I try to make a user / role authentication (session based) with CouchDB but as soon as I enter a role at a database all users and roles are can access the database -> the are not authorized.
Get the session:
It returns (the userCtx object):
{
"ok": true,
"name": "some_user_name",
"roles": [
"developers"
]
}
Then I added the roles to the database:
{
"admins": {
"names": [],
"roles": []
},
"members": {
"names": [],
"roles": [
"developers"
]
}
}
and it returns {"ok":true} and I can see the permissions also in fauxton.
When I now try to access the database with
it returns:
{
"error": "unauthorized",
"reason": "You are not authorized to access this db."
}
ahhh I found the mistake, I was doing the tests with postman and there I did not recognized that the credentials was not send with the requests :-(