incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gabriel Mancini <gabriel.manc...@gmail.com>
Subject Re: userCtx extra information
Date Wed, 29 Aug 2012 19:54:05 GMT
but can be nice have sume enable/disable behaviour for user

On Wed, Aug 29, 2012 at 4:39 PM, Benoit Chesneau <bchesneau@gmail.com>wrote:

> On Wed, Aug 29, 2012 at 9:24 PM, Dave Cottlehuber <dave@muse.net.nz>
> wrote:
> > On 29 August 2012 08:21, Benoit Chesneau <bchesneau@gmail.com> wrote:
> >> On Tuesday, August 28, 2012, Aliaksandr Barysiuk wrote:
> >>
> >>> Hello,
> >>>
> >>> We store some extra information in _users db and now we are looking a
> way
> >>> to populate session.userCtx with these extra values. Is it possible at
> all?
> >>>
> >>> Thank you
> >>>
> >>> Alex
> >>>
> >>
> >> user db isn't done for that. this db exists to authenticate users and
> only
> >> that. You should better save the profiles in another db. Also there is
> no
> >> such things like session in couchdb by itself.
> >>
> >>
> >> benoît
> >
> > Any good reasons why we couldn't / shouldn't support something that
> > eases this pain? Putting in a second db simply to store some basic
> > profile info seems daft. And as others have found, you can store
> > anything you like in roles.
>
> Well I think that storing anything in a role is a bug. We shouldn't
> allow that and it should be fixed. Only a list of strings is expected
> in the roles member. We should enforce that.
>
> For security reasons I don't think it's good to have more data in the
> doc other than the login, roles, password and possibly anything about
> permissions ( some would argue that the users db shouldn't exist at
> all). You don't protect the same the access to a user doc or a a
> profile doc. And the way it is designed right now  prevent any use of
> this profile by others. Only the user or an admin can have access to
> the doc. Which is good imo.
>
> - benoit
>



-- 
Gabriel Mancini de Campos
Arquiteto de Soluções

+55 (11) 9449-1706
gabriel.mancini@gmail.com
São Paulo - SP - Brasil

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message