couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aurélien Bénel <aurelien.be...@utt.fr>
Subject Re: Cloudant document-level permissions feature?
Date Thu, 25 Aug 2016 13:43:14 GMT
Hi William,

> Ran into the old 'need document-level permissions' problem here.

As replied by the devs, there is not a generic off-the-shelf high-performance document level
permission feature in CouchDB.

However, there are numbers of workarounds depending on your needs:
1. If authorizations depend only on document UUID, just set a reverse proxy in front of CouchDB;
2. If they depend on the document content (e.g. an updatable access list) then a `show` depending
on the `userCtx` object can be your friend to control reads (if you hide the default API behind
a reverse proxy) and a `validate_doc_update` function, depending also on the `userCtx`, let
you control updates.


Regards,

Aurélien
Mime
View raw message