pouchdb-authentication how do I set roles for a new user












0















I want to set roles for a new user.



I tried updating roles array in metadata during signup but I get an error. If I remove the roles metadata new user is created just fine. 



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

      roles: ['basic']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username')

        // invalid username

      } else {

        console.log('sign up error')

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up')

     // login()

    }

  })


So I figured it out first modify the pouchdb-authentication index.js code to accept roles. 



var signUp = pouchdbUtils.toPromise(function (username, password,roles, opts, callback) {

  var db = this;

  if (typeof callback === 'undefined') {

    callback = typeof opts === 'undefined' ? (typeof password === 'undefined' ?

      username : password) : opts;

    opts = {};

  }

  if (['http', 'https'].indexOf(db.type()) === -1) {

    return callback(new AuthError('This plugin only works for the http/https adapter. ' +

      'So you should use new PouchDB("http://mysi3te.org:5984/mydb") instead.'));

  } else if (!username) {

    return callback(new AuthError('You must provide a username'));

  } else if (!password) {

    return callback(new AuthError('You must provide a password'));

  }



  var userId = 'org.couchdb.user:' + username;

  var user = {

    name: username,

    password: password,

    roles: roles,

    type: 'user',

    _id: userId,

  };



  updateUser(db, user, opts, callback);

});


Then you can send the roles in the sign up. I'm sending basic below



   signUp()

function signUp () {

  db.signUp(userId, 'pass', ['basic'], {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username', err)

        // invalid username

      } else {

        console.log('sign up error', err)

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up', err)

      login()

    }

  })

}


now you have to go to couchdb _user database _design/_auth document modify



else if (newDoc.roles.length > 0 ) {n


set this to 



else if (newDoc.roles.length > 0 && newDoc.roles[0] !== 'basic' ) {n


Now you will have basic in your session and can add more roles my adjusting the code a bit. This allows me to set member role permissions easily to limit access to other databases. Or a simpler solution i found and tested is to add a new design doc to your database with the following code. It will only allow users that are logged in to access your database



{

  "_id": "_design/usersOnly",

  "_rev": "17-6fb7e6c0ccfca8b2e56738ad63e26107",

  "language": "javascript",

  "validate_doc_update": "n  function(newDoc, oldDoc, userCtx){   n // check if user is logged in n  if(!userCtx.name){ throw({forbidden : 'No way.. login man!'});}   n //reqired fields to update n  function require(field){   var message = field + ' is required';  if(!newDoc[field]){  throw({'forbidden':message})  }}   require('name');                                         }"

}





couchdb pouchdb







share|improve this question

























  • If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

    – lossleader
    Nov 24 '18 at 12:44











  • I don't think you need to change pouchdb-authentication and updated my answer..

    – lossleader
    Nov 24 '18 at 14:37











  • I'll def add the length > 1. Thanks a bunch for the help!!

    – Travis Klein
    Nov 25 '18 at 14:03
















0















I want to set roles for a new user.



I tried updating roles array in metadata during signup but I get an error. If I remove the roles metadata new user is created just fine. 



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

      roles: ['basic']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username')

        // invalid username

      } else {

        console.log('sign up error')

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up')

     // login()

    }

  })


So I figured it out first modify the pouchdb-authentication index.js code to accept roles. 



var signUp = pouchdbUtils.toPromise(function (username, password,roles, opts, callback) {

  var db = this;

  if (typeof callback === 'undefined') {

    callback = typeof opts === 'undefined' ? (typeof password === 'undefined' ?

      username : password) : opts;

    opts = {};

  }

  if (['http', 'https'].indexOf(db.type()) === -1) {

    return callback(new AuthError('This plugin only works for the http/https adapter. ' +

      'So you should use new PouchDB("http://mysi3te.org:5984/mydb") instead.'));

  } else if (!username) {

    return callback(new AuthError('You must provide a username'));

  } else if (!password) {

    return callback(new AuthError('You must provide a password'));

  }



  var userId = 'org.couchdb.user:' + username;

  var user = {

    name: username,

    password: password,

    roles: roles,

    type: 'user',

    _id: userId,

  };



  updateUser(db, user, opts, callback);

});


Then you can send the roles in the sign up. I'm sending basic below



   signUp()

function signUp () {

  db.signUp(userId, 'pass', ['basic'], {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username', err)

        // invalid username

      } else {

        console.log('sign up error', err)

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up', err)

      login()

    }

  })

}


now you have to go to couchdb _user database _design/_auth document modify



else if (newDoc.roles.length > 0 ) {n


set this to 



else if (newDoc.roles.length > 0 && newDoc.roles[0] !== 'basic' ) {n


Now you will have basic in your session and can add more roles my adjusting the code a bit. This allows me to set member role permissions easily to limit access to other databases. Or a simpler solution i found and tested is to add a new design doc to your database with the following code. It will only allow users that are logged in to access your database



{

  "_id": "_design/usersOnly",

  "_rev": "17-6fb7e6c0ccfca8b2e56738ad63e26107",

  "language": "javascript",

  "validate_doc_update": "n  function(newDoc, oldDoc, userCtx){   n // check if user is logged in n  if(!userCtx.name){ throw({forbidden : 'No way.. login man!'});}   n //reqired fields to update n  function require(field){   var message = field + ' is required';  if(!newDoc[field]){  throw({'forbidden':message})  }}   require('name');                                         }"

}





couchdb pouchdb







share|improve this question

























  • If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

    – lossleader
    Nov 24 '18 at 12:44











  • I don't think you need to change pouchdb-authentication and updated my answer..

