Return-Path: X-Original-To: apmail-couchdb-dev-archive@www.apache.org Delivered-To: apmail-couchdb-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0FEAC234E for ; Wed, 27 Apr 2011 21:43:30 +0000 (UTC) Received: (qmail 49107 invoked by uid 500); 27 Apr 2011 21:43:29 -0000 Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org Received: (qmail 49065 invoked by uid 500); 27 Apr 2011 21:43:29 -0000 Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list dev@couchdb.apache.org Received: (qmail 49057 invoked by uid 99); 27 Apr 2011 21:43:29 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Apr 2011 21:43:29 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,RFC_ABUSE_POST,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of bchesneau@gmail.com designates 209.85.214.52 as permitted sender) Received: from [209.85.214.52] (HELO mail-bw0-f52.google.com) (209.85.214.52) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Apr 2011 21:43:23 +0000 Received: by bwj24 with SMTP id 24so2955956bwj.11 for ; Wed, 27 Apr 2011 14:43:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type:content-transfer-encoding; bh=0ktryVKYofGUyKITGSc9orMt3i0Yza6CHxfhZGa8NG4=; b=i/i/tsYd96YBVxv1M9a+9WKgefGHM5uruw9BBZ5UzBDJJgXAefbLZFxQYnQjkG7lZA xnmXe7GZBaLLMbd3um51PrC1+J6LW0MGwR6EIT/xT8FPzO4hAseo6DnfLTnjDshl2uNq ubvyqFMz4l6snopiypOtKFvuKWVsOx0Hm38f4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=YvWm9bUmvw5O/P3IwshrvJNeiUrAvd3anSY32c6vl406cfzG4/0JAQkR1VTw7me36p jjQUJzXJY7DzV3dLbAQSoyu75+zF1hoEkXvcM+fd9AEG2VKp++6CzuSKyHZQIFN9ehNJ uLCSBKflNm8u+bBKcT4USI3RIQm7sBCrONjbg= MIME-Version: 1.0 Received: by 10.204.154.88 with SMTP id n24mr2632811bkw.38.1303940581699; Wed, 27 Apr 2011 14:43:01 -0700 (PDT) Received: by 10.204.32.77 with HTTP; Wed, 27 Apr 2011 14:43:01 -0700 (PDT) In-Reply-To: References: Date: Wed, 27 Apr 2011 23:43:01 +0200 Message-ID: Subject: Re: doc permission mask proposal From: Benoit Chesneau To: dev@couchdb.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Wed, Apr 27, 2011 at 11:33 PM, Jan Lehnardt wrote: > > On 27 Apr 2011, at 03:36, Benoit Chesneau wrote: > >> I'm thinking to add simple permissions handling to a doc by using >> _uid, _gid, _mod members to a doc where members are defined like this: >> >> _uid: user owning the doc >> _gid: group owning the doc >> _mod: octal number, doc mode bits corresponding to chmod(1) values. >> >> By doing this and if enable in settings we could do simple acl >> handling like a file system when getting doc. access to views would be >> handled by the access to the design doc containing them. >> >> thoughts? > > http://mail-archives.apache.org/mod_mbox/couchdb-dev/201010.mbox/%3cC4B01= 815-5A28-4E5F-975D-70344B7570EC@apache.org%3e > > How does this address the issue where a reduced value doesn't have an ACL= associated with it? > > Cheers > Jan > -- > > you can't access to the view or reduce if yu don't have access to the design doc in my design. So we don't try to check permissions for each docs. - beno=EEt