CouchDB and PouchDB plain users can create Databases -


i don't want normal users able create databases.

in futon screen /_utils, when logged in plain user, functions expected. admins can create databases.

but when sync pouchdb couchdb, plain users can create (replicate?) database. want adding of new databases restricted admin users.

also noticed existing db edited when user restricted.

how can fix this?

var remotecouch = http://testuser:testuser@{domain}.iriscouch.com/testdb;  pouchdb.debug.disable();  if (remotecouch) {     sync(); } else {     console.log("no remote server."); }  function sync() {     var opts = {live: true};     db.replicate.to(remotecouch, opts, syncerror);     db.replicate.from(remotecouch, opts, syncerror); }

edit

testuser not in /_config/admins

testuser:

{    "_id": "org.couchdb.user:testuser",    "_rev": "1-7d28b3388a62cfca103cbe3642549bee",    "password_scheme": "pbkdf2",    "iterations": 10,    "type": "user",    "name": "testuser",    "roles": [        "testuser"    ],    "derived_key": "2181a44141d6d6aa2061bb2c5c057451acc6461e",    "salt": "2184888b099f37605feca0a22e5b6bb9" }

is couchdb in admin party mode? if it's not, admins should able create databases, whether it's via futon or pouchdb.

pouchdb isn't doing special; can simulate pouchdb doing using curl:

curl -x put http://someuser:somepassword@path.to.couchdb.com:5984/somedatabase

are sure testuser isn't admin? if user give pouchdb admin, yes, users able create own databases.

more info on authentication can found here: https://github.com/nolanlawson/pouchdb-authentication#couchdb-authentication-recipes


-

Comments

Post a Comment

Popular posts from this blog

css - SVG using textPath a symbol not rendering in Firefox -

using textpath within symbol doesn't render in firefox. renders fine in latest chrome , ie, when try reference symbol, svg text doesn't render in firefox (37.0.1) - first box appears empty. code below (no external dependencies), there should 2 boxes word test flowing vertically in centre of each. edit: thought issue somehow involved flexbox layout, until paul pointed out issue exists without flexbox layout. the html is: <div> <svg id="not_working" viewbox="0 0 250 1200" preserveaspectratio="xmidymid meet"> <symbol id="test_symbol1" preserveaspectratio="xmidymid meet" viewbox="0 0 250 1200"> <path id="test_symbol_path" d="m 100 1200 l 100 0" /> <text font-size="100" fill="red"> <textpath text-anchor="middle" startoffset="50%" xlink:href="#test_symbol_path...
Read more

Java 8 + Maven Javadoc plugin: Error fetching URL -

i attempting generate javadoc links javadoc dependencies. have tried various means generate javadoc not produce qualified class names references classes dependencies. wanted links java doc simplified class names. however, java api classnames, no links , have qualified class names. working java 8. have following configuration: <plugin> <groupid>org.apache.maven.plugins</groupid> <artifactid>maven-javadoc-plugin</artifactid> <version>2.10.2</version> <configuration> <reportoutputdirectory>${project.basedir}/target</reportoutputdirectory> <destdir>javadoc</destdir> <windowtitle>epiphany</windowtitle> <doctitle>epiphany</doctitle> <show>private</show> <detectlinks>false</detectlinks> <detectoffline...
Read more

order - Notification for user in user account opencart -

thanks helps or points me in right direction. i want show pending notification user in account page after login. notification show when order status pending. after changing other status admin remove notification. this notification show like: your order id: order status: , [ button custom url] if multiple order show multiple order id. open cart version 1.5.6.3 custom theme. $this->load->model('account/order'); $results = $this->model_account_order->getorders(); foreach ($results $result) { $product_total = $this->model_account_order->gettotalorderproductsbyorderid($result['order_id']); $voucher_total = $this->model_account_order->gettotalordervouchersbyorderid($result['order_id']); if( $result['status'] =! 5){ // 5 order status means completed $this->data['orders'][] = array( 'order_id' => $result['order_id'], ...
Read more