couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Debasish Ghosh <ghosh.debas...@gmail.com>
Subject CouchDB Validation function and security API ..
Date Sat, 12 Sep 2009 14:47:56 GMT
Hi -

The validation function validate_doc_update takes 3 parameters, newdoc,
olddoc and userContext. I am trying to get my head into how the
authentication and authorization stuff is related to this. The CouchDB book
has the following code snippet in 7.2.4 Authorship section ..
function(newDoc, oldDoc, userCtx) {
  if (newDoc.author) {
    enforce(newDoc.author == userCtx.author,
      "You may only update documents with author " + userCtx.author);
  }
}

In my linux environment, when I run CouchDB validation functions with a
user-id and password setup in local.ini under [admins], I get the following
as the contents of the third parameter of the validation function :-

{"db" : "test", "name" : null, "roles" : []}

In the above snippet from the book there appears to be a field
userCtx.author. Just wondering how to get it here and why I am not seeing it
in my output.

Also any pointer on the security, authentication and authorization part will
be appreciated.

Thanks in advance ..
- Debasish

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message