Hello All,
As a requirement, I need to create a temporary user on couchbase with certain role (query_select) . I am able to do so using the couchbase REST API. However, I need to be able to revoke the access from that user after say 1 hour. I understand that I can do so through my application (python script in this case) but in case my script doesn’t work or something went wrong at application side I still want to prevent that temporary user from access the couchbase once the stipulated time is over. Is eventing service the solution in this case? If yes, how can I create a function through my python script which I can deploy on couchbase without having to login to couchbase web console?
Hi AshG,
Assuming you’re using Couchbase 6.5, you can insert a document into a bucket to make a note that such a temporary user was created.
Then you can use eventing to listen to that bucket for such notes documents, and create a timer that will fire 1 hour after such a document is created. The resulting timer callback can use cURL to delete the user if one exists.
Please see “Timers” and “Curl” sections of the below doc:
I’ve not tried this myself, but hope it gives you an idea of the general approach to the solution using eventing. Please let me know if you need additional info on using timers or curl.
Thanks,
Siri
Also @AshG , please note that you’d create this function only once. When you create a temporary user that needs to be deleted, you create a “note” document that triggers the function that is deployed. The function in turn creates one timer for every such user that needs to be cleaned up.
So you don’t need to create one function per user. You’d have one document (what I call as a “note” document) in a bucket to track the user was created and to clean it up later.
You can create this single function (that listens to all such “note” documents) using Couchbase Console. You can also use couchbase-cli eventing-function-setup command or Eventing REST APIs to create such a function. But it is a one time action, and you’d have only one function deployed regardless of number of such users that need to be cleaned up.
Thanks,
Siri
Thanks Siri for your response. However, I am using couchbase 5.5.3 . At the moment , I am struggling while creating a function and I can’t find enough documentation on this topic. Can you pleas let me know whats wrong with the following command?
curl -v -is --http1.0 -u Administrator:XXXX localhost:8096/api/v1/functions/myfunc -H “Content-Type:applicaiton-json” -d ‘{ “name”:“myfunc”, “code”: “function myfunc (a,b) {return a*b;}” }’
I am getting following error when I try to create a function using above command.
{“name”:“ERR_INVALID_CONFIG”,“code”:38,“description”:“Invalid configuration”,“attributes”:null,“runtime_info”:{“code”:38,“info”:“Function name should not be empty”}}
Hi AshG,
The function you’re posting to the REST API is missing several required attributes such as “appname”, “settings”, “depcfg” etc. I suggest you author a sample function using the Couchbase UI, and export it by doing a GET on /api/v1/myfunc. Then you can use that exported JSON as a template, which will ensure you have an outline of the necessary attributes and sections are present.
Thanks,
Siri