Return-Path: Delivered-To: apmail-couchdb-dev-archive@www.apache.org Received: (qmail 49735 invoked from network); 4 Feb 2010 11:02:04 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 4 Feb 2010 11:02:04 -0000 Received: (qmail 78056 invoked by uid 500); 4 Feb 2010 11:02:04 -0000 Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org Received: (qmail 77979 invoked by uid 500); 4 Feb 2010 11:02:04 -0000 Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list dev@couchdb.apache.org Received: (qmail 77969 invoked by uid 99); 4 Feb 2010 11:02:04 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 04 Feb 2010 11:02:04 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of b.candler@pobox.com designates 208.72.237.25 as permitted sender) Received: from [208.72.237.25] (HELO sasl.smtp.pobox.com) (208.72.237.25) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 04 Feb 2010 11:01:54 +0000 Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id A3CC995413 for ; Thu, 4 Feb 2010 06:01:31 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=date:from:to :subject:message-id:references:mime-version:content-type :in-reply-to; s=sasl; bh=pbpiYpyC05owf6zx//mLKAv8Sfs=; b=iSRPXuv cjcJv61FPt8DP2oE0YIxHTtYxhOG7BAo+RLs21xE1Ck1Bs+LEVKZPRyDQ4C4+n6T JWlo9Qn+8rPK0BvJ+M2hBpqyQQPJOISkdd+kNJDCXs4kh513/NhkNpia3QoMkgK1 9gZD53iu/D4Ngmv8aTs1BCkm2RfshpYuX+E4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=date:from:to :subject:message-id:references:mime-version:content-type :in-reply-to; q=dns; s=sasl; b=XhrTknEH53RWccqmbYCSzxg0AKFFi4k72 sTkZB2e5HvthQy3izn8b5o9onxW7ECVNrDwamVN/bJ2wleC6VYrNw3FxyoQjSECb fjqZdhXCoMoBZjZzCVWaTCr5JlHlFCjrOX2OmRhK2eVqIE2+0ST7PXmYwN+SqOJq 7JWpYOsDC0= Received: from a-pb-sasl-quonix. (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id A06DF95412 for ; Thu, 4 Feb 2010 06:01:31 -0500 (EST) Received: from zino (unknown [87.194.77.98]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTPSA id 617B69540F for ; Thu, 4 Feb 2010 06:01:31 -0500 (EST) Received: from lists by zino with local (Exim 4.69) (envelope-from ) id 1NczSj-0001GL-FJ for dev@couchdb.apache.org; Thu, 04 Feb 2010 11:01:29 +0000 Date: Thu, 4 Feb 2010 11:01:29 +0000 From: Brian Candler To: dev@couchdb.apache.org Subject: Re: DB ACLs (was Re: 0.11 Release / Feature Freeze for 1.0) Message-ID: <20100204110129.GA4844@uk.tiscali.com> References: <20100203212426.GA10515@uk.tiscali.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) X-Pobox-Relay-ID: A6C908F0-117C-11DF-81B9-6AF7ED7EF46B-28021239!a-pb-sasl-quonix.pobox.com On Wed, Feb 03, 2010 at 02:27:56PM -0800, Jan Lehnardt wrote: > > Sorry to be blunt, but do you have numbers to back that up? This smells > > very much of premature optimisation. > > Reading a document costs: > > 1 disk seek to the end of the db file to grab the b-tree root > + n disk seeks to the document (n < 5 to 10 in most cases) > > In a well cached database, most of the seeks are free, but the last one > usually isn't (unless you can hold a full database in memory). That's not true here. If _readers were a document within the database then the *same* document would be read for every access, and therefore it would be cached. There's no seek. But again you've ignored my main point: I'm proposing that the authorisation be a role within the userctx, and the userctx is already loaded. Free is better than cheap. Actually, that's not entirely true. We want to have publicly-readable databases, so we need an "_anon" user with roles assigned to it, and the effective roles you get would be the union of the roles from your user record plus the roles from the _anon user. That might mean reading the _anon record from the _users database. That will always be the same record, so is bound to be cached. Regards, Brian.