couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Lehnardt <>
Subject Re: [DISCUSS] Per-doc access control
Date Thu, 28 Feb 2019 10:42:41 GMT
Hanks Adam and Robert for sorting this one.

Michael, the idea is to give mutually untrusting users access a as-close-to-verbatim-CouchDB
API to their section of a shared database. So you get full doc CRUD, _changes, views, replication,
the lot, but only for documents that you have access to. So there is no sneaking behind the
back and getting all the data, if you don’t already have access to it, in which case you
already have access to them :)


> On 27. Feb 2019, at 22:55, Adam Kocoloski <> wrote:
>> On Feb 27, 2019, at 3:47 PM, Michael Fair <> wrote:
>>>> This might be what is already planned (it hasn't sounded like it to me
>>>> though).
>>>> And I definitely think changing the perspective to make "databases" a
>>>> function of the access control system and to make views based on "access
>>>> controlled collection results" instead of "databases" would be quite
>>>> powerful...
>>>> Regards,
>>>> Mike
>>> Hi Mike, what you’ve described here is very very similar to what Jan is
>>> building.
>>> Adam
>> I read back through the links that Jan posted again; the details I was
>> looking for are probably somewhere in the sharding conversation that my
>> eyes glazed over on or somewhere in the notes of the roadmap discussion
>> which made it a bit hard for me to find just the parts related to this (I
>> most likely scrolled through it). ;-)
>> Thanks for clarifying for me, and for letting me chime in!
>> Mike
> Those details are really hard to find — I can only find them because I know exactly
where to look in the minutes of a meeting that I attended well over a year ago :) Probably
a good case for an RFC so we have a current pointer to the plan.
> Adam

Professional Support for Apache CouchDB:

View raw message