GitHub user fangq edited a discussion: Understanding Admins name/role and Members name/role settings
I am building website for sharing public data using CouchDB as the backend. I want the data to be publicly accessible without logins (i.e. anonymously readable by default). But I want only designated CouchDB users (in addition to site admins) to be able to write to the databases. So far, I was able to achieve this using the following settings - I disabled `default_security = admin_only` so that everyone can read - I added a `validate_doc_update` handler to raise an error if `userCtx.name` is not present - preventing anonymous users to write - I removed `_admin` roles for both Admins and Members for each created database - I created CouchDB users (not site admins) and assign those user names as Admin user name for each database, keeping the roles still empty (Members user name and roles are also empty). I found that the above settings mostly do what I hoped (unless I overlooked) - anonymous users can browse, but not deleting/modifying data; couchdb users can upload/update/delete documents using their credentials. Only site admins can create new databases, modify design docs etc. However, I found one problem - it appears that regardless if a couchdb user is assigned to a database as admin or not, any valid user can upload/update documents to such database. I have two questions 1. does the above setting have any perceivable security risks? 2. is there a way I can limit the users who can commit changes (add, modify, delete) documents from a database to those I explicitly list under the admin? here is a screenshot of the permission settings of one of my databases  GitHub link: https://github.com/apache/couchdb/discussions/5487 ---- This is an automatically sent email for notifications@couchdb.apache.org. To unsubscribe, please send an email to: notifications-unsubscr...@couchdb.apache.org
