couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Anderson <jch...@apache.org>
Subject Re: filter for _changes
Date Mon, 20 Jul 2009 15:51:12 GMT
On Mon, Jul 20, 2009 at 12:19 AM, Benoit Chesneau<bchesneau@gmail.com> wrote:
> 2009/7/20 Chris Anderson <jchris@apache.org>:
>> Devs,
>>
>> I've just committed a patch (r795687) that adds the ability to filter
>> _changes requests with a JavaScript function.
>>
>> The function signature is:
>>
>> function(doc, req, userCtx) {
>>  return (true or false);
>> }
>>
>> When it returns true (or something truthy, like a non-empty string or
>> a non-zero number), the change is passed along to the user, otherwise
>> it is skipped.
>>
>> The filter functions are stored on design documents under the
>> "filters" field. The current best source of documentation is the
>> changes.js test.
>>
>> To query changes with a filter, the syntax is like:
>>
>> GET /db/_changes?filter=ddocname/filtername
>>
>> The biggest problem with this patch is that it uses a JavaScript OS
>> process per connected filtered listener. Fixing this is an
>> optimization as it won't effect the API, which is why I'm comfortable
>> committing this.
>>
>> I'd appreciate some review to make sure the implementation is on the
>> right track.
>>
>> Cheers,
>> Chris
>>
>> --
>
> Implementation seems good for me and tests pass. For userCtx filtering
> I guess it would be needed to have a way to filter all changes without
> passing any parameter to forbid all changes read. Maybe by adding a
> main validate_changes on top of a design doc ? Same args but this
> fucntion would be applied on all changes. What do you think about it ?
>

I think you're suggesting using filtered changes as a security
mechanism? That is certainly possible, but to do it right we'd have to
ensure that it filters all document requests, which itself is
non-trivial, and would certainly require us to address the performance
issues. The other problem with using the filter for security is that
we'd need to filter view rows. There's not really a fast way to do
that for reduce views.

I'd suggest we punt on JavaScript security functions for a while, at
least until we've given this stuff a chance to sink in.

Chris

-- 
Chris Anderson
http://jchrisa.net
http://couch.io

Mime
View raw message