couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Garren Smith <gar...@apache.org>
Subject Re: [DISCUSS] Per-doc access control
Date Wed, 27 Feb 2019 11:47:40 GMT
Hi Adam,

I probably didn’t give views the most thought. I was thinking we could
implement views by either using the changes feed or a new query engine like
we do for mango. Does that make sense or is it not really possible?


On Wed, Feb 27, 2019 at 2:26 AM Adam Kocoloski <kocolosk@apache.org> wrote:

>
> > On Feb 26, 2019, at 7:12 PM, Michael Fair <michael@daclubhouse.net>
> wrote:
> >
> > On Tue, Feb 26, 2019 at 3:38 PM Adam Kocoloski <kocolosk@apache.org>
> wrote:
> >
> >> Mike,
> >>
> >> If I’m reading you correctly you’re concerned about cross-domain
> >> authentication. A good problem and worth discussing, but I think it’s
> >> cleanly decoupled from the per-doc access control work, which is
> focused on
> >> *authorization*.
> >>
> >>
> >
> > I don't think I'm talking about the same cross domain authentication you
> > are talking about.  I think you are talking about a web page from Domain
> > (B) attempting to access Couch resource in domain (A) (Cross site
> scripting
> > access). That's not what I'm talking about.
> >
> > I'm talking about what ought to happen with the authorization control
> > definitions when you have two Couch servers, one running in Domain (A)
> and
> > one running in Domain (B) with different sets of system users, such that
> > the authorized entities in the bidirectionally replicated database don't
> > exist in both server instances (the two distinct domains share the same
> > document database but have disparate sets of authenticated system users).
> >
> > In other words the ("sam", "pete", and "joe") users on domain/machine A
> are
> > not the same thing as the ("mary", "betty", and "sue")  users on
> > domain/machine B; yet the replicated database between the two machines
> has
> > the same access control document authorization descriptors in both
> places.
>
>
> Thanks Mike, I did understand you correctly the first time. I still
> maintain that’s in the realm of authentication, not authorization, and
> should be cleanly separable from the problem of implementing per-document
> access controls. Cheers,
>
> Adam

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message