couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <rnew...@apache.org>
Subject Re: newbie question - how to manage groups of users <-> databases in couchdb
Date Wed, 13 Jun 2012 22:32:18 GMT
it's "members" now, actually (though "readers" will work for backward
compatibility).

B.

On 13 June 2012 23:00, Herman Chan <hermanccw@gmail.com> wrote:
> cool, i believe you mean readers instead of members.
>
> I guess I'll need another document store in the main database to keep track
> of which user have access to with database, or is there a way to transverse
> all database in the server to see which database a particular user has
> access to?
>
>
> On Wed, Jun 13, 2012 at 5:30 PM, Ryan Ramage <ryan.ramage@gmail.com> wrote:
>
>> Your model of one db per 'board' is correct. To limit users, you can
>> use the /db/_security object.
>>
>> see here:
>> http://wiki.apache.org/couchdb/Security_Features_Overview#Authorization
>>
>> Basically, looks like this:
>>
>> {
>>  "admins" : {
>>     "names" : ["joe", "phil"],
>>     "roles" : ["boss"]
>>   },
>>   "members" : {
>>     "names" : ["dave", "bill"],
>>     "roles" : []
>>   }
>> }
>>
>> Basically, put all the usernames of those you want access to the board
>> in the members names.
>>
>> Just to be clear...this is for each db inside you can do this, which
>> seems to support what you are trying to do.
>>
>>
>> On Wed, Jun 13, 2012 at 1:52 PM, Herman Chan <hermanccw@gmail.com> wrote:
>> > Hi all,
>> >
>> > I am new to couchdb so bear with me if this is really easy.
>> >
>> > I am trying to prototype a system where there is group of user who can
>> > share everything within a database to each other. For example, think of a
>> > message board system that once a user is allow into a particular board,
>> > they can view/update/delete anything in that message board. Also, a user
>> > can join multiple boards.
>> >
>> > From what I read so far, the way I am thinking to achieve this is to have
>> > multiple database within the couchdb server. Each database represents a
>> > board and since board doesn't need to talk to each other, this give a
>> nice
>> > separation between boards.
>> >
>> > My question is about user authorization. I know that I can create user in
>> > couchdb and assign them ACL within one "database", but is there a way in
>> > couchdb that it controls user access in a "database" level? ie. which
>> > database can a user read/write/update?
>> >
>> > the only way I see now is to have another table in a "application"
>> database
>> > can control user access, basically a mapping from user to database.
>>

Mime
View raw message