pouchdb-authentication how do I set roles for a new user












0















I want to set roles for a new user.



I tried updating roles array in metadata during signup but I get an error. If I remove the roles metadata new user is created just fine. 



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

      roles: ['basic']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username')

        // invalid username

      } else {

        console.log('sign up error')

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up')

     // login()

    }

  })


So I figured it out first modify the pouchdb-authentication index.js code to accept roles. 



var signUp = pouchdbUtils.toPromise(function (username, password,roles, opts, callback) {

  var db = this;

  if (typeof callback === 'undefined') {

    callback = typeof opts === 'undefined' ? (typeof password === 'undefined' ?

      username : password) : opts;

    opts = {};

  }

  if (['http', 'https'].indexOf(db.type()) === -1) {

    return callback(new AuthError('This plugin only works for the http/https adapter. ' +

      'So you should use new PouchDB("http://mysi3te.org:5984/mydb") instead.'));

  } else if (!username) {

    return callback(new AuthError('You must provide a username'));

  } else if (!password) {

    return callback(new AuthError('You must provide a password'));

  }



  var userId = 'org.couchdb.user:' + username;

  var user = {

    name: username,

    password: password,

    roles: roles,

    type: 'user',

    _id: userId,

  };



  updateUser(db, user, opts, callback);

});


Then you can send the roles in the sign up. I'm sending basic below



   signUp()

function signUp () {

  db.signUp(userId, 'pass', ['basic'], {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username', err)

        // invalid username

      } else {

        console.log('sign up error', err)

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up', err)

      login()

    }

  })

}


now you have to go to couchdb _user database _design/_auth document modify



else if (newDoc.roles.length > 0 ) {n


set this to 



else if (newDoc.roles.length > 0 && newDoc.roles[0] !== 'basic' ) {n


Now you will have basic in your session and can add more roles my adjusting the code a bit. This allows me to set member role permissions easily to limit access to other databases. Or a simpler solution i found and tested is to add a new design doc to your database with the following code. It will only allow users that are logged in to access your database



{

  "_id": "_design/usersOnly",

  "_rev": "17-6fb7e6c0ccfca8b2e56738ad63e26107",

  "language": "javascript",

  "validate_doc_update": "n  function(newDoc, oldDoc, userCtx){   n // check if user is logged in n  if(!userCtx.name){ throw({forbidden : 'No way.. login man!'});}   n //reqired fields to update n  function require(field){   var message = field + ' is required';  if(!newDoc[field]){  throw({'forbidden':message})  }}   require('name');                                         }"

}





couchdb pouchdb







share|improve this question

























  • If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

    – lossleader
    Nov 24 '18 at 12:44











  • I don't think you need to change pouchdb-authentication and updated my answer..

    – lossleader
    Nov 24 '18 at 14:37











  • I'll def add the length > 1. Thanks a bunch for the help!!

    – Travis Klein
    Nov 25 '18 at 14:03
















0















I want to set roles for a new user.



I tried updating roles array in metadata during signup but I get an error. If I remove the roles metadata new user is created just fine. 



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

      roles: ['basic']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username')

        // invalid username

      } else {

        console.log('sign up error')

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up')

     // login()

    }

  })


So I figured it out first modify the pouchdb-authentication index.js code to accept roles. 



var signUp = pouchdbUtils.toPromise(function (username, password,roles, opts, callback) {

  var db = this;

  if (typeof callback === 'undefined') {

    callback = typeof opts === 'undefined' ? (typeof password === 'undefined' ?

      username : password) : opts;

    opts = {};

  }

  if (['http', 'https'].indexOf(db.type()) === -1) {

    return callback(new AuthError('This plugin only works for the http/https adapter. ' +

      'So you should use new PouchDB("http://mysi3te.org:5984/mydb") instead.'));

  } else if (!username) {

    return callback(new AuthError('You must provide a username'));

  } else if (!password) {

    return callback(new AuthError('You must provide a password'));

  }



  var userId = 'org.couchdb.user:' + username;

  var user = {

    name: username,

    password: password,

    roles: roles,

    type: 'user',

    _id: userId,

  };



  updateUser(db, user, opts, callback);

});


Then you can send the roles in the sign up. I'm sending basic below



   signUp()

function signUp () {

  db.signUp(userId, 'pass', ['basic'], {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username', err)

        // invalid username

      } else {

        console.log('sign up error', err)

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up', err)

      login()

    }

  })

