search

akdasa-studios / lectorium-database

0 stars 0 forks source link

Make library database publicly readable #2

Closed akdasa closed 3 months ago

akdasa commented 3 months ago

Implementation plan:

Update migration script to:

  1. Remove _admin role from the members group from library database.
  2. Add _design/permissions document with validate_doc_update function to the library database to check if user has one of the following roles: _admin, contentManager.

Acceptance criteria:

  1. User should not be able to create new documents:

    curl -X POST http://localhost:5984/library \
 -H "Content-Type: application/json" \
 -d '{"title": "Example Book", "author": "John Doe", "year": 2023}'

  2. User should be able to access documents

    curl -X GET http://database:5984/library/_all_docs

  3. Admin should be able to create documents via CouchDB admin panel

Related docs:

  1. https://docs.couchdb.org/en/stable/api/database/security.html#put--db-_security
akdasa commented 3 months ago

Updated migration script. Will be applied to PROD once we start public alpha testing.