Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 12360 invoked from network); 18 Nov 2009 05:35:54 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 18 Nov 2009 05:35:54 -0000 Received: (qmail 27660 invoked by uid 500); 18 Nov 2009 05:35:53 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 27527 invoked by uid 500); 18 Nov 2009 05:35:51 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 27516 invoked by uid 99); 18 Nov 2009 05:35:50 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 18 Nov 2009 05:35:50 +0000 X-ASF-Spam-Status: No, hits=0.5 required=5.0 tests=AWL,BAYES_50,RCVD_IN_SORBS_WEB X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of sftf-misc@mail.ru designates 94.100.176.91 as permitted sender) Received: from [94.100.176.91] (HELO mx76.mail.ru) (94.100.176.91) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 18 Nov 2009 05:35:48 +0000 Received: from [95.189.155.208] (port=60080 helo=[192.168.1.1]) by mx76.mail.ru with asmtp id 1NAdCQ-000A2b-00 for user@couchdb.apache.org; Wed, 18 Nov 2009 08:35:27 +0300 Date: Wed, 18 Nov 2009 11:35:17 +0600 From: sftf X-Mailer: The Bat! (v2.04.7) Business Reply-To: sftf X-Priority: 3 (Normal) Message-ID: <511569210.20091118113517@mail.ru> To: user@couchdb.apache.org Subject: Per document attributes authorization MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam: Not detected X-Mras: Ok Are there plans to implement authorization at document's attributes granularity, or it should be implemented at the application level? In the current version I see only one version of access control at attribute granularity - create personal views for each application user with the emitting permitted fields only. But adding user in this scheme requires the creation of the new views and leads to time-consuming indexing of potentially large volumes of data.