}


now you have to go to couchdb _user database _design/_auth document modify



else if (newDoc.roles.length > 0 ) {n


set this to 



else if (newDoc.roles.length > 0 && newDoc.roles[0] !== 'basic' ) {n


Now you will have basic in your session and can add more roles my adjusting the code a bit. This allows me to set member role permissions easily to limit access to other databases. Or a simpler solution i found and tested is to add a new design doc to your database with the following code. It will only allow users that are logged in to access your database



{

  "_id": "_design/usersOnly",

  "_rev": "17-6fb7e6c0ccfca8b2e56738ad63e26107",

  "language": "javascript",

  "validate_doc_update": "n  function(newDoc, oldDoc, userCtx){   n // check if user is logged in n  if(!userCtx.name){ throw({forbidden : 'No way.. login man!'});}   n //reqired fields to update n  function require(field){   var message = field + ' is required';  if(!newDoc[field]){  throw({'forbidden':message})  }}   require('name');                                         }"

}





couchdb pouchdb







share|improve this question

























  • If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

    – lossleader
    Nov 24 '18 at 12:44











  • I don't think you need to change pouchdb-authentication and updated my answer..

    – lossleader
    Nov 24 '18 at 14:37











  • I'll def add the length > 1. Thanks a bunch for the help!!

    – Travis Klein
    Nov 25 '18 at 14:03














0












0








0








I want to set roles for a new user.



I tried updating roles array in metadata during signup but I get an error. If I remove the roles metadata new user is created just fine. 



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

      roles: ['basic']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username')

        // invalid username

      } else {

        console.log('sign up error')

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up')

     // login()

    }

  })


So I figured it out first modify the pouchdb-authentication index.js code to accept roles. 



var signUp = pouchdbUtils.toPromise(function (username, password,roles, opts, callback) {

  var db = this;

  if (typeof callback === 'undefined') {

    callback = typeof opts === 'undefined' ? (typeof password === 'undefined' ?

      username : password) : opts;

    opts = {};

  }

  if (['http', 'https'].indexOf(db.type()) === -1) {

    return callback(new AuthError('This plugin only works for the http/https adapter. ' +

      'So you should use new PouchDB("http://mysi3te.org:5984/mydb") instead.'));

  } else if (!username) {

    return callback(new AuthError('You must provide a username'));

  } else if (!password) {

    return callback(new AuthError('You must provide a password'));

  }



  var userId = 'org.couchdb.user:' + username;

  var user = {

    name: username,

    password: password,

    roles: roles,

    type: 'user',

    _id: userId,

  };



  updateUser(db, user, opts, callback);

});


Then you can send the roles in the sign up. I'm sending basic below



   signUp()

function signUp () {

  db.signUp(userId, 'pass', ['basic'], {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username', err)

        // invalid username

      } else {

        console.log('sign up error', err)

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up', err)

      login()

    }

  })

}


now you have to go to couchdb _user database _design/_auth document modify



else if (newDoc.roles.length > 0 ) {n


set this to 



else if (newDoc.roles.length > 0 && newDoc.roles[0] !== 'basic' ) {n


Now you will have basic in your session and can add more roles my adjusting the code a bit. This allows me to set member role permissions easily to limit access to other databases. Or a simpler solution i found and tested is to add a new design doc to your database with the following code. It will only allow users that are logged in to access your database



{

  "_id": "_design/usersOnly",

  "_rev": "17-6fb7e6c0ccfca8b2e56738ad63e26107",

  "language": "javascript",

  "validate_doc_update": "n  function(newDoc, oldDoc, userCtx){   n // check if user is logged in n  if(!userCtx.name){ throw({forbidden : 'No way.. login man!'});}   n //reqired fields to update n  function require(field){   var message = field + ' is required';  if(!newDoc[field]){  throw({'forbidden':message})  }}   require('name');                                         }"

}





couchdb pouchdb







share|improve this question
















I want to set roles for a new user.



I tried updating roles array in metadata during signup but I get an error. If I remove the roles metadata new user is created just fine. 



