0

I am new to CouchDB. I am trying to set up a server with the following management plan

  • for each database, I want to specify one or two admin accounts that can create/add/delete/update the database or add design documents, but not to modify any other databases
  • for a subset of databases, I want to enable read-only access (listing _all_docs or run _find queries) from either without authentication (anonymously), or from a public account (such as anonymous:anonymous), but this account can not make any change to these databases

is this possible?

FangQ
  • 1,444
  • 10
  • 18

1 Answers1

0

permission admin

CouchDB is shipped with a Fauxton server. You can manage almost everything in there.

  1. access fauxton server http://localhost:5984/_utils
  2. click the database you want to assign a admin.
  3. on the left panel there is a permissions, click on it.
  4. You can add admin in that menu

For the second question, CouchDB has no database hierachy. So there is no subset of database. You should do the same thing for every database you need to.

https://docs.couchdb.org/en/stable/intro/security.html Here is couch db documentation about authority.

Zeta
  • 913
  • 10
  • 24
  • thanks @Zeta - I have been using fauxton. Under the "Your Account"/"User Management" page, it has a tab only for "Create Server Admin". A server admin account can read/write access to all databases. I could not find an option in fauxton to create an admin account that is only limited to a single database. do you know if this is possible? – FangQ Jun 30 '23 at 14:30
  • 1
    Do not go to the user management. 2. click the database name. 3. then permission on left panel. – Zeta Jun 30 '23 at 16:38
  • from what I can see, the "permission" page does not allow one to create an admin. For example, if I already created a server admin, say "testadmin" in the user management interface, and I want to set testadmin to be the admin for a single database called "testdb1", but not other database, say "testdb2" or "testdb3", how can I do this using the "Permissions" setting? – FangQ Jun 30 '23 at 21:41
  • I attached another picture. Do you not see the Users menu in second picture? What is your couchDB version? – Zeta Jul 02 '23 at 04:52
  • what should I type in the Users menu? should i create that account first? where to create that account? – FangQ Jul 02 '23 at 20:49
  • Ask after trying some effort at least. It is clear that username should be entered. Cause ‘usename’ is placeholder. – Zeta Jul 03 '23 at 01:02
  • I think we misunderstood each other. I already knew how to create a "server admin". And from my limited test, a server admin, regardless if I assign it to a database using the Admin/Member, can always modify any database, or add new databases. My question here is how to create a "regular admin" who can only modify a single database, but not other databases. If this is possible, where should I set this "per-database" admin's username/password? – FangQ Jul 03 '23 at 02:55
  • I can type a non-existent account (say "nobody") on the Admin field in your screenshot, but it will be shown with a red-margin, and I can't set password for "nobody", or use this account to run `curl -X` command to add new docs to the database. Hope this make it more clear? – FangQ Jul 03 '23 at 02:55
  • From [anther post](https://stackoverflow.com/a/22814858/4271392), I saw someone mentioned about "other users". My question is really about how do you create these non-server-admin "other users"? by modifying the `_users` database? can this be done in Fauxton? – FangQ Jul 03 '23 at 03:23