Just curios about the thought process behind only having three levels to the users who can access the admin panel. Was this done for simplicity's sake or was there some other reason?

It would seem there are a lot of use cases where more than two levels of access would be useful (really only one since super-admin isn't gran-table to anyone).

Just curious, maybe I'll fork the code and come up with a different way to handle it if it seems like there isn't any strong opposition.

[KK]

To begin with, it was mostly for simplicity reasons - Couch was targeted towards sites which would have only one (or a few) admins (the site owners) and they would need complete access to their site. Access only to two levels (developer and owners) made sense.

With time, the admin-panel code came to rely on this assumption that anyone accessing the panel had to be an admin and the security measures found in there reflect this assumption.

Although now Couch has a full-fledged user management system, the second point above is what makes me hesitant on opening up admin-panel access to non-admins. It'll require very careful reevaluation with regards to security in existing code.

The way things are progressing, sooner or later it will have to be done
For now, we can use DataBound forms to give limited access to non-admin from the front-end.
I'm working on a tutorial that'll illustrate best practices for creating such front-end admin-panel.

Hope this answers the query.

It absolutely does answer the question, thanks for the clarification. All of that completely makes sense. I looked through the code briefly and see what a herculean task it would be to replace it with the way it is setup. I don't envy you that task when it comes time!