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

      roles: ['basic']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username')

        // invalid username

      } else {

        console.log('sign up error')

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up')

     // login()

    }

  })


So I figured it out first modify the pouchdb-authentication index.js code to accept roles. 



var signUp = pouchdbUtils.toPromise(function (username, password,roles, opts, callback) {

  var db = this;

  if (typeof callback === 'undefined') {

    callback = typeof opts === 'undefined' ? (typeof password === 'undefined' ?

      username : password) : opts;

    opts = {};

  }

  if (['http', 'https'].indexOf(db.type()) === -1) {

    return callback(new AuthError('This plugin only works for the http/https adapter. ' +

      'So you should use new PouchDB("http://mysi3te.org:5984/mydb") instead.'));

  } else if (!username) {

    return callback(new AuthError('You must provide a username'));

  } else if (!password) {

    return callback(new AuthError('You must provide a password'));

  }



  var userId = 'org.couchdb.user:' + username;

  var user = {

    name: username,

    password: password,

    roles: roles,

    type: 'user',

    _id: userId,

  };



  updateUser(db, user, opts, callback);

});


Then you can send the roles in the sign up. I'm sending basic below



   signUp()

function signUp () {

  db.signUp(userId, 'pass', ['basic'], {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    }

  }, function (err, response) {

    if (err) {

      if (err.name === 'conflict') {

        console.log('batman" already exists, choose another username')

        // "batman" already exists, choose another username

      } else if (err.name === 'forbidden') {

        console.log('invalid username', err)

        // invalid username

      } else {

        console.log('sign up error', err)

        // HTTP error, cosmic rays, etc.

      }

    } else {

      console.log('user signed up', err)

      login()

    }

  })

}


now you have to go to couchdb _user database _design/_auth document modify



else if (newDoc.roles.length > 0 ) {n


set this to 



else if (newDoc.roles.length > 0 && newDoc.roles[0] !== 'basic' ) {n


Now you will have basic in your session and can add more roles my adjusting the code a bit. This allows me to set member role permissions easily to limit access to other databases. Or a simpler solution i found and tested is to add a new design doc to your database with the following code. It will only allow users that are logged in to access your database



{

  "_id": "_design/usersOnly",

  "_rev": "17-6fb7e6c0ccfca8b2e56738ad63e26107",

  "language": "javascript",

  "validate_doc_update": "n  function(newDoc, oldDoc, userCtx){   n // check if user is logged in n  if(!userCtx.name){ throw({forbidden : 'No way.. login man!'});}   n //reqired fields to update n  function require(field){   var message = field + ' is required';  if(!newDoc[field]){  throw({'forbidden':message})  }}   require('name');                                         }"

}





couchdb pouchdb




couchdb pouchdb






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 24 '18 at 7:44







Travis Klein

















asked Nov 21 '18 at 14:14









Travis KleinTravis Klein

93




93













  • If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

    – lossleader
    Nov 24 '18 at 12:44











  • I don't think you need to change pouchdb-authentication and updated my answer..

    – lossleader
    Nov 24 '18 at 14:37











  • I'll def add the length > 1. Thanks a bunch for the help!!

    – Travis Klein
    Nov 25 '18 at 14:03



















  • If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

    – lossleader
    Nov 24 '18 at 12:44











  • I don't think you need to change pouchdb-authentication and updated my answer..

    – lossleader
    Nov 24 '18 at 14:37











  • I'll def add the length > 1. Thanks a bunch for the help!!

    – Travis Klein
    Nov 25 '18 at 14:03

















If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

– lossleader
Nov 24 '18 at 12:44





If you aren't preventing length>1 then I think you should be restricting the list of user added roles to both to prevent roles = ["basic","delegatedadminrole"] from biting you later and to allow the free user roles in any order.

– lossleader
Nov 24 '18 at 12:44













I don't think you need to change pouchdb-authentication and updated my answer..

– lossleader
Nov 24 '18 at 14:37





I don't think you need to change pouchdb-authentication and updated my answer..

– lossleader
Nov 24 '18 at 14:37













I'll def add the length > 1. Thanks a bunch for the help!!

– Travis Klein
Nov 25 '18 at 14:03





I'll def add the length > 1. Thanks a bunch for the help!!

– Travis Klein
Nov 25 '18 at 14:03












1 Answer
1






active

oldest

votes


















0














The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )





share|improve this answer


























  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11













Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53414015%2fpouchdb-authentication-how-do-i-set-roles-for-a-new-user%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )





share|improve this answer


























  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11


















0














The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )





share|improve this answer


























  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11
















0












0








0







The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )





share|improve this answer















The validate function design documentation uses the _users design document as the primary example:




Example: The _design/_auth ddoc from _users database uses a validation function to ensure that documents contain some required fields and are only modified by a user with the _admin role:




        ...

        } else if (newDoc.roles.length > 0) {

            throw({forbidden: 'Only _admin may set roles'});

        }

        ...


