Hey Chris, I was thinking about that, but it brings me to another question: So in the validate doc, how do I check the userCtx argument for 'logged' in status? Will the even be a userCtx argument if I'm not logged in? Thanks for your help --AQ
Aaron Quint http://www.quirkey.com On Tue, Sep 8, 2009 at 11:03 PM, Chris Anderson<[email protected]> wrote: > Aaron, > > You could probably get it done with the built-in validation functions. > There are some missing pieces (like non-admin roles) but even without > those you can enforce anonymous users to be read-only. > > Chris > > On Tue, Sep 8, 2009 at 11:51 AM, Aaron Quint<[email protected]> wrote: >> Thanks, Jason! Thats great news. Let me know if theres a git branch to >> follow or if you need any help testing. >> --AQ >> >> Aaron Quint >> http://www.quirkey.com >> >> >> >> On Tue, Sep 8, 2009 at 1:30 PM, Jason Davies<[email protected]> wrote: >>> Hi Aaron, >>> >>> I'm working on this as we speak, in particular being able to set particular >>> roles on a per-db basis. As part of this I will be adding a way to set the >>> default (anonymous user) role e.g. if you want read-only access for >>> non-logged-in users. >>> >>> I will let you know on this thread when I have something ready for testing. >>> >>> Cheers, >>> -- >>> Jason Davies >>> >>> www.jasondavies.com >>> >>> On 8 Sep 2009, at 18:09, Aaron Quint wrote: >>> >>>> I've been working on a fun couchapp type full javascript app built on >>>> CouchDB that I hope to unveil at jQuery Conf this weekend. >>>> The biggest piece left is getting some kind of >>>> authentication/authorization in place so that I can actually put it on >>>> a server for other people to use/play with. I've been using/testing >>>> with 0.10 locally and since the wiki doesnt have much up to date info, >>>> I've found the best resource to be the JS tests. >>>> >>>> So questions: >>>> - If I'm not logged in as a specific user /_session returns >>>> {"ok":true,"name":null,"roles":["_admin"]} >>>> Which means that as a guest I have admin privileges. If I set >>>> require_valid_user = true, though I have to be logged in to view any >>>> document. Is there any way to change the roles of the default user? >>>> Ideally if I wasnt logged in as a specific user I could only have read >>>> access so I could still view documents and see a page where I could >>>> log in. >>>> - If I'm logged in as read only I still have access to the users >>>> database - is there anyway to prevent this? >>>> >>>> I totally understand that the auth stuff is early days but any help >>>> would be appreciated. I would love to be able to run this app and >>>> couchdb on :80. >>>> Thanks! >>>> --AQ >>>> >>>> Aaron Quint >>>> http://www.quirkey.com >>> >>> >> > > > > -- > Chris Anderson > http://jchrisa.net > http://couch.io >
