couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zachary Zolton <zachary.zol...@gmail.com>
Subject Re: Write-only for users?
Date Sun, 13 Feb 2011 22:17:47 GMT
True, but I think you still need some kind of proxy to ensure that
users can only hit the rewritten URLs.

I also find CouchDB URL rewriting and vhosts trickier to set up than
just writing a little Sintra or Node.js app.

--Zach

On Sunday, February 13, 2011, Janez Štupar <janez.stupar@gmail.com> wrote:
> You could do something like that utilizing the rewrite handler to prohibit
> access to documents and views (redirect all request to a show that tells
> users to sod off), while only allowing a PUT to the database and GET to the
> said show.
>
> On Sun, Feb 13, 2011 at 10:52 PM, Jonathan Geddes <geddes.jonathan@gmail.com
>> wrote:
>
>> couchdb users,
>>
>> I'm thinking of using a couchapp for an upcoming project, but there is
>> one capability that I'm unsure of.
>>
>> I need a database that anyone can post to, but only admin can read
>> from. The requirement is to allow users to post personal information
>> that other users cannot see. If I understand the couchdb permissions
>> model correctly, for a given db, anyone who can create documents can
>> also read documents.
>>
>> Is there a way to do this with a couchapp? It seems a shame to have to
>> add "middleware" just to get this one capability.
>>
>> thanks,
>>
>> --Jonathan
>>
>

Mime
View raw message