incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jens Alfke <j...@couchbase.com>
Subject Re: Reader ACLs
Date Thu, 28 Jun 2012 20:29:14 GMT

On Jun 27, 2012, at 10:32 AM, Wordit wrote:

> Do I understand correctly that the central database would need to be
> managed by admin, which would require a server layer and a locked down
> central database?

Yes.

> Admin would check each users "share lists" and then replicate
> documents to user databases. Does that sound right?

Yes, although this checking and replication isn't really part of the central database. It
can be done by any external code that has read access to the admin db and admin access to
the user dbs. So for example you could have all the databases on a shared host like IrisCouch,
and run a script somewhere else (maybe Amazon EC2) that listens on the main database's _changes
feed and does the necessary propagation. Or, somewhat equivalently, you could configure the
user databases with a persistent continuous filtered replication from the master (this replication
would just need saved credentials that give it access to the master.)

—Jens
Mime
View raw message