Last question about 2.1, in fauxton I couldn't find a way to navigate through document revisions (like the '' previous version '' button in 1.6.1). Is it still possible ?
Le 25 sept. 2017 2:59 PM, "Jan Lehnardt" <m...@jan.io> a écrit : > Ah gotcha! Thanks for clarifying :) > > Cheers > Jan > -- > > > On 25. Sep 2017, at 14:42, Stefan du Fresne <ste...@medicmobile.org> > wrote: > > > > Apologies, I didn't mean to not use the _users system, I was referring > to the editing the permissions security properties of the _users DB in an > attempt to allow a non-admin user to make edits to that DB. > > > >> On 25 Sep 2017, at 11:31, Jan Lehnardt <j...@apache.org> wrote: > >> > >> Stefan is correct that this is expected behaviour, but I’d reject the > notion that > >> it is in any way recommended to not use the CouchDB user system. All > you need to > >> do is have a CouchDB admin user do the _users edits. > >> > >> Of course you can build your own system on top, but I wouldn’t > recommend that. > >> > >> Best > >> Jan > >> -- > >> > >>> On 23. Sep 2017, at 15:17, max <maxima...@gmail.com> wrote: > >>> > >>> Thank you for your answers I'll try with simple web services layer. > >>> > >>> Le 23 sept. 2017 3:14 PM, "Stefan du Fresne" <ste...@medicmobile.org> > a > >>> écrit : > >>> > >>>> None that I know of no. Ideally it would just work, but I think > editing > >>>> permissions for _users is effectively deprecated at this point. > >>>> > >>>> Really the only thing you can do is write a security layer yourself, > >>>> either by wrapping CouchDB and converting those calls (after checking > your > >>>> own security) to be done by an admin user, or provide a separate API > etc. > >>>> > >>>> Stefan > >>>>> On 23 Sep 2017, at 13:40, max <maxima...@gmail.com> wrote: > >>>>> > >>>>> Thanks, > >>>>> > >>>>> Any workaround from configuration ? I would like to avoid making > more > >>>>> couchdb admin... > >>>>> > >>>>> Le 23 sept. 2017 1:08 PM, "Stefan du Fresne" <ste...@medicmobile.org> > a > >>>>> écrit : > >>>>> > >>>>>> This is currently how it works yeah. > >>>>>> > >>>>>> I believe the current recommendation for user management is to > >>>> effectively > >>>>>> ignore the permissions matrix in the _users database and instead > wrap > >>>>>> CouchDB in your own permissions management. > >>>>>> > >>>>>> Stefan > >>>>>>> On 22 Sep 2017, at 17:36, max <maxima...@gmail.com> wrote: > >>>>>>> > >>>>>>> Hi, > >>>>>>> > >>>>>>> I'm trying CouchDB 2.1 and facing an (strange?) issue. I have given > >>>>>>> admin access through "Permissions" to "user1" and every user with > the > >>>>>>> role "manager". This allowed these users to call view from _design > in > >>>>>>> _users database. But this is not enough to delete other users, to > do > >>>>>>> that user have to be a super CouchDB Admin. Is this the expected > >>>>>>> behavior? I got "Only admins may delete other user docs" whereas > he is > >>>>>>> admin. > >>>>>>> > >>>>>>> This is my _users database permissions: > >>>>>>> > >>>>>>> {"error":"unauthorized","reason":"Authentication > >>>>>>> required.","admins":{"names":["user1"],"roles":["manager"]}} > >>>>>>> > >>>>>>> > >>>>>>> Regards, > >>>>>>> > >>>>>>> Max. > >>>>>> > >>>>>> > >>>> > >>>> > >> > >> -- > >> Professional Support for Apache CouchDB: > >> https://neighbourhood.ie/couchdb-support/ > >> > > > >