You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@couchdb.apache.org by Thomas GUILLET <gu...@gmail.com> on 2017/01/15 15:10:33 UTC
Implementation questions
Hi all,
I have been playing with CouchDB and discovering Erlang.
I w
https://github.com/apache/couchdb-peruser/pull/3
Re: Implementation questions
Posted by Robert Samuel Newson <rn...@apache.org>.
The duplication is temporary, we'd like to address it (indirectly) in 3.0. users should focus on the clustered interface, the use cases for the node-local interfaces are few and efforts will be made to reduce that to zero.
I can't comment on the peruser bits except to confirm that the plugin is broken in 2.0.
B.
> On 15 Jan 2017, at 15:29, Thomas GUILLET <gu...@gmail.com> wrote:
>
> Hi all,
>
> Sorry the previous message left the draft state too quickly.
> Thanks a lot for the hard work already put into CouchDB!
>
> As explained in a message on the user mailing list, I wanted to use
> couchdb-peruser on CouchDB 2.0.0 so I submitted a patch on github
> (https://github.com/apache/couchdb-peruser/pull/3).
>
> I am currently looking at deploying a CouchDB instance in the wild so
> I have been looking into securing the endpoints.
>
> * Is there a reason why _all_dbs is available to everyone?
>
> * I looked into the source code of the different building blocks,
> there seem to be a lot of duplication between chttp and couch_httpd.
> (My understanding is that the former is for the Cluster endpoint and
> the latter being for the node-only endpoint but I am surprised to see
> that much duplication).
>
> * Current peruser set the user as the admin of his database, would
> anyone like to have the ability to switch off that setting (user is
> only a member of his database) or add some granularity?
>
> Sorry, searching through the mailing list archives is a bit tricky, I
> only went a few months back to see if those questions were answered
> previously.
>
>
> Thanks a lot,
> Thomas
Re: Implementation questions
Posted by Thomas GUILLET <gu...@gmail.com>.
Hi all,
Sorry the previous message left the draft state too quickly.
Thanks a lot for the hard work already put into CouchDB!
As explained in a message on the user mailing list, I wanted to use
couchdb-peruser on CouchDB 2.0.0 so I submitted a patch on github
(https://github.com/apache/couchdb-peruser/pull/3).
I am currently looking at deploying a CouchDB instance in the wild so
I have been looking into securing the endpoints.
* Is there a reason why _all_dbs is available to everyone?
* I looked into the source code of the different building blocks,
there seem to be a lot of duplication between chttp and couch_httpd.
(My understanding is that the former is for the Cluster endpoint and
the latter being for the node-only endpoint but I am surprised to see
that much duplication).
* Current peruser set the user as the admin of his database, would
anyone like to have the ability to switch off that setting (user is
only a member of his database) or add some granularity?
Sorry, searching through the mailing list archives is a bit tricky, I
only went a few months back to see if those questions were answered
previously.
Thanks a lot,
Thomas