In fauxton (for example) you can login as the couchdb admin user and go to _users database and change the design (at your own peril), for example:



        } else if (newDoc.roles.length > 0 && !("basic" === newRoles[0] && newDoc.roles.length === 1)) {

            throw({forbidden: 'Only _admin may set roles'});

        }


saving it as you would any other document. (I say peril, since subtle accidents in this design document can potentially allow unauthorized users to drastically raise their permissions.)



With such a change, new users are allowed to be created with the basic role by couchdb, so your client code works if it sets roles correctly. In pouchdb-authenticate this seems to be with opt.roles and not opt.metadata.roles, i.e.:



db.signUp(userId, 'pass', {

    metadata: {

      email: 'robi434n@boywonder.com',

      birthday: '1932-03-27T00:00:00.000Z',

      likes: ['acrobatics', 'short pants', 'sidekickin'']

    },

    roles: ['basic'] }, ... )






share|improve this answer














share|improve this answer



share|improve this answer








edited Nov 24 '18 at 14:33

























answered Nov 23 '18 at 0:55









lossleaderlossleader

9,28011829




9,28011829













  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11





















  • Thanks for your post helped a lot. I'll update with how I ended up doing it

    – Travis Klein
    Nov 24 '18 at 7:11



















Thanks for your post helped a lot. I'll update with how I ended up doing it

– Travis Klein
Nov 24 '18 at 7:11







Thanks for your post helped a lot. I'll update with how I ended up doing it

– Travis Klein
Nov 24 '18 at 7:11




















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53414015%2fpouchdb-authentication-how-do-i-set-roles-for-a-new-user%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

"Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

Image
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 2 total noob sorry any help greatly appreciated. I keep getting this "Incorrect syntax near the keyword 'ON'." heres my codes code one CREATE TABLE supplier ( supplierID INT PRIMARY KEY, ISBN INT FOREIGN KEY REFERENCES book(ISBN), price DECIMAL (5,2), ON UPDATE CASCADE, ON DELETE CASCADE, ); code two CREATE TABLE orders ( orderID INT PRIMARY KEY, customerID INT FOREIGN KEY REFERENCES customer(customerID), ISBN INT FOREIGN KEY REFERENCES book(ISBN), orderDate date, ON UPDATE CASCADE, ON DELETE CASCADE, ); Ive run out of stuff to try other than dumbing it down to uselessness.
Read more

Alcedinidae

Image
Alcedinidae Martin-pêcheur à dos bleu ( Alcedo azurea ) Classification (COI) Règne Animalia Embranchement Chordata Sous-embr. Vertebrata Classe Aves Ordre Coraciiformes Famille Alcedinidae Rafinesque, 1815 Les Alcédinidés ou Alcedinidae forment une famille d'oiseaux plus connus sous les noms de martins-pêcheurs et martins-chasseurs. Sommaire 1 Description 2 Répartition et habitat 3 Systématique 3.1 Liste alphabétique des genres 3.2 Liste des espèces 4 Chez les Anciens : l'alcyon 4.1 Étymologie (Littré) 4.2 Oiseau « fabuleux » ? 5 Notes 6 Articles connexes 7 Liens externes 7.1 Bibliographie Description | Ce sont des oiseaux compacts de taille petite à moyenne (10 à 46 cm), au bec droit et long, en forme de poignard. Leurs pattes sont courtes, et ils portent un plumage aux couleurs vives. Répartition et habitat | Cosmopolites, ils fréquentent surtout
Read more

RAC Tourist Trophy

Image
Pour les articles homonymes, voir Tourist Trophy. Le RAC Tourist Trophy est une course automobile organisée par le Royal Automobile Club d'Angleterre. Créée en 1905, cette course a fait partie des épreuves comptant pour le championnat du monde des voitures de sport entre 1953 et 1955, en 1958 et 1959, et entre 1962 et 1965. Après une interruption de 17 ans (l'épreuve s'arrête après 1988), le RAC Tourist Trophy reprend en 2005 sous l'égide de la FIA GT. Palmarès | John Napier sur Arrol-Johnston, vainqueur du premier RAC Tourist Trophy, en 1905. L'honorable C.S. Rolls, vainqueur du RAC Tourist Trophy 1906. Ernest Curtis, sur Rover 20 hp, vainqueur du RAC Tourist Trophy 1907. William Watson, vainqueur du RAC Tourist Trophy 1908. Kenelm Lee Guinness, vainqueur du RAC Tourist Trophy 1914 sur Sunbeam. Départ du RAC Tourist Trophy 1928. Louis Gérard, vainqueur du RAC Tourist Trophy 1938 sur Delage. Année Circuit Vainqueur
Read more