couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Philipp Forsthuber <philipp.forsthu...@googlemail.com>
Subject Re: Help needed: is couchDB a good fit for my app?
Date Fri, 22 Apr 2011 07:14:27 GMT
Hello Clément,

I can't really tell you if couchDB is the best fit for your project, but
what i CAN tell you is how a colleague and I solved the problem concerning
per document authorization.

The application we wrote for our Master's Thesis is a Personal Information
Manager for Android. We wanted to implement synch and replication with as
little hassle to the user as possible. So we devised a system that at least
lets us simulate per-document authorization. What we did was:

1.) Generate a user database on the phone.
2.) Register this user with a small RESTful webservice we wrote
3.) The webservice generates 2 databases at the couchDB server, one that is
private and to which only the registered user has access, and (if it doesn't
yet exist) a master "repository" database, to wich only the database admin
has access
4.) Add replication between user database on the phone and private user
database on the server, where you replicate everything.
5.) Next, we write views, that we add to the user-master replication
mechanism, so that
   a.) every document from the private user database gets replicated to the
master database
   b.) every document from the master database that adheres to a specific
scheme (in our case we have a property called users, in which every
authorized user is listed) is replicated back to the private database

That way, we can ensure that the private database of the user only contains
documents that he is allowed to see, and every shared document by this user
gets replicated automatically to every authorized user. I am aware that
there are some solutions similar to this floating around on the net, and you
may or may not have already dismissed them as too complicated, but I can
assure you, once this system is set up, it works like a charm.

If you have any further questions, I would be happy to answer them (at least
to the extent of my knowledge ;-) )

Kind regards,

Philipp

2011/4/21 Clément Vollet <cvollet@gmail.com>

> Hi, I sent this email yesterday, but it didn't seem to arrive at
> destination (I wasn't suscribed at that time). So here I go again:
>
> Hello everybody,
>
> First of all, I want to say that I'm quite impressed with couchDB so far
> (I didn't know anything about it two days ago...).
>
> Second, I'd really want to use it for my app (I stumbled upon couchdb
> searching for a database that fits my requirements in fact). I managed to
> cross a few items off my list, but I'm still not sure couchDB is a good
> fit, and my boss wants an answer by tomorrow^W monday.
>
> So, to summarize what I want to do (it's really simple in fact): I'd
> want to be able to have a list of public documents, have a list of tags
> definition (name, default value, possible values...), and then users can
> *privately* tag those documents. So, the items and the tag definitions
> are public, the tag values are private. And finally, I'd like to be able
> to have stats on those values, like XX% of the users used the same value
> for this document and this tag.
>
> And that's it. It would be in a phone app, and I'd really like to use
> replication to have a client cache for values and an offline mode. There
> would of course also be a central server for bootstrap, updates,
> reliability, ...
>
> So, CouchDB seems like a really good fit, but I'm stuck on the privacy
> thing. What I came with so far, was to have separate documents for
> items, tags, and tag values, but how can I make sure only the user who
> wrote the value can read it without per document authorization (I
> already read the wiki page about that, but none of the solution seems
> ideal)?
>
> Best regards,
>
> Clément
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message