couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Trauzzi (JIRA)" <j...@apache.org>
Subject [jira] Created: (COUCHDB-615) Role, ACL and Ownership Checks
Date Wed, 06 Jan 2010 15:07:55 GMT
Role, ACL and Ownership Checks
------------------------------

                 Key: COUCHDB-615
                 URL: https://issues.apache.org/jira/browse/COUCHDB-615
             Project: CouchDB
          Issue Type: New Feature
         Environment: Ubuntu 9.10 64bit
            Reporter: Alexander Trauzzi


It would be nice if CouchDB had a comprehensive offering for varying levels of access to documents
and databases.

Here are some ideas:

o User lists are stored in the database, per database.
o Roles and role membership are stored in the database, per database.
o ACLs are stored in the database, per database.
o CouchDB can use ACLs to store and simplify permissions for internal functionality (manage
the db, manage users, add roles, add users to roles, etc...)
o CouchApps can take advantage of the ACLs to support login/logout and arbitrary business
rules as needed.
o A simple API can be made to conduct role, ACL and ownership checks.

I suppose there is some theory and discussion behind determining whether users, roles or both
are stored in ACL rules.

Building all this into CouchDB would mean that it has a mechanism for complex applications
to be developed.  Ones that mandate privacy and other visibility concerns.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message