    – lossleader
    Nov 24 '18 at 14:37











  • I'll def add the length > 1. Thanks a bunch for the help!!

    – Travis Klein
    Nov 25 '18 at 14:03














0












0








0








I want to set roles for a new user.



I tried updating roles array in metadata during signup but I get an error. If I remove the roles metadata new user is created just fine. 



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

      roles: ['basic']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username')

        // invalid username

      } else {

        console.log('sign up error')

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up')

     // login()

    }

  })


So I figured it out first modify the pouchdb-authentication index.js code to accept roles. 



var signUp = pouchdbUtils.toPromise(function (username, password,roles, opts, callback) {

  var db = this;

  if (typeof callback === 'undefined') {

    callback = typeof opts === 'undefined' ? (typeof password === 'undefined' ?

      username : password) : opts;

    opts = {};

  }

  if (['http', 'https'].indexOf(db.type()) === -1) {

    return callback(new AuthError('This plugin only works for the http/https adapter. ' +

      'So you should use new PouchDB("http://mysi3te.org:5984/mydb") instead.'));

  } else if (!username) {

    return callback(new AuthError('You must provide a username'));

  } else if (!password) {

    return callback(new AuthError('You must provide a password'));

  }



  var userId = 'org.couchdb.user:' + username;

  var user = {

    name: username,

    password: password,

    roles: roles,

    type: 'user',

    _id: userId,

  };



  updateUser(db, user, opts, callback);

});


Then you can send the roles in the sign up. I'm sending basic below



   signUp()

function signUp () {

  db.signUp(userId, 'pass', ['basic'], {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username', err)

        // invalid username

      } else {

        console.log('sign up error', err)

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up', err)

      login()

    }

  })

}


now you have to go to couchdb _user database _design/_auth document modify



else if (newDoc.roles.length > 0 ) {n


set this to 



else if (newDoc.roles.length > 0 && newDoc.roles[0] !== 'basic' ) {n


Now you will have basic in your session and can add more roles my adjusting the code a bit. This allows me to set member role permissions easily to limit access to other databases. Or a simpler solution i found and tested is to add a new design doc to your database with the following code. It will only allow users that are logged in to access your database



{

  "_id": "_design/usersOnly",

  "_rev": "17-6fb7e6c0ccfca8b2e56738ad63e26107",

  "language": "javascript",

  "validate_doc_update": "n  function(newDoc, oldDoc, userCtx){   n // check if user is logged in n  if(!userCtx.name){ throw({forbidden : 'No way.. login man!'});}   n //reqired fields to update n  function require(field){   var message = field + ' is required';  if(!newDoc[field]){  throw({'forbidden':message})  }}   require('name');                                         }"

}





couchdb pouchdb







share|improve this question
















I want to set roles for a new user.



I tried updating roles array in metadata during signup but I get an error. If I remove the roles metadata new user is created just fine. 



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

      roles: ['basic']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username')

        // invalid username

      } else {

        console.log('sign up error')

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up')

     // login()

    }

  })


So I figured it out first modify the pouchdb-authentication index.js code to accept roles. 



var signUp = pouchdbUtils.toPromise(function (username, password,roles, opts, callback) {

  var db = this;

  if (typeof callback === 'undefined') {

    callback = typeof opts === 'undefined' ? (typeof password === 'undefined' ?

      username : password) : opts;

    opts = {};

  }

  if (['http', 'https'].indexOf(db.type()) === -1) {

    return callback(new AuthError('This plugin only works for the http/https adapter. ' +

      'So you should use new PouchDB("http://mysi3te.org:5984/mydb") instead.'));

  } else if (!username) {

    return callback(new AuthError('You must provide a username'));

  } else if (!password) {

    return callback(new AuthError('You must provide a password'));

  }



  var userId = 'org.couchdb.user:' + username;

  var user = {

    name: username,

    password: password,

    roles: roles,

    type: 'user',

    _id: userId,

  };



  updateUser(db, user, opts, callback);

});


Then you can send the roles in the sign up. I'm sending basic below



   signUp()

function signUp () {

  db.signUp(userId, 'pass', ['basic'], {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username', err)

        // invalid username

      } else {

        console.log('sign up error', err)

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up', err)

      login()

    }

  })

}


now you have to go to couchdb _user database _design/_auth document modify



else if (newDoc.roles.length > 0 ) {n


set this to 



else if (newDoc.roles.length > 0 && newDoc.roles[0] !== 'basic' ) {n


Now you will have basic in your session and can add more roles my adjusting the code a bit. This allows me to set member role permissions easily to limit access to other databases. Or a simpler solution i found and tested is to add a new design doc to your database with the following code. It will only allow users that are logged in to access your database



