From user-return-6446-apmail-couchdb-user-archive=couchdb.apache.org@couchdb.apache.org Sat Sep 12 14:48:47 2009 Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 72707 invoked from network); 12 Sep 2009 14:48:47 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 12 Sep 2009 14:48:47 -0000 Received: (qmail 94438 invoked by uid 500); 12 Sep 2009 14:48:46 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 94369 invoked by uid 500); 12 Sep 2009 14:48:46 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 94359 invoked by uid 99); 12 Sep 2009 14:48:46 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 12 Sep 2009 14:48:46 +0000 X-ASF-Spam-Status: No, hits=2.2 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of ghosh.debasish@gmail.com designates 209.85.132.240 as permitted sender) Received: from [209.85.132.240] (HELO an-out-0708.google.com) (209.85.132.240) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 12 Sep 2009 14:48:37 +0000 Received: by an-out-0708.google.com with SMTP id b2so631541ana.5 for ; Sat, 12 Sep 2009 07:48:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:reply-to:from:date :message-id:subject:to:content-type; bh=TwfduNwT/+kaX+esuil8Snuyk/Y5iO0KEsNSio4QxQQ=; b=Hylix2Z+BTj1pNfhWIaKBO/1qV0G+mdmLtrNfgIKvjKVf2c45ZP9CKHZGrbBmpc0u/ dPdTfCz3cVOn/HnabrDtEty5rbpD59RhS9RoXvY45KXPrGTpC+oQkFln69ytIUF2T46g SsU6CHKH9W1XAEY9galLNQziwWBd4fkkeaDM8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:reply-to:from:date:message-id:subject:to:content-type; b=is4nMU95xkrzhWcbu2HVa90Fa1VbjVFwtwsGnPtDqRuF+kczxZuaT1lJuMOPYEvQRr rx+rTuV1cvZhy9ymCaImsO5byvjKZ+OoJpblNNCQZ76LsCNhWjtAhbX4vk9hphv19Dlc Ulsos2/GA01K/wIsjAG8ML3lZqpUbN23TkhEo= MIME-Version: 1.0 Received: by 10.100.78.16 with SMTP id a16mr4647173anb.180.1252766896155; Sat, 12 Sep 2009 07:48:16 -0700 (PDT) Reply-To: dghosh@acm.org From: Debasish Ghosh Date: Sat, 12 Sep 2009 20:17:56 +0530 Message-ID: <8b1c89270909120747r4245de68v6cd543e1787c3ea8@mail.gmail.com> Subject: CouchDB Validation function and security API .. To: user@couchdb.apache.org Content-Type: multipart/alternative; boundary=005045016fa6d4ee850473628529 X-Virus-Checked: Checked by ClamAV on apache.org --005045016fa6d4ee850473628529 Content-Type: text/plain; charset=ISO-8859-1 Hi - The validation function validate_doc_update takes 3 parameters, newdoc, olddoc and userContext. I am trying to get my head into how the authentication and authorization stuff is related to this. The CouchDB book has the following code snippet in 7.2.4 Authorship section .. function(newDoc, oldDoc, userCtx) { if (newDoc.author) { enforce(newDoc.author == userCtx.author, "You may only update documents with author " + userCtx.author); } } In my linux environment, when I run CouchDB validation functions with a user-id and password setup in local.ini under [admins], I get the following as the contents of the third parameter of the validation function :- {"db" : "test", "name" : null, "roles" : []} In the above snippet from the book there appears to be a field userCtx.author. Just wondering how to get it here and why I am not seeing it in my output. Also any pointer on the security, authentication and authorization part will be appreciated. Thanks in advance .. - Debasish --005045016fa6d4ee850473628529--