couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Lehnardt <>
Subject Re: doc permission mask proposal
Date Wed, 27 Apr 2011 22:30:30 GMT

On 27 Apr 2011, at 14:56, Kevin R. Coombes wrote:

> So it would be possible to have access to a view that allows you see a doc that you don't
have permission to see? Or am I misinterpreting something?

That was my question, but Benoit basically said "no". His approach is to disallow access of
a view that is defined in a design document that you have no permission to read.


> On 4/27/2011 4:43 PM, Benoit Chesneau wrote:
>> On Wed, Apr 27, 2011 at 11:33 PM, Jan Lehnardt<>  wrote:
>>> On 27 Apr 2011, at 03:36, Benoit Chesneau wrote:
>>>> I'm thinking to add simple permissions handling to a doc by using
>>>> _uid, _gid, _mod members to a doc where members are defined like this:
>>>> _uid: user owning the doc
>>>> _gid: group owning the doc
>>>> _mod: octal number, doc mode bits corresponding to chmod(1) values.
>>>> By doing this and if enable in settings we could do simple acl
>>>> handling like a file system when getting doc. access to views would be
>>>> handled by the access to the design doc containing them.
>>>> thoughts?
>>> How does this address the issue where a reduced value doesn't have an ACL associated
with it?
>>> Cheers
>>> Jan
>>> --
>> you can't access to the view or reduce if yu don't have access to the
>> design doc in my design. So we don't try to check permissions for each
>> docs.
>> - benoƮt

View raw message