couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jens Alfke <>
Subject Re: Beginners approach of designing documents
Date Mon, 16 Sep 2013 17:05:00 GMT

On Sep 16, 2013, at 4:20 AM, Christian Grobmeier <> wrote:

> Probably I could create a single database for all customers that way. Of
> course, then I would think twice with authentication which seems
> to work for databases, not for rows.

CouchDB has no per-document read access control — if a user is allowed to access a database,
s/he can read all documents. (Write access can of course be controlled by a validation function.)

We [Couchbase] tried to get around this last year with a database-per-user scheme that also
had a central master database with all the documents; there was then a replication for every
user that pulled their readable documents into their database and pushed their changes into
the master. Unfortunately this was (a) a bitch to configure automatically, and (b) not scalable.

Our current approach is the Couchbase Sync Gateway, a CouchDB-compatible adapter for Couchbase
Server that manages read/write access control with a single database, so each user only sees
the subset of the database s/he’s allowed to access. It also uses a system called “channels”
(a combination of document tagging and message-queues) that makes it really easy to set up
complex multi-user workflows, especially for social apps.
It just went beta last week, with a GA in Q1 next year.

(Our marketing materials only talk about compatibility with our Couchbase Lite mobile database,
but the sync protocol is compatible with CouchDB’s, so it’ll work with CouchDB or PouchDB
clients as well.)

View raw message