couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Janez Štupar <janez.stu...@gmail.com>
Subject Re: Write-only for users?
Date Sun, 13 Feb 2011 22:23:33 GMT
You are indeed correct.

If the use case is non-distributed then that is probably the faster and more
roboust solution.

On Sun, Feb 13, 2011 at 11:17 PM, Zachary Zolton
<zachary.zolton@gmail.com>wrote:

> True, but I think you still need some kind of proxy to ensure that
> users can only hit the rewritten URLs.
>
> I also find CouchDB URL rewriting and vhosts trickier to set up than
> just writing a little Sintra or Node.js app.
>
> --Zach
>
> On Sunday, February 13, 2011, Janez Štupar <janez.stupar@gmail.com> wrote:
> > You could do something like that utilizing the rewrite handler to
> prohibit
> > access to documents and views (redirect all request to a show that tells
> > users to sod off), while only allowing a PUT to the database and GET to
> the
> > said show.
> >
> > On Sun, Feb 13, 2011 at 10:52 PM, Jonathan Geddes <
> geddes.jonathan@gmail.com
> >> wrote:
> >
> >> couchdb users,
> >>
> >> I'm thinking of using a couchapp for an upcoming project, but there is
> >> one capability that I'm unsure of.
> >>
> >> I need a database that anyone can post to, but only admin can read
> >> from. The requirement is to allow users to post personal information
> >> that other users cannot see. If I understand the couchdb permissions
> >> model correctly, for a given db, anyone who can create documents can
> >> also read documents.
> >>
> >> Is there a way to do this with a couchapp? It seems a shame to have to
> >> add "middleware" just to get this one capability.
> >>
> >> thanks,
> >>
> >> --Jonathan
> >>
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message