fix(store): POST db/_all_docs is still just a read

lib/config/store/pre-auth-hook.js

@@ -22,7 +22,7 @@ function onStorePreAuth (request, reply) {
   var storePath = request.path.substr('/hoodie/store/api/'.length)
   var dbPath = storePath.split('/')[0]
   var dbName = decodeURIComponent(dbPath)
-  var requiredAccess = request.method === 'get' ? 'read' : 'write'
+  var requiredAccess = isRead(request) ? 'read' : 'write'
 
   return server.plugins.store.api.hasAccess(dbName, {
     access: requiredAccess
@@ -78,3 +78,16 @@ function toSessionToken (request) {
   }
   return token
 }
+
+function isRead (request) {
+  if (request.method === 'get') {
+    return true
+  }
+
+  // POST db/_all_docs is still a read request
+  if (/^\/hoodie\/store\/api\/[^\/]+\/_all_docs$/.test(request.path)) {
+    return true
+  }
+
+  return false
+}