{

  "_id": "_design/usersOnly",

  "_rev": "17-6fb7e6c0ccfca8b2e56738ad63e26107",

  "language": "javascript",

  "validate_doc_update": "n  function(newDoc, oldDoc, userCtx){   n // check if user is logged in n  if(!userCtx.name){ throw({forbidden : 'No way.. login man!'});}   n //reqired fields to update n  function require(field){   var message = field + ' is required';  if(!newDoc[field]){  throw({'forbidden':message})  }}   require('name');                                         }"

}





couchdb pouchdb




couchdb pouchdb






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 24 '18 at 7:44







Travis Klein

















asked Nov 21 '18 at 14:14









Travis KleinTravis Klein

93




93













  • If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

    – lossleader
    Nov 24 '18 at 12:44











  • I don't think you need to change pouchdb-authentication and updated my answer..

    – lossleader
    Nov 24 '18 at 14:37











  • I'll def add the length > 1. Thanks a bunch for the help!!

    – Travis Klein
    Nov 25 '18 at 14:03



















  • If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

    – lossleader
    Nov 24 '18 at 12:44











  • I don't think you need to change pouchdb-authentication and updated my answer..

    – lossleader
    Nov 24 '18 at 14:37











  • I'll def add the length > 1. Thanks a bunch for the help!!

    – Travis Klein
    Nov 25 '18 at 14:03

















If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

– lossleader
Nov 24 '18 at 12:44





If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

– lossleader
Nov 24 '18 at 12:44













I don't think you need to change pouchdb-authentication and updated my answer..

– lossleader
Nov 24 '18 at 14:37





I don't think you need to change pouchdb-authentication and updated my answer..

– lossleader
Nov 24 '18 at 14:37













I'll def add the length > 1. Thanks a bunch for the help!!

– Travis Klein
Nov 25 '18 at 14:03





I'll def add the length > 1. Thanks a bunch for the help!!

– Travis Klein
Nov 25 '18 at 14:03












1 Answer
1






active

oldest

votes


















0














The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )





share|improve this answer


























  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11













Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53414015%2fpouchdb-authentication-how-do-i-set-roles-for-a-new-user%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )





share|improve this answer


























  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11


















0














The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )





share|improve this answer


























  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11
















0












0








0







The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )





share|improve this answer















The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )






share|improve this answer














share|improve this answer



share|improve this answer








edited Nov 24 '18 at 14:33

























answered Nov 23 '18 at 0:55









lossleaderlossleader

9,28011829




9,28011829













  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11





















  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11



















Thanks for your post helped a lot. I'll update with how I ended up doing it

– Travis Klein
Nov 24 '18 at 7:11







Thanks for your post helped a lot. I'll update with how I ended up doing it

– Travis Klein
Nov 24 '18 at 7:11




















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53414015%2fpouchdb-authentication-how-do-i-set-roles-for-a-new-user%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

If I really need a card on my start hand, how many mulligans make sense? [duplicate]

Image
5 This question already has an answer here: How do you calculate the likelihood of drawing certain cards in your opening hand? 3 answers There is a funny modern deck where you play Treasure Hunt, but you really need to have it on the starting hand. How many mulligans should I take, if my deck contains 60 cards and contains 4 copies of Treasure Hunt? magic-the-gathering probability share | improve this question asked Nov 23 '18 at 12:12 dan dan 152 4
Read more

Alcedinidae

Image
Alcedinidae Martin-pêcheur à dos bleu ( Alcedo azurea ) Classification (COI) Règne Animalia Embranchement Chordata Sous-embr. Vertebrata Classe Aves Ordre Coraciiformes Famille Alcedinidae Rafinesque, 1815 Les Alcédinidés ou Alcedinidae forment une famille d'oiseaux plus connus sous les noms de martins-pêcheurs et martins-chasseurs. Sommaire 1 Description 2 Répartition et habitat 3 Systématique 3.1 Liste alphabétique des genres 3.2 Liste des espèces 4 Chez les Anciens : l'alcyon 4.1 Étymologie (Littré) 4.2 Oiseau « fabuleux » ? 5 Notes 6 Articles connexes 7 Liens externes 7.1 Bibliographie Description | Ce sont des oiseaux compacts de taille petite à moyenne (10 à 46 cm), au bec droit et long, en forme de poignard. Leurs pattes sont courtes, et ils portent un plumage aux couleurs vives. Répartition et habitat | Cosmopolites, ils fréquentent surtout
Read more

Can an atomic nucleus contain both particles and antiparticles? [duplicate]

Image
9 $begingroup$ This question already has an answer here: What happens if we put together a proton and an antineutron? 2 answers Is it theoretically possible to make a "deuterium" atom containing a proton and an antineutron in its nucleus? Would the strong nuclear force cause attraction between a proton and an antineutron? Would such a nucleus be stable, or would the proton somehow annihilate the antineutron when close enough? nuclear-physics antimatter share | cite | improve this question asked yesterday
Read more