couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Lehnardt <...@apache.org>
Subject Re: doc permission mask proposal
Date Wed, 27 Apr 2011 22:48:55 GMT

On 27 Apr 2011, at 15:43, Randall Leeds wrote:

> On Wed, Apr 27, 2011 at 15:30, Jan Lehnardt <jan@apache.org> wrote:
>> 
>> On 27 Apr 2011, at 14:56, Kevin R. Coombes wrote:
>> 
>>> So it would be possible to have access to a view that allows you see a doc that
you don't have permission to see? Or am I misinterpreting something?
>> 
>> That was my question, but Benoit basically said "no". His approach is to disallow
access of a view that is defined in a design document that you have no permission to read.
>> 
>> Cheers
>> Jan
> 
> I think the answer is actually "yes". If you can see the design
> document you can see everything the view emits, even if it came from a
> document you can't view.

Hm, I was thinking that the view updater would match the design doc acl against the doc acl
when the view is created and exclude it if it doesn't match up for reads.

Cheers
Jan
-- 

> 
>> --
>> 
>>> 
>>> On 4/27/2011 4:43 PM, Benoit Chesneau wrote:
>>>> On Wed, Apr 27, 2011 at 11:33 PM, Jan Lehnardt<jan@apache.org>  wrote:
>>>>> On 27 Apr 2011, at 03:36, Benoit Chesneau wrote:
>>>>> 
>>>>>> I'm thinking to add simple permissions handling to a doc by using
>>>>>> _uid, _gid, _mod members to a doc where members are defined like
this:
>>>>>> 
>>>>>> _uid: user owning the doc
>>>>>> _gid: group owning the doc
>>>>>> _mod: octal number, doc mode bits corresponding to chmod(1) values.
>>>>>> 
>>>>>> By doing this and if enable in settings we could do simple acl
>>>>>> handling like a file system when getting doc. access to views would
be
>>>>>> handled by the access to the design doc containing them.
>>>>>> 
>>>>>> thoughts?
>>>>> http://mail-archives.apache.org/mod_mbox/couchdb-dev/201010.mbox/%3cC4B01815-5A28-4E5F-975D-70344B7570EC@apache.org%3e
>>>>> 
>>>>> How does this address the issue where a reduced value doesn't have an
ACL associated with it?
>>>>> 
>>>>> Cheers
>>>>> Jan
>>>>> --
>>>> you can't access to the view or reduce if yu don't have access to the
>>>> design doc in my design. So we don't try to check permissions for each
>>>> docs.
>>>> 
>>>> - benoƮt
>> 
>> 


Mime
View raw message