javascript - How to handle users in `_users` database with many applications in the same CouchDB instance? -

-

according matt woodward's blog, in the definitive guide couchdb authentication , security points out things couchdb i'm not sure understand completly.

  1. he says:

    "basically way security works in couchdb users stored in _users database (or elsewhere if like; can changed in config file)...".

so, users of whole couchdb stored in single database, right? means if have more 1 application running in different databases within same couchdb i'd have handle users want access both application, correct?

  1. he says

    "database readers can read documents , views on specific database, , have no other permissions".

    then, adds

    "by default databases read/write enabled anonymous users, if define database admins on database".

so anonymous users can or can't read documents in specific database?

i'll start out saying articles, while still informative, several years old , possibly outdated. recommend reading through official documentation if trying learn couchdb.

now answer question. (more information security here , here)

in couchdb, security can incrementally build developing application. default open, , lock things down adding configuration. (in think pretty intuitive fashion)

by default, couchdb in "admin party" mode, means can read , write anything. (because every user, including anonymous users, treated admins)

once add any admin users server, (via configuration, not _users database) party over. means actions can only performed admin's you've explicitly defined. (such creating databases, setting config, etc)

in state, anonymous users can still read/write normal documents in database has been created. (design documents can modified admins) if ready start locking down individual databases, can specifying users/roles in security object given database.

when people use term "database reader", mean user has been added "member" in security object. (either username, or role) specifying members or admins in security object database, users have permissions inside database, others disallowed.

to summarize, anonymous users can read/write default. once admin designated, security tightens , actions can done admin. if specify database members/admins, security database tightens more, allowing users read database.


Comments

Post a Comment

Popular posts from this blog

java - Static nested class instance -

-
this question has answer here: java inner class , static nested class 23 answers i came across in java, know static nested class why create instance of 'static'. isn't whole idea of 'static' use without instance? understand concept of inner classes, why (and frankly how possible to) create 'instance' of 'static' member @ ? why this: 1- outerclass.staticnestedclass nestedobject = new outerclass.staticnestedclass(); 2- nestedobject.anestedclassmethod(); and not this: 1- outerclass outerinstance=new outerclass(); 2- outerinstance.staticnestedclass.anestedclassmethod(); use on inner classes, keyword static indicates can access inner class without instance of outer class. for example: public class outer { public static class inner { /* code here. */ } } with construction, can create instance of inn
Read more

c# - Bluetooth LE CanUpdate Characteristic property -

-
i building xamarin.forms cross platform mobile app, uses monkey.robotics bluetoth low energy functionality. connecting mbed based implimentation of custom gatt service . in xamarin c#, triggers characteristic. canupdate property in monkey.robotics? this standard example c# based on: if (characteristic.canupdate) { characteristic.valueupdated += (s, e) => { debug.writeline("characteristic.valueupdated"); device.begininvokeonmainthread( () => { updatedisplay(characteristic); }); isbusy = false; // spin until first result received }; isbusy = true; characteristic.startupdates(); } this has been working, since changed own custom gatt service connecting to, canupdate property false. property , how triggered? me debugging gatt service code. thanks monkey.robotics open sour
Read more

JavaScript - Replace variable from string in all occurrences -

-
ok, know if have character '-' , want remove in places in string javascript, ... someword = someword.replace(/-/g, ''); but, when applying array of characters, s not working ... const badchars = ('\/:*?"<>|').split(''); let filename = title.replace(/ /g, '-').tolocalelowercase(); (let item = 0; item < badchars.length; item++) { // below not work global '/ /g' filename = filename.replace(/badchars[item]/g, ''); } any ideas? /badchars[item]/g looks badchars , literally, followed i , t , e , or m . if you're trying use character badchars[item] , you'll need use regexp constructor, , you'll need escape regex-specific characters. escaping regular expression has been well-covered . using that: filename = filename.replace(new regexp(regexp.quote(badchars[item]), 'g'), ''); but , don't want that. want character class: let filename = title.replac
Read more