Return-Path: Delivered-To: apmail-couchdb-dev-archive@www.apache.org Received: (qmail 31579 invoked from network); 13 Sep 2009 07:49:15 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 13 Sep 2009 07:49:15 -0000 Received: (qmail 24705 invoked by uid 500); 13 Sep 2009 07:49:14 -0000 Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org Received: (qmail 24621 invoked by uid 500); 13 Sep 2009 07:49:14 -0000 Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list dev@couchdb.apache.org Received: (qmail 24611 invoked by uid 99); 13 Sep 2009 07:49:14 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 13 Sep 2009 07:49:14 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of gurdiga@gmail.com designates 209.85.218.211 as permitted sender) Received: from [209.85.218.211] (HELO mail-bw0-f211.google.com) (209.85.218.211) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 13 Sep 2009 07:49:05 +0000 Received: by bwz7 with SMTP id 7so1808665bwz.11 for ; Sun, 13 Sep 2009 00:48:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=GRqQ//Cj3XglTc+970g73fk2bbJoXDHyaW1sbVxvl8g=; b=JHFc2nY0XF7CqPzL3MoK82oMxwkh57ENQc4j5WtR/wQajxuTUT3dETphamzxxIZBxh lXv98IoGu4Ke9Zr3eEgo4ZFOo8pBGvm6Vu9pYXm0P80MMzhkI0seMC+gWytQCkEBz1+J iPQaNlOsZQb7TXzy2j2DmgzPDeod6hOzIfXn8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=nD/AV0Z5ZU7S1CSfJ3Re8CCKF22q/gttcMC8NziJ7gNcuUDGhxCjQWBBu+JXbZaRBZ W641NKvXNPgc2OjzhoQGwzVBwmqbewgpLZMZJCgPYgNIxY9wMqamYlzuMHRFUi0YgDDK +tdWFXLB2TXV7j8UKpWnp1MTfz9lWBBnYWcls= MIME-Version: 1.0 Received: by 10.103.78.17 with SMTP id f17mr2156946mul.7.1252828124692; Sun, 13 Sep 2009 00:48:44 -0700 (PDT) In-Reply-To: References: <8F048321-4C3C-424C-8FC4-0C99354AB728@jasondavies.com> <8989606E-3CAF-42C9-9935-FCAC0FAD81D3@apache.org> Date: Sun, 13 Sep 2009 00:48:44 -0700 Message-ID: Subject: Re: Per-DB Auth Ideas and Proposal From: Vlad GURDIGA To: dev@couchdb.apache.org Content-Type: text/plain; charset=UTF-8 X-Virus-Checked: Checked by ClamAV on apache.org I'm sorry to break the wave, but I wonder would it be practical to have a kind of validate_doc_read.js? It would give a certain level of consistency with the validate_doc_update.js mechanism, and we would probably be able to have a unified security meta-data looking like: var role = { editor: { can: { read: {books: true, authors: true}, write: {books: true, authors: true}, add: {books: true, authors: true} } } }; var user = { john: { can: { read: {books: true, authors: true}, add: {books: true, authors: true} }, has: { role: {editor: true, administrator: true} } }, mary: { can: { read: {authors: true}, add: {authors: true} }, has: { role: {editor: true} } } }; This maybe looks a little verbose to write but feels pretty readable: if (!user[userCtx.name].can.read.books && !user[userCtx.name].has.role.editor) { throw "Read access denied"; } It would decouple security meta-data from the data itself (I'm not saying that this would necessarily be a good thing though, let's discuss). What do you think?