan Lehnardt <ja...@apache.org> on 2020/05/28 10:14:28 UTC

Re: Option request for user access to the /_all_dbs endpoint (old behavior)

Hi Erik,

there is: https://github.com/apache/couchdb/blob/master/rel/overlay/etc/default.ini#L140-L141 <https://github.com/apache/couchdb/blob/master/rel/overlay/etc/default.ini#L140-L141>

It is also mentioned in the accompanying blog post: https://blog.couchdb.org/2020/02/26/the-road-to-couchdb-3-0-security/ <https://blog.couchdb.org/2020/02/26/the-road-to-couchdb-3-0-security/>

But good call that the release notes could do with a mention. Would you be up for submitting a PR?

Best
Jan
—

> On 28. May 2020, at 11:45, Erik Verheul <te...@verheulconsultants.nl> wrote:
> 
> Hi,
> 
> From the upgrade notes: #2576: CouchDB 3.0 now requires admin-level access for the /_all_dbs endpoint. See https://docs.couchdb.org/en/3.1.0/whatsnew/3.0.html
> This change means a major overhaul of my onebacklog.net application. And the temptation to assign _admin rights to the admin role.
> Can there be an option in the local.ini file to reestablish the old behavior?
> 
> kind regards,
> Erik