You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@couchdb.apache.org by Michael <ne...@gmail.com> on 2010/09/17 01:05:00 UTC
Read Only Permissions for a database
I think this is a really stupid question, but I really can't figure it out.
I have a database, which I want to be readable by everyone,
but changeable by only admin. I look at the security of the database in
futon and see admins and readers. Now I put someone into the readers or
leave it blank and that person can still update and create documents.
How do I create a database and make it read-only for the public? Ideally I
would like what is the currently behavior for 'readers' for my applications
and then only I have admin rights. Is this possible?
Thanks in advance,
Michael
Re: Read Only Permissions for a database
Posted by Tyler Gillies <ty...@pdxbrain.com>.
also cloudant has some user-friendly db access control
On Thu, Sep 16, 2010 at 4:09 PM, Zachary Zolton <za...@gmail.com>wrote:
> The easiest way I know to do this is by putting up a design doc, with
> a validate_doc_update function like the following:
>
> function(newDoc, oldDoc, userCtx) {
> if (userCtx.roles.length == 0 || userCtx.roles.indexOf('_admin') == -1) {
> throw({ forbidden: 'You must be an admin in to save data' });
> }
> }
>
>
> Cheers,
>
> Zach
>
> On Thu, Sep 16, 2010 at 6:05 PM, Michael <ne...@gmail.com> wrote:
> > I think this is a really stupid question, but I really can't figure it
> out.
> >
> > I have a database, which I want to be readable by everyone,
> > but changeable by only admin. I look at the security of the database in
> > futon and see admins and readers. Now I put someone into the readers or
> > leave it blank and that person can still update and create documents.
> >
> > How do I create a database and make it read-only for the public? Ideally
> I
> > would like what is the currently behavior for 'readers' for my
> applications
> > and then only I have admin rights. Is this possible?
> >
> > Thanks in advance,
> >
> > Michael
> >
>
--
http://www.readwriteweb.com/about#tyler
Ask me anything <http://tumble.pdxbrain.com/ask>!
Re: Read Only Permissions for a database
Posted by Zachary Zolton <za...@gmail.com>.
The easiest way I know to do this is by putting up a design doc, with
a validate_doc_update function like the following:
function(newDoc, oldDoc, userCtx) {
if (userCtx.roles.length == 0 || userCtx.roles.indexOf('_admin') == -1) {
throw({ forbidden: 'You must be an admin in to save data' });
}
}
Cheers,
Zach
On Thu, Sep 16, 2010 at 6:05 PM, Michael <ne...@gmail.com> wrote:
> I think this is a really stupid question, but I really can't figure it out.
>
> I have a database, which I want to be readable by everyone,
> but changeable by only admin. I look at the security of the database in
> futon and see admins and readers. Now I put someone into the readers or
> leave it blank and that person can still update and create documents.
>
> How do I create a database and make it read-only for the public? Ideally I
> would like what is the currently behavior for 'readers' for my applications
> and then only I have admin rights. Is this possible?
>
> Thanks in advance,
>
> Michael
>