Replies: 2 comments
-
P.S.: As supposed enabling couchdb.users_db_security_editable and removing the Members / Role _admin permission fixed the issue.
|
Beta Was this translation helpful? Give feedback.
0 replies
-
Created issue #3170 to track this problem. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
In past versions of CouchDB users could access their doc as stated in:
https://docs.couchdb.org/en/stable/intro/security.html?highlight=_users#authentication-database
With a brand new CouchDB 3.1 with default settings, this doesn't seem to be the case anymore --- I think this is related to the permissions applied by default which is:
Look at this. I have a brand new CouchDB 3.1 with just an "admin" user:
I tried to change the permission for _users from fauxton to remove the member role _admin but I couldn't do it because by default the permissions for the database are locked.
Clearly I can change that and fix the permissions, that is not the problem, the show-stopper here seems to be that either the documentation needs to be updated (and we're loosing a big functionality as well, since users can't change password on their own, for example), or there's a bug in the implementation of the new default security schema for _users.
Any thought?
Thanks
Beta Was this translation helpful? Give feedback.